Jump to content

PaperBoy68

Honorary Members
 View Profile  See their activity

  • Posts

    23

  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    USA
  1. PaperBoy68
    Found the correct folder but those two log files are the only ones in it.
  2. PaperBoy68
    I've run all scans and attached results. About the protection logs, they aren't where they are supposed to be. I can't find the Aplication Data folder at all. Thats where MBAM says they're stored but i can't find them. All I can find are the logs in the program interface. Something id definitely wrong. Everytime I try to close MBAM it freezes and stops responding. I have to end it with task mngr. CheckResults.txt dds.txt attach.txt protection-log-2013-03-10.txt protection-log-2013-03-11.txt
  3. PaperBoy68
    here are some protection logs. 2013/03/11 16:06:50 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85 2013/03/11 16:11:08 -0500 EMACHINELAPTOP Scott MESSAGE Starting IP protection 2013/03/11 16:11:08 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85 2013/03/11 16:14:28 -0500 EMACHINELAPTOP Scott MESSAGE Starting IP protection 2013/03/11 16:14:28 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85 2013/03/11 16:14:38 -0500 EMACHINELAPTOP Scott MESSAGE Starting IP protection 2013/03/11 16:14:38 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85
  4. PaperBoy68
    I entered all the exceptions you suggested but it didn't fix the problem. I've run numerous scans with MBAM and MBAR, I even uninstalled and reinstalled Malwarebytes Pro, but the same thing keeps happening. When I start Windows MBAM starts normally, with all protections in place. Within a few minutes the malicious website blocker turns off and can't be turned back on. When you try to check the box nothing happens. Please advise. Thank you
  5. PaperBoy68
    For some reason I can't get the protection mode in MBAM to stay on. It will come on when I start Windows but in a few minutes, the maliciuos webpage blocker is unchecked and can't be rechecked. I know that I had to go in and make cetain exceptions when I was running Avast AV. Could there be a compatability issue with ESET Nod32 AV 4.2 ? My OS is Win xp pro SP3 , I'm using MBAM Pro 1.7 What could be causing this? Thanks in advance (PB)
  6. PaperBoy68
    Have followed through with all recomendations. System seems to be running better. Hasn't frozen since. Will check back if any more problems occur. Thank you so much for your assistance. It is very much apprieciated. Have a Merry Christmas & A Happy New Year!
  7. PaperBoy68
    Here are the dds logs: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37 Run by Scott at 9:32:13 on 2012-11-24 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.207 [GMT -6:00] . AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: AVG Firewall *Disabled* . ============== Running Processes ================ . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uLocal Page = \blank.htm uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1321955101078 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342642089984 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab TCP: NameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces\{0807342D-7035-4ECF-8F78-1971866BB6A2} : DHCPNameServer = 192.168.0.1 205.171.3.25 Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\scott\application data\mozilla\firefox\profiles\dulce39n.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - component: c:\program files\avg\avg2012\firefox\components\avgssff.dll FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - ExtSQL: 2012-11-02 10:30; wrc@avast.com; c:\program files\avast software\avast\webrep\FF FF - ExtSQL: 2012-11-08 20:14; {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} FF - ExtSQL: 2012-11-09 12:39; jqs@sun.com; c:\program files\java\jre6\lib\deploy\jqs\ff FF - ExtSQL: 2012-11-09 12:40; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-2 738504] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-2 361032] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-2 21256] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-2 44808] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-2 399432] R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2005-7-27 14080] R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2005-7-27 36352] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-24 40776] R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2005-7-27 77056] R4 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-2 22856] S3 HSFHWVIA;HSFHWVIA;c:\windows\system32\drivers\HSFHWVIA.sys [2006-7-9 193152] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-11-16 35144] . =============== Created Last 30 ================ . 2012-11-24 15:23:48 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-11-16 20:26:54 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-11-09 18:40:03 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-11-09 02:14:24 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-11-06 19:54:41 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-11-06 19:54:41 -------- d-----w- c:\windows\system32\wbem\Repository 2012-11-02 23:52:49 -------- d-----w- c:\documents and settings\scott\local settings\application data\Sun 2012-11-02 20:06:32 -------- d-----w- c:\documents and settings\scott\application data\vlc(2) 2012-11-02 19:43:03 -------- d-----w- c:\program files\common files\Adobe(2) 2012-11-02 19:43:03 -------- d-----w- c:\program files\Adobe(2) 2012-11-02 19:21:36 -------- d-----w- c:\program files\common files\Java(2) 2012-11-02 15:45:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-02 15:45:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-02 15:30:53 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-11-02 15:29:12 41224 ----a-w- c:\windows\avastSS.scr 2012-11-02 15:28:25 -------- d-----w- c:\program files\AVAST Software 2012-11-02 15:28:25 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2012-11-02 01:44:57 -------- d-----w- c:\windows\system32\drivers\AVG 2012-11-02 01:44:57 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2012-11-02 01:44:49 -------- d-----w- c:\program files\ESET(2) 2012-11-02 01:44:49 -------- d-----w- c:\program files\ESET 2012-11-02 01:44:48 -------- d-----w- c:\documents and settings\all users\application data\ESET(2) 2012-11-02 01:44:47 -------- d-----w- c:\documents and settings\all users\application data\Norton . ==================== Find3M ==================== . 2012-11-09 18:39:37 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-11-02 18:56:28 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-02 18:56:28 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec . ============= FINISH: 9:33:20.40 =============== Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 7/9/2006 12:44:38 PM System Uptime: 11/24/2012 9:12:11 AM (0 hours ago) . Motherboard: eMachine | | Shadow-K8 Processor: Mobile AMD Athlon 64 Processor 3400+ | Socket 754 | 2205/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 75 GiB total, 45.962 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: VIA Rhine II Fast Ethernet Adapter Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_01021106&REV_74\3&61AAA01&0&90 Manufacturer: VIA Technologies, Inc. Name: VIA Rhine II Fast Ethernet Adapter PNP Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_01021106&REV_74\3&61AAA01&0&90 Service: FET5X86V . ==== System Restore Points =================== . RP59: 1/27/2012 4:10:08 PM - Software Distribution Service 3.0 RP60: 2/15/2012 10:04:27 AM - Software Distribution Service 3.0 RP61: 2/15/2012 6:50:43 PM - Software Distribution Service 3.0 RP62: 3/14/2012 9:34:10 AM - Software Distribution Service 3.0 RP63: 3/30/2012 6:21:17 PM - System Checkpoint RP64: 4/17/2012 2:04:14 PM - Software Distribution Service 3.0 RP65: 5/18/2012 7:52:27 PM - Software Distribution Service 3.0 RP66: 6/19/2012 2:34:55 PM - Software Distribution Service 3.0 RP67: 6/19/2012 3:11:41 PM - Removed ESET NOD32 Antivirus RP68: 6/19/2012 3:12:35 PM - Installed ESET NOD32 Antivirus RP69: 6/19/2012 3:57:33 PM - Restore Operation RP70: 6/19/2012 4:18:17 PM - Removed ESET NOD32 Antivirus RP71: 6/19/2012 4:47:36 PM - No Antivirus RP72: 7/18/2012 1:50:21 PM - Software Distribution Service 3.0 RP73: 7/18/2012 2:17:20 PM - Restore Operation RP74: 7/18/2012 2:58:00 PM - Software Distribution Service 3.0 RP75: 7/18/2012 3:12:04 PM - Software Distribution Service 3.0 RP76: 7/18/2012 3:18:57 PM - No Ativirus, Windows Updated RP77: 7/18/2012 4:27:47 PM - Configured Driver Detective RP78: 11/1/2012 8:43:53 PM - Restore Operation RP79: 11/1/2012 9:15:14 PM - Configured Driver Detective RP80: 11/1/2012 10:08:29 PM - Before Avast A/V Install RP81: 11/2/2012 9:50:05 AM - Software Distribution Service 3.0 RP82: 11/2/2012 10:22:32 AM - updated windows. No A/V RP83: 11/2/2012 10:28:25 AM - avast! Free Antivirus Setup RP84: 11/2/2012 11:13:34 AM - Removed QuickTime RP85: 11/2/2012 2:01:11 PM - Removed Java 6 Update 11 RP86: 11/2/2012 2:18:01 PM - Installed Java 7 Update 9 RP87: 11/2/2012 3:22:27 PM - All updates installed. Running stable RP88: 11/5/2012 5:59:37 PM - System Checkpoint RP89: 11/6/2012 1:11:27 PM - Restore Operation RP90: 11/6/2012 1:44:17 PM - Restore Operation RP91: 11/8/2012 8:04:43 PM - Uninstalled MP3 rocket RP92: 11/9/2012 12:38:32 PM - Installed Java 6 Update 37 RP93: 11/10/2012 9:39:24 AM - Before graphics update RP94: 11/12/2012 10:51:29 AM - System Checkpoint RP95: 11/13/2012 9:48:37 PM - Software Distribution Service 3.0 RP96: 11/16/2012 2:53:26 PM - run fix damage mbar RP97: 11/21/2012 9:17:09 PM - System Checkpoint . ==== Installed Programs ====================== . Actiontec Gateway Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 8.1.3 Adobe Shockwave Player 11 ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver AusLogics Disk Defrag avast! Free Antivirus Broadcom 802.11 Network Adapter Bubble Shooter Deluxe CCleaner Creative WebCam Monitor Creative WebCam NX Driver (1.00.08.0514) Digital Media Reader G-Force Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB981793) Java Auto Updater Java 6 Update 37 Java SE Runtime Environment 6 Update 1 Lexmark Z600 Series LightScribe 1.4.119.1 Malwarebytes Anti-Malware version 1.65.1.1000 MathPlayer Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Motorola SM56 Speakerphone Modem Mozilla Firefox 11.0 (x86 en-US) MP3 Rocket MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) neroxml PC Pitstop Optimize 1.5 Platform QuickConnect Qwest eChat Support Tools Realtek AC'97 Audio Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847-v2) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB913433) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) SoftK56 Data Fax CARP Synaptics Pointing Device Driver ubCore Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2345886) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC 9.0 Runtime VIA Platform Device Manager VIA Rhine-Family Fast-Ethernet Adapter VLC media player 2.0.4 WebFldrs XP WhiteCap Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live installer Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Player 11 Windows PowerShell 1.0 Windows XP Service Pack 3 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 11/21/2012 7:37:51 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avast! Antivirus service. 11/21/2012 6:08:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect. 11/21/2012 6:08:44 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== All exceptions for MBAM have recently been added to Avast a/v
  8. PaperBoy68
    Laptop W/ xp professional sp3 x 64bit. System starts slow, runs slow, freezes frequently, scr saver stopped working, I have run multiple scans w/ MBAM, Avast AV, TDSkiller, Norton Power eraser, MBAR Beta, nothing found. Cant support 2 monitors. Second monitor lags. I'm out of leads. Is it time to reinstal OS? Please advise. Thank You...
  9. PaperBoy68
    The pop-up's have disappeared. The webcam gadget was the culprit. Thanks again for all the help. It is very much appreciated.
  10. PaperBoy68
    I do have the "World wide webcam" gadget on my "I Google" home page. I will remove this gadget and see what happens... Thanks for the tip!!
  11. PaperBoy68
    Here is the ComboFix log: ComboFix 12-04-28.01 - Scott 04/28/2012 6:43.2.1 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1471.798 [GMT -5:00] Running from: c:\users\Scott\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\SysWow64\bdaplgin.ax c:\windows\SysWow64\cero.rs c:\windows\SysWow64\csrr.rs c:\windows\SysWow64\esrb.rs c:\windows\SysWow64\g711codc.ax c:\windows\SysWow64\grb.rs c:\windows\SysWow64\iac25_32.ax c:\windows\SysWow64\ir41_32.ax c:\windows\SysWow64\ivfsrc.ax c:\windows\SysWow64\ksproxy.ax c:\windows\SysWow64\kstvtune.ax c:\windows\SysWow64\Kswdmcap.ax c:\windows\SysWow64\ksxbar.ax c:\windows\SysWow64\Mpeg2Data.ax c:\windows\SysWow64\mpg2splt.ax c:\windows\SysWow64\MSDvbNP.ax c:\windows\SysWow64\MSNP.ax c:\windows\SysWow64\oflc.rs c:\windows\SysWow64\pegi-fi.rs c:\windows\SysWow64\pegi-pt.rs c:\windows\SysWow64\pegi.rs c:\windows\SysWow64\pegibbfc.rs c:\windows\SysWow64\psisrndr.ax c:\windows\SysWow64\usk.rs c:\windows\SysWow64\VBICodec.ax c:\windows\SysWow64\vbisurf.ax c:\windows\SysWow64\vidcap.ax c:\windows\SysWow64\WEB.rs c:\windows\SysWow64\WSTPager.ax . . ((((((((((((((((((((((((( Files Created from 2012-03-28 to 2012-04-28 ))))))))))))))))))))))))))))))) . . 2012-04-28 11:50 . 2012-04-28 11:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-26 11:57 . 2012-04-26 11:57 -------- d-----w- c:\users\Scott\AppData\Roaming\AVG2012 2012-04-26 11:57 . 2012-04-26 11:57 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-04-26 11:55 . 2012-04-28 11:14 -------- d-----w- c:\programdata\AVG2012 2012-04-26 11:55 . 2012-04-28 09:04 -------- d-----w- c:\windows\system32\drivers\AVG 2012-04-26 11:55 . 2012-04-26 11:55 -------- d-----w- C:\$AVG 2012-04-26 02:30 . 2012-04-28 10:58 -------- d-----w- c:\users\Scott\AppData\Local\NPE 2012-04-26 02:30 . 2012-04-26 02:30 -------- d-----w- c:\programdata\Norton 2012-04-25 01:12 . 2012-04-25 01:12 -------- d-----w- C:\TDSSKiller_Quarantine 2012-04-21 12:55 . 2012-04-21 12:55 -------- d-----w- c:\users\Scott\AppData\Local\ElevatedDiagnostics 2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-04-15 09:50 . 2012-04-15 09:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-04-12 08:36 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-12 08:36 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-04-12 08:36 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-04-12 08:35 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-12 08:35 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-12 08:35 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-12 08:35 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-12 08:35 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-12 08:35 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-12 08:35 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-11 13:24 . 2012-04-11 13:24 -------- d-----w- c:\users\Scott\AppData\Local\Apps 2012-04-11 13:21 . 2012-04-11 13:21 -------- d-----w- c:\users\Scott\AppData\Roaming\FastStone 2012-04-11 13:20 . 2012-04-11 13:20 -------- d-----w- c:\program files (x86)\FastStone Image Viewer 2012-03-31 08:21 . 2012-03-31 08:21 -------- d-----w- c:\users\Sherry . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-15 09:50 . 2011-11-24 16:33 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-04-04 20:56 . 2011-11-26 22:23 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-19 10:17 . 2012-03-19 10:17 383808 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-02-22 10:25 . 2012-02-22 10:25 289872 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-02-20 15:16 . 2011-11-26 22:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-02-17 06:38 . 2012-03-14 10:48 1112064 ----a-w- c:\windows\system32\rdpcorets.dll 2012-02-17 06:38 . 2012-03-14 10:48 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-14 10:48 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-14 10:48 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-14 10:48 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-16 11:53 . 2012-02-16 11:53 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-02-16 11:53 . 2012-02-16 11:53 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-02-16 11:53 . 2012-02-16 11:53 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-02-16 11:53 . 2012-02-16 11:53 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-02-10 06:36 . 2012-03-14 10:49 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:38 . 2012-03-14 10:49 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-03 04:34 . 2012-03-14 10:49 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-01-31 09:46 . 2012-01-31 09:46 36944 ----a-w- c:\windows\system32\drivers\avgrkx64.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nero PhotoShow Media Manager"="c:\progra~2\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe" [2006-05-10 249856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 VST64_DPV;VST64_DPV;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 VST64HWBS2;VST64HWBS2;c:\windows\system32\DRIVERS\VSTBS26.SYS [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-03-23 2321520] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-04-08 5158992] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-08-10 227184] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [x] S3 CAXHWBS2;CAXHWBS2;c:\windows\system32\DRIVERS\CAXHWBS2.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 09:50] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files (x86)\AVG\AVG2012\avgdtiex.dll TCP: DhcpNameServer = 192.168.0.1 205.171.3.25 FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\p64mlj5p.default\ FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\UninstFl.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3651193171-666663103-883258570-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe . ************************************************************************** . Completion time: 2012-04-28 07:00:15 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-28 12:00 . Pre-Run: 85,681,127,424 bytes free Post-Run: 85,347,999,744 bytes free . - - End Of File - - 58299BF72F6DD973B702F9DEB1C580EC
  12. PaperBoy68
    Here is the latest TDSSKiller log: (Only one Unsigned file found) 04:14:34.0816 2844 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43 04:14:36.0826 2844 ============================================================ 04:14:36.0826 2844 Current date / time: 2012/04/28 04:14:36.0826 04:14:36.0826 2844 SystemInfo: 04:14:36.0826 2844 04:14:36.0826 2844 OS Version: 6.1.7601 ServicePack: 1.0 04:14:36.0826 2844 Product type: Workstation 04:14:36.0826 2844 ComputerName: SCOTT-PC 04:14:36.0831 2844 UserName: Scott 04:14:36.0831 2844 Windows directory: C:\Windows 04:14:36.0831 2844 System windows directory: C:\Windows 04:14:36.0831 2844 Running under WOW64 04:14:36.0831 2844 Processor architecture: Intel x64 04:14:36.0831 2844 Number of processors: 1 04:14:36.0831 2844 Page size: 0x1000 04:14:36.0831 2844 Boot type: Normal boot 04:14:36.0831 2844 ============================================================ 04:14:38.0898 2844 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 04:14:38.0982 2844 ============================================================ 04:14:38.0982 2844 \Device\Harddisk0\DR0: 04:14:38.0990 2844 MBR partitions: 04:14:38.0990 2844 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCF2A6B1 04:14:38.0990 2844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0xCF2E200, BlocksNum 0x1065210 04:14:38.0990 2844 ============================================================ 04:14:39.0010 2844 C: <-> \Device\Harddisk0\DR0\Partition0 04:14:39.0038 2844 D: <-> \Device\Harddisk0\DR0\Partition1 04:14:39.0079 2844 ============================================================ 04:14:39.0080 2844 Initialize success 04:14:39.0080 2844 ============================================================ 04:15:31.0098 1268 ============================================================ 04:15:31.0098 1268 Scan started 04:15:31.0098 1268 Mode: Manual; SigCheck; TDLFS; 04:15:31.0098 1268 ============================================================ 04:15:32.0142 1268 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 04:15:32.0664 1268 1394ohci - ok 04:15:32.0732 1268 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 04:15:32.0760 1268 ACPI - ok 04:15:32.0803 1268 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 04:15:32.0916 1268 AcpiPmi - ok 04:15:33.0036 1268 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 04:15:33.0068 1268 AdobeARMservice - ok 04:15:33.0421 1268 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 04:15:33.0510 1268 AdobeFlashPlayerUpdateSvc - ok 04:15:33.0606 1268 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 04:15:33.0685 1268 adp94xx - ok 04:15:33.0750 1268 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 04:15:33.0784 1268 adpahci - ok 04:15:33.0846 1268 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 04:15:33.0873 1268 adpu320 - ok 04:15:33.0916 1268 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 04:15:34.0055 1268 AeLookupSvc - ok 04:15:34.0138 1268 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 04:15:34.0433 1268 AFD - ok 04:15:34.0528 1268 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 04:15:34.0563 1268 agp440 - ok 04:15:34.0648 1268 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 04:15:34.0692 1268 ALG - ok 04:15:34.0747 1268 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 04:15:34.0762 1268 aliide - ok 04:15:34.0819 1268 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 04:15:34.0846 1268 amdide - ok 04:15:34.0918 1268 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 04:15:35.0000 1268 AmdK8 - ok 04:15:35.0047 1268 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 04:15:35.0107 1268 AmdPPM - ok 04:15:35.0160 1268 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 04:15:35.0360 1268 amdsata - ok 04:15:35.0425 1268 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 04:15:35.0472 1268 amdsbs - ok 04:15:35.0518 1268 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 04:15:35.0545 1268 amdxata - ok 04:15:35.0595 1268 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys 04:15:35.0759 1268 androidusb - ok 04:15:35.0823 1268 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 04:15:36.0041 1268 AppID - ok 04:15:36.0092 1268 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 04:15:36.0163 1268 AppIDSvc - ok 04:15:36.0399 1268 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 04:15:36.0454 1268 Appinfo - ok 04:15:36.0505 1268 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 04:15:36.0581 1268 AppMgmt - ok 04:15:36.0651 1268 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 04:15:36.0708 1268 arc - ok 04:15:36.0767 1268 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 04:15:36.0788 1268 arcsas - ok 04:15:36.0828 1268 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 04:15:36.0903 1268 AsyncMac - ok 04:15:36.0948 1268 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 04:15:36.0965 1268 atapi - ok 04:15:37.0058 1268 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 04:15:37.0151 1268 AudioEndpointBuilder - ok 04:15:37.0355 1268 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 04:15:37.0407 1268 AudioSrv - ok 04:15:37.0495 1268 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys 04:15:37.0507 1268 Avgfwfd - ok 04:15:37.0803 1268 avgfws (3f246752bc1309f71a737c6a90dd5295) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe 04:15:37.0918 1268 avgfws - ok 04:15:38.0521 1268 AVGIDSAgent (2fa777badbb92b29fbd2f3d3d382ef96) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe 04:15:38.0757 1268 AVGIDSAgent - ok 04:15:38.0927 1268 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys 04:15:38.0971 1268 AVGIDSDriver - ok 04:15:39.0029 1268 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys 04:15:39.0043 1268 AVGIDSFilter - ok 04:15:39.0110 1268 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys 04:15:39.0141 1268 AVGIDSHA - ok 04:15:39.0398 1268 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys 04:15:39.0430 1268 Avgldx64 - ok 04:15:39.0488 1268 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys 04:15:39.0505 1268 Avgmfx64 - ok 04:15:39.0571 1268 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys 04:15:39.0598 1268 Avgrkx64 - ok 04:15:39.0675 1268 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys 04:15:39.0714 1268 Avgtdia - ok 04:15:39.0874 1268 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 04:15:39.0890 1268 avgwd - ok 04:15:39.0951 1268 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 04:15:40.0071 1268 AxInstSV - ok 04:15:40.0155 1268 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 04:15:40.0398 1268 b06bdrv - ok 04:15:40.0463 1268 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 04:15:40.0516 1268 b57nd60a - ok 04:15:40.0586 1268 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 04:15:40.0655 1268 BDESVC - ok 04:15:40.0708 1268 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 04:15:40.0761 1268 Beep - ok 04:15:40.0849 1268 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 04:15:40.0925 1268 BFE - ok 04:15:41.0018 1268 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 04:15:41.0118 1268 BITS - ok 04:15:41.0365 1268 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 04:15:41.0409 1268 blbdrive - ok 04:15:41.0449 1268 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 04:15:41.0534 1268 bowser - ok 04:15:41.0586 1268 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 04:15:41.0692 1268 BrFiltLo - ok 04:15:41.0728 1268 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 04:15:41.0782 1268 BrFiltUp - ok 04:15:41.0825 1268 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 04:15:41.0883 1268 BridgeMP - ok 04:15:41.0927 1268 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 04:15:42.0001 1268 Browser - ok 04:15:42.0051 1268 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 04:15:42.0120 1268 Brserid - ok 04:15:42.0160 1268 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 04:15:42.0374 1268 BrSerWdm - ok 04:15:42.0411 1268 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 04:15:42.0447 1268 BrUsbMdm - ok 04:15:42.0485 1268 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 04:15:42.0540 1268 BrUsbSer - ok 04:15:42.0583 1268 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 04:15:42.0616 1268 BTHMODEM - ok 04:15:42.0678 1268 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 04:15:42.0770 1268 bthserv - ok 04:15:42.0854 1268 CAXHWBS2 (46f088d1247e825b313200254edd9e5b) C:\Windows\system32\DRIVERS\CAXHWBS2.sys 04:15:42.0922 1268 CAXHWBS2 - ok 04:15:42.0977 1268 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 04:15:43.0044 1268 cdfs - ok 04:15:43.0108 1268 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 04:15:43.0152 1268 cdrom - ok 04:15:43.0403 1268 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 04:15:43.0463 1268 CertPropSvc - ok 04:15:43.0502 1268 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 04:15:43.0545 1268 circlass - ok 04:15:43.0600 1268 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 04:15:43.0636 1268 CLFS - ok 04:15:43.0744 1268 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 04:15:43.0828 1268 clr_optimization_v2.0.50727_32 - ok 04:15:43.0912 1268 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 04:15:43.0960 1268 clr_optimization_v2.0.50727_64 - ok 04:15:44.0048 1268 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 04:15:44.0152 1268 clr_optimization_v4.0.30319_32 - ok 04:15:44.0408 1268 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 04:15:44.0468 1268 clr_optimization_v4.0.30319_64 - ok 04:15:44.0525 1268 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 04:15:44.0581 1268 CmBatt - ok 04:15:44.0624 1268 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 04:15:44.0653 1268 cmdide - ok 04:15:44.0717 1268 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 04:15:44.0827 1268 CNG - ok 04:15:44.0864 1268 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 04:15:44.0880 1268 Compbatt - ok 04:15:44.0933 1268 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 04:15:44.0969 1268 CompositeBus - ok 04:15:44.0996 1268 COMSysApp - ok 04:15:45.0039 1268 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 04:15:45.0064 1268 crcdisk - ok 04:15:45.0139 1268 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 04:15:45.0411 1268 CryptSvc - ok 04:15:45.0476 1268 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 04:15:45.0550 1268 CSC - ok 04:15:45.0647 1268 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 04:15:45.0719 1268 CscService - ok 04:15:45.0784 1268 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 04:15:45.0802 1268 dc3d - ok 04:15:45.0892 1268 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 04:15:45.0969 1268 DcomLaunch - ok 04:15:46.0019 1268 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 04:15:46.0091 1268 defragsvc - ok 04:15:46.0160 1268 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 04:15:46.0395 1268 DfsC - ok 04:15:46.0478 1268 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 04:15:46.0578 1268 Dhcp - ok 04:15:46.0625 1268 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 04:15:46.0685 1268 discache - ok 04:15:46.0734 1268 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 04:15:46.0750 1268 Disk - ok 04:15:46.0795 1268 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 04:15:46.0865 1268 Dnscache - ok 04:15:46.0906 1268 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 04:15:46.0977 1268 dot3svc - ok 04:15:47.0032 1268 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 04:15:47.0102 1268 DPS - ok 04:15:47.0159 1268 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 04:15:47.0368 1268 drmkaud - ok 04:15:47.0456 1268 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 04:15:47.0513 1268 DXGKrnl - ok 04:15:47.0554 1268 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 04:15:47.0639 1268 EapHost - ok 04:15:47.0826 1268 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 04:15:47.0978 1268 ebdrv - ok 04:15:48.0088 1268 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 04:15:48.0348 1268 EFS - ok 04:15:48.0443 1268 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 04:15:48.0530 1268 ehRecvr - ok 04:15:48.0570 1268 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 04:15:48.0674 1268 ehSched - ok 04:15:48.0786 1268 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 04:15:48.0823 1268 elxstor - ok 04:15:48.0864 1268 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 04:15:48.0907 1268 ErrDev - ok 04:15:48.0987 1268 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 04:15:49.0060 1268 EventSystem - ok 04:15:49.0104 1268 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 04:15:49.0165 1268 exfat - ok 04:15:49.0396 1268 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 04:15:49.0471 1268 fastfat - ok 04:15:49.0558 1268 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 04:15:49.0652 1268 Fax - ok 04:15:49.0697 1268 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 04:15:49.0779 1268 fdc - ok 04:15:49.0834 1268 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 04:15:49.0920 1268 fdPHost - ok 04:15:49.0969 1268 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 04:15:50.0032 1268 FDResPub - ok 04:15:50.0073 1268 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 04:15:50.0092 1268 FileInfo - ok 04:15:50.0120 1268 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 04:15:50.0369 1268 Filetrace - ok 04:15:50.0401 1268 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 04:15:50.0418 1268 flpydisk - ok 04:15:50.0485 1268 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 04:15:50.0511 1268 FltMgr - ok 04:15:50.0610 1268 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 04:15:50.0748 1268 FontCache - ok 04:15:50.0862 1268 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 04:15:50.0900 1268 FontCache3.0.0.0 - ok 04:15:50.0963 1268 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 04:15:50.0982 1268 FsDepends - ok 04:15:51.0031 1268 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 04:15:51.0045 1268 Fs_Rec - ok 04:15:51.0111 1268 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 04:15:51.0142 1268 fvevol - ok 04:15:51.0359 1268 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 04:15:51.0398 1268 gagp30kx - ok 04:15:51.0468 1268 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 04:15:51.0559 1268 gpsvc - ok 04:15:51.0595 1268 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 04:15:51.0665 1268 hcw85cir - ok 04:15:51.0734 1268 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 04:15:51.0786 1268 HdAudAddService - ok 04:15:51.0834 1268 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 04:15:51.0869 1268 HDAudBus - ok 04:15:51.0912 1268 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 04:15:51.0958 1268 HidBatt - ok 04:15:51.0995 1268 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 04:15:52.0041 1268 HidBth - ok 04:15:52.0087 1268 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 04:15:52.0132 1268 HidIr - ok 04:15:52.0346 1268 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 04:15:52.0414 1268 hidserv - ok 04:15:52.0486 1268 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 04:15:52.0505 1268 HidUsb - ok 04:15:52.0553 1268 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 04:15:52.0630 1268 hkmsvc - ok 04:15:52.0690 1268 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 04:15:52.0762 1268 HomeGroupListener - ok 04:15:52.0818 1268 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 04:15:52.0876 1268 HomeGroupProvider - ok 04:15:52.0927 1268 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 04:15:52.0943 1268 HpSAMD - ok 04:15:53.0042 1268 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll 04:15:53.0108 1268 HsfXAudioService - ok 04:15:53.0410 1268 HSF_DP (64667d9808fd09fabedccf62e8f52662) C:\Windows\system32\DRIVERS\CAX_DP.sys 04:15:53.0547 1268 HSF_DP - ok 04:15:53.0714 1268 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 04:15:53.0805 1268 HTTP - ok 04:15:53.0850 1268 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 04:15:53.0865 1268 hwpolicy - ok 04:15:53.0937 1268 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 04:15:53.0984 1268 i8042prt - ok 04:15:54.0059 1268 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 04:15:54.0111 1268 iaStorV - ok 04:15:54.0427 1268 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 04:15:54.0502 1268 idsvc - ok 04:15:54.0538 1268 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 04:15:54.0563 1268 iirsp - ok 04:15:54.0651 1268 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 04:15:54.0731 1268 IKEEXT - ok 04:15:54.0901 1268 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys 04:15:55.0356 1268 IntcAzAudAddService - ok 04:15:55.0510 1268 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 04:15:55.0549 1268 intelide - ok 04:15:55.0607 1268 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 04:15:55.0649 1268 intelppm - ok 04:15:55.0695 1268 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 04:15:55.0781 1268 IPBusEnum - ok 04:15:55.0839 1268 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 04:15:55.0912 1268 IpFilterDriver - ok 04:15:55.0978 1268 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 04:15:56.0059 1268 iphlpsvc - ok 04:15:56.0112 1268 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 04:15:56.0145 1268 IPMIDRV - ok 04:15:56.0359 1268 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 04:15:56.0432 1268 IPNAT - ok 04:15:56.0478 1268 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 04:15:56.0573 1268 IRENUM - ok 04:15:56.0641 1268 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 04:15:56.0669 1268 isapnp - ok 04:15:56.0730 1268 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 04:15:56.0761 1268 iScsiPrt - ok 04:15:56.0808 1268 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 04:15:56.0824 1268 kbdclass - ok 04:15:56.0876 1268 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 04:15:56.0899 1268 kbdhid - ok 04:15:56.0928 1268 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:15:56.0950 1268 KeyIso - ok 04:15:56.0990 1268 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 04:15:57.0012 1268 KSecDD - ok 04:15:57.0061 1268 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 04:15:57.0089 1268 KSecPkg - ok 04:15:57.0136 1268 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 04:15:57.0371 1268 ksthunk - ok 04:15:57.0432 1268 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 04:15:57.0506 1268 KtmRm - ok 04:15:57.0573 1268 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 04:15:57.0653 1268 LanmanServer - ok 04:15:57.0705 1268 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 04:15:57.0774 1268 LanmanWorkstation - ok 04:15:57.0827 1268 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 04:15:57.0940 1268 lltdio - ok 04:15:57.0990 1268 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 04:15:58.0065 1268 lltdsvc - ok 04:15:58.0094 1268 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 04:15:58.0141 1268 lmhosts - ok 04:15:58.0363 1268 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 04:15:58.0400 1268 LSI_FC - ok 04:15:58.0451 1268 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 04:15:58.0476 1268 LSI_SAS - ok 04:15:58.0525 1268 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 04:15:58.0568 1268 LSI_SAS2 - ok 04:15:58.0621 1268 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 04:15:58.0649 1268 LSI_SCSI - ok 04:15:58.0698 1268 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 04:15:58.0769 1268 luafv - ok 04:15:58.0833 1268 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 04:15:58.0853 1268 MBAMProtector - ok 04:15:58.0998 1268 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 04:15:59.0050 1268 MBAMService - ok 04:15:59.0095 1268 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 04:15:59.0135 1268 Mcx2Svc - ok 04:15:59.0352 1268 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 04:15:59.0410 1268 mdmxsdk - ok 04:15:59.0445 1268 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 04:15:59.0473 1268 megasas - ok 04:15:59.0529 1268 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 04:15:59.0556 1268 MegaSR - ok 04:15:59.0618 1268 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 04:15:59.0677 1268 MMCSS - ok 04:15:59.0708 1268 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 04:15:59.0767 1268 Modem - ok 04:15:59.0825 1268 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 04:15:59.0865 1268 monitor - ok 04:15:59.0920 1268 motmodem (060f0ef84f430802df3788f3dcfd009c) C:\Windows\system32\DRIVERS\motmodem.sys 04:15:59.0978 1268 motmodem - ok 04:16:00.0099 1268 MotoHelper (98a10ac4257a3ba48c9611338544ee49) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 04:16:00.0154 1268 MotoHelper - ok 04:16:00.0375 1268 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 04:16:00.0391 1268 mouclass - ok 04:16:00.0448 1268 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 04:16:00.0483 1268 mouhid - ok 04:16:00.0534 1268 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 04:16:00.0560 1268 mountmgr - ok 04:16:00.0614 1268 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 04:16:00.0673 1268 mpio - ok 04:16:00.0725 1268 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 04:16:00.0784 1268 mpsdrv - ok 04:16:00.0869 1268 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 04:16:00.0958 1268 MpsSvc - ok 04:16:01.0016 1268 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 04:16:01.0077 1268 MRxDAV - ok 04:16:01.0127 1268 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 04:16:01.0354 1268 mrxsmb - ok 04:16:01.0404 1268 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 04:16:01.0468 1268 mrxsmb10 - ok 04:16:01.0509 1268 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 04:16:01.0539 1268 mrxsmb20 - ok 04:16:01.0587 1268 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 04:16:01.0619 1268 msahci - ok 04:16:01.0668 1268 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 04:16:01.0694 1268 msdsm - ok 04:16:01.0735 1268 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 04:16:01.0780 1268 MSDTC - ok 04:16:01.0841 1268 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 04:16:01.0885 1268 Msfs - ok 04:16:01.0934 1268 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 04:16:01.0992 1268 mshidkmdf - ok 04:16:02.0027 1268 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 04:16:02.0044 1268 msisadrv - ok 04:16:02.0117 1268 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 04:16:02.0367 1268 MSiSCSI - ok 04:16:02.0384 1268 msiserver - ok 04:16:02.0432 1268 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 04:16:02.0492 1268 MSKSSRV - ok 04:16:02.0541 1268 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 04:16:02.0594 1268 MSPCLOCK - ok 04:16:02.0632 1268 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 04:16:02.0684 1268 MSPQM - ok 04:16:02.0736 1268 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 04:16:02.0808 1268 MsRPC - ok 04:16:02.0867 1268 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 04:16:02.0881 1268 mssmbios - ok 04:16:02.0964 1268 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 04:16:03.0028 1268 MSTEE - ok 04:16:03.0055 1268 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 04:16:03.0084 1268 MTConfig - ok 04:16:03.0129 1268 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 04:16:03.0145 1268 Mup - ok 04:16:03.0387 1268 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 04:16:03.0469 1268 napagent - ok 04:16:03.0531 1268 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 04:16:03.0582 1268 NativeWifiP - ok 04:16:03.0753 1268 NBService (2637f26312ecceeb6f110e95f1ece243) C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe 04:16:04.0070 1268 NBService ( UnsignedFile.Multi.Generic ) - warning 04:16:04.0070 1268 NBService - detected UnsignedFile.Multi.Generic (1) 04:16:04.0353 1268 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 04:16:04.0408 1268 NDIS - ok 04:16:04.0463 1268 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 04:16:04.0526 1268 NdisCap - ok 04:16:04.0578 1268 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 04:16:04.0655 1268 NdisTapi - ok 04:16:04.0713 1268 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 04:16:04.0788 1268 Ndisuio - ok 04:16:04.0836 1268 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 04:16:04.0906 1268 NdisWan - ok 04:16:04.0945 1268 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 04:16:04.0994 1268 NDProxy - ok 04:16:05.0045 1268 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 04:16:05.0106 1268 NetBIOS - ok 04:16:05.0162 1268 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 04:16:05.0414 1268 NetBT - ok 04:16:05.0450 1268 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:05.0482 1268 Netlogon - ok 04:16:05.0551 1268 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 04:16:05.0625 1268 Netman - ok 04:16:05.0697 1268 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 04:16:05.0780 1268 netprofm - ok 04:16:05.0909 1268 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 04:16:05.0942 1268 NetTcpPortSharing - ok 04:16:05.0981 1268 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 04:16:06.0009 1268 nfrd960 - ok 04:16:06.0085 1268 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 04:16:06.0159 1268 NlaSvc - ok 04:16:06.0371 1268 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 04:16:06.0418 1268 Npfs - ok 04:16:06.0456 1268 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 04:16:06.0517 1268 nsi - ok 04:16:06.0545 1268 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 04:16:06.0605 1268 nsiproxy - ok 04:16:06.0733 1268 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 04:16:06.0811 1268 Ntfs - ok 04:16:06.0950 1268 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 04:16:07.0069 1268 Null - ok 04:16:07.0144 1268 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 04:16:07.0375 1268 NVENETFD - ok 04:16:07.0976 1268 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys 04:16:08.0585 1268 nvlddmkm - ok 04:16:08.0757 1268 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys 04:16:08.0803 1268 NVNET - ok 04:16:08.0848 1268 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 04:16:08.0875 1268 nvraid - ok 04:16:08.0931 1268 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 04:16:08.0948 1268 nvstor - ok 04:16:08.0991 1268 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 04:16:09.0032 1268 nv_agp - ok 04:16:09.0077 1268 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 04:16:09.0109 1268 ohci1394 - ok 04:16:09.0353 1268 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 04:16:09.0431 1268 p2pimsvc - ok 04:16:09.0492 1268 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 04:16:09.0527 1268 p2psvc - ok 04:16:09.0568 1268 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 04:16:09.0607 1268 Parport - ok 04:16:09.0646 1268 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 04:16:09.0663 1268 partmgr - ok 04:16:09.0702 1268 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 04:16:09.0750 1268 PcaSvc - ok 04:16:09.0799 1268 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 04:16:09.0827 1268 pci - ok 04:16:09.0865 1268 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 04:16:09.0885 1268 pciide - ok 04:16:09.0930 1268 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 04:16:09.0964 1268 pcmcia - ok 04:16:09.0990 1268 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 04:16:10.0005 1268 pcw - ok 04:16:10.0075 1268 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 04:16:10.0382 1268 PEAUTH - ok 04:16:10.0491 1268 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 04:16:10.0592 1268 PeerDistSvc - ok 04:16:10.0688 1268 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 04:16:10.0777 1268 PerfHost - ok 04:16:10.0989 1268 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 04:16:11.0093 1268 pla - ok 04:16:11.0163 1268 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 04:16:11.0416 1268 PlugPlay - ok 04:16:11.0466 1268 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 04:16:11.0487 1268 PNRPAutoReg - ok 04:16:11.0536 1268 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 04:16:11.0559 1268 PNRPsvc - ok 04:16:11.0642 1268 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 04:16:11.0670 1268 Point64 - ok 04:16:11.0747 1268 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 04:16:11.0824 1268 PolicyAgent - ok 04:16:11.0886 1268 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 04:16:11.0962 1268 Power - ok 04:16:12.0027 1268 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 04:16:12.0112 1268 PptpMiniport - ok 04:16:12.0157 1268 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 04:16:12.0362 1268 Processor - ok 04:16:12.0418 1268 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 04:16:12.0487 1268 ProfSvc - ok 04:16:12.0528 1268 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:12.0553 1268 ProtectedStorage - ok 04:16:12.0615 1268 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 04:16:12.0678 1268 Psched - ok 04:16:12.0791 1268 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 04:16:12.0863 1268 ql2300 - ok 04:16:12.0994 1268 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 04:16:13.0036 1268 ql40xx - ok 04:16:13.0099 1268 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 04:16:13.0156 1268 QWAVE - ok 04:16:13.0349 1268 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 04:16:13.0475 1268 QWAVEdrv - ok 04:16:13.0522 1268 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 04:16:13.0580 1268 RasAcd - ok 04:16:13.0628 1268 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 04:16:13.0697 1268 RasAgileVpn - ok 04:16:13.0737 1268 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 04:16:13.0827 1268 RasAuto - ok 04:16:13.0887 1268 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 04:16:13.0960 1268 Rasl2tp - ok 04:16:14.0014 1268 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 04:16:14.0095 1268 RasMan - ok 04:16:14.0143 1268 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 04:16:14.0361 1268 RasPppoe - ok 04:16:14.0428 1268 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 04:16:14.0508 1268 RasSstp - ok 04:16:14.0562 1268 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 04:16:14.0634 1268 rdbss - ok 04:16:14.0675 1268 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 04:16:14.0723 1268 rdpbus - ok 04:16:14.0751 1268 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 04:16:14.0833 1268 RDPCDD - ok 04:16:14.0890 1268 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 04:16:14.0970 1268 RDPDR - ok 04:16:15.0020 1268 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 04:16:15.0080 1268 RDPENCDD - ok 04:16:15.0133 1268 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 04:16:15.0352 1268 RDPREFMP - ok 04:16:15.0416 1268 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 04:16:15.0481 1268 RdpVideoMiniport - ok 04:16:15.0528 1268 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 04:16:15.0630 1268 RDPWD - ok 04:16:15.0710 1268 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 04:16:15.0760 1268 rdyboost - ok 04:16:15.0812 1268 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 04:16:15.0883 1268 RemoteAccess - ok 04:16:15.0935 1268 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 04:16:16.0008 1268 RemoteRegistry - ok 04:16:16.0063 1268 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 04:16:16.0125 1268 RpcEptMapper - ok 04:16:16.0165 1268 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 04:16:16.0366 1268 RpcLocator - ok 04:16:16.0438 1268 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 04:16:16.0488 1268 RpcSs - ok 04:16:16.0541 1268 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 04:16:16.0601 1268 rspndr - ok 04:16:16.0648 1268 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 04:16:16.0708 1268 s3cap - ok 04:16:16.0750 1268 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:16.0766 1268 SamSs - ok 04:16:16.0813 1268 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 04:16:16.0833 1268 sbp2port - ok 04:16:16.0876 1268 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 04:16:16.0954 1268 SCardSvr - ok 04:16:16.0991 1268 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 04:16:17.0043 1268 scfilter - ok 04:16:17.0135 1268 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 04:16:17.0430 1268 Schedule - ok 04:16:17.0481 1268 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 04:16:17.0524 1268 SCPolicySvc - ok 04:16:17.0575 1268 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 04:16:17.0629 1268 SDRSVC - ok 04:16:17.0708 1268 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 04:16:17.0770 1268 secdrv - ok 04:16:17.0817 1268 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 04:16:17.0861 1268 seclogon - ok 04:16:17.0907 1268 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 04:16:17.0953 1268 SENS - ok 04:16:17.0983 1268 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 04:16:18.0052 1268 SensrSvc - ok 04:16:18.0085 1268 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 04:16:18.0127 1268 Serenum - ok 04:16:18.0348 1268 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 04:16:18.0389 1268 Serial - ok 04:16:18.0438 1268 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 04:16:18.0488 1268 sermouse - ok 04:16:18.0560 1268 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 04:16:18.0625 1268 SessionEnv - ok 04:16:18.0671 1268 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 04:16:18.0757 1268 sffdisk - ok 04:16:18.0800 1268 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 04:16:18.0862 1268 sffp_mmc - ok 04:16:18.0894 1268 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 04:16:18.0934 1268 sffp_sd - ok 04:16:18.0996 1268 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 04:16:19.0030 1268 sfloppy - ok 04:16:19.0091 1268 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 04:16:19.0376 1268 SharedAccess - ok 04:16:19.0435 1268 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 04:16:19.0506 1268 ShellHWDetection - ok 04:16:19.0553 1268 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 04:16:19.0581 1268 SiSRaid2 - ok 04:16:19.0599 1268 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 04:16:19.0627 1268 SiSRaid4 - ok 04:16:19.0683 1268 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 04:16:19.0806 1268 Smb - ok 04:16:19.0877 1268 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 04:16:19.0922 1268 SNMPTRAP - ok 04:16:19.0948 1268 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 04:16:19.0962 1268 spldr - ok 04:16:20.0030 1268 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 04:16:20.0098 1268 Spooler - ok 04:16:20.0494 1268 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 04:16:20.0709 1268 sppsvc - ok 04:16:20.0808 1268 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 04:16:20.0888 1268 sppuinotify - ok 04:16:20.0996 1268 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 04:16:21.0105 1268 srv - ok 04:16:21.0153 1268 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 04:16:21.0360 1268 srv2 - ok 04:16:21.0412 1268 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 04:16:21.0442 1268 srvnet - ok 04:16:21.0501 1268 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys 04:16:21.0600 1268 ssadbus - ok 04:16:21.0656 1268 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys 04:16:21.0725 1268 ssadmdfl - ok 04:16:21.0781 1268 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys 04:16:21.0823 1268 ssadmdm - ok 04:16:21.0873 1268 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 04:16:21.0956 1268 SSDPSRV - ok 04:16:22.0004 1268 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 04:16:22.0059 1268 SstpSvc - ok 04:16:22.0101 1268 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 04:16:22.0128 1268 stexstor - ok 04:16:22.0372 1268 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 04:16:22.0431 1268 stisvc - ok 04:16:22.0490 1268 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 04:16:22.0505 1268 storflt - ok 04:16:22.0542 1268 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 04:16:22.0557 1268 storvsc - ok 04:16:22.0585 1268 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 04:16:22.0600 1268 swenum - ok 04:16:22.0664 1268 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 04:16:22.0746 1268 swprv - ok 04:16:22.0784 1268 Synth3dVsc - ok 04:16:22.0919 1268 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 04:16:23.0049 1268 SysMain - ok 04:16:23.0410 1268 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 04:16:23.0497 1268 TabletInputService - ok 04:16:23.0554 1268 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 04:16:23.0632 1268 TapiSrv - ok 04:16:23.0679 1268 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 04:16:23.0758 1268 TBS - ok 04:16:23.0919 1268 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 04:16:24.0015 1268 Tcpip - ok 04:16:24.0452 1268 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 04:16:24.0507 1268 TCPIP6 - ok 04:16:24.0646 1268 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 04:16:24.0724 1268 tcpipreg - ok 04:16:24.0767 1268 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 04:16:24.0812 1268 TDPIPE - ok 04:16:24.0852 1268 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 04:16:24.0904 1268 TDTCP - ok 04:16:24.0962 1268 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 04:16:25.0019 1268 tdx - ok 04:16:25.0071 1268 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 04:16:25.0086 1268 TermDD - ok 04:16:25.0164 1268 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 04:16:25.0426 1268 TermService - ok 04:16:25.0466 1268 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 04:16:25.0510 1268 Themes - ok 04:16:25.0556 1268 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 04:16:25.0605 1268 THREADORDER - ok 04:16:25.0675 1268 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 04:16:25.0739 1268 TrkWks - ok 04:16:25.0817 1268 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 04:16:25.0896 1268 TrustedInstaller - ok 04:16:25.0938 1268 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 04:16:26.0006 1268 tssecsrv - ok 04:16:26.0056 1268 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 04:16:26.0097 1268 TsUsbFlt - ok 04:16:26.0112 1268 tsusbhub - ok 04:16:26.0342 1268 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 04:16:26.0406 1268 tunnel - ok 04:16:26.0447 1268 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 04:16:26.0469 1268 uagp35 - ok 04:16:26.0532 1268 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 04:16:26.0608 1268 udfs - ok 04:16:26.0664 1268 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 04:16:26.0699 1268 UI0Detect - ok 04:16:26.0751 1268 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 04:16:26.0768 1268 uliagpkx - ok 04:16:26.0820 1268 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 04:16:26.0853 1268 umbus - ok 04:16:26.0893 1268 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 04:16:26.0935 1268 UmPass - ok 04:16:26.0990 1268 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 04:16:27.0034 1268 UmRdpService - ok 04:16:27.0087 1268 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 04:16:27.0166 1268 upnphost - ok 04:16:27.0402 1268 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 04:16:27.0468 1268 usbccgp - ok 04:16:27.0528 1268 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 04:16:27.0599 1268 usbcir - ok 04:16:27.0643 1268 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 04:16:27.0694 1268 usbehci - ok 04:16:27.0756 1268 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 04:16:27.0792 1268 usbhub - ok 04:16:27.0832 1268 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 04:16:27.0868 1268 usbohci - ok 04:16:27.0920 1268 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 04:16:27.0966 1268 usbprint - ok 04:16:28.0017 1268 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 04:16:28.0082 1268 USBSTOR - ok 04:16:28.0123 1268 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 04:16:28.0166 1268 usbuhci - ok 04:16:28.0468 1268 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 04:16:28.0545 1268 UxSms - ok 04:16:28.0587 1268 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:28.0613 1268 VaultSvc - ok 04:16:28.0673 1268 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 04:16:28.0688 1268 vdrvroot - ok 04:16:28.0756 1268 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 04:16:28.0826 1268 vds - ok 04:16:28.0875 1268 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 04:16:28.0909 1268 vga - ok 04:16:28.0949 1268 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 04:16:29.0013 1268 VgaSave - ok 04:16:29.0041 1268 VGPU - ok 04:16:29.0097 1268 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 04:16:29.0128 1268 vhdmp - ok 04:16:29.0352 1268 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 04:16:29.0375 1268 viaide - ok 04:16:29.0424 1268 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 04:16:29.0453 1268 vmbus - ok 04:16:29.0506 1268 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 04:16:29.0543 1268 VMBusHID - ok 04:16:29.0594 1268 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 04:16:29.0625 1268 volmgr - ok 04:16:29.0673 1268 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 04:16:29.0709 1268 volmgrx - ok 04:16:29.0763 1268 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 04:16:29.0795 1268 volsnap - ok 04:16:29.0834 1268 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 04:16:29.0863 1268 vsmraid - ok 04:16:29.0980 1268 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 04:16:30.0103 1268 VSS - ok 04:16:30.0510 1268 VST64HWBS2 (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS 04:16:30.0593 1268 VST64HWBS2 - ok 04:16:30.0739 1268 VST64_DPV (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 04:16:30.0813 1268 VST64_DPV - ok 04:16:30.0949 1268 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 04:16:30.0986 1268 vwifibus - ok 04:16:31.0043 1268 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 04:16:31.0108 1268 W32Time - ok 04:16:31.0156 1268 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 04:16:31.0422 1268 WacomPen - ok 04:16:31.0488 1268 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 04:16:31.0558 1268 WANARP - ok 04:16:31.0581 1268 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 04:16:31.0629 1268 Wanarpv6 - ok 04:16:31.0736 1268 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 04:16:31.0874 1268 WatAdminSvc - ok 04:16:31.0993 1268 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 04:16:32.0085 1268 wbengine - ok 04:16:32.0365 1268 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 04:16:32.0403 1268 WbioSrvc - ok 04:16:32.0462 1268 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 04:16:32.0577 1268 wcncsvc - ok 04:16:32.0627 1268 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 04:16:32.0660 1268 WcsPlugInService - ok 04:16:32.0722 1268 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 04:16:32.0737 1268 Wd - ok 04:16:32.0795 1268 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 04:16:32.0841 1268 Wdf01000 - ok 04:16:32.0877 1268 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 04:16:32.0993 1268 WdiServiceHost - ok 04:16:33.0015 1268 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 04:16:33.0053 1268 WdiSystemHost - ok 04:16:33.0112 1268 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 04:16:33.0342 1268 WebClient - ok 04:16:33.0395 1268 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 04:16:33.0465 1268 Wecsvc - ok 04:16:33.0517 1268 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 04:16:33.0585 1268 wercplsupport - ok 04:16:33.0638 1268 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 04:16:33.0696 1268 WerSvc - ok 04:16:33.0833 1268 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 04:16:33.0911 1268 WfpLwf - ok 04:16:33.0974 1268 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 04:16:34.0002 1268 WIMMount - ok 04:16:34.0071 1268 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 04:16:34.0149 1268 winachsf - ok 04:16:34.0379 1268 WinDefend - ok 04:16:34.0402 1268 WinHttpAutoProxySvc - ok 04:16:34.0484 1268 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 04:16:34.0641 1268 Winmgmt - ok 04:16:34.0776 1268 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 04:16:35.0138 1268 WinRM - ok 04:16:35.0731 1268 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 04:16:35.0778 1268 WinUSB - ok 04:16:35.0856 1268 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 04:16:35.0932 1268 Wlansvc - ok 04:16:35.0974 1268 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 04:16:36.0027 1268 WmiAcpi - ok 04:16:36.0114 1268 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 04:16:36.0166 1268 wmiApSrv - ok 04:16:36.0404 1268 WMPNetworkSvc - ok 04:16:36.0548 1268 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe 04:16:36.0625 1268 WMZuneComm - ok 04:16:36.0675 1268 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 04:16:36.0713 1268 WPCSvc - ok 04:16:36.0760 1268 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 04:16:36.0819 1268 WPDBusEnum - ok 04:16:36.0865 1268 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 04:16:36.0929 1268 ws2ifsl - ok 04:16:36.0970 1268 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 04:16:37.0028 1268 wscsvc - ok 04:16:37.0042 1268 WSearch - ok 04:16:37.0369 1268 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 04:16:37.0536 1268 wuauserv - ok 04:16:37.0662 1268 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 04:16:37.0724 1268 WudfPf - ok 04:16:37.0785 1268 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 04:16:37.0844 1268 WUDFRd - ok 04:16:37.0897 1268 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 04:16:37.0946 1268 wudfsvc - ok 04:16:37.0999 1268 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 04:16:38.0053 1268 WwanSvc - ok 04:16:38.0098 1268 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 04:16:38.0136 1268 XAudio - ok 04:16:38.0787 1268 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe 04:16:39.0125 1268 ZuneNetworkSvc - ok 04:16:39.0418 1268 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 04:16:39.0454 1268 ZuneWlanCfgSvc - ok 04:16:39.0512 1268 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 04:16:39.0637 1268 \Device\Harddisk0\DR0 - ok 04:16:39.0667 1268 Boot (0x1200) (e376c8c4ab5392a4ccea97eea69739cf) \Device\Harddisk0\DR0\Partition0 04:16:39.0668 1268 \Device\Harddisk0\DR0\Partition0 - ok 04:16:39.0718 1268 Boot (0x1200) (07a77afee5dcb272c2e01dd6548c5938) \Device\Harddisk0\DR0\Partition1 04:16:39.0719 1268 \Device\Harddisk0\DR0\Partition1 - ok 04:16:39.0725 1268 ============================================================ 04:16:39.0725 1268 Scan finished 04:16:39.0725 1268 ============================================================ 04:16:39.0751 3944 Detected object count: 1 04:16:39.0751 3944 Actual detected object count: 1 04:18:38.0917 3944 NBService ( UnsignedFile.Multi.Generic ) - skipped by user 04:18:38.0917 3944 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip 04:19:52.0035 1132 Deinitialize success
  13. PaperBoy68
    Actually, I'm still getting the Pop-ups from "axview".
  14. PaperBoy68
    It turns out that I still have this problem. After all the help I received on this forum, and all the scans and logs, the pop-up returned an hour after I finished. I am trying a couple of different rootkit removal programs. If I have any success or learn any thing else about this problem, I'll post back here to let everyone know. If anyone else has any info about these pop-ups I would love to hear from you. Thank You PB68
  15. PaperBoy68
    Can I delete the RK Quarantined registry entrys?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.