Virus - Need help fast :)
- Thread starter Dosehunter
- Start date
Dosehunter
New Member
I have done it, there isn't any more in the txt file, I have looked, I have ctrl+a -> ctrl+c.. I'll make another scan
Dosehunter
New Member
Hmm, thought you could have 2, bah.. the comodo one was just a panic download, when I realized something was wrong :S Thx for the tip, and for all the help so far 
I'll turn back in tomorrow, I'll let the computer stay for some hours, to create the txt file, i am way to impatient :S
I'll turn back in tomorrow, I'll let the computer stay for some hours, to create the txt file, i am way to impatient :S
Last edited:
Hmm, thought you could have 2, bah.. the comodo one was just a panic download, when I realized something was wrong :S Thx for the tip, and for all the help so far
I'll turn back in tomorrow, I'll let the computer stay for some hours, to create the txt file, i am way to impatient :S
Yeah uninstall Comodo and keep Avast. We'll wait for your log to see how bad you're infected.
Dosehunter
New Member
.... I only have one combofix.txt file on my computer, and there isn't any more in the document?The path to it is C:\Combofix\combofix.txt, but when I google search I can see combofix should stay open to create a log file, mine doesn't it closes imediatly after it says it is going to create a logfile...
And another thing, combofix found avast antivirus to be open when I ran the test, even though avast it self said it was deactivated..
And another thing, combofix found avast antivirus to be open when I ran the test, even though avast it self said it was deactivated..
Dosehunter
New Member
Yea but it wouldn't matter, my combofix crashes when creating the text file, cause as far as I can see, it should create a combofix.txt in C:\, but it doesn't. There is only this file https://docs.google.com/file/d/0B4h2zCmGu1RwRW5BMGJBSTdZTkE/edit?usp=sharing Nothing more :S
EDIT: And I tried to uninstall avast, because I could apparently not deactivate while safemode was on, but combofix still complained about avast antivirus was up and running.
EDIT: And I tried to uninstall avast, because I could apparently not deactivate while safemode was on, but combofix still complained about avast antivirus was up and running.
Last edited:
Is this happening in safe mode?
Dosehunter
New Member
Yes.
Dosehunter
New Member
But I have run Malwarebytes, Avast and soon AVG(Don't worry, removed avast since I don't like it), without finding any new ones. I have deleted some files, with the help from Malwarebytes and combofix.
Thank for all the help provided so far
Thank for all the help provided so far
But I have run Malwarebytes, Avast and soon AVG(Don't worry, removed avast since I don't like it), without finding any new ones. I have deleted some files, with the help from Malwarebytes and combofix.
Thank for all the help provided so far
I would recommend keeping Avast, it's very good but it's up to you. Make sure you only have one AV.
Can you try to run Combofix in normal mode now see if it works better? (which I doubt).
Dosehunter
New Member
Dosehunter
New Member
Wow, it worked here is the log:
ComboFix 13-07-08.04 - user 09/07/2013 12:48:21.2.2 - x64
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1030.18.4094.1585 [GMT 2:00]
Running from: c:\users\user\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-06-09 to 2013-07-09 )))))))))))))))))))))))))))))))
.
.
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\Bruger profil\AppData\Local\temp
2013-07-09 08:31 . 2013-07-09 08:31 -------- d-----w- c:\users\user\AppData\Roaming\AVG2013
2013-07-09 08:28 . 2013-07-09 08:28 -------- d-----w- C:\$AVG
2013-07-09 08:28 . 2013-07-09 08:30 -------- d-----w- c:\programdata\AVG2013
2013-07-09 08:27 . 2013-07-09 08:27 -------- d-----w- c:\program files (x86)\AVG
2013-07-09 08:02 . 2013-07-09 10:06 -------- d-----w- c:\users\user\AppData\Local\Avg2013
2013-07-09 08:02 . 2013-07-09 08:34 -------- d-----w- c:\programdata\MFAData
2013-07-09 08:02 . 2013-07-09 08:02 -------- d-----w- c:\users\user\AppData\Local\MFAData
2013-07-09 07:53 . 2013-07-09 10:56 -------- d-----w- c:\users\user\AppData\Local\temp
2013-07-09 07:10 . 2013-07-09 07:10 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-07-08 16:31 . 2013-07-08 16:31 -------- d-----w- C:\avast! sandbox
2013-07-08 12:15 . 2013-07-08 12:15 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2013-07-08 12:15 . 2013-07-08 12:15 -------- d-----w- c:\programdata\Malwarebytes
2013-07-08 12:15 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-08 09:58 . 2013-07-08 09:58 -------- d-----w- c:\program files\COMODO
2013-07-08 09:51 . 2013-07-08 09:51 -------- d-----w- c:\programdata\Comodo Downloader
2013-07-08 06:39 . 2013-07-08 06:39 -------- d-----w- c:\users\Bruger profil\AppData\Local\SniperV2
2013-07-07 08:02 . 2013-07-07 08:08 -------- d-----w- c:\users\user\AppData\Roaming\Bloody Trapland
2013-07-06 15:55 . 2013-07-06 15:55 -------- d-----w- c:\users\user\AppData\Local\SniperV2
2013-07-06 13:19 . 2013-07-06 13:19 -------- d-----w- c:\users\user\AppData\Local\SniperV2 Demo
2013-07-03 06:01 . 2013-07-03 06:01 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-07-02 13:34 . 2013-07-02 13:34 -------- d-----w- c:\users\user\AppData\Local\Skyrim
2013-07-02 07:58 . 2013-07-02 07:58 -------- d-----w- c:\users\user\AppData\Roaming\Cobra Mobile
2013-07-01 08:58 . 2013-07-01 08:58 -------- d-----w- c:\users\user\AppData\Roaming\Trine2
2013-06-30 22:28 . 2013-06-30 22:31 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-06-30 22:28 . 2013-06-30 22:31 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-06-30 10:33 . 2013-06-30 10:33 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-06-30 09:31 . 2013-07-06 09:45 -------- d-s---w- c:\users\user\Google Drev
2013-06-30 09:30 . 2011-12-15 18:29 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-06-30 09:30 . 2013-06-30 14:08 -------- d-----w- c:\program files\CyberGhost VPN
2013-06-30 09:20 . 2013-06-30 13:23 -------- d-----w- c:\users\user\AppData\Roaming\Notepad++
2013-06-30 09:06 . 2013-06-30 09:06 -------- d-----w- c:\program files (x86)\Origin Games
2013-06-30 09:06 . 2013-06-30 09:06 -------- d-----w- c:\users\user\AppData\Local\Origin
2013-06-18 14:16 . 2013-06-18 14:16 96800 ------w- c:\windows\system32\drivers\SET87CD.tmp
2013-06-12 11:47 . 2013-04-24 02:10 1078272 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 11:47 . 2013-04-24 04:09 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 11:47 . 2013-04-24 04:09 132096 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 11:47 . 2013-04-24 04:09 1269248 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 11:47 . 2013-04-24 04:09 50688 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 11:47 . 2013-04-24 04:00 985600 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-12 11:47 . 2013-04-24 04:00 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-12 11:47 . 2013-04-24 04:00 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-12 11:47 . 2013-04-24 04:00 41984 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-12 11:47 . 2013-04-24 01:46 812544 ----a-w- c:\windows\SysWow64\certutil.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-07 13:46 . 2011-06-29 07:24 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-07 13:46 . 2011-06-29 07:19 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-07 13:46 . 2011-06-29 07:19 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-04 07:05 . 2013-06-06 08:58 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-07-04 07:05 . 2013-04-19 15:14 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-06-30 22:31 . 2011-06-04 11:46 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-06-30 22:31 . 2011-06-04 11:46 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-06-13 15:12 . 2012-05-03 16:57 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 15:12 . 2011-06-01 11:41 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-02 15:11 . 2006-11-02 12:35 75825640 ----a-w- c:\windows\system32\mrt.exe
2013-05-09 08:58 . 2011-06-01 11:36 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-18 06:48 . 2013-04-18 06:48 56072 ----a-w- c:\windows\system32\99147d26df18aa75ac6672d73d31ad81.szcpf
2013-04-15 14:17 . 2013-05-15 16:12 901496 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 03:34 . 2013-05-15 16:12 47104 ----a-w- c:\windows\system32\cdd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="s:\steam\steam.exe" [2013-07-08 1672616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"gbrspcontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-04-17 1851088]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WN111v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WN111v2\WN111v2.exe [2008-5-9 1712128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AVGIDSDRIVER
*NewlyCreated* - AVGLDX64
*NewlyCreated* - AVGLOGA
*NewlyCreated* - AVGMFX64
*NewlyCreated* - AVGRKX64
*NewlyCreated* - AVGTDIA
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 15:12]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30 09:21]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30 09:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.dk/
mLocal Page = %SystemRoot%\system32\blank.htm
mSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office10\EXCEL.EXE/3000
TCP: Interfaces\{5270DADF-991C-4DB9-B121-467B33802CB1}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{88316197-F2AC-4204-864C-136D98B8D540}: NameServer = 8.26.56.26,156.154.70.22
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2344522531-646327979-61466093-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,43,8e,88,62,21,fd,01,1f,ea,c5,9f,36,be,da,fb,ad,06,93,2b,58,
7a,ba,89,d1,2b,dc,ea,c8,a2,80,61,07,e0,03,fc,91,03,86,b7,bc,b9,3d,9a,b9,d0,\
"rkeysecu"=hex:ad,62,a8,d6,c0,54,8f,2d,d4,0b,d7,4e,c5,7c,f0,fa
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Completion time: 2013-07-09 12:57:58
ComboFix-quarantined-files.txt 2013-07-09 10:57
.
Pre-Run: 969,768,960 byte ledig
Post-Run: 1,384,189,952 byte ledig
.
- - End Of File - - 63E8D33583C8F6EBA8143E8332446548
5C616939100B85E558DA92B899A0FC36
ComboFix 13-07-08.04 - user 09/07/2013 12:48:21.2.2 - x64
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1030.18.4094.1585 [GMT 2:00]
Running from: c:\users\user\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-06-09 to 2013-07-09 )))))))))))))))))))))))))))))))
.
.
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-09 10:56 . 2013-07-09 10:56 -------- d-----w- c:\users\Bruger profil\AppData\Local\temp
2013-07-09 08:31 . 2013-07-09 08:31 -------- d-----w- c:\users\user\AppData\Roaming\AVG2013
2013-07-09 08:28 . 2013-07-09 08:28 -------- d-----w- C:\$AVG
2013-07-09 08:28 . 2013-07-09 08:30 -------- d-----w- c:\programdata\AVG2013
2013-07-09 08:27 . 2013-07-09 08:27 -------- d-----w- c:\program files (x86)\AVG
2013-07-09 08:02 . 2013-07-09 10:06 -------- d-----w- c:\users\user\AppData\Local\Avg2013
2013-07-09 08:02 . 2013-07-09 08:34 -------- d-----w- c:\programdata\MFAData
2013-07-09 08:02 . 2013-07-09 08:02 -------- d-----w- c:\users\user\AppData\Local\MFAData
2013-07-09 07:53 . 2013-07-09 10:56 -------- d-----w- c:\users\user\AppData\Local\temp
2013-07-09 07:10 . 2013-07-09 07:10 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-07-08 16:31 . 2013-07-08 16:31 -------- d-----w- C:\avast! sandbox
2013-07-08 12:15 . 2013-07-08 12:15 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2013-07-08 12:15 . 2013-07-08 12:15 -------- d-----w- c:\programdata\Malwarebytes
2013-07-08 12:15 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-08 09:58 . 2013-07-08 09:58 -------- d-----w- c:\program files\COMODO
2013-07-08 09:51 . 2013-07-08 09:51 -------- d-----w- c:\programdata\Comodo Downloader
2013-07-08 06:39 . 2013-07-08 06:39 -------- d-----w- c:\users\Bruger profil\AppData\Local\SniperV2
2013-07-07 08:02 . 2013-07-07 08:08 -------- d-----w- c:\users\user\AppData\Roaming\Bloody Trapland
2013-07-06 15:55 . 2013-07-06 15:55 -------- d-----w- c:\users\user\AppData\Local\SniperV2
2013-07-06 13:19 . 2013-07-06 13:19 -------- d-----w- c:\users\user\AppData\Local\SniperV2 Demo
2013-07-03 06:01 . 2013-07-03 06:01 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-07-02 13:34 . 2013-07-02 13:34 -------- d-----w- c:\users\user\AppData\Local\Skyrim
2013-07-02 07:58 . 2013-07-02 07:58 -------- d-----w- c:\users\user\AppData\Roaming\Cobra Mobile
2013-07-01 08:58 . 2013-07-01 08:58 -------- d-----w- c:\users\user\AppData\Roaming\Trine2
2013-06-30 22:28 . 2013-06-30 22:31 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-06-30 22:28 . 2013-06-30 22:31 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-06-30 10:33 . 2013-06-30 10:33 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-06-30 09:31 . 2013-07-06 09:45 -------- d-s---w- c:\users\user\Google Drev
2013-06-30 09:30 . 2011-12-15 18:29 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-06-30 09:30 . 2013-06-30 14:08 -------- d-----w- c:\program files\CyberGhost VPN
2013-06-30 09:20 . 2013-06-30 13:23 -------- d-----w- c:\users\user\AppData\Roaming\Notepad++
2013-06-30 09:06 . 2013-06-30 09:06 -------- d-----w- c:\program files (x86)\Origin Games
2013-06-30 09:06 . 2013-06-30 09:06 -------- d-----w- c:\users\user\AppData\Local\Origin
2013-06-18 14:16 . 2013-06-18 14:16 96800 ------w- c:\windows\system32\drivers\SET87CD.tmp
2013-06-12 11:47 . 2013-04-24 02:10 1078272 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 11:47 . 2013-04-24 04:09 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 11:47 . 2013-04-24 04:09 132096 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 11:47 . 2013-04-24 04:09 1269248 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 11:47 . 2013-04-24 04:09 50688 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 11:47 . 2013-04-24 04:00 985600 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-12 11:47 . 2013-04-24 04:00 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-12 11:47 . 2013-04-24 04:00 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-12 11:47 . 2013-04-24 04:00 41984 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-12 11:47 . 2013-04-24 01:46 812544 ----a-w- c:\windows\SysWow64\certutil.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-07 13:46 . 2011-06-29 07:24 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-07 13:46 . 2011-06-29 07:19 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-07 13:46 . 2011-06-29 07:19 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-04 07:05 . 2013-06-06 08:58 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-07-04 07:05 . 2013-04-19 15:14 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-06-30 22:31 . 2011-06-04 11:46 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-06-30 22:31 . 2011-06-04 11:46 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-06-13 15:12 . 2012-05-03 16:57 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 15:12 . 2011-06-01 11:41 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-02 15:11 . 2006-11-02 12:35 75825640 ----a-w- c:\windows\system32\mrt.exe
2013-05-09 08:58 . 2011-06-01 11:36 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-18 06:48 . 2013-04-18 06:48 56072 ----a-w- c:\windows\system32\99147d26df18aa75ac6672d73d31ad81.szcpf
2013-04-15 14:17 . 2013-05-15 16:12 901496 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 03:34 . 2013-05-15 16:12 47104 ----a-w- c:\windows\system32\cdd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="s:\steam\steam.exe" [2013-07-08 1672616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"gbrspcontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-04-17 1851088]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WN111v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WN111v2\WN111v2.exe [2008-5-9 1712128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AVGIDSDRIVER
*NewlyCreated* - AVGLDX64
*NewlyCreated* - AVGLOGA
*NewlyCreated* - AVGMFX64
*NewlyCreated* - AVGRKX64
*NewlyCreated* - AVGTDIA
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 15:12]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30 09:21]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30 09:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.dk/
mLocal Page = %SystemRoot%\system32\blank.htm
mSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office10\EXCEL.EXE/3000
TCP: Interfaces\{5270DADF-991C-4DB9-B121-467B33802CB1}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{88316197-F2AC-4204-864C-136D98B8D540}: NameServer = 8.26.56.26,156.154.70.22
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2344522531-646327979-61466093-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,43,8e,88,62,21,fd,01,1f,ea,c5,9f,36,be,da,fb,ad,06,93,2b,58,
7a,ba,89,d1,2b,dc,ea,c8,a2,80,61,07,e0,03,fc,91,03,86,b7,bc,b9,3d,9a,b9,d0,\
"rkeysecu"=hex:ad,62,a8,d6,c0,54,8f,2d,d4,0b,d7,4e,c5,7c,f0,fa
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Completion time: 2013-07-09 12:57:58
ComboFix-quarantined-files.txt 2013-07-09 10:57
.
Pre-Run: 969,768,960 byte ledig
Post-Run: 1,384,189,952 byte ledig
.
- - End Of File - - 63E8D33583C8F6EBA8143E8332446548
5C616939100B85E558DA92B899A0FC36
What don't you like about Avast? Would recommend running it over Avg anyday.
However, there is one entry that needs to be deleted. See if you can delete this file manually.
c:\windows\system32\drivers\SET87CD.tmp
And I would like for you to run 2 more scans.
1.
Please download and run TDSSkiller
When the program opens, click on the start scan button.
TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.
To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.
After trying to clean them it will pop up with the results of the scan and its actions.
Please reboot the system if asked to do so.
After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt
Please open the log and copy and paste it back here.
2.
Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.
However, there is one entry that needs to be deleted. See if you can delete this file manually.
c:\windows\system32\drivers\SET87CD.tmp
And I would like for you to run 2 more scans.
1.
Please download and run TDSSkiller
When the program opens, click on the start scan button.
TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.
To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.
After trying to clean them it will pop up with the results of the scan and its actions.
Please reboot the system if asked to do so.
After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt
Please open the log and copy and paste it back here.
2.
Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.
Dosehunter
New Member
ESET Did not find any threads, however tdsskiller did, which I deleted, but one was automatically place in quarentine. Can I remove the program safely, or is it recomended that I use it once in a while?
I Have some more questions, if you want to answer:
Why do I need a thousand different programs? Isn't there anybody who has made an all-in-one, or is it the ones you pay for?
Am I free and good to go now?
And what does make avast better?
Should I keep all the programs you made me download?
And thank you so much for all your help
Really apreciated!
I Have some more questions, if you want to answer:
Why do I need a thousand different programs? Isn't there anybody who has made an all-in-one, or is it the ones you pay for?
Am I free and good to go now?
And what does make avast better?
Should I keep all the programs you made me download?
And thank you so much for all your help
Really apreciated!
Dosehunter
New Member
The log from tdsskiller:
16:24:48.0215 1492 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:24:48.0589 1492 ============================================================
16:24:48.0589 1492 Current date / time: 2013/07/09 16:24:48.0589
16:24:48.0589 1492 SystemInfo:
16:24:48.0589 1492
16:24:48.0589 1492 OS Version: 6.0.6002 ServicePack: 2.0
16:24:48.0589 1492 Product type: Workstation
16:24:48.0589 1492 ComputerName: ARVIDLARSEN-PC
16:24:48.0589 1492 UserName: Arvid
16:24:48.0589 1492 Windows directory: C:\Windows
16:24:48.0589 1492 System windows directory: C:\Windows
16:24:48.0589 1492 Running under WOW64
16:24:48.0589 1492 Processor architecture: Intel x64
16:24:48.0589 1492 Number of processors: 2
16:24:48.0589 1492 Page size: 0x1000
16:24:48.0589 1492 Boot type: Normal boot
16:24:48.0589 1492 ============================================================
16:24:49.0463 1492 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:24:49.0463 1492 ============================================================
16:24:49.0463 1492 \Device\Harddisk0\DR0:
16:24:49.0463 1492 MBR partitions:
16:24:49.0463 1492 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5005000
16:24:49.0478 1492 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x50092A7, BlocksNum 0x1F4F56FB
16:24:49.0494 1492 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x244FE9E1, BlocksNum 0xC6AE069
16:24:49.0494 1492 ============================================================
16:24:49.0541 1492 C: <-> \Device\Harddisk0\DR0\Partition1
16:24:49.0572 1492 S: <-> \Device\Harddisk0\DR0\Partition2
16:24:49.0603 1492 P: <-> \Device\Harddisk0\DR0\Partition3
16:24:49.0603 1492 ============================================================
16:24:49.0603 1492 Initialize success
16:24:49.0603 1492 ============================================================
16:24:51.0943 5012 ============================================================
16:24:51.0943 5012 Scan started
16:24:51.0943 5012 Mode: Manual;
16:24:51.0943 5012 ============================================================
16:24:53.0066 5012 ================ Scan system memory ========================
16:24:53.0066 5012 System memory - ok
16:24:53.0066 5012 ================ Scan services =============================
16:24:53.0144 5012 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:24:53.0144 5012 ACPI - ok
16:24:53.0191 5012 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:24:53.0191 5012 AdobeARMservice - ok
16:24:53.0285 5012 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:24:53.0285 5012 AdobeFlashPlayerUpdateSvc - ok
16:24:53.0331 5012 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:24:53.0331 5012 adp94xx - ok
16:24:53.0347 5012 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:24:53.0347 5012 adpahci - ok
16:24:53.0363 5012 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:24:53.0363 5012 adpu160m - ok
16:24:53.0378 5012 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:24:53.0378 5012 adpu320 - ok
16:24:53.0425 5012 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:24:53.0425 5012 AeLookupSvc - ok
16:24:53.0441 5012 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
16:24:53.0441 5012 AFD - ok
16:24:53.0472 5012 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:24:53.0472 5012 agp440 - ok
16:24:53.0487 5012 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:24:53.0487 5012 aic78xx - ok
16:24:53.0487 5012 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
16:24:53.0487 5012 ALG - ok
16:24:53.0503 5012 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
16:24:53.0503 5012 aliide - ok
16:24:53.0519 5012 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
16:24:53.0519 5012 amdide - ok
16:24:53.0534 5012 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:24:53.0534 5012 AmdK8 - ok
16:24:53.0550 5012 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
16:24:53.0550 5012 Appinfo - ok
16:24:53.0597 5012 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
16:24:53.0597 5012 arc - ok
16:24:53.0659 5012 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:24:53.0659 5012 arcsas - ok
16:24:53.0737 5012 [ 8065A7659562005127673AC52898675F ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
16:24:53.0737 5012 AsIO - ok
16:24:53.0799 5012 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:24:53.0799 5012 aspnet_state - ok
16:24:53.0815 5012 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:24:53.0815 5012 AsyncMac - ok
16:24:53.0846 5012 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
16:24:53.0846 5012 atapi - ok
16:24:53.0877 5012 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:24:53.0877 5012 AudioEndpointBuilder - ok
16:24:53.0893 5012 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:24:53.0893 5012 AudioSrv - ok
16:24:54.0065 5012 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:24:54.0080 5012 AVGIDSAgent - ok
16:24:54.0111 5012 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:24:54.0111 5012 AVGIDSDriver - ok
16:24:54.0127 5012 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:24:54.0127 5012 AVGIDSHA - ok
16:24:54.0143 5012 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:24:54.0143 5012 Avgldx64 - ok
16:24:54.0174 5012 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:24:54.0174 5012 Avgloga - ok
16:24:54.0189 5012 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:24:54.0189 5012 Avgmfx64 - ok
16:24:54.0189 5012 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:24:54.0205 5012 Avgrkx64 - ok
16:24:54.0221 5012 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:24:54.0221 5012 Avgtdia - ok
16:24:54.0236 5012 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:24:54.0236 5012 avgwd - ok
16:24:54.0252 5012 Beep - ok
16:24:54.0283 5012 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
16:24:54.0283 5012 BFE - ok
16:24:54.0330 5012 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
16:24:54.0345 5012 BITS - ok
16:24:54.0361 5012 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:24:54.0361 5012 blbdrive - ok
16:24:54.0392 5012 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:24:54.0392 5012 bowser - ok
16:24:54.0408 5012 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:24:54.0408 5012 BrFiltLo - ok
16:24:54.0423 5012 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:24:54.0423 5012 BrFiltUp - ok
16:24:54.0439 5012 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
16:24:54.0439 5012 Browser - ok
16:24:54.0455 5012 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
16:24:54.0455 5012 Brserid - ok
16:24:54.0455 5012 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:24:54.0470 5012 BrSerWdm - ok
16:24:54.0470 5012 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:24:54.0470 5012 BrUsbMdm - ok
16:24:54.0470 5012 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:24:54.0470 5012 BrUsbSer - ok
16:24:54.0486 5012 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:24:54.0486 5012 BTHMODEM - ok
16:24:54.0501 5012 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:24:54.0501 5012 cdfs - ok
16:24:54.0533 5012 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:24:54.0533 5012 cdrom - ok
16:24:54.0533 5012 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
16:24:54.0548 5012 CertPropSvc - ok
16:24:54.0564 5012 CFRMD - ok
16:24:54.0751 5012 [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
16:24:54.0751 5012 CGVPNCliSrvc - ok
16:24:54.0767 5012 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
16:24:54.0767 5012 circlass - ok
16:24:54.0845 5012 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
16:24:54.0845 5012 CLFS - ok
16:24:54.0891 5012 [ 00E3E885D8C19CAD03BCD05DFEB2C1FE ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
16:24:54.0891 5012 CLPSLauncher - ok
16:24:54.0938 5012 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:24:54.0954 5012 clr_optimization_v2.0.50727_32 - ok
16:24:54.0985 5012 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:24:54.0985 5012 clr_optimization_v2.0.50727_64 - ok
16:24:55.0032 5012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:24:55.0032 5012 clr_optimization_v4.0.30319_32 - ok
16:24:55.0063 5012 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:24:55.0063 5012 clr_optimization_v4.0.30319_64 - ok
16:24:55.0063 5012 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:24:55.0063 5012 cmdide - ok
16:24:55.0079 5012 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:24:55.0079 5012 Compbatt - ok
16:24:55.0079 5012 COMSysApp - ok
16:24:55.0110 5012 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:24:55.0110 5012 crcdisk - ok
16:24:55.0157 5012 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:24:55.0157 5012 CryptSvc - ok
16:24:55.0188 5012 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:24:55.0188 5012 DcomLaunch - ok
16:24:55.0219 5012 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:24:55.0219 5012 DfsC - ok
16:24:55.0281 5012 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
16:24:55.0328 5012 DFSR - ok
16:24:55.0375 5012 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:24:55.0422 5012 Dhcp - ok
16:24:55.0453 5012 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
16:24:55.0453 5012 disk - ok
16:24:55.0547 5012 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:24:55.0547 5012 Dnscache - ok
16:24:55.0578 5012 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
16:24:55.0578 5012 dot3svc - ok
16:24:55.0609 5012 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
16:24:55.0609 5012 DPS - ok
16:24:55.0781 5012 [ 582C08E418121232BD199F4B92A63D9B ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
16:24:55.0796 5012 DragonUpdater - ok
16:24:55.0905 5012 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:24:55.0905 5012 drmkaud - ok
16:24:55.0937 5012 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
16:24:55.0937 5012 DrvAgent64 - ok
16:24:55.0968 5012 dump_wmimmc - ok
16:24:56.0015 5012 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:24:56.0030 5012 DXGKrnl - ok
16:24:56.0046 5012 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
16:24:56.0046 5012 E1G60 - ok
16:24:56.0077 5012 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
16:24:56.0077 5012 EapHost - ok
16:24:56.0093 5012 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:24:56.0093 5012 Ecache - ok
16:24:56.0108 5012 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:24:56.0124 5012 elxstor - ok
16:24:56.0139 5012 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:24:56.0155 5012 EMDMgmt - ok
16:24:56.0171 5012 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
16:24:56.0171 5012 epmntdrv - ok
16:24:56.0186 5012 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:24:56.0186 5012 ErrDev - ok
16:24:56.0202 5012 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
16:24:56.0202 5012 EuGdiDrv - ok
16:24:56.0264 5012 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
16:24:56.0264 5012 EventSystem - ok
16:24:56.0280 5012 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
16:24:56.0295 5012 exfat - ok
16:24:56.0311 5012 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:24:56.0311 5012 fastfat - ok
16:24:56.0311 5012 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:24:56.0311 5012 fdc - ok
16:24:56.0327 5012 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
16:24:56.0327 5012 fdPHost - ok
16:24:56.0342 5012 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
16:24:56.0342 5012 FDResPub - ok
16:24:56.0342 5012 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:24:56.0342 5012 FileInfo - ok
16:24:56.0358 5012 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:24:56.0358 5012 Filetrace - ok
16:24:56.0373 5012 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:24:56.0373 5012 flpydisk - ok
16:24:56.0405 5012 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:24:56.0405 5012 FltMgr - ok
16:24:56.0436 5012 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
16:24:56.0467 5012 FontCache - ok
16:24:56.0514 5012 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:24:56.0514 5012 FontCache3.0.0.0 - ok
16:24:56.0529 5012 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:24:56.0529 5012 Fs_Rec - ok
16:24:56.0545 5012 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:24:56.0545 5012 gagp30kx - ok
16:24:56.0607 5012 [ AE63D0DB96C07CAE5DC4CDB2B2A719A0 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
16:24:56.0623 5012 GeekBuddyRSP - ok
16:24:56.0654 5012 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
16:24:56.0654 5012 gpsvc - ok
16:24:56.0717 5012 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:56.0717 5012 gupdate - ok
16:24:56.0717 5012 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:56.0717 5012 gupdatem - ok
16:24:56.0732 5012 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:24:56.0732 5012 hamachi - ok
16:24:56.0873 5012 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:24:56.0888 5012 Hamachi2Svc - ok
16:24:56.0904 5012 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:24:56.0904 5012 HdAudAddService - ok
16:24:56.0935 5012 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:24:56.0951 5012 HDAudBus - ok
16:24:56.0966 5012 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:24:56.0966 5012 HidBth - ok
16:24:56.0982 5012 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:24:56.0982 5012 HidIr - ok
16:24:57.0013 5012 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
16:24:57.0013 5012 hidserv - ok
16:24:57.0029 5012 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:24:57.0029 5012 HidUsb - ok
16:24:57.0075 5012 [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
16:24:57.0075 5012 HiPatchService - ok
16:24:57.0091 5012 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
16:24:57.0091 5012 hkmsvc - ok
16:24:57.0107 5012 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:24:57.0107 5012 HpCISSs - ok
16:24:57.0138 5012 [ 8BB04143F294169BEC7F5B434C98928B ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:24:57.0153 5012 HTTP - ok
16:24:57.0169 5012 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:24:57.0169 5012 i2omp - ok
16:24:57.0185 5012 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:24:57.0185 5012 i8042prt - ok
16:24:57.0216 5012 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:24:57.0216 5012 iaStorV - ok
16:24:57.0263 5012 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:24:57.0263 5012 IDriverT - ok
16:24:57.0372 5012 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:24:57.0372 5012 idsvc - ok
16:24:57.0387 5012 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:24:57.0387 5012 iirsp - ok
16:24:57.0419 5012 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
16:24:57.0419 5012 IKEEXT - ok
16:24:57.0465 5012 [ BAA12AECED01041FFE309048CFDD573A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:24:57.0497 5012 IntcAzAudAddService - ok
16:24:57.0512 5012 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
16:24:57.0512 5012 intelide - ok
16:24:57.0512 5012 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:24:57.0512 5012 intelppm - ok
16:24:57.0543 5012 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:24:57.0543 5012 IPBusEnum - ok
16:24:57.0559 5012 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:24:57.0559 5012 IpFilterDriver - ok
16:24:57.0575 5012 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:24:57.0590 5012 iphlpsvc - ok
16:24:57.0590 5012 IpInIp - ok
16:24:57.0606 5012 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:24:57.0606 5012 IPMIDRV - ok
16:24:57.0621 5012 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:24:57.0621 5012 IPNAT - ok
16:24:57.0621 5012 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:24:57.0621 5012 IRENUM - ok
16:24:57.0637 5012 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:24:57.0637 5012 isapnp - ok
16:24:57.0668 5012 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:24:57.0668 5012 iScsiPrt - ok
16:24:57.0684 5012 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:24:57.0684 5012 iteatapi - ok
16:24:57.0699 5012 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:24:57.0699 5012 iteraid - ok
16:24:57.0731 5012 [ 78D233D835A8876035AC559AFE02B940 ] jswpsapi C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
16:24:57.0731 5012 jswpsapi - ok
16:24:57.0746 5012 [ 5BE640E88814B77A9E84B4549B5DCC2C ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys
16:24:57.0746 5012 JSWPSLWF - ok
16:24:57.0762 5012 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:24:57.0762 5012 kbdclass - ok
16:24:57.0793 5012 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:24:57.0793 5012 kbdhid - ok
16:24:57.0809 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
16:24:57.0809 5012 KeyIso - ok
16:24:57.0918 5012 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:24:57.0933 5012 KSecDD - ok
16:24:57.0933 5012 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:24:57.0933 5012 ksthunk - ok
16:24:57.0965 5012 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
16:24:57.0965 5012 KtmRm - ok
16:24:57.0996 5012 [ 463A1F864924736015017A8D4F90A577 ] L1E C:\Windows\system32\DRIVERS\L1E60x64.sys
16:24:57.0996 5012 L1E - ok
16:24:58.0027 5012 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:24:58.0027 5012 LanmanServer - ok
16:24:58.0058 5012 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:24:58.0058 5012 LanmanWorkstation - ok
16:24:58.0058 5012 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:24:58.0074 5012 lltdio - ok
16:24:58.0089 5012 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:24:58.0089 5012 lltdsvc - ok
16:24:58.0105 5012 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:24:58.0105 5012 lmhosts - ok
16:24:58.0121 5012 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:24:58.0121 5012 LSI_FC - ok
16:24:58.0136 5012 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:24:58.0136 5012 LSI_SAS - ok
16:24:58.0152 5012 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:24:58.0152 5012 LSI_SCSI - ok
16:24:58.0167 5012 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
16:24:58.0167 5012 luafv - ok
16:24:58.0183 5012 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
16:24:58.0183 5012 megasas - ok
16:24:58.0199 5012 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:24:58.0199 5012 MegaSR - ok
16:24:58.0230 5012 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
16:24:58.0230 5012 MMCSS - ok
16:24:58.0245 5012 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
16:24:58.0245 5012 Modem - ok
16:24:58.0261 5012 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:24:58.0261 5012 monitor - ok
16:24:58.0277 5012 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:24:58.0277 5012 mouclass - ok
16:24:58.0277 5012 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:24:58.0277 5012 mouhid - ok
16:24:58.0277 5012 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:24:58.0277 5012 MountMgr - ok
16:24:58.0292 5012 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
16:24:58.0292 5012 mpio - ok
16:24:58.0308 5012 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:24:58.0308 5012 mpsdrv - ok
16:24:58.0339 5012 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:24:58.0355 5012 MpsSvc - ok
16:24:58.0370 5012 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:24:58.0370 5012 Mraid35x - ok
16:24:58.0386 5012 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:24:58.0386 5012 MRxDAV - ok
16:24:58.0401 5012 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:24:58.0401 5012 mrxsmb - ok
16:24:58.0417 5012 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:24:58.0417 5012 mrxsmb10 - ok
16:24:58.0433 5012 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:24:58.0433 5012 mrxsmb20 - ok
16:24:58.0448 5012 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
16:24:58.0448 5012 msahci - ok
16:24:58.0448 5012 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:24:58.0448 5012 msdsm - ok
16:24:58.0464 5012 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
16:24:58.0464 5012 MSDTC - ok
16:24:58.0495 5012 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:24:58.0495 5012 Msfs - ok
16:24:58.0495 5012 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:24:58.0495 5012 msisadrv - ok
16:24:58.0526 5012 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:24:58.0526 5012 MSiSCSI - ok
16:24:58.0526 5012 msiserver - ok
16:24:58.0542 5012 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:24:58.0542 5012 MSKSSRV - ok
16:24:58.0573 5012 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:24:58.0573 5012 MSPCLOCK - ok
16:24:58.0573 5012 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:24:58.0573 5012 MSPQM - ok
16:24:58.0589 5012 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:24:58.0604 5012 MsRPC - ok
16:24:58.0604 5012 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:24:58.0604 5012 mssmbios - ok
16:24:58.0604 5012 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:24:58.0604 5012 MSTEE - ok
16:24:58.0635 5012 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
16:24:58.0635 5012 MTsensor - ok
16:24:58.0635 5012 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
16:24:58.0635 5012 Mup - ok
16:24:58.0667 5012 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
16:24:58.0667 5012 napagent - ok
16:24:58.0713 5012 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:24:58.0713 5012 NativeWifiP - ok
16:24:58.0807 5012 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:24:58.0823 5012 NDIS - ok
16:24:58.0838 5012 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:24:58.0854 5012 NdisTapi - ok
16:24:58.0869 5012 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:24:58.0869 5012 Ndisuio - ok
16:24:58.0885 5012 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:24:58.0885 5012 NdisWan - ok
16:24:58.0901 5012 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:24:58.0901 5012 NDProxy - ok
16:24:58.0916 5012 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:24:58.0916 5012 NetBIOS - ok
16:24:58.0932 5012 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:24:58.0932 5012 netbt - ok
16:24:58.0947 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
16:24:58.0947 5012 Netlogon - ok
16:24:58.0979 5012 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
16:24:58.0979 5012 Netman - ok
16:24:59.0025 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0025 5012 NetMsmqActivator - ok
16:24:59.0025 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0025 5012 NetPipeActivator - ok
16:24:59.0041 5012 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
16:24:59.0041 5012 netprofm - ok
16:24:59.0057 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0057 5012 NetTcpActivator - ok
16:24:59.0072 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0072 5012 NetTcpPortSharing - ok
16:24:59.0088 5012 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:24:59.0088 5012 nfrd960 - ok
16:24:59.0197 5012 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
16:24:59.0291 5012 NlaSvc - ok
16:24:59.0322 5012 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:24:59.0322 5012 Npfs - ok
16:24:59.0400 5012 npggsvc - ok
16:24:59.0400 5012 NPPTNT2 - ok
16:24:59.0447 5012 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
16:24:59.0447 5012 nsi - ok
16:24:59.0447 5012 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:24:59.0462 5012 nsiproxy - ok
16:24:59.0587 5012 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:24:59.0587 5012 Ntfs - ok
16:24:59.0603 5012 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
16:24:59.0603 5012 Null - ok
16:24:59.0915 5012 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:24:59.0961 5012 nvlddmkm - ok
16:24:59.0977 5012 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:24:59.0977 5012 nvraid - ok
16:24:59.0993 5012 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:24:59.0993 5012 nvstor - ok
16:25:00.0055 5012 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:25:00.0055 5012 nvsvc - ok
16:25:00.0133 5012 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:25:00.0149 5012 nvUpdatusService - ok
16:25:00.0164 5012 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:25:00.0164 5012 nv_agp - ok
16:25:00.0164 5012 NwlnkFlt - ok
16:25:00.0164 5012 NwlnkFwd - ok
16:25:00.0195 5012 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:25:00.0195 5012 ohci1394 - ok
16:25:00.0227 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:25:00.0242 5012 p2pimsvc - ok
16:25:00.0258 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
16:25:00.0258 5012 p2psvc - ok
16:25:00.0273 5012 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
16:25:00.0273 5012 Parport - ok
16:25:00.0289 5012 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:25:00.0289 5012 partmgr - ok
16:25:00.0305 5012 [ 304E6AC43613A9C43896C4300009442B ] PCAMp50a64 C:\Windows\system32\Drivers\PCAMp50a64.sys
16:25:00.0305 5012 PCAMp50a64 - ok
16:25:00.0320 5012 [ 18B6869E23937175144E6F1D3CB85FC2 ] PCASp50a64 C:\Windows\system32\Drivers\PCASp50a64.sys
16:25:00.0320 5012 PCASp50a64 - ok
16:25:00.0336 5012 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
16:25:00.0336 5012 PcaSvc - ok
16:25:00.0351 5012 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
16:25:00.0351 5012 pci - ok
16:25:00.0383 5012 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
16:25:00.0383 5012 pciide - ok
16:25:00.0398 5012 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:25:00.0398 5012 pcmcia - ok
16:25:00.0414 5012 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:25:00.0429 5012 PEAUTH - ok
16:25:00.0445 5012 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:25:00.0445 5012 PerfHost - ok
16:25:00.0492 5012 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
16:25:00.0523 5012 pla - ok
16:25:00.0554 5012 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:25:00.0554 5012 PlugPlay - ok
16:25:00.0554 5012 PnkBstrA - ok
16:25:00.0585 5012 PnkBstrB - ok
16:25:00.0601 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:25:00.0617 5012 PNRPAutoReg - ok
16:25:00.0617 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:25:00.0632 5012 PNRPsvc - ok
16:25:00.0695 5012 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:25:00.0710 5012 PolicyAgent - ok
16:25:00.0726 5012 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:25:00.0726 5012 PptpMiniport - ok
16:25:00.0741 5012 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
16:25:00.0741 5012 Processor - ok
16:25:00.0757 5012 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
16:25:00.0757 5012 ProfSvc - ok
16:25:00.0773 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:00.0773 5012 ProtectedStorage - ok
16:25:00.0788 5012 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:25:00.0788 5012 PSched - ok
16:25:00.0819 5012 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:25:00.0835 5012 ql2300 - ok
16:25:00.0851 5012 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:25:00.0851 5012 ql40xx - ok
16:25:00.0882 5012 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
16:25:00.0882 5012 QWAVE - ok
16:25:00.0897 5012 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:25:00.0897 5012 QWAVEdrv - ok
16:25:00.0913 5012 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:25:00.0913 5012 RasAcd - ok
16:25:00.0913 5012 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
16:25:00.0913 5012 RasAuto - ok
16:25:00.0929 5012 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:00.0929 5012 Rasl2tp - ok
16:25:00.0944 5012 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
16:25:00.0944 5012 RasMan - ok
16:25:00.0975 5012 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:00.0975 5012 RasPppoe - ok
16:25:00.0975 5012 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:25:00.0975 5012 RasSstp - ok
16:25:00.0991 5012 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:25:00.0991 5012 rdbss - ok
16:25:00.0991 5012 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:00.0991 5012 RDPCDD - ok
16:25:01.0007 5012 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:25:01.0007 5012 rdpdr - ok
16:25:01.0022 5012 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:25:01.0022 5012 RDPENCDD - ok
16:25:01.0038 5012 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:25:01.0053 5012 RDPWD - ok
16:25:01.0069 5012 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:25:01.0069 5012 RemoteAccess - ok
16:25:01.0085 5012 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:25:01.0085 5012 RemoteRegistry - ok
16:25:01.0100 5012 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
16:25:01.0100 5012 RpcLocator - ok
16:25:01.0116 5012 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
16:25:01.0116 5012 RpcSs - ok
16:25:01.0131 5012 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:25:01.0131 5012 rspndr - ok
16:25:01.0131 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
16:25:01.0131 5012 SamSs - ok
16:25:01.0147 5012 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:25:01.0147 5012 sbp2port - ok
16:25:01.0194 5012 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:25:01.0209 5012 SCardSvr - ok
16:25:01.0241 5012 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
16:25:01.0241 5012 Schedule - ok
16:25:01.0272 5012 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:25:01.0272 5012 SCPolicySvc - ok
16:25:01.0303 5012 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:25:01.0303 5012 SDRSVC - ok
16:25:01.0334 5012 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:25:01.0334 5012 secdrv - ok
16:25:01.0350 5012 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
16:25:01.0350 5012 seclogon - ok
16:25:01.0350 5012 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
16:25:01.0365 5012 SENS - ok
16:25:01.0381 5012 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:25:01.0381 5012 Serenum - ok
16:25:01.0381 5012 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:25:01.0381 5012 Serial - ok
16:25:01.0397 5012 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:25:01.0397 5012 sermouse - ok
16:25:01.0428 5012 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
16:25:01.0428 5012 SessionEnv - ok
16:25:01.0443 5012 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:25:01.0443 5012 sffdisk - ok
16:25:01.0459 5012 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:25:01.0459 5012 sffp_mmc - ok
16:25:01.0459 5012 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:25:01.0459 5012 sffp_sd - ok
16:25:01.0490 5012 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:25:01.0490 5012 sfloppy - ok
16:25:01.0537 5012 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:25:01.0537 5012 SharedAccess - ok
16:25:01.0553 5012 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:01.0553 5012 ShellHWDetection - ok
16:25:01.0568 5012 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:25:01.0568 5012 SiSRaid2 - ok
16:25:01.0584 5012 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:25:01.0599 5012 SiSRaid4 - ok
16:25:01.0631 5012 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:25:01.0631 5012 SkypeUpdate - ok
16:25:01.0755 5012 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
16:25:01.0755 5012 slsvc - ok
16:25:01.0787 5012 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:25:01.0787 5012 SLUINotify - ok
16:25:01.0818 5012 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:25:01.0833 5012 Smb - ok
16:25:01.0880 5012 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:25:01.0880 5012 SNMPTRAP - ok
16:25:01.0896 5012 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
16:25:01.0896 5012 spldr - ok
16:25:01.0943 5012 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
16:25:01.0943 5012 Spooler - ok
16:25:01.0974 5012 [ 514E743DA07C6979985A68A74E0D9076 ] sptd C:\Windows\system32\Drivers\sptd.sys
16:25:01.0974 5012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 514E743DA07C6979985A68A74E0D9076
16:25:01.0974 5012 sptd ( LockedFile.Multi.Generic ) - warning
16:25:01.0974 5012 sptd - detected LockedFile.Multi.Generic (1)
16:25:02.0005 5012 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
16:25:02.0005 5012 srv - ok
16:25:02.0021 5012 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:25:02.0021 5012 srv2 - ok
16:25:02.0036 5012 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:25:02.0036 5012 srvnet - ok
16:25:02.0052 5012 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:25:02.0052 5012 SSDPSRV - ok
16:25:02.0083 5012 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:25:02.0083 5012 SstpSvc - ok
16:25:02.0114 5012 Steam Client Service - ok
16:25:02.0145 5012 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
16:25:02.0145 5012 stisvc - ok
16:25:02.0161 5012 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:25:02.0177 5012 swenum - ok
16:25:02.0192 5012 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
16:25:02.0208 5012 swprv - ok
16:25:02.0208 5012 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:25:02.0208 5012 Symc8xx - ok
16:25:02.0239 5012 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:25:02.0239 5012 Sym_hi - ok
16:25:02.0270 5012 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:25:02.0270 5012 Sym_u3 - ok
16:25:02.0286 5012 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
16:25:02.0301 5012 SysMain - ok
16:25:02.0348 5012 [ D8030E0421ABDAB24AD4719B804BF538 ] szkg5 C:\Windows\syswow64\DRIVERS\szkg64.sys
16:25:02.0348 5012 szkg5 - ok
16:25:02.0379 5012 [ F18D116A5F73B9CB9C380E92DCD73DE9 ] szserver C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
16:25:02.0379 5012 szserver - ok
16:25:02.0411 5012 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:02.0411 5012 TabletInputService - ok
16:25:02.0426 5012 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
16:25:02.0426 5012 tap0901 - ok
16:25:02.0442 5012 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:25:02.0457 5012 TapiSrv - ok
16:25:02.0473 5012 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
16:25:02.0473 5012 TBS - ok
16:25:02.0520 5012 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:25:02.0535 5012 Tcpip - ok
16:25:02.0567 5012 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:25:02.0567 5012 Tcpip6 - ok
16:25:02.0598 5012 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:25:02.0598 5012 tcpipreg - ok
16:25:02.0629 5012 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:25:02.0629 5012 TDPIPE - ok
16:25:02.0645 5012 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:25:02.0645 5012 TDTCP - ok
16:25:02.0660 5012 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:25:02.0660 5012 tdx - ok
16:25:02.0738 5012 [ 1C46C27E9F1938B9589859C70450D275 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
16:25:02.0738 5012 TeamViewer6 - ok
16:25:02.0754 5012 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:25:02.0754 5012 TermDD - ok
16:25:02.0785 5012 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
16:25:02.0785 5012 TermService - ok
16:25:02.0801 5012 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
16:25:02.0801 5012 Themes - ok
16:25:02.0801 5012 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
16:25:02.0801 5012 THREADORDER - ok
16:25:02.0832 5012 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
16:25:02.0832 5012 TrkWks - ok
16:25:02.0894 5012 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:02.0894 5012 TrustedInstaller - ok
16:25:02.0910 5012 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:02.0910 5012 tssecsrv - ok
16:25:02.0925 5012 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:25:02.0925 5012 tunmp - ok
16:25:02.0957 5012 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:25:02.0957 5012 tunnel - ok
16:25:02.0972 5012 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:25:02.0972 5012 uagp35 - ok
16:25:02.0988 5012 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:25:02.0988 5012 udfs - ok
16:25:03.0019 5012 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:25:03.0019 5012 UI0Detect - ok
16:25:03.0035 5012 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:25:03.0035 5012 uliagpkx - ok
16:25:03.0035 5012 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:25:03.0035 5012 uliahci - ok
16:25:03.0050 5012 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:25:03.0050 5012 UlSata - ok
16:25:03.0066 5012 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:25:03.0066 5012 ulsata2 - ok
16:25:03.0066 5012 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:25:03.0081 5012 umbus - ok
16:25:03.0097 5012 [ 01ABE05C401E70795B43A8933B44831E ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
16:25:03.0097 5012 UMPass - ok
16:25:03.0159 5012 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
16:25:03.0159 5012 upnphost - ok
16:25:03.0191 5012 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:03.0191 5012 usbccgp - ok
16:25:03.0206 5012 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:25:03.0206 5012 usbcir - ok
16:25:03.0222 5012 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:25:03.0222 5012 usbehci - ok
16:25:03.0237 5012 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:25:03.0237 5012 usbhub - ok
16:25:03.0253 5012 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:25:03.0253 5012 usbohci - ok
16:25:03.0269 5012 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:25:03.0284 5012 usbprint - ok
16:25:03.0300 5012 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:03.0300 5012 USBSTOR - ok
16:25:03.0315 5012 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:25:03.0315 5012 usbuhci - ok
16:25:03.0347 5012 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
16:25:03.0347 5012 UxSms - ok
16:25:03.0440 5012 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
16:25:03.0440 5012 vds - ok
16:25:03.0471 5012 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:03.0471 5012 vga - ok
16:25:03.0487 5012 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:25:03.0487 5012 VgaSave - ok
16:25:03.0503 5012 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
16:25:03.0503 5012 viaide - ok
16:25:03.0549 5012 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:25:03.0549 5012 volmgr - ok
16:25:03.0581 5012 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:25:03.0581 5012 volmgrx - ok
16:25:03.0596 5012 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:25:03.0596 5012 volsnap - ok
16:25:03.0612 5012 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:25:03.0627 5012 vsmraid - ok
16:25:03.0674 5012 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
16:25:03.0690 5012 VSS - ok
16:25:03.0721 5012 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
16:25:03.0721 5012 W32Time - ok
16:25:03.0752 5012 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:25:03.0752 5012 WacomPen - ok
16:25:03.0768 5012 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:25:03.0768 5012 Wanarp - ok
16:25:03.0768 5012 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:25:03.0783 5012 Wanarpv6 - ok
16:25:03.0877 5012 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:25:03.0893 5012 wcncsvc - ok
16:25:03.0924 5012 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:25:03.0924 5012 WcsPlugInService - ok
16:25:03.0939 5012 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
16:25:03.0939 5012 Wd - ok
16:25:03.0986 5012 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:25:04.0033 5012 Wdf01000 - ok
16:25:04.0049 5012 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:25:04.0064 5012 WdiServiceHost - ok
16:25:04.0064 5012 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:25:04.0080 5012 WdiSystemHost - ok
16:25:04.0080 5012 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
16:25:04.0095 5012 WebClient - ok
16:25:04.0127 5012 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:25:04.0127 5012 Wecsvc - ok
16:25:04.0158 5012 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:25:04.0158 5012 wercplsupport - ok
16:25:04.0173 5012 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
16:25:04.0173 5012 WerSvc - ok
16:25:04.0205 5012 WinDefend - ok
16:25:04.0205 5012 WinHttpAutoProxySvc - ok
16:25:04.0283 5012 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:25:04.0283 5012 Winmgmt - ok
16:25:04.0470 5012 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
16:25:04.0595 5012 WinRM - ok
16:25:04.0657 5012 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
16:25:04.0657 5012 WinUSB - ok
16:25:04.0766 5012 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:25:04.0782 5012 Wlansvc - ok
16:25:05.0063 5012 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:25:05.0078 5012 wlidsvc - ok
16:25:05.0109 5012 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:25:05.0109 5012 WmiAcpi - ok
16:25:05.0141 5012 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:25:05.0156 5012 wmiApSrv - ok
16:25:05.0172 5012 WMPNetworkSvc - ok
16:25:05.0234 5012 [ 8ADF7F74DD5E72CE14B4000C2DEBF3C1 ] WN111v2 C:\Windows\system32\DRIVERS\WN111v2x.sys
16:25:05.0297 5012 WN111v2 - ok
16:25:05.0343 5012 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:25:05.0359 5012 WPCSvc - ok
16:25:05.0390 5012 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:25:05.0390 5012 WPDBusEnum - ok
16:25:05.0406 5012 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:25:05.0406 5012 WpdUsb - ok
16:25:05.0531 5012 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:25:05.0624 5012 WPFFontCache_v0400 - ok
16:25:05.0640 5012 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:25:05.0640 5012 ws2ifsl - ok
16:25:05.0671 5012 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll
16:25:05.0671 5012 wscsvc - ok
16:25:05.0671 5012 WSearch - ok
16:25:05.0827 5012 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:25:05.0858 5012 wuauserv - ok
16:25:05.0874 5012 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:25:05.0874 5012 WudfPf - ok
16:25:05.0905 5012 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:25:05.0905 5012 WUDFRd - ok
16:25:05.0921 5012 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:25:05.0921 5012 wudfsvc - ok
16:25:05.0936 5012 ================ Scan global ===============================
16:25:05.0967 5012 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:25:05.0999 5012 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:25:06.0014 5012 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:25:06.0030 5012 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
16:25:06.0030 5012 [Global] - ok
16:25:06.0030 5012 ================ Scan MBR ==================================
16:25:06.0045 5012 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:25:06.0373 5012 \Device\Harddisk0\DR0 - ok
16:25:06.0373 5012 ================ Scan VBR ==================================
16:25:06.0373 5012 [ 3D36153A23E546B095FDED932971A1D2 ] \Device\Harddisk0\DR0\Partition1
16:25:06.0389 5012 \Device\Harddisk0\DR0\Partition1 - ok
16:25:06.0389 5012 [ 6FACDB20B26904D881A23D23A78F9023 ] \Device\Harddisk0\DR0\Partition2
16:25:06.0389 5012 \Device\Harddisk0\DR0\Partition2 - ok
16:25:06.0404 5012 [ C46C46E0CB694546F50136560B8333E4 ] \Device\Harddisk0\DR0\Partition3
16:25:06.0435 5012 \Device\Harddisk0\DR0\Partition3 - ok
16:25:06.0435 5012 ============================================================
16:25:06.0435 5012 Scan finished
16:25:06.0435 5012 ============================================================
16:25:06.0435 5000 Detected object count: 1
16:25:06.0435 5000 Actual detected object count: 1
16:25:51.0261 5000 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
16:25:51.0261 5000 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
16:25:51.0307 5000 HKLM\SYSTEM\controlset002\services\sptd - will be deleted on reboot
16:25:51.0463 5000 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
16:25:51.0463 5000 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
16:26:24.0441 3940 Deinitialize success
16:24:48.0215 1492 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:24:48.0589 1492 ============================================================
16:24:48.0589 1492 Current date / time: 2013/07/09 16:24:48.0589
16:24:48.0589 1492 SystemInfo:
16:24:48.0589 1492
16:24:48.0589 1492 OS Version: 6.0.6002 ServicePack: 2.0
16:24:48.0589 1492 Product type: Workstation
16:24:48.0589 1492 ComputerName: ARVIDLARSEN-PC
16:24:48.0589 1492 UserName: Arvid
16:24:48.0589 1492 Windows directory: C:\Windows
16:24:48.0589 1492 System windows directory: C:\Windows
16:24:48.0589 1492 Running under WOW64
16:24:48.0589 1492 Processor architecture: Intel x64
16:24:48.0589 1492 Number of processors: 2
16:24:48.0589 1492 Page size: 0x1000
16:24:48.0589 1492 Boot type: Normal boot
16:24:48.0589 1492 ============================================================
16:24:49.0463 1492 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:24:49.0463 1492 ============================================================
16:24:49.0463 1492 \Device\Harddisk0\DR0:
16:24:49.0463 1492 MBR partitions:
16:24:49.0463 1492 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5005000
16:24:49.0478 1492 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x50092A7, BlocksNum 0x1F4F56FB
16:24:49.0494 1492 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x244FE9E1, BlocksNum 0xC6AE069
16:24:49.0494 1492 ============================================================
16:24:49.0541 1492 C: <-> \Device\Harddisk0\DR0\Partition1
16:24:49.0572 1492 S: <-> \Device\Harddisk0\DR0\Partition2
16:24:49.0603 1492 P: <-> \Device\Harddisk0\DR0\Partition3
16:24:49.0603 1492 ============================================================
16:24:49.0603 1492 Initialize success
16:24:49.0603 1492 ============================================================
16:24:51.0943 5012 ============================================================
16:24:51.0943 5012 Scan started
16:24:51.0943 5012 Mode: Manual;
16:24:51.0943 5012 ============================================================
16:24:53.0066 5012 ================ Scan system memory ========================
16:24:53.0066 5012 System memory - ok
16:24:53.0066 5012 ================ Scan services =============================
16:24:53.0144 5012 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:24:53.0144 5012 ACPI - ok
16:24:53.0191 5012 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:24:53.0191 5012 AdobeARMservice - ok
16:24:53.0285 5012 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:24:53.0285 5012 AdobeFlashPlayerUpdateSvc - ok
16:24:53.0331 5012 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:24:53.0331 5012 adp94xx - ok
16:24:53.0347 5012 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:24:53.0347 5012 adpahci - ok
16:24:53.0363 5012 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:24:53.0363 5012 adpu160m - ok
16:24:53.0378 5012 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:24:53.0378 5012 adpu320 - ok
16:24:53.0425 5012 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:24:53.0425 5012 AeLookupSvc - ok
16:24:53.0441 5012 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
16:24:53.0441 5012 AFD - ok
16:24:53.0472 5012 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:24:53.0472 5012 agp440 - ok
16:24:53.0487 5012 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:24:53.0487 5012 aic78xx - ok
16:24:53.0487 5012 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
16:24:53.0487 5012 ALG - ok
16:24:53.0503 5012 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
16:24:53.0503 5012 aliide - ok
16:24:53.0519 5012 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
16:24:53.0519 5012 amdide - ok
16:24:53.0534 5012 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:24:53.0534 5012 AmdK8 - ok
16:24:53.0550 5012 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
16:24:53.0550 5012 Appinfo - ok
16:24:53.0597 5012 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
16:24:53.0597 5012 arc - ok
16:24:53.0659 5012 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:24:53.0659 5012 arcsas - ok
16:24:53.0737 5012 [ 8065A7659562005127673AC52898675F ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
16:24:53.0737 5012 AsIO - ok
16:24:53.0799 5012 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:24:53.0799 5012 aspnet_state - ok
16:24:53.0815 5012 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:24:53.0815 5012 AsyncMac - ok
16:24:53.0846 5012 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
16:24:53.0846 5012 atapi - ok
16:24:53.0877 5012 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:24:53.0877 5012 AudioEndpointBuilder - ok
16:24:53.0893 5012 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:24:53.0893 5012 AudioSrv - ok
16:24:54.0065 5012 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:24:54.0080 5012 AVGIDSAgent - ok
16:24:54.0111 5012 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:24:54.0111 5012 AVGIDSDriver - ok
16:24:54.0127 5012 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:24:54.0127 5012 AVGIDSHA - ok
16:24:54.0143 5012 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:24:54.0143 5012 Avgldx64 - ok
16:24:54.0174 5012 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:24:54.0174 5012 Avgloga - ok
16:24:54.0189 5012 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:24:54.0189 5012 Avgmfx64 - ok
16:24:54.0189 5012 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:24:54.0205 5012 Avgrkx64 - ok
16:24:54.0221 5012 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:24:54.0221 5012 Avgtdia - ok
16:24:54.0236 5012 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:24:54.0236 5012 avgwd - ok
16:24:54.0252 5012 Beep - ok
16:24:54.0283 5012 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
16:24:54.0283 5012 BFE - ok
16:24:54.0330 5012 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
16:24:54.0345 5012 BITS - ok
16:24:54.0361 5012 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:24:54.0361 5012 blbdrive - ok
16:24:54.0392 5012 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:24:54.0392 5012 bowser - ok
16:24:54.0408 5012 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:24:54.0408 5012 BrFiltLo - ok
16:24:54.0423 5012 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:24:54.0423 5012 BrFiltUp - ok
16:24:54.0439 5012 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
16:24:54.0439 5012 Browser - ok
16:24:54.0455 5012 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
16:24:54.0455 5012 Brserid - ok
16:24:54.0455 5012 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:24:54.0470 5012 BrSerWdm - ok
16:24:54.0470 5012 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:24:54.0470 5012 BrUsbMdm - ok
16:24:54.0470 5012 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:24:54.0470 5012 BrUsbSer - ok
16:24:54.0486 5012 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:24:54.0486 5012 BTHMODEM - ok
16:24:54.0501 5012 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:24:54.0501 5012 cdfs - ok
16:24:54.0533 5012 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:24:54.0533 5012 cdrom - ok
16:24:54.0533 5012 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
16:24:54.0548 5012 CertPropSvc - ok
16:24:54.0564 5012 CFRMD - ok
16:24:54.0751 5012 [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
16:24:54.0751 5012 CGVPNCliSrvc - ok
16:24:54.0767 5012 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
16:24:54.0767 5012 circlass - ok
16:24:54.0845 5012 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
16:24:54.0845 5012 CLFS - ok
16:24:54.0891 5012 [ 00E3E885D8C19CAD03BCD05DFEB2C1FE ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
16:24:54.0891 5012 CLPSLauncher - ok
16:24:54.0938 5012 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:24:54.0954 5012 clr_optimization_v2.0.50727_32 - ok
16:24:54.0985 5012 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:24:54.0985 5012 clr_optimization_v2.0.50727_64 - ok
16:24:55.0032 5012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:24:55.0032 5012 clr_optimization_v4.0.30319_32 - ok
16:24:55.0063 5012 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:24:55.0063 5012 clr_optimization_v4.0.30319_64 - ok
16:24:55.0063 5012 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:24:55.0063 5012 cmdide - ok
16:24:55.0079 5012 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:24:55.0079 5012 Compbatt - ok
16:24:55.0079 5012 COMSysApp - ok
16:24:55.0110 5012 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:24:55.0110 5012 crcdisk - ok
16:24:55.0157 5012 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:24:55.0157 5012 CryptSvc - ok
16:24:55.0188 5012 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:24:55.0188 5012 DcomLaunch - ok
16:24:55.0219 5012 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:24:55.0219 5012 DfsC - ok
16:24:55.0281 5012 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
16:24:55.0328 5012 DFSR - ok
16:24:55.0375 5012 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:24:55.0422 5012 Dhcp - ok
16:24:55.0453 5012 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
16:24:55.0453 5012 disk - ok
16:24:55.0547 5012 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:24:55.0547 5012 Dnscache - ok
16:24:55.0578 5012 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
16:24:55.0578 5012 dot3svc - ok
16:24:55.0609 5012 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
16:24:55.0609 5012 DPS - ok
16:24:55.0781 5012 [ 582C08E418121232BD199F4B92A63D9B ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
16:24:55.0796 5012 DragonUpdater - ok
16:24:55.0905 5012 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:24:55.0905 5012 drmkaud - ok
16:24:55.0937 5012 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
16:24:55.0937 5012 DrvAgent64 - ok
16:24:55.0968 5012 dump_wmimmc - ok
16:24:56.0015 5012 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:24:56.0030 5012 DXGKrnl - ok
16:24:56.0046 5012 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
16:24:56.0046 5012 E1G60 - ok
16:24:56.0077 5012 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
16:24:56.0077 5012 EapHost - ok
16:24:56.0093 5012 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:24:56.0093 5012 Ecache - ok
16:24:56.0108 5012 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:24:56.0124 5012 elxstor - ok
16:24:56.0139 5012 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:24:56.0155 5012 EMDMgmt - ok
16:24:56.0171 5012 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
16:24:56.0171 5012 epmntdrv - ok
16:24:56.0186 5012 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:24:56.0186 5012 ErrDev - ok
16:24:56.0202 5012 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
16:24:56.0202 5012 EuGdiDrv - ok
16:24:56.0264 5012 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
16:24:56.0264 5012 EventSystem - ok
16:24:56.0280 5012 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
16:24:56.0295 5012 exfat - ok
16:24:56.0311 5012 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:24:56.0311 5012 fastfat - ok
16:24:56.0311 5012 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:24:56.0311 5012 fdc - ok
16:24:56.0327 5012 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
16:24:56.0327 5012 fdPHost - ok
16:24:56.0342 5012 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
16:24:56.0342 5012 FDResPub - ok
16:24:56.0342 5012 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:24:56.0342 5012 FileInfo - ok
16:24:56.0358 5012 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:24:56.0358 5012 Filetrace - ok
16:24:56.0373 5012 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:24:56.0373 5012 flpydisk - ok
16:24:56.0405 5012 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:24:56.0405 5012 FltMgr - ok
16:24:56.0436 5012 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
16:24:56.0467 5012 FontCache - ok
16:24:56.0514 5012 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:24:56.0514 5012 FontCache3.0.0.0 - ok
16:24:56.0529 5012 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:24:56.0529 5012 Fs_Rec - ok
16:24:56.0545 5012 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:24:56.0545 5012 gagp30kx - ok
16:24:56.0607 5012 [ AE63D0DB96C07CAE5DC4CDB2B2A719A0 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
16:24:56.0623 5012 GeekBuddyRSP - ok
16:24:56.0654 5012 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
16:24:56.0654 5012 gpsvc - ok
16:24:56.0717 5012 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:56.0717 5012 gupdate - ok
16:24:56.0717 5012 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:56.0717 5012 gupdatem - ok
16:24:56.0732 5012 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:24:56.0732 5012 hamachi - ok
16:24:56.0873 5012 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:24:56.0888 5012 Hamachi2Svc - ok
16:24:56.0904 5012 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:24:56.0904 5012 HdAudAddService - ok
16:24:56.0935 5012 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:24:56.0951 5012 HDAudBus - ok
16:24:56.0966 5012 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:24:56.0966 5012 HidBth - ok
16:24:56.0982 5012 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:24:56.0982 5012 HidIr - ok
16:24:57.0013 5012 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
16:24:57.0013 5012 hidserv - ok
16:24:57.0029 5012 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:24:57.0029 5012 HidUsb - ok
16:24:57.0075 5012 [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
16:24:57.0075 5012 HiPatchService - ok
16:24:57.0091 5012 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
16:24:57.0091 5012 hkmsvc - ok
16:24:57.0107 5012 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:24:57.0107 5012 HpCISSs - ok
16:24:57.0138 5012 [ 8BB04143F294169BEC7F5B434C98928B ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:24:57.0153 5012 HTTP - ok
16:24:57.0169 5012 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:24:57.0169 5012 i2omp - ok
16:24:57.0185 5012 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:24:57.0185 5012 i8042prt - ok
16:24:57.0216 5012 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:24:57.0216 5012 iaStorV - ok
16:24:57.0263 5012 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:24:57.0263 5012 IDriverT - ok
16:24:57.0372 5012 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:24:57.0372 5012 idsvc - ok
16:24:57.0387 5012 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:24:57.0387 5012 iirsp - ok
16:24:57.0419 5012 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
16:24:57.0419 5012 IKEEXT - ok
16:24:57.0465 5012 [ BAA12AECED01041FFE309048CFDD573A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:24:57.0497 5012 IntcAzAudAddService - ok
16:24:57.0512 5012 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
16:24:57.0512 5012 intelide - ok
16:24:57.0512 5012 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:24:57.0512 5012 intelppm - ok
16:24:57.0543 5012 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:24:57.0543 5012 IPBusEnum - ok
16:24:57.0559 5012 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:24:57.0559 5012 IpFilterDriver - ok
16:24:57.0575 5012 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:24:57.0590 5012 iphlpsvc - ok
16:24:57.0590 5012 IpInIp - ok
16:24:57.0606 5012 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:24:57.0606 5012 IPMIDRV - ok
16:24:57.0621 5012 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:24:57.0621 5012 IPNAT - ok
16:24:57.0621 5012 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:24:57.0621 5012 IRENUM - ok
16:24:57.0637 5012 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:24:57.0637 5012 isapnp - ok
16:24:57.0668 5012 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:24:57.0668 5012 iScsiPrt - ok
16:24:57.0684 5012 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:24:57.0684 5012 iteatapi - ok
16:24:57.0699 5012 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:24:57.0699 5012 iteraid - ok
16:24:57.0731 5012 [ 78D233D835A8876035AC559AFE02B940 ] jswpsapi C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
16:24:57.0731 5012 jswpsapi - ok
16:24:57.0746 5012 [ 5BE640E88814B77A9E84B4549B5DCC2C ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys
16:24:57.0746 5012 JSWPSLWF - ok
16:24:57.0762 5012 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:24:57.0762 5012 kbdclass - ok
16:24:57.0793 5012 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:24:57.0793 5012 kbdhid - ok
16:24:57.0809 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
16:24:57.0809 5012 KeyIso - ok
16:24:57.0918 5012 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:24:57.0933 5012 KSecDD - ok
16:24:57.0933 5012 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:24:57.0933 5012 ksthunk - ok
16:24:57.0965 5012 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
16:24:57.0965 5012 KtmRm - ok
16:24:57.0996 5012 [ 463A1F864924736015017A8D4F90A577 ] L1E C:\Windows\system32\DRIVERS\L1E60x64.sys
16:24:57.0996 5012 L1E - ok
16:24:58.0027 5012 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:24:58.0027 5012 LanmanServer - ok
16:24:58.0058 5012 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:24:58.0058 5012 LanmanWorkstation - ok
16:24:58.0058 5012 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:24:58.0074 5012 lltdio - ok
16:24:58.0089 5012 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:24:58.0089 5012 lltdsvc - ok
16:24:58.0105 5012 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:24:58.0105 5012 lmhosts - ok
16:24:58.0121 5012 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:24:58.0121 5012 LSI_FC - ok
16:24:58.0136 5012 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:24:58.0136 5012 LSI_SAS - ok
16:24:58.0152 5012 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:24:58.0152 5012 LSI_SCSI - ok
16:24:58.0167 5012 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
16:24:58.0167 5012 luafv - ok
16:24:58.0183 5012 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
16:24:58.0183 5012 megasas - ok
16:24:58.0199 5012 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:24:58.0199 5012 MegaSR - ok
16:24:58.0230 5012 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
16:24:58.0230 5012 MMCSS - ok
16:24:58.0245 5012 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
16:24:58.0245 5012 Modem - ok
16:24:58.0261 5012 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:24:58.0261 5012 monitor - ok
16:24:58.0277 5012 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:24:58.0277 5012 mouclass - ok
16:24:58.0277 5012 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:24:58.0277 5012 mouhid - ok
16:24:58.0277 5012 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:24:58.0277 5012 MountMgr - ok
16:24:58.0292 5012 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
16:24:58.0292 5012 mpio - ok
16:24:58.0308 5012 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:24:58.0308 5012 mpsdrv - ok
16:24:58.0339 5012 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:24:58.0355 5012 MpsSvc - ok
16:24:58.0370 5012 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:24:58.0370 5012 Mraid35x - ok
16:24:58.0386 5012 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:24:58.0386 5012 MRxDAV - ok
16:24:58.0401 5012 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:24:58.0401 5012 mrxsmb - ok
16:24:58.0417 5012 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:24:58.0417 5012 mrxsmb10 - ok
16:24:58.0433 5012 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:24:58.0433 5012 mrxsmb20 - ok
16:24:58.0448 5012 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
16:24:58.0448 5012 msahci - ok
16:24:58.0448 5012 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:24:58.0448 5012 msdsm - ok
16:24:58.0464 5012 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
16:24:58.0464 5012 MSDTC - ok
16:24:58.0495 5012 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:24:58.0495 5012 Msfs - ok
16:24:58.0495 5012 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:24:58.0495 5012 msisadrv - ok
16:24:58.0526 5012 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:24:58.0526 5012 MSiSCSI - ok
16:24:58.0526 5012 msiserver - ok
16:24:58.0542 5012 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:24:58.0542 5012 MSKSSRV - ok
16:24:58.0573 5012 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:24:58.0573 5012 MSPCLOCK - ok
16:24:58.0573 5012 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:24:58.0573 5012 MSPQM - ok
16:24:58.0589 5012 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:24:58.0604 5012 MsRPC - ok
16:24:58.0604 5012 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:24:58.0604 5012 mssmbios - ok
16:24:58.0604 5012 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:24:58.0604 5012 MSTEE - ok
16:24:58.0635 5012 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
16:24:58.0635 5012 MTsensor - ok
16:24:58.0635 5012 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
16:24:58.0635 5012 Mup - ok
16:24:58.0667 5012 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
16:24:58.0667 5012 napagent - ok
16:24:58.0713 5012 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:24:58.0713 5012 NativeWifiP - ok
16:24:58.0807 5012 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:24:58.0823 5012 NDIS - ok
16:24:58.0838 5012 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:24:58.0854 5012 NdisTapi - ok
16:24:58.0869 5012 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:24:58.0869 5012 Ndisuio - ok
16:24:58.0885 5012 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:24:58.0885 5012 NdisWan - ok
16:24:58.0901 5012 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:24:58.0901 5012 NDProxy - ok
16:24:58.0916 5012 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:24:58.0916 5012 NetBIOS - ok
16:24:58.0932 5012 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:24:58.0932 5012 netbt - ok
16:24:58.0947 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
16:24:58.0947 5012 Netlogon - ok
16:24:58.0979 5012 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
16:24:58.0979 5012 Netman - ok
16:24:59.0025 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0025 5012 NetMsmqActivator - ok
16:24:59.0025 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0025 5012 NetPipeActivator - ok
16:24:59.0041 5012 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
16:24:59.0041 5012 netprofm - ok
16:24:59.0057 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0057 5012 NetTcpActivator - ok
16:24:59.0072 5012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:59.0072 5012 NetTcpPortSharing - ok
16:24:59.0088 5012 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:24:59.0088 5012 nfrd960 - ok
16:24:59.0197 5012 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
16:24:59.0291 5012 NlaSvc - ok
16:24:59.0322 5012 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:24:59.0322 5012 Npfs - ok
16:24:59.0400 5012 npggsvc - ok
16:24:59.0400 5012 NPPTNT2 - ok
16:24:59.0447 5012 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
16:24:59.0447 5012 nsi - ok
16:24:59.0447 5012 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:24:59.0462 5012 nsiproxy - ok
16:24:59.0587 5012 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:24:59.0587 5012 Ntfs - ok
16:24:59.0603 5012 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
16:24:59.0603 5012 Null - ok
16:24:59.0915 5012 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:24:59.0961 5012 nvlddmkm - ok
16:24:59.0977 5012 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:24:59.0977 5012 nvraid - ok
16:24:59.0993 5012 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:24:59.0993 5012 nvstor - ok
16:25:00.0055 5012 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:25:00.0055 5012 nvsvc - ok
16:25:00.0133 5012 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:25:00.0149 5012 nvUpdatusService - ok
16:25:00.0164 5012 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:25:00.0164 5012 nv_agp - ok
16:25:00.0164 5012 NwlnkFlt - ok
16:25:00.0164 5012 NwlnkFwd - ok
16:25:00.0195 5012 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:25:00.0195 5012 ohci1394 - ok
16:25:00.0227 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:25:00.0242 5012 p2pimsvc - ok
16:25:00.0258 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
16:25:00.0258 5012 p2psvc - ok
16:25:00.0273 5012 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
16:25:00.0273 5012 Parport - ok
16:25:00.0289 5012 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:25:00.0289 5012 partmgr - ok
16:25:00.0305 5012 [ 304E6AC43613A9C43896C4300009442B ] PCAMp50a64 C:\Windows\system32\Drivers\PCAMp50a64.sys
16:25:00.0305 5012 PCAMp50a64 - ok
16:25:00.0320 5012 [ 18B6869E23937175144E6F1D3CB85FC2 ] PCASp50a64 C:\Windows\system32\Drivers\PCASp50a64.sys
16:25:00.0320 5012 PCASp50a64 - ok
16:25:00.0336 5012 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
16:25:00.0336 5012 PcaSvc - ok
16:25:00.0351 5012 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
16:25:00.0351 5012 pci - ok
16:25:00.0383 5012 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
16:25:00.0383 5012 pciide - ok
16:25:00.0398 5012 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:25:00.0398 5012 pcmcia - ok
16:25:00.0414 5012 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:25:00.0429 5012 PEAUTH - ok
16:25:00.0445 5012 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:25:00.0445 5012 PerfHost - ok
16:25:00.0492 5012 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
16:25:00.0523 5012 pla - ok
16:25:00.0554 5012 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:25:00.0554 5012 PlugPlay - ok
16:25:00.0554 5012 PnkBstrA - ok
16:25:00.0585 5012 PnkBstrB - ok
16:25:00.0601 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:25:00.0617 5012 PNRPAutoReg - ok
16:25:00.0617 5012 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:25:00.0632 5012 PNRPsvc - ok
16:25:00.0695 5012 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:25:00.0710 5012 PolicyAgent - ok
16:25:00.0726 5012 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:25:00.0726 5012 PptpMiniport - ok
16:25:00.0741 5012 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
16:25:00.0741 5012 Processor - ok
16:25:00.0757 5012 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
16:25:00.0757 5012 ProfSvc - ok
16:25:00.0773 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:00.0773 5012 ProtectedStorage - ok
16:25:00.0788 5012 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:25:00.0788 5012 PSched - ok
16:25:00.0819 5012 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:25:00.0835 5012 ql2300 - ok
16:25:00.0851 5012 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:25:00.0851 5012 ql40xx - ok
16:25:00.0882 5012 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
16:25:00.0882 5012 QWAVE - ok
16:25:00.0897 5012 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:25:00.0897 5012 QWAVEdrv - ok
16:25:00.0913 5012 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:25:00.0913 5012 RasAcd - ok
16:25:00.0913 5012 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
16:25:00.0913 5012 RasAuto - ok
16:25:00.0929 5012 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:00.0929 5012 Rasl2tp - ok
16:25:00.0944 5012 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
16:25:00.0944 5012 RasMan - ok
16:25:00.0975 5012 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:00.0975 5012 RasPppoe - ok
16:25:00.0975 5012 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:25:00.0975 5012 RasSstp - ok
16:25:00.0991 5012 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:25:00.0991 5012 rdbss - ok
16:25:00.0991 5012 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:00.0991 5012 RDPCDD - ok
16:25:01.0007 5012 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:25:01.0007 5012 rdpdr - ok
16:25:01.0022 5012 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:25:01.0022 5012 RDPENCDD - ok
16:25:01.0038 5012 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:25:01.0053 5012 RDPWD - ok
16:25:01.0069 5012 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:25:01.0069 5012 RemoteAccess - ok
16:25:01.0085 5012 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:25:01.0085 5012 RemoteRegistry - ok
16:25:01.0100 5012 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
16:25:01.0100 5012 RpcLocator - ok
16:25:01.0116 5012 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
16:25:01.0116 5012 RpcSs - ok
16:25:01.0131 5012 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:25:01.0131 5012 rspndr - ok
16:25:01.0131 5012 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
16:25:01.0131 5012 SamSs - ok
16:25:01.0147 5012 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:25:01.0147 5012 sbp2port - ok
16:25:01.0194 5012 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:25:01.0209 5012 SCardSvr - ok
16:25:01.0241 5012 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
16:25:01.0241 5012 Schedule - ok
16:25:01.0272 5012 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:25:01.0272 5012 SCPolicySvc - ok
16:25:01.0303 5012 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:25:01.0303 5012 SDRSVC - ok
16:25:01.0334 5012 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:25:01.0334 5012 secdrv - ok
16:25:01.0350 5012 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
16:25:01.0350 5012 seclogon - ok
16:25:01.0350 5012 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
16:25:01.0365 5012 SENS - ok
16:25:01.0381 5012 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:25:01.0381 5012 Serenum - ok
16:25:01.0381 5012 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:25:01.0381 5012 Serial - ok
16:25:01.0397 5012 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:25:01.0397 5012 sermouse - ok
16:25:01.0428 5012 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
16:25:01.0428 5012 SessionEnv - ok
16:25:01.0443 5012 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:25:01.0443 5012 sffdisk - ok
16:25:01.0459 5012 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:25:01.0459 5012 sffp_mmc - ok
16:25:01.0459 5012 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:25:01.0459 5012 sffp_sd - ok
16:25:01.0490 5012 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:25:01.0490 5012 sfloppy - ok
16:25:01.0537 5012 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:25:01.0537 5012 SharedAccess - ok
16:25:01.0553 5012 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:01.0553 5012 ShellHWDetection - ok
16:25:01.0568 5012 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:25:01.0568 5012 SiSRaid2 - ok
16:25:01.0584 5012 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:25:01.0599 5012 SiSRaid4 - ok
16:25:01.0631 5012 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:25:01.0631 5012 SkypeUpdate - ok
16:25:01.0755 5012 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
16:25:01.0755 5012 slsvc - ok
16:25:01.0787 5012 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:25:01.0787 5012 SLUINotify - ok
16:25:01.0818 5012 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:25:01.0833 5012 Smb - ok
16:25:01.0880 5012 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:25:01.0880 5012 SNMPTRAP - ok
16:25:01.0896 5012 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
16:25:01.0896 5012 spldr - ok
16:25:01.0943 5012 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
16:25:01.0943 5012 Spooler - ok
16:25:01.0974 5012 [ 514E743DA07C6979985A68A74E0D9076 ] sptd C:\Windows\system32\Drivers\sptd.sys
16:25:01.0974 5012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 514E743DA07C6979985A68A74E0D9076
16:25:01.0974 5012 sptd ( LockedFile.Multi.Generic ) - warning
16:25:01.0974 5012 sptd - detected LockedFile.Multi.Generic (1)
16:25:02.0005 5012 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
16:25:02.0005 5012 srv - ok
16:25:02.0021 5012 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:25:02.0021 5012 srv2 - ok
16:25:02.0036 5012 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:25:02.0036 5012 srvnet - ok
16:25:02.0052 5012 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:25:02.0052 5012 SSDPSRV - ok
16:25:02.0083 5012 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:25:02.0083 5012 SstpSvc - ok
16:25:02.0114 5012 Steam Client Service - ok
16:25:02.0145 5012 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
16:25:02.0145 5012 stisvc - ok
16:25:02.0161 5012 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:25:02.0177 5012 swenum - ok
16:25:02.0192 5012 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
16:25:02.0208 5012 swprv - ok
16:25:02.0208 5012 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:25:02.0208 5012 Symc8xx - ok
16:25:02.0239 5012 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:25:02.0239 5012 Sym_hi - ok
16:25:02.0270 5012 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:25:02.0270 5012 Sym_u3 - ok
16:25:02.0286 5012 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
16:25:02.0301 5012 SysMain - ok
16:25:02.0348 5012 [ D8030E0421ABDAB24AD4719B804BF538 ] szkg5 C:\Windows\syswow64\DRIVERS\szkg64.sys
16:25:02.0348 5012 szkg5 - ok
16:25:02.0379 5012 [ F18D116A5F73B9CB9C380E92DCD73DE9 ] szserver C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
16:25:02.0379 5012 szserver - ok
16:25:02.0411 5012 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:02.0411 5012 TabletInputService - ok
16:25:02.0426 5012 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
16:25:02.0426 5012 tap0901 - ok
16:25:02.0442 5012 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:25:02.0457 5012 TapiSrv - ok
16:25:02.0473 5012 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
16:25:02.0473 5012 TBS - ok
16:25:02.0520 5012 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:25:02.0535 5012 Tcpip - ok
16:25:02.0567 5012 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:25:02.0567 5012 Tcpip6 - ok
16:25:02.0598 5012 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:25:02.0598 5012 tcpipreg - ok
16:25:02.0629 5012 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:25:02.0629 5012 TDPIPE - ok
16:25:02.0645 5012 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:25:02.0645 5012 TDTCP - ok
16:25:02.0660 5012 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:25:02.0660 5012 tdx - ok
16:25:02.0738 5012 [ 1C46C27E9F1938B9589859C70450D275 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
16:25:02.0738 5012 TeamViewer6 - ok
16:25:02.0754 5012 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:25:02.0754 5012 TermDD - ok
16:25:02.0785 5012 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
16:25:02.0785 5012 TermService - ok
16:25:02.0801 5012 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
16:25:02.0801 5012 Themes - ok
16:25:02.0801 5012 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
16:25:02.0801 5012 THREADORDER - ok
16:25:02.0832 5012 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
16:25:02.0832 5012 TrkWks - ok
16:25:02.0894 5012 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:02.0894 5012 TrustedInstaller - ok
16:25:02.0910 5012 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:02.0910 5012 tssecsrv - ok
16:25:02.0925 5012 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:25:02.0925 5012 tunmp - ok
16:25:02.0957 5012 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:25:02.0957 5012 tunnel - ok
16:25:02.0972 5012 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:25:02.0972 5012 uagp35 - ok
16:25:02.0988 5012 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:25:02.0988 5012 udfs - ok
16:25:03.0019 5012 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:25:03.0019 5012 UI0Detect - ok
16:25:03.0035 5012 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:25:03.0035 5012 uliagpkx - ok
16:25:03.0035 5012 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:25:03.0035 5012 uliahci - ok
16:25:03.0050 5012 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:25:03.0050 5012 UlSata - ok
16:25:03.0066 5012 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:25:03.0066 5012 ulsata2 - ok
16:25:03.0066 5012 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:25:03.0081 5012 umbus - ok
16:25:03.0097 5012 [ 01ABE05C401E70795B43A8933B44831E ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
16:25:03.0097 5012 UMPass - ok
16:25:03.0159 5012 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
16:25:03.0159 5012 upnphost - ok
16:25:03.0191 5012 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:03.0191 5012 usbccgp - ok
16:25:03.0206 5012 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:25:03.0206 5012 usbcir - ok
16:25:03.0222 5012 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:25:03.0222 5012 usbehci - ok
16:25:03.0237 5012 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:25:03.0237 5012 usbhub - ok
16:25:03.0253 5012 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:25:03.0253 5012 usbohci - ok
16:25:03.0269 5012 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:25:03.0284 5012 usbprint - ok
16:25:03.0300 5012 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:03.0300 5012 USBSTOR - ok
16:25:03.0315 5012 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:25:03.0315 5012 usbuhci - ok
16:25:03.0347 5012 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
16:25:03.0347 5012 UxSms - ok
16:25:03.0440 5012 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
16:25:03.0440 5012 vds - ok
16:25:03.0471 5012 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:03.0471 5012 vga - ok
16:25:03.0487 5012 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:25:03.0487 5012 VgaSave - ok
16:25:03.0503 5012 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
16:25:03.0503 5012 viaide - ok
16:25:03.0549 5012 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:25:03.0549 5012 volmgr - ok
16:25:03.0581 5012 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:25:03.0581 5012 volmgrx - ok
16:25:03.0596 5012 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:25:03.0596 5012 volsnap - ok
16:25:03.0612 5012 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:25:03.0627 5012 vsmraid - ok
16:25:03.0674 5012 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
16:25:03.0690 5012 VSS - ok
16:25:03.0721 5012 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
16:25:03.0721 5012 W32Time - ok
16:25:03.0752 5012 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:25:03.0752 5012 WacomPen - ok
16:25:03.0768 5012 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:25:03.0768 5012 Wanarp - ok
16:25:03.0768 5012 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:25:03.0783 5012 Wanarpv6 - ok
16:25:03.0877 5012 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:25:03.0893 5012 wcncsvc - ok
16:25:03.0924 5012 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:25:03.0924 5012 WcsPlugInService - ok
16:25:03.0939 5012 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
16:25:03.0939 5012 Wd - ok
16:25:03.0986 5012 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:25:04.0033 5012 Wdf01000 - ok
16:25:04.0049 5012 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:25:04.0064 5012 WdiServiceHost - ok
16:25:04.0064 5012 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:25:04.0080 5012 WdiSystemHost - ok
16:25:04.0080 5012 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
16:25:04.0095 5012 WebClient - ok
16:25:04.0127 5012 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:25:04.0127 5012 Wecsvc - ok
16:25:04.0158 5012 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:25:04.0158 5012 wercplsupport - ok
16:25:04.0173 5012 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
16:25:04.0173 5012 WerSvc - ok
16:25:04.0205 5012 WinDefend - ok
16:25:04.0205 5012 WinHttpAutoProxySvc - ok
16:25:04.0283 5012 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:25:04.0283 5012 Winmgmt - ok
16:25:04.0470 5012 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
16:25:04.0595 5012 WinRM - ok
16:25:04.0657 5012 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
16:25:04.0657 5012 WinUSB - ok
16:25:04.0766 5012 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:25:04.0782 5012 Wlansvc - ok
16:25:05.0063 5012 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:25:05.0078 5012 wlidsvc - ok
16:25:05.0109 5012 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:25:05.0109 5012 WmiAcpi - ok
16:25:05.0141 5012 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:25:05.0156 5012 wmiApSrv - ok
16:25:05.0172 5012 WMPNetworkSvc - ok
16:25:05.0234 5012 [ 8ADF7F74DD5E72CE14B4000C2DEBF3C1 ] WN111v2 C:\Windows\system32\DRIVERS\WN111v2x.sys
16:25:05.0297 5012 WN111v2 - ok
16:25:05.0343 5012 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:25:05.0359 5012 WPCSvc - ok
16:25:05.0390 5012 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:25:05.0390 5012 WPDBusEnum - ok
16:25:05.0406 5012 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:25:05.0406 5012 WpdUsb - ok
16:25:05.0531 5012 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:25:05.0624 5012 WPFFontCache_v0400 - ok
16:25:05.0640 5012 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:25:05.0640 5012 ws2ifsl - ok
16:25:05.0671 5012 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll
16:25:05.0671 5012 wscsvc - ok
16:25:05.0671 5012 WSearch - ok
16:25:05.0827 5012 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:25:05.0858 5012 wuauserv - ok
16:25:05.0874 5012 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:25:05.0874 5012 WudfPf - ok
16:25:05.0905 5012 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:25:05.0905 5012 WUDFRd - ok
16:25:05.0921 5012 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:25:05.0921 5012 wudfsvc - ok
16:25:05.0936 5012 ================ Scan global ===============================
16:25:05.0967 5012 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:25:05.0999 5012 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:25:06.0014 5012 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
16:25:06.0030 5012 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
16:25:06.0030 5012 [Global] - ok
16:25:06.0030 5012 ================ Scan MBR ==================================
16:25:06.0045 5012 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:25:06.0373 5012 \Device\Harddisk0\DR0 - ok
16:25:06.0373 5012 ================ Scan VBR ==================================
16:25:06.0373 5012 [ 3D36153A23E546B095FDED932971A1D2 ] \Device\Harddisk0\DR0\Partition1
16:25:06.0389 5012 \Device\Harddisk0\DR0\Partition1 - ok
16:25:06.0389 5012 [ 6FACDB20B26904D881A23D23A78F9023 ] \Device\Harddisk0\DR0\Partition2
16:25:06.0389 5012 \Device\Harddisk0\DR0\Partition2 - ok
16:25:06.0404 5012 [ C46C46E0CB694546F50136560B8333E4 ] \Device\Harddisk0\DR0\Partition3
16:25:06.0435 5012 \Device\Harddisk0\DR0\Partition3 - ok
16:25:06.0435 5012 ============================================================
16:25:06.0435 5012 Scan finished
16:25:06.0435 5012 ============================================================
16:25:06.0435 5000 Detected object count: 1
16:25:06.0435 5000 Actual detected object count: 1
16:25:51.0261 5000 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
16:25:51.0261 5000 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
16:25:51.0307 5000 HKLM\SYSTEM\controlset002\services\sptd - will be deleted on reboot
16:25:51.0463 5000 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
16:25:51.0463 5000 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
16:26:24.0441 3940 Deinitialize success
That wasn't actually a bad file, belongs to daemon tools. You can delete tdsskiller as its always updated. You can uninstall eset scan. Uninstall combofix by opening search box or run box and type combofix /uninstall and hit enter.
Note there is a space between the x and the /
And no, there is not an all in one program. As long as you aren't having any problems you are good to go.
Note there is a space between the x and the /
And no, there is not an all in one program. As long as you aren't having any problems you are good to go.
Dosehunter
New Member
Okay, Thanks a LOT! I'm definitly going to write those programs down for later use 
I'm definitly going to write those programs down for later use
Okay, Thanks a LOT!
Actually I wouldn't recommend using them if you don't know how to use them, they could harm your computer. If you have any problems, come back here.