Jump to content

PaperBoy68

Honorary Members
 View Profile  See their activity

  • Posts

    23

  • Joined

  • Last visited

 Content Type 

Everything posted by PaperBoy68

  1. PaperBoy68
    Found the correct folder but those two log files are the only ones in it.
  2. PaperBoy68
    I've run all scans and attached results. About the protection logs, they aren't where they are supposed to be. I can't find the Aplication Data folder at all. Thats where MBAM says they're stored but i can't find them. All I can find are the logs in the program interface. Something id definitely wrong. Everytime I try to close MBAM it freezes and stops responding. I have to end it with task mngr. CheckResults.txt dds.txt attach.txt protection-log-2013-03-10.txt protection-log-2013-03-11.txt
  3. PaperBoy68
    here are some protection logs. 2013/03/11 16:06:50 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85 2013/03/11 16:11:08 -0500 EMACHINELAPTOP Scott MESSAGE Starting IP protection 2013/03/11 16:11:08 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85 2013/03/11 16:14:28 -0500 EMACHINELAPTOP Scott MESSAGE Starting IP protection 2013/03/11 16:14:28 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85 2013/03/11 16:14:38 -0500 EMACHINELAPTOP Scott MESSAGE Starting IP protection 2013/03/11 16:14:38 -0500 EMACHINELAPTOP Scott ERROR IP protection failed: PfMakeLog failed with error code 85
  4. PaperBoy68
    I entered all the exceptions you suggested but it didn't fix the problem. I've run numerous scans with MBAM and MBAR, I even uninstalled and reinstalled Malwarebytes Pro, but the same thing keeps happening. When I start Windows MBAM starts normally, with all protections in place. Within a few minutes the malicious website blocker turns off and can't be turned back on. When you try to check the box nothing happens. Please advise. Thank you
  5. PaperBoy68
    For some reason I can't get the protection mode in MBAM to stay on. It will come on when I start Windows but in a few minutes, the maliciuos webpage blocker is unchecked and can't be rechecked. I know that I had to go in and make cetain exceptions when I was running Avast AV. Could there be a compatability issue with ESET Nod32 AV 4.2 ? My OS is Win xp pro SP3 , I'm using MBAM Pro 1.7 What could be causing this? Thanks in advance (PB)
  6. PaperBoy68
    Have followed through with all recomendations. System seems to be running better. Hasn't frozen since. Will check back if any more problems occur. Thank you so much for your assistance. It is very much apprieciated. Have a Merry Christmas & A Happy New Year!
  7. PaperBoy68
    Here are the dds logs: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37 Run by Scott at 9:32:13 on 2012-11-24 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.207 [GMT -6:00] . AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: AVG Firewall *Disabled* . ============== Running Processes ================ . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uLocal Page = \blank.htm uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1321955101078 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342642089984 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab TCP: NameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces\{0807342D-7035-4ECF-8F78-1971866BB6A2} : DHCPNameServer = 192.168.0.1 205.171.3.25 Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\scott\application data\mozilla\firefox\profiles\dulce39n.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - component: c:\program files\avg\avg2012\firefox\components\avgssff.dll FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - ExtSQL: 2012-11-02 10:30; wrc@avast.com; c:\program files\avast software\avast\webrep\FF FF - ExtSQL: 2012-11-08 20:14; {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} FF - ExtSQL: 2012-11-09 12:39; jqs@sun.com; c:\program files\java\jre6\lib\deploy\jqs\ff FF - ExtSQL: 2012-11-09 12:40; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-2 738504] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-2 361032] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-2 21256] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-2 44808] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-2 399432] R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2005-7-27 14080] R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2005-7-27 36352] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-24 40776] R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2005-7-27 77056] R4 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-2 22856] S3 HSFHWVIA;HSFHWVIA;c:\windows\system32\drivers\HSFHWVIA.sys [2006-7-9 193152] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-11-16 35144] . =============== Created Last 30 ================ . 2012-11-24 15:23:48 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-11-16 20:26:54 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-11-09 18:40:03 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-11-09 02:14:24 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-11-06 19:54:41 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-11-06 19:54:41 -------- d-----w- c:\windows\system32\wbem\Repository 2012-11-02 23:52:49 -------- d-----w- c:\documents and settings\scott\local settings\application data\Sun 2012-11-02 20:06:32 -------- d-----w- c:\documents and settings\scott\application data\vlc(2) 2012-11-02 19:43:03 -------- d-----w- c:\program files\common files\Adobe(2) 2012-11-02 19:43:03 -------- d-----w- c:\program files\Adobe(2) 2012-11-02 19:21:36 -------- d-----w- c:\program files\common files\Java(2) 2012-11-02 15:45:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-02 15:45:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-02 15:30:53 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-11-02 15:29:12 41224 ----a-w- c:\windows\avastSS.scr 2012-11-02 15:28:25 -------- d-----w- c:\program files\AVAST Software 2012-11-02 15:28:25 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2012-11-02 01:44:57 -------- d-----w- c:\windows\system32\drivers\AVG 2012-11-02 01:44:57 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2012-11-02 01:44:49 -------- d-----w- c:\program files\ESET(2) 2012-11-02 01:44:49 -------- d-----w- c:\program files\ESET 2012-11-02 01:44:48 -------- d-----w- c:\documents and settings\all users\application data\ESET(2) 2012-11-02 01:44:47 -------- d-----w- c:\documents and settings\all users\application data\Norton . ==================== Find3M ==================== . 2012-11-09 18:39:37 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-11-02 18:56:28 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-02 18:56:28 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec . ============= FINISH: 9:33:20.40 =============== Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 7/9/2006 12:44:38 PM System Uptime: 11/24/2012 9:12:11 AM (0 hours ago) . Motherboard: eMachine | | Shadow-K8 Processor: Mobile AMD Athlon 64 Processor 3400+ | Socket 754 | 2205/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 75 GiB total, 45.962 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: VIA Rhine II Fast Ethernet Adapter Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_01021106&REV_74\3&61AAA01&0&90 Manufacturer: VIA Technologies, Inc. Name: VIA Rhine II Fast Ethernet Adapter PNP Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_01021106&REV_74\3&61AAA01&0&90 Service: FET5X86V . ==== System Restore Points =================== . RP59: 1/27/2012 4:10:08 PM - Software Distribution Service 3.0 RP60: 2/15/2012 10:04:27 AM - Software Distribution Service 3.0 RP61: 2/15/2012 6:50:43 PM - Software Distribution Service 3.0 RP62: 3/14/2012 9:34:10 AM - Software Distribution Service 3.0 RP63: 3/30/2012 6:21:17 PM - System Checkpoint RP64: 4/17/2012 2:04:14 PM - Software Distribution Service 3.0 RP65: 5/18/2012 7:52:27 PM - Software Distribution Service 3.0 RP66: 6/19/2012 2:34:55 PM - Software Distribution Service 3.0 RP67: 6/19/2012 3:11:41 PM - Removed ESET NOD32 Antivirus RP68: 6/19/2012 3:12:35 PM - Installed ESET NOD32 Antivirus RP69: 6/19/2012 3:57:33 PM - Restore Operation RP70: 6/19/2012 4:18:17 PM - Removed ESET NOD32 Antivirus RP71: 6/19/2012 4:47:36 PM - No Antivirus RP72: 7/18/2012 1:50:21 PM - Software Distribution Service 3.0 RP73: 7/18/2012 2:17:20 PM - Restore Operation RP74: 7/18/2012 2:58:00 PM - Software Distribution Service 3.0 RP75: 7/18/2012 3:12:04 PM - Software Distribution Service 3.0 RP76: 7/18/2012 3:18:57 PM - No Ativirus, Windows Updated RP77: 7/18/2012 4:27:47 PM - Configured Driver Detective RP78: 11/1/2012 8:43:53 PM - Restore Operation RP79: 11/1/2012 9:15:14 PM - Configured Driver Detective RP80: 11/1/2012 10:08:29 PM - Before Avast A/V Install RP81: 11/2/2012 9:50:05 AM - Software Distribution Service 3.0 RP82: 11/2/2012 10:22:32 AM - updated windows. No A/V RP83: 11/2/2012 10:28:25 AM - avast! Free Antivirus Setup RP84: 11/2/2012 11:13:34 AM - Removed QuickTime RP85: 11/2/2012 2:01:11 PM - Removed Java 6 Update 11 RP86: 11/2/2012 2:18:01 PM - Installed Java 7 Update 9 RP87: 11/2/2012 3:22:27 PM - All updates installed. Running stable RP88: 11/5/2012 5:59:37 PM - System Checkpoint RP89: 11/6/2012 1:11:27 PM - Restore Operation RP90: 11/6/2012 1:44:17 PM - Restore Operation RP91: 11/8/2012 8:04:43 PM - Uninstalled MP3 rocket RP92: 11/9/2012 12:38:32 PM - Installed Java 6 Update 37 RP93: 11/10/2012 9:39:24 AM - Before graphics update RP94: 11/12/2012 10:51:29 AM - System Checkpoint RP95: 11/13/2012 9:48:37 PM - Software Distribution Service 3.0 RP96: 11/16/2012 2:53:26 PM - run fix damage mbar RP97: 11/21/2012 9:17:09 PM - System Checkpoint . ==== Installed Programs ====================== . Actiontec Gateway Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 8.1.3 Adobe Shockwave Player 11 ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver AusLogics Disk Defrag avast! Free Antivirus Broadcom 802.11 Network Adapter Bubble Shooter Deluxe CCleaner Creative WebCam Monitor Creative WebCam NX Driver (1.00.08.0514) Digital Media Reader G-Force Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB981793) Java Auto Updater Java 6 Update 37 Java SE Runtime Environment 6 Update 1 Lexmark Z600 Series LightScribe 1.4.119.1 Malwarebytes Anti-Malware version 1.65.1.1000 MathPlayer Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Motorola SM56 Speakerphone Modem Mozilla Firefox 11.0 (x86 en-US) MP3 Rocket MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) neroxml PC Pitstop Optimize 1.5 Platform QuickConnect Qwest eChat Support Tools Realtek AC'97 Audio Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847-v2) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB913433) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) SoftK56 Data Fax CARP Synaptics Pointing Device Driver ubCore Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2345886) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC 9.0 Runtime VIA Platform Device Manager VIA Rhine-Family Fast-Ethernet Adapter VLC media player 2.0.4 WebFldrs XP WhiteCap Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live installer Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Player 11 Windows PowerShell 1.0 Windows XP Service Pack 3 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 11/21/2012 7:37:51 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avast! Antivirus service. 11/21/2012 6:08:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect. 11/21/2012 6:08:44 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== All exceptions for MBAM have recently been added to Avast a/v
  8. PaperBoy68
    Laptop W/ xp professional sp3 x 64bit. System starts slow, runs slow, freezes frequently, scr saver stopped working, I have run multiple scans w/ MBAM, Avast AV, TDSkiller, Norton Power eraser, MBAR Beta, nothing found. Cant support 2 monitors. Second monitor lags. I'm out of leads. Is it time to reinstal OS? Please advise. Thank You...
  9. PaperBoy68
    The pop-up's have disappeared. The webcam gadget was the culprit. Thanks again for all the help. It is very much appreciated.
  10. PaperBoy68
    I do have the "World wide webcam" gadget on my "I Google" home page. I will remove this gadget and see what happens... Thanks for the tip!!
  11. PaperBoy68
    Here is the ComboFix log: ComboFix 12-04-28.01 - Scott 04/28/2012 6:43.2.1 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1471.798 [GMT -5:00] Running from: c:\users\Scott\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\SysWow64\bdaplgin.ax c:\windows\SysWow64\cero.rs c:\windows\SysWow64\csrr.rs c:\windows\SysWow64\esrb.rs c:\windows\SysWow64\g711codc.ax c:\windows\SysWow64\grb.rs c:\windows\SysWow64\iac25_32.ax c:\windows\SysWow64\ir41_32.ax c:\windows\SysWow64\ivfsrc.ax c:\windows\SysWow64\ksproxy.ax c:\windows\SysWow64\kstvtune.ax c:\windows\SysWow64\Kswdmcap.ax c:\windows\SysWow64\ksxbar.ax c:\windows\SysWow64\Mpeg2Data.ax c:\windows\SysWow64\mpg2splt.ax c:\windows\SysWow64\MSDvbNP.ax c:\windows\SysWow64\MSNP.ax c:\windows\SysWow64\oflc.rs c:\windows\SysWow64\pegi-fi.rs c:\windows\SysWow64\pegi-pt.rs c:\windows\SysWow64\pegi.rs c:\windows\SysWow64\pegibbfc.rs c:\windows\SysWow64\psisrndr.ax c:\windows\SysWow64\usk.rs c:\windows\SysWow64\VBICodec.ax c:\windows\SysWow64\vbisurf.ax c:\windows\SysWow64\vidcap.ax c:\windows\SysWow64\WEB.rs c:\windows\SysWow64\WSTPager.ax . . ((((((((((((((((((((((((( Files Created from 2012-03-28 to 2012-04-28 ))))))))))))))))))))))))))))))) . . 2012-04-28 11:50 . 2012-04-28 11:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-26 11:57 . 2012-04-26 11:57 -------- d-----w- c:\users\Scott\AppData\Roaming\AVG2012 2012-04-26 11:57 . 2012-04-26 11:57 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-04-26 11:55 . 2012-04-28 11:14 -------- d-----w- c:\programdata\AVG2012 2012-04-26 11:55 . 2012-04-28 09:04 -------- d-----w- c:\windows\system32\drivers\AVG 2012-04-26 11:55 . 2012-04-26 11:55 -------- d-----w- C:\$AVG 2012-04-26 02:30 . 2012-04-28 10:58 -------- d-----w- c:\users\Scott\AppData\Local\NPE 2012-04-26 02:30 . 2012-04-26 02:30 -------- d-----w- c:\programdata\Norton 2012-04-25 01:12 . 2012-04-25 01:12 -------- d-----w- C:\TDSSKiller_Quarantine 2012-04-21 12:55 . 2012-04-21 12:55 -------- d-----w- c:\users\Scott\AppData\Local\ElevatedDiagnostics 2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-04-15 09:50 . 2012-04-15 09:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-04-12 08:36 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-12 08:36 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-04-12 08:36 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-04-12 08:35 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-12 08:35 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-12 08:35 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-12 08:35 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-12 08:35 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-12 08:35 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-12 08:35 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-11 13:24 . 2012-04-11 13:24 -------- d-----w- c:\users\Scott\AppData\Local\Apps 2012-04-11 13:21 . 2012-04-11 13:21 -------- d-----w- c:\users\Scott\AppData\Roaming\FastStone 2012-04-11 13:20 . 2012-04-11 13:20 -------- d-----w- c:\program files (x86)\FastStone Image Viewer 2012-03-31 08:21 . 2012-03-31 08:21 -------- d-----w- c:\users\Sherry . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-15 09:50 . 2011-11-24 16:33 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-04-04 20:56 . 2011-11-26 22:23 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-19 10:17 . 2012-03-19 10:17 383808 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-02-22 10:25 . 2012-02-22 10:25 289872 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-02-20 15:16 . 2011-11-26 22:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-02-17 06:38 . 2012-03-14 10:48 1112064 ----a-w- c:\windows\system32\rdpcorets.dll 2012-02-17 06:38 . 2012-03-14 10:48 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-14 10:48 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-14 10:48 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-14 10:48 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-16 11:53 . 2012-02-16 11:53 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-02-16 11:53 . 2012-02-16 11:53 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-02-16 11:53 . 2012-02-16 11:53 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-02-16 11:53 . 2012-02-16 11:53 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-02-10 06:36 . 2012-03-14 10:49 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:38 . 2012-03-14 10:49 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-03 04:34 . 2012-03-14 10:49 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-01-31 09:46 . 2012-01-31 09:46 36944 ----a-w- c:\windows\system32\drivers\avgrkx64.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nero PhotoShow Media Manager"="c:\progra~2\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe" [2006-05-10 249856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 VST64_DPV;VST64_DPV;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 VST64HWBS2;VST64HWBS2;c:\windows\system32\DRIVERS\VSTBS26.SYS [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-03-23 2321520] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-04-08 5158992] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-08-10 227184] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [x] S3 CAXHWBS2;CAXHWBS2;c:\windows\system32\DRIVERS\CAXHWBS2.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 09:50] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files (x86)\AVG\AVG2012\avgdtiex.dll TCP: DhcpNameServer = 192.168.0.1 205.171.3.25 FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\p64mlj5p.default\ FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\UninstFl.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3651193171-666663103-883258570-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe . ************************************************************************** . Completion time: 2012-04-28 07:00:15 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-28 12:00 . Pre-Run: 85,681,127,424 bytes free Post-Run: 85,347,999,744 bytes free . - - End Of File - - 58299BF72F6DD973B702F9DEB1C580EC
  12. PaperBoy68
    Here is the latest TDSSKiller log: (Only one Unsigned file found) 04:14:34.0816 2844 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43 04:14:36.0826 2844 ============================================================ 04:14:36.0826 2844 Current date / time: 2012/04/28 04:14:36.0826 04:14:36.0826 2844 SystemInfo: 04:14:36.0826 2844 04:14:36.0826 2844 OS Version: 6.1.7601 ServicePack: 1.0 04:14:36.0826 2844 Product type: Workstation 04:14:36.0826 2844 ComputerName: SCOTT-PC 04:14:36.0831 2844 UserName: Scott 04:14:36.0831 2844 Windows directory: C:\Windows 04:14:36.0831 2844 System windows directory: C:\Windows 04:14:36.0831 2844 Running under WOW64 04:14:36.0831 2844 Processor architecture: Intel x64 04:14:36.0831 2844 Number of processors: 1 04:14:36.0831 2844 Page size: 0x1000 04:14:36.0831 2844 Boot type: Normal boot 04:14:36.0831 2844 ============================================================ 04:14:38.0898 2844 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 04:14:38.0982 2844 ============================================================ 04:14:38.0982 2844 \Device\Harddisk0\DR0: 04:14:38.0990 2844 MBR partitions: 04:14:38.0990 2844 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCF2A6B1 04:14:38.0990 2844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0xCF2E200, BlocksNum 0x1065210 04:14:38.0990 2844 ============================================================ 04:14:39.0010 2844 C: <-> \Device\Harddisk0\DR0\Partition0 04:14:39.0038 2844 D: <-> \Device\Harddisk0\DR0\Partition1 04:14:39.0079 2844 ============================================================ 04:14:39.0080 2844 Initialize success 04:14:39.0080 2844 ============================================================ 04:15:31.0098 1268 ============================================================ 04:15:31.0098 1268 Scan started 04:15:31.0098 1268 Mode: Manual; SigCheck; TDLFS; 04:15:31.0098 1268 ============================================================ 04:15:32.0142 1268 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 04:15:32.0664 1268 1394ohci - ok 04:15:32.0732 1268 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 04:15:32.0760 1268 ACPI - ok 04:15:32.0803 1268 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 04:15:32.0916 1268 AcpiPmi - ok 04:15:33.0036 1268 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 04:15:33.0068 1268 AdobeARMservice - ok 04:15:33.0421 1268 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 04:15:33.0510 1268 AdobeFlashPlayerUpdateSvc - ok 04:15:33.0606 1268 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 04:15:33.0685 1268 adp94xx - ok 04:15:33.0750 1268 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 04:15:33.0784 1268 adpahci - ok 04:15:33.0846 1268 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 04:15:33.0873 1268 adpu320 - ok 04:15:33.0916 1268 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 04:15:34.0055 1268 AeLookupSvc - ok 04:15:34.0138 1268 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 04:15:34.0433 1268 AFD - ok 04:15:34.0528 1268 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 04:15:34.0563 1268 agp440 - ok 04:15:34.0648 1268 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 04:15:34.0692 1268 ALG - ok 04:15:34.0747 1268 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 04:15:34.0762 1268 aliide - ok 04:15:34.0819 1268 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 04:15:34.0846 1268 amdide - ok 04:15:34.0918 1268 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 04:15:35.0000 1268 AmdK8 - ok 04:15:35.0047 1268 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 04:15:35.0107 1268 AmdPPM - ok 04:15:35.0160 1268 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 04:15:35.0360 1268 amdsata - ok 04:15:35.0425 1268 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 04:15:35.0472 1268 amdsbs - ok 04:15:35.0518 1268 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 04:15:35.0545 1268 amdxata - ok 04:15:35.0595 1268 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys 04:15:35.0759 1268 androidusb - ok 04:15:35.0823 1268 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 04:15:36.0041 1268 AppID - ok 04:15:36.0092 1268 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 04:15:36.0163 1268 AppIDSvc - ok 04:15:36.0399 1268 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 04:15:36.0454 1268 Appinfo - ok 04:15:36.0505 1268 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 04:15:36.0581 1268 AppMgmt - ok 04:15:36.0651 1268 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 04:15:36.0708 1268 arc - ok 04:15:36.0767 1268 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 04:15:36.0788 1268 arcsas - ok 04:15:36.0828 1268 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 04:15:36.0903 1268 AsyncMac - ok 04:15:36.0948 1268 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 04:15:36.0965 1268 atapi - ok 04:15:37.0058 1268 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 04:15:37.0151 1268 AudioEndpointBuilder - ok 04:15:37.0355 1268 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 04:15:37.0407 1268 AudioSrv - ok 04:15:37.0495 1268 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys 04:15:37.0507 1268 Avgfwfd - ok 04:15:37.0803 1268 avgfws (3f246752bc1309f71a737c6a90dd5295) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe 04:15:37.0918 1268 avgfws - ok 04:15:38.0521 1268 AVGIDSAgent (2fa777badbb92b29fbd2f3d3d382ef96) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe 04:15:38.0757 1268 AVGIDSAgent - ok 04:15:38.0927 1268 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys 04:15:38.0971 1268 AVGIDSDriver - ok 04:15:39.0029 1268 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys 04:15:39.0043 1268 AVGIDSFilter - ok 04:15:39.0110 1268 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys 04:15:39.0141 1268 AVGIDSHA - ok 04:15:39.0398 1268 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys 04:15:39.0430 1268 Avgldx64 - ok 04:15:39.0488 1268 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys 04:15:39.0505 1268 Avgmfx64 - ok 04:15:39.0571 1268 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys 04:15:39.0598 1268 Avgrkx64 - ok 04:15:39.0675 1268 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys 04:15:39.0714 1268 Avgtdia - ok 04:15:39.0874 1268 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 04:15:39.0890 1268 avgwd - ok 04:15:39.0951 1268 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 04:15:40.0071 1268 AxInstSV - ok 04:15:40.0155 1268 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 04:15:40.0398 1268 b06bdrv - ok 04:15:40.0463 1268 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 04:15:40.0516 1268 b57nd60a - ok 04:15:40.0586 1268 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 04:15:40.0655 1268 BDESVC - ok 04:15:40.0708 1268 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 04:15:40.0761 1268 Beep - ok 04:15:40.0849 1268 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 04:15:40.0925 1268 BFE - ok 04:15:41.0018 1268 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 04:15:41.0118 1268 BITS - ok 04:15:41.0365 1268 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 04:15:41.0409 1268 blbdrive - ok 04:15:41.0449 1268 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 04:15:41.0534 1268 bowser - ok 04:15:41.0586 1268 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 04:15:41.0692 1268 BrFiltLo - ok 04:15:41.0728 1268 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 04:15:41.0782 1268 BrFiltUp - ok 04:15:41.0825 1268 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 04:15:41.0883 1268 BridgeMP - ok 04:15:41.0927 1268 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 04:15:42.0001 1268 Browser - ok 04:15:42.0051 1268 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 04:15:42.0120 1268 Brserid - ok 04:15:42.0160 1268 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 04:15:42.0374 1268 BrSerWdm - ok 04:15:42.0411 1268 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 04:15:42.0447 1268 BrUsbMdm - ok 04:15:42.0485 1268 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 04:15:42.0540 1268 BrUsbSer - ok 04:15:42.0583 1268 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 04:15:42.0616 1268 BTHMODEM - ok 04:15:42.0678 1268 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 04:15:42.0770 1268 bthserv - ok 04:15:42.0854 1268 CAXHWBS2 (46f088d1247e825b313200254edd9e5b) C:\Windows\system32\DRIVERS\CAXHWBS2.sys 04:15:42.0922 1268 CAXHWBS2 - ok 04:15:42.0977 1268 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 04:15:43.0044 1268 cdfs - ok 04:15:43.0108 1268 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 04:15:43.0152 1268 cdrom - ok 04:15:43.0403 1268 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 04:15:43.0463 1268 CertPropSvc - ok 04:15:43.0502 1268 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 04:15:43.0545 1268 circlass - ok 04:15:43.0600 1268 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 04:15:43.0636 1268 CLFS - ok 04:15:43.0744 1268 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 04:15:43.0828 1268 clr_optimization_v2.0.50727_32 - ok 04:15:43.0912 1268 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 04:15:43.0960 1268 clr_optimization_v2.0.50727_64 - ok 04:15:44.0048 1268 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 04:15:44.0152 1268 clr_optimization_v4.0.30319_32 - ok 04:15:44.0408 1268 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 04:15:44.0468 1268 clr_optimization_v4.0.30319_64 - ok 04:15:44.0525 1268 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 04:15:44.0581 1268 CmBatt - ok 04:15:44.0624 1268 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 04:15:44.0653 1268 cmdide - ok 04:15:44.0717 1268 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 04:15:44.0827 1268 CNG - ok 04:15:44.0864 1268 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 04:15:44.0880 1268 Compbatt - ok 04:15:44.0933 1268 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 04:15:44.0969 1268 CompositeBus - ok 04:15:44.0996 1268 COMSysApp - ok 04:15:45.0039 1268 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 04:15:45.0064 1268 crcdisk - ok 04:15:45.0139 1268 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 04:15:45.0411 1268 CryptSvc - ok 04:15:45.0476 1268 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 04:15:45.0550 1268 CSC - ok 04:15:45.0647 1268 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 04:15:45.0719 1268 CscService - ok 04:15:45.0784 1268 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 04:15:45.0802 1268 dc3d - ok 04:15:45.0892 1268 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 04:15:45.0969 1268 DcomLaunch - ok 04:15:46.0019 1268 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 04:15:46.0091 1268 defragsvc - ok 04:15:46.0160 1268 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 04:15:46.0395 1268 DfsC - ok 04:15:46.0478 1268 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 04:15:46.0578 1268 Dhcp - ok 04:15:46.0625 1268 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 04:15:46.0685 1268 discache - ok 04:15:46.0734 1268 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 04:15:46.0750 1268 Disk - ok 04:15:46.0795 1268 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 04:15:46.0865 1268 Dnscache - ok 04:15:46.0906 1268 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 04:15:46.0977 1268 dot3svc - ok 04:15:47.0032 1268 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 04:15:47.0102 1268 DPS - ok 04:15:47.0159 1268 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 04:15:47.0368 1268 drmkaud - ok 04:15:47.0456 1268 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 04:15:47.0513 1268 DXGKrnl - ok 04:15:47.0554 1268 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 04:15:47.0639 1268 EapHost - ok 04:15:47.0826 1268 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 04:15:47.0978 1268 ebdrv - ok 04:15:48.0088 1268 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 04:15:48.0348 1268 EFS - ok 04:15:48.0443 1268 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 04:15:48.0530 1268 ehRecvr - ok 04:15:48.0570 1268 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 04:15:48.0674 1268 ehSched - ok 04:15:48.0786 1268 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 04:15:48.0823 1268 elxstor - ok 04:15:48.0864 1268 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 04:15:48.0907 1268 ErrDev - ok 04:15:48.0987 1268 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 04:15:49.0060 1268 EventSystem - ok 04:15:49.0104 1268 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 04:15:49.0165 1268 exfat - ok 04:15:49.0396 1268 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 04:15:49.0471 1268 fastfat - ok 04:15:49.0558 1268 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 04:15:49.0652 1268 Fax - ok 04:15:49.0697 1268 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 04:15:49.0779 1268 fdc - ok 04:15:49.0834 1268 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 04:15:49.0920 1268 fdPHost - ok 04:15:49.0969 1268 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 04:15:50.0032 1268 FDResPub - ok 04:15:50.0073 1268 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 04:15:50.0092 1268 FileInfo - ok 04:15:50.0120 1268 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 04:15:50.0369 1268 Filetrace - ok 04:15:50.0401 1268 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 04:15:50.0418 1268 flpydisk - ok 04:15:50.0485 1268 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 04:15:50.0511 1268 FltMgr - ok 04:15:50.0610 1268 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 04:15:50.0748 1268 FontCache - ok 04:15:50.0862 1268 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 04:15:50.0900 1268 FontCache3.0.0.0 - ok 04:15:50.0963 1268 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 04:15:50.0982 1268 FsDepends - ok 04:15:51.0031 1268 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 04:15:51.0045 1268 Fs_Rec - ok 04:15:51.0111 1268 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 04:15:51.0142 1268 fvevol - ok 04:15:51.0359 1268 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 04:15:51.0398 1268 gagp30kx - ok 04:15:51.0468 1268 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 04:15:51.0559 1268 gpsvc - ok 04:15:51.0595 1268 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 04:15:51.0665 1268 hcw85cir - ok 04:15:51.0734 1268 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 04:15:51.0786 1268 HdAudAddService - ok 04:15:51.0834 1268 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 04:15:51.0869 1268 HDAudBus - ok 04:15:51.0912 1268 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 04:15:51.0958 1268 HidBatt - ok 04:15:51.0995 1268 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 04:15:52.0041 1268 HidBth - ok 04:15:52.0087 1268 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 04:15:52.0132 1268 HidIr - ok 04:15:52.0346 1268 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 04:15:52.0414 1268 hidserv - ok 04:15:52.0486 1268 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 04:15:52.0505 1268 HidUsb - ok 04:15:52.0553 1268 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 04:15:52.0630 1268 hkmsvc - ok 04:15:52.0690 1268 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 04:15:52.0762 1268 HomeGroupListener - ok 04:15:52.0818 1268 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 04:15:52.0876 1268 HomeGroupProvider - ok 04:15:52.0927 1268 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 04:15:52.0943 1268 HpSAMD - ok 04:15:53.0042 1268 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll 04:15:53.0108 1268 HsfXAudioService - ok 04:15:53.0410 1268 HSF_DP (64667d9808fd09fabedccf62e8f52662) C:\Windows\system32\DRIVERS\CAX_DP.sys 04:15:53.0547 1268 HSF_DP - ok 04:15:53.0714 1268 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 04:15:53.0805 1268 HTTP - ok 04:15:53.0850 1268 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 04:15:53.0865 1268 hwpolicy - ok 04:15:53.0937 1268 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 04:15:53.0984 1268 i8042prt - ok 04:15:54.0059 1268 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 04:15:54.0111 1268 iaStorV - ok 04:15:54.0427 1268 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 04:15:54.0502 1268 idsvc - ok 04:15:54.0538 1268 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 04:15:54.0563 1268 iirsp - ok 04:15:54.0651 1268 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 04:15:54.0731 1268 IKEEXT - ok 04:15:54.0901 1268 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys 04:15:55.0356 1268 IntcAzAudAddService - ok 04:15:55.0510 1268 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 04:15:55.0549 1268 intelide - ok 04:15:55.0607 1268 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 04:15:55.0649 1268 intelppm - ok 04:15:55.0695 1268 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 04:15:55.0781 1268 IPBusEnum - ok 04:15:55.0839 1268 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 04:15:55.0912 1268 IpFilterDriver - ok 04:15:55.0978 1268 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 04:15:56.0059 1268 iphlpsvc - ok 04:15:56.0112 1268 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 04:15:56.0145 1268 IPMIDRV - ok 04:15:56.0359 1268 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 04:15:56.0432 1268 IPNAT - ok 04:15:56.0478 1268 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 04:15:56.0573 1268 IRENUM - ok 04:15:56.0641 1268 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 04:15:56.0669 1268 isapnp - ok 04:15:56.0730 1268 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 04:15:56.0761 1268 iScsiPrt - ok 04:15:56.0808 1268 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 04:15:56.0824 1268 kbdclass - ok 04:15:56.0876 1268 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 04:15:56.0899 1268 kbdhid - ok 04:15:56.0928 1268 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:15:56.0950 1268 KeyIso - ok 04:15:56.0990 1268 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 04:15:57.0012 1268 KSecDD - ok 04:15:57.0061 1268 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 04:15:57.0089 1268 KSecPkg - ok 04:15:57.0136 1268 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 04:15:57.0371 1268 ksthunk - ok 04:15:57.0432 1268 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 04:15:57.0506 1268 KtmRm - ok 04:15:57.0573 1268 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 04:15:57.0653 1268 LanmanServer - ok 04:15:57.0705 1268 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 04:15:57.0774 1268 LanmanWorkstation - ok 04:15:57.0827 1268 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 04:15:57.0940 1268 lltdio - ok 04:15:57.0990 1268 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 04:15:58.0065 1268 lltdsvc - ok 04:15:58.0094 1268 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 04:15:58.0141 1268 lmhosts - ok 04:15:58.0363 1268 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 04:15:58.0400 1268 LSI_FC - ok 04:15:58.0451 1268 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 04:15:58.0476 1268 LSI_SAS - ok 04:15:58.0525 1268 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 04:15:58.0568 1268 LSI_SAS2 - ok 04:15:58.0621 1268 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 04:15:58.0649 1268 LSI_SCSI - ok 04:15:58.0698 1268 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 04:15:58.0769 1268 luafv - ok 04:15:58.0833 1268 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 04:15:58.0853 1268 MBAMProtector - ok 04:15:58.0998 1268 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 04:15:59.0050 1268 MBAMService - ok 04:15:59.0095 1268 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 04:15:59.0135 1268 Mcx2Svc - ok 04:15:59.0352 1268 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 04:15:59.0410 1268 mdmxsdk - ok 04:15:59.0445 1268 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 04:15:59.0473 1268 megasas - ok 04:15:59.0529 1268 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 04:15:59.0556 1268 MegaSR - ok 04:15:59.0618 1268 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 04:15:59.0677 1268 MMCSS - ok 04:15:59.0708 1268 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 04:15:59.0767 1268 Modem - ok 04:15:59.0825 1268 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 04:15:59.0865 1268 monitor - ok 04:15:59.0920 1268 motmodem (060f0ef84f430802df3788f3dcfd009c) C:\Windows\system32\DRIVERS\motmodem.sys 04:15:59.0978 1268 motmodem - ok 04:16:00.0099 1268 MotoHelper (98a10ac4257a3ba48c9611338544ee49) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 04:16:00.0154 1268 MotoHelper - ok 04:16:00.0375 1268 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 04:16:00.0391 1268 mouclass - ok 04:16:00.0448 1268 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 04:16:00.0483 1268 mouhid - ok 04:16:00.0534 1268 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 04:16:00.0560 1268 mountmgr - ok 04:16:00.0614 1268 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 04:16:00.0673 1268 mpio - ok 04:16:00.0725 1268 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 04:16:00.0784 1268 mpsdrv - ok 04:16:00.0869 1268 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 04:16:00.0958 1268 MpsSvc - ok 04:16:01.0016 1268 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 04:16:01.0077 1268 MRxDAV - ok 04:16:01.0127 1268 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 04:16:01.0354 1268 mrxsmb - ok 04:16:01.0404 1268 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 04:16:01.0468 1268 mrxsmb10 - ok 04:16:01.0509 1268 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 04:16:01.0539 1268 mrxsmb20 - ok 04:16:01.0587 1268 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 04:16:01.0619 1268 msahci - ok 04:16:01.0668 1268 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 04:16:01.0694 1268 msdsm - ok 04:16:01.0735 1268 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 04:16:01.0780 1268 MSDTC - ok 04:16:01.0841 1268 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 04:16:01.0885 1268 Msfs - ok 04:16:01.0934 1268 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 04:16:01.0992 1268 mshidkmdf - ok 04:16:02.0027 1268 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 04:16:02.0044 1268 msisadrv - ok 04:16:02.0117 1268 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 04:16:02.0367 1268 MSiSCSI - ok 04:16:02.0384 1268 msiserver - ok 04:16:02.0432 1268 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 04:16:02.0492 1268 MSKSSRV - ok 04:16:02.0541 1268 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 04:16:02.0594 1268 MSPCLOCK - ok 04:16:02.0632 1268 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 04:16:02.0684 1268 MSPQM - ok 04:16:02.0736 1268 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 04:16:02.0808 1268 MsRPC - ok 04:16:02.0867 1268 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 04:16:02.0881 1268 mssmbios - ok 04:16:02.0964 1268 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 04:16:03.0028 1268 MSTEE - ok 04:16:03.0055 1268 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 04:16:03.0084 1268 MTConfig - ok 04:16:03.0129 1268 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 04:16:03.0145 1268 Mup - ok 04:16:03.0387 1268 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 04:16:03.0469 1268 napagent - ok 04:16:03.0531 1268 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 04:16:03.0582 1268 NativeWifiP - ok 04:16:03.0753 1268 NBService (2637f26312ecceeb6f110e95f1ece243) C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe 04:16:04.0070 1268 NBService ( UnsignedFile.Multi.Generic ) - warning 04:16:04.0070 1268 NBService - detected UnsignedFile.Multi.Generic (1) 04:16:04.0353 1268 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 04:16:04.0408 1268 NDIS - ok 04:16:04.0463 1268 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 04:16:04.0526 1268 NdisCap - ok 04:16:04.0578 1268 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 04:16:04.0655 1268 NdisTapi - ok 04:16:04.0713 1268 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 04:16:04.0788 1268 Ndisuio - ok 04:16:04.0836 1268 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 04:16:04.0906 1268 NdisWan - ok 04:16:04.0945 1268 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 04:16:04.0994 1268 NDProxy - ok 04:16:05.0045 1268 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 04:16:05.0106 1268 NetBIOS - ok 04:16:05.0162 1268 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 04:16:05.0414 1268 NetBT - ok 04:16:05.0450 1268 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:05.0482 1268 Netlogon - ok 04:16:05.0551 1268 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 04:16:05.0625 1268 Netman - ok 04:16:05.0697 1268 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 04:16:05.0780 1268 netprofm - ok 04:16:05.0909 1268 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 04:16:05.0942 1268 NetTcpPortSharing - ok 04:16:05.0981 1268 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 04:16:06.0009 1268 nfrd960 - ok 04:16:06.0085 1268 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 04:16:06.0159 1268 NlaSvc - ok 04:16:06.0371 1268 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 04:16:06.0418 1268 Npfs - ok 04:16:06.0456 1268 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 04:16:06.0517 1268 nsi - ok 04:16:06.0545 1268 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 04:16:06.0605 1268 nsiproxy - ok 04:16:06.0733 1268 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 04:16:06.0811 1268 Ntfs - ok 04:16:06.0950 1268 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 04:16:07.0069 1268 Null - ok 04:16:07.0144 1268 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 04:16:07.0375 1268 NVENETFD - ok 04:16:07.0976 1268 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys 04:16:08.0585 1268 nvlddmkm - ok 04:16:08.0757 1268 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys 04:16:08.0803 1268 NVNET - ok 04:16:08.0848 1268 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 04:16:08.0875 1268 nvraid - ok 04:16:08.0931 1268 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 04:16:08.0948 1268 nvstor - ok 04:16:08.0991 1268 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 04:16:09.0032 1268 nv_agp - ok 04:16:09.0077 1268 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 04:16:09.0109 1268 ohci1394 - ok 04:16:09.0353 1268 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 04:16:09.0431 1268 p2pimsvc - ok 04:16:09.0492 1268 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 04:16:09.0527 1268 p2psvc - ok 04:16:09.0568 1268 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 04:16:09.0607 1268 Parport - ok 04:16:09.0646 1268 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 04:16:09.0663 1268 partmgr - ok 04:16:09.0702 1268 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 04:16:09.0750 1268 PcaSvc - ok 04:16:09.0799 1268 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 04:16:09.0827 1268 pci - ok 04:16:09.0865 1268 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 04:16:09.0885 1268 pciide - ok 04:16:09.0930 1268 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 04:16:09.0964 1268 pcmcia - ok 04:16:09.0990 1268 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 04:16:10.0005 1268 pcw - ok 04:16:10.0075 1268 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 04:16:10.0382 1268 PEAUTH - ok 04:16:10.0491 1268 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 04:16:10.0592 1268 PeerDistSvc - ok 04:16:10.0688 1268 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 04:16:10.0777 1268 PerfHost - ok 04:16:10.0989 1268 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 04:16:11.0093 1268 pla - ok 04:16:11.0163 1268 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 04:16:11.0416 1268 PlugPlay - ok 04:16:11.0466 1268 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 04:16:11.0487 1268 PNRPAutoReg - ok 04:16:11.0536 1268 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 04:16:11.0559 1268 PNRPsvc - ok 04:16:11.0642 1268 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 04:16:11.0670 1268 Point64 - ok 04:16:11.0747 1268 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 04:16:11.0824 1268 PolicyAgent - ok 04:16:11.0886 1268 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 04:16:11.0962 1268 Power - ok 04:16:12.0027 1268 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 04:16:12.0112 1268 PptpMiniport - ok 04:16:12.0157 1268 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 04:16:12.0362 1268 Processor - ok 04:16:12.0418 1268 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 04:16:12.0487 1268 ProfSvc - ok 04:16:12.0528 1268 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:12.0553 1268 ProtectedStorage - ok 04:16:12.0615 1268 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 04:16:12.0678 1268 Psched - ok 04:16:12.0791 1268 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 04:16:12.0863 1268 ql2300 - ok 04:16:12.0994 1268 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 04:16:13.0036 1268 ql40xx - ok 04:16:13.0099 1268 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 04:16:13.0156 1268 QWAVE - ok 04:16:13.0349 1268 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 04:16:13.0475 1268 QWAVEdrv - ok 04:16:13.0522 1268 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 04:16:13.0580 1268 RasAcd - ok 04:16:13.0628 1268 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 04:16:13.0697 1268 RasAgileVpn - ok 04:16:13.0737 1268 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 04:16:13.0827 1268 RasAuto - ok 04:16:13.0887 1268 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 04:16:13.0960 1268 Rasl2tp - ok 04:16:14.0014 1268 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 04:16:14.0095 1268 RasMan - ok 04:16:14.0143 1268 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 04:16:14.0361 1268 RasPppoe - ok 04:16:14.0428 1268 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 04:16:14.0508 1268 RasSstp - ok 04:16:14.0562 1268 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 04:16:14.0634 1268 rdbss - ok 04:16:14.0675 1268 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 04:16:14.0723 1268 rdpbus - ok 04:16:14.0751 1268 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 04:16:14.0833 1268 RDPCDD - ok 04:16:14.0890 1268 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 04:16:14.0970 1268 RDPDR - ok 04:16:15.0020 1268 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 04:16:15.0080 1268 RDPENCDD - ok 04:16:15.0133 1268 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 04:16:15.0352 1268 RDPREFMP - ok 04:16:15.0416 1268 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 04:16:15.0481 1268 RdpVideoMiniport - ok 04:16:15.0528 1268 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 04:16:15.0630 1268 RDPWD - ok 04:16:15.0710 1268 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 04:16:15.0760 1268 rdyboost - ok 04:16:15.0812 1268 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 04:16:15.0883 1268 RemoteAccess - ok 04:16:15.0935 1268 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 04:16:16.0008 1268 RemoteRegistry - ok 04:16:16.0063 1268 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 04:16:16.0125 1268 RpcEptMapper - ok 04:16:16.0165 1268 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 04:16:16.0366 1268 RpcLocator - ok 04:16:16.0438 1268 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 04:16:16.0488 1268 RpcSs - ok 04:16:16.0541 1268 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 04:16:16.0601 1268 rspndr - ok 04:16:16.0648 1268 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 04:16:16.0708 1268 s3cap - ok 04:16:16.0750 1268 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:16.0766 1268 SamSs - ok 04:16:16.0813 1268 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 04:16:16.0833 1268 sbp2port - ok 04:16:16.0876 1268 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 04:16:16.0954 1268 SCardSvr - ok 04:16:16.0991 1268 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 04:16:17.0043 1268 scfilter - ok 04:16:17.0135 1268 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 04:16:17.0430 1268 Schedule - ok 04:16:17.0481 1268 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 04:16:17.0524 1268 SCPolicySvc - ok 04:16:17.0575 1268 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 04:16:17.0629 1268 SDRSVC - ok 04:16:17.0708 1268 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 04:16:17.0770 1268 secdrv - ok 04:16:17.0817 1268 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 04:16:17.0861 1268 seclogon - ok 04:16:17.0907 1268 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 04:16:17.0953 1268 SENS - ok 04:16:17.0983 1268 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 04:16:18.0052 1268 SensrSvc - ok 04:16:18.0085 1268 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 04:16:18.0127 1268 Serenum - ok 04:16:18.0348 1268 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 04:16:18.0389 1268 Serial - ok 04:16:18.0438 1268 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 04:16:18.0488 1268 sermouse - ok 04:16:18.0560 1268 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 04:16:18.0625 1268 SessionEnv - ok 04:16:18.0671 1268 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 04:16:18.0757 1268 sffdisk - ok 04:16:18.0800 1268 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 04:16:18.0862 1268 sffp_mmc - ok 04:16:18.0894 1268 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 04:16:18.0934 1268 sffp_sd - ok 04:16:18.0996 1268 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 04:16:19.0030 1268 sfloppy - ok 04:16:19.0091 1268 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 04:16:19.0376 1268 SharedAccess - ok 04:16:19.0435 1268 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 04:16:19.0506 1268 ShellHWDetection - ok 04:16:19.0553 1268 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 04:16:19.0581 1268 SiSRaid2 - ok 04:16:19.0599 1268 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 04:16:19.0627 1268 SiSRaid4 - ok 04:16:19.0683 1268 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 04:16:19.0806 1268 Smb - ok 04:16:19.0877 1268 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 04:16:19.0922 1268 SNMPTRAP - ok 04:16:19.0948 1268 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 04:16:19.0962 1268 spldr - ok 04:16:20.0030 1268 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 04:16:20.0098 1268 Spooler - ok 04:16:20.0494 1268 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 04:16:20.0709 1268 sppsvc - ok 04:16:20.0808 1268 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 04:16:20.0888 1268 sppuinotify - ok 04:16:20.0996 1268 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 04:16:21.0105 1268 srv - ok 04:16:21.0153 1268 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 04:16:21.0360 1268 srv2 - ok 04:16:21.0412 1268 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 04:16:21.0442 1268 srvnet - ok 04:16:21.0501 1268 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys 04:16:21.0600 1268 ssadbus - ok 04:16:21.0656 1268 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys 04:16:21.0725 1268 ssadmdfl - ok 04:16:21.0781 1268 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys 04:16:21.0823 1268 ssadmdm - ok 04:16:21.0873 1268 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 04:16:21.0956 1268 SSDPSRV - ok 04:16:22.0004 1268 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 04:16:22.0059 1268 SstpSvc - ok 04:16:22.0101 1268 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 04:16:22.0128 1268 stexstor - ok 04:16:22.0372 1268 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 04:16:22.0431 1268 stisvc - ok 04:16:22.0490 1268 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 04:16:22.0505 1268 storflt - ok 04:16:22.0542 1268 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 04:16:22.0557 1268 storvsc - ok 04:16:22.0585 1268 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 04:16:22.0600 1268 swenum - ok 04:16:22.0664 1268 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 04:16:22.0746 1268 swprv - ok 04:16:22.0784 1268 Synth3dVsc - ok 04:16:22.0919 1268 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 04:16:23.0049 1268 SysMain - ok 04:16:23.0410 1268 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 04:16:23.0497 1268 TabletInputService - ok 04:16:23.0554 1268 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 04:16:23.0632 1268 TapiSrv - ok 04:16:23.0679 1268 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 04:16:23.0758 1268 TBS - ok 04:16:23.0919 1268 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 04:16:24.0015 1268 Tcpip - ok 04:16:24.0452 1268 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 04:16:24.0507 1268 TCPIP6 - ok 04:16:24.0646 1268 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 04:16:24.0724 1268 tcpipreg - ok 04:16:24.0767 1268 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 04:16:24.0812 1268 TDPIPE - ok 04:16:24.0852 1268 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 04:16:24.0904 1268 TDTCP - ok 04:16:24.0962 1268 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 04:16:25.0019 1268 tdx - ok 04:16:25.0071 1268 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 04:16:25.0086 1268 TermDD - ok 04:16:25.0164 1268 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 04:16:25.0426 1268 TermService - ok 04:16:25.0466 1268 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 04:16:25.0510 1268 Themes - ok 04:16:25.0556 1268 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 04:16:25.0605 1268 THREADORDER - ok 04:16:25.0675 1268 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 04:16:25.0739 1268 TrkWks - ok 04:16:25.0817 1268 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 04:16:25.0896 1268 TrustedInstaller - ok 04:16:25.0938 1268 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 04:16:26.0006 1268 tssecsrv - ok 04:16:26.0056 1268 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 04:16:26.0097 1268 TsUsbFlt - ok 04:16:26.0112 1268 tsusbhub - ok 04:16:26.0342 1268 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 04:16:26.0406 1268 tunnel - ok 04:16:26.0447 1268 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 04:16:26.0469 1268 uagp35 - ok 04:16:26.0532 1268 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 04:16:26.0608 1268 udfs - ok 04:16:26.0664 1268 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 04:16:26.0699 1268 UI0Detect - ok 04:16:26.0751 1268 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 04:16:26.0768 1268 uliagpkx - ok 04:16:26.0820 1268 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 04:16:26.0853 1268 umbus - ok 04:16:26.0893 1268 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 04:16:26.0935 1268 UmPass - ok 04:16:26.0990 1268 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 04:16:27.0034 1268 UmRdpService - ok 04:16:27.0087 1268 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 04:16:27.0166 1268 upnphost - ok 04:16:27.0402 1268 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 04:16:27.0468 1268 usbccgp - ok 04:16:27.0528 1268 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 04:16:27.0599 1268 usbcir - ok 04:16:27.0643 1268 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 04:16:27.0694 1268 usbehci - ok 04:16:27.0756 1268 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 04:16:27.0792 1268 usbhub - ok 04:16:27.0832 1268 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 04:16:27.0868 1268 usbohci - ok 04:16:27.0920 1268 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 04:16:27.0966 1268 usbprint - ok 04:16:28.0017 1268 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 04:16:28.0082 1268 USBSTOR - ok 04:16:28.0123 1268 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 04:16:28.0166 1268 usbuhci - ok 04:16:28.0468 1268 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 04:16:28.0545 1268 UxSms - ok 04:16:28.0587 1268 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 04:16:28.0613 1268 VaultSvc - ok 04:16:28.0673 1268 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 04:16:28.0688 1268 vdrvroot - ok 04:16:28.0756 1268 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 04:16:28.0826 1268 vds - ok 04:16:28.0875 1268 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 04:16:28.0909 1268 vga - ok 04:16:28.0949 1268 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 04:16:29.0013 1268 VgaSave - ok 04:16:29.0041 1268 VGPU - ok 04:16:29.0097 1268 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 04:16:29.0128 1268 vhdmp - ok 04:16:29.0352 1268 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 04:16:29.0375 1268 viaide - ok 04:16:29.0424 1268 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 04:16:29.0453 1268 vmbus - ok 04:16:29.0506 1268 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 04:16:29.0543 1268 VMBusHID - ok 04:16:29.0594 1268 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 04:16:29.0625 1268 volmgr - ok 04:16:29.0673 1268 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 04:16:29.0709 1268 volmgrx - ok 04:16:29.0763 1268 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 04:16:29.0795 1268 volsnap - ok 04:16:29.0834 1268 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 04:16:29.0863 1268 vsmraid - ok 04:16:29.0980 1268 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 04:16:30.0103 1268 VSS - ok 04:16:30.0510 1268 VST64HWBS2 (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS 04:16:30.0593 1268 VST64HWBS2 - ok 04:16:30.0739 1268 VST64_DPV (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 04:16:30.0813 1268 VST64_DPV - ok 04:16:30.0949 1268 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 04:16:30.0986 1268 vwifibus - ok 04:16:31.0043 1268 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 04:16:31.0108 1268 W32Time - ok 04:16:31.0156 1268 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 04:16:31.0422 1268 WacomPen - ok 04:16:31.0488 1268 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 04:16:31.0558 1268 WANARP - ok 04:16:31.0581 1268 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 04:16:31.0629 1268 Wanarpv6 - ok 04:16:31.0736 1268 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 04:16:31.0874 1268 WatAdminSvc - ok 04:16:31.0993 1268 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 04:16:32.0085 1268 wbengine - ok 04:16:32.0365 1268 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 04:16:32.0403 1268 WbioSrvc - ok 04:16:32.0462 1268 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 04:16:32.0577 1268 wcncsvc - ok 04:16:32.0627 1268 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 04:16:32.0660 1268 WcsPlugInService - ok 04:16:32.0722 1268 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 04:16:32.0737 1268 Wd - ok 04:16:32.0795 1268 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 04:16:32.0841 1268 Wdf01000 - ok 04:16:32.0877 1268 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 04:16:32.0993 1268 WdiServiceHost - ok 04:16:33.0015 1268 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 04:16:33.0053 1268 WdiSystemHost - ok 04:16:33.0112 1268 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 04:16:33.0342 1268 WebClient - ok 04:16:33.0395 1268 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 04:16:33.0465 1268 Wecsvc - ok 04:16:33.0517 1268 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 04:16:33.0585 1268 wercplsupport - ok 04:16:33.0638 1268 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 04:16:33.0696 1268 WerSvc - ok 04:16:33.0833 1268 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 04:16:33.0911 1268 WfpLwf - ok 04:16:33.0974 1268 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 04:16:34.0002 1268 WIMMount - ok 04:16:34.0071 1268 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 04:16:34.0149 1268 winachsf - ok 04:16:34.0379 1268 WinDefend - ok 04:16:34.0402 1268 WinHttpAutoProxySvc - ok 04:16:34.0484 1268 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 04:16:34.0641 1268 Winmgmt - ok 04:16:34.0776 1268 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 04:16:35.0138 1268 WinRM - ok 04:16:35.0731 1268 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 04:16:35.0778 1268 WinUSB - ok 04:16:35.0856 1268 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 04:16:35.0932 1268 Wlansvc - ok 04:16:35.0974 1268 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 04:16:36.0027 1268 WmiAcpi - ok 04:16:36.0114 1268 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 04:16:36.0166 1268 wmiApSrv - ok 04:16:36.0404 1268 WMPNetworkSvc - ok 04:16:36.0548 1268 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe 04:16:36.0625 1268 WMZuneComm - ok 04:16:36.0675 1268 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 04:16:36.0713 1268 WPCSvc - ok 04:16:36.0760 1268 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 04:16:36.0819 1268 WPDBusEnum - ok 04:16:36.0865 1268 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 04:16:36.0929 1268 ws2ifsl - ok 04:16:36.0970 1268 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 04:16:37.0028 1268 wscsvc - ok 04:16:37.0042 1268 WSearch - ok 04:16:37.0369 1268 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 04:16:37.0536 1268 wuauserv - ok 04:16:37.0662 1268 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 04:16:37.0724 1268 WudfPf - ok 04:16:37.0785 1268 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 04:16:37.0844 1268 WUDFRd - ok 04:16:37.0897 1268 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 04:16:37.0946 1268 wudfsvc - ok 04:16:37.0999 1268 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 04:16:38.0053 1268 WwanSvc - ok 04:16:38.0098 1268 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 04:16:38.0136 1268 XAudio - ok 04:16:38.0787 1268 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe 04:16:39.0125 1268 ZuneNetworkSvc - ok 04:16:39.0418 1268 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 04:16:39.0454 1268 ZuneWlanCfgSvc - ok 04:16:39.0512 1268 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 04:16:39.0637 1268 \Device\Harddisk0\DR0 - ok 04:16:39.0667 1268 Boot (0x1200) (e376c8c4ab5392a4ccea97eea69739cf) \Device\Harddisk0\DR0\Partition0 04:16:39.0668 1268 \Device\Harddisk0\DR0\Partition0 - ok 04:16:39.0718 1268 Boot (0x1200) (07a77afee5dcb272c2e01dd6548c5938) \Device\Harddisk0\DR0\Partition1 04:16:39.0719 1268 \Device\Harddisk0\DR0\Partition1 - ok 04:16:39.0725 1268 ============================================================ 04:16:39.0725 1268 Scan finished 04:16:39.0725 1268 ============================================================ 04:16:39.0751 3944 Detected object count: 1 04:16:39.0751 3944 Actual detected object count: 1 04:18:38.0917 3944 NBService ( UnsignedFile.Multi.Generic ) - skipped by user 04:18:38.0917 3944 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip 04:19:52.0035 1132 Deinitialize success
  13. PaperBoy68
    Actually, I'm still getting the Pop-ups from "axview".
  14. PaperBoy68
    It turns out that I still have this problem. After all the help I received on this forum, and all the scans and logs, the pop-up returned an hour after I finished. I am trying a couple of different rootkit removal programs. If I have any success or learn any thing else about this problem, I'll post back here to let everyone know. If anyone else has any info about these pop-ups I would love to hear from you. Thank You PB68
  15. PaperBoy68
    Can I delete the RK Quarantined registry entrys?
  16. PaperBoy68
    Working great! Thanks again...
  17. PaperBoy68
    MBAM quick scan log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.04.25.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Scott :: SCOTT-PC [administrator] Protection: Enabled 4/25/2012 9:37:35 AM mbam-log-2012-04-25 (09-37-35).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 216629 Time elapsed: 2 minute(s), 34 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Thank you for your assistance.
  18. PaperBoy68
    Thank You MrCharlie: Here's the ComboFix log: ComboFix 12-04-24.05 - Scott 04/24/2012 20:44:17.1.1 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1471.904 [GMT -5:00] Running from: c:\users\Scott\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\p64mlj5p.default\weave\toFetch D:\Autorun.inf . . ((((((((((((((((((((((((( Files Created from 2012-03-25 to 2012-04-25 ))))))))))))))))))))))))))))))) . . 2012-04-25 01:12 . 2012-04-25 01:12 -------- d-----w- C:\TDSSKiller_Quarantine 2012-04-21 12:55 . 2012-04-21 12:55 -------- d-----w- c:\users\Scott\AppData\Local\ElevatedDiagnostics 2012-04-15 09:50 . 2012-04-15 09:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-04-12 08:36 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-12 08:36 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-04-12 08:36 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-04-12 08:35 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-12 08:35 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-12 08:35 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-12 08:35 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-12 08:35 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-12 08:35 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-12 08:35 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-11 13:24 . 2012-04-11 13:24 -------- d-----w- c:\users\Scott\AppData\Local\Apps 2012-04-11 13:21 . 2012-04-11 13:21 -------- d-----w- c:\users\Scott\AppData\Roaming\FastStone 2012-04-11 13:20 . 2012-04-11 13:20 -------- d-----w- c:\program files (x86)\FastStone Image Viewer 2012-03-31 08:21 . 2012-03-31 08:21 -------- d-----w- c:\users\Sherry . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-15 09:50 . 2011-11-24 16:33 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-04-04 20:56 . 2011-11-26 22:23 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-20 15:16 . 2011-11-26 22:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-02-17 06:38 . 2012-03-14 10:48 1112064 ----a-w- c:\windows\system32\rdpcorets.dll 2012-02-17 06:38 . 2012-03-14 10:48 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-14 10:48 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-14 10:48 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-14 10:48 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-16 11:53 . 2012-02-16 11:53 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-02-16 11:53 . 2012-02-16 11:53 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-02-16 11:53 . 2012-02-16 11:53 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-02-16 11:53 . 2012-02-16 11:53 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-02-10 06:36 . 2012-03-14 10:49 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:38 . 2012-03-14 10:49 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-03 04:34 . 2012-03-14 10:49 3145728 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nero PhotoShow Media Manager"="c:\progra~2\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe" [2006-05-10 249856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 VST64_DPV;VST64_DPV;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 VST64HWBS2;VST64HWBS2;c:\windows\system32\DRIVERS\VSTBS26.SYS [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-08-10 227184] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 CAXHWBS2;CAXHWBS2;c:\windows\system32\DRIVERS\CAXHWBS2.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-04-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 09:50] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.0.1 205.171.3.25 FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\p64mlj5p.default\ FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\UninstFl.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3651193171-666663103-883258570-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe . ************************************************************************** . Completion time: 2012-04-24 21:00:18 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-25 02:00 . Pre-Run: 82,605,613,056 bytes free Post-Run: 82,093,047,808 bytes free . - - End Of File - - DFE73CBBE08175BDEAEBAD9FA57DC605
  19. PaperBoy68
    TDSS Killer log: 20:04:49.0588 1164 TDSS rootkit removing tool 2.7.32.0 Apr 23 2012 19:12:34 20:04:50.0129 1164 ============================================================ 20:04:50.0129 1164 Current date / time: 2012/04/24 20:04:50.0129 20:04:50.0129 1164 SystemInfo: 20:04:50.0129 1164 20:04:50.0130 1164 OS Version: 6.1.7601 ServicePack: 1.0 20:04:50.0130 1164 Product type: Workstation 20:04:50.0130 1164 ComputerName: SCOTT-PC 20:04:50.0131 1164 UserName: Scott 20:04:50.0131 1164 Windows directory: C:\Windows 20:04:50.0131 1164 System windows directory: C:\Windows 20:04:50.0131 1164 Running under WOW64 20:04:50.0131 1164 Processor architecture: Intel x64 20:04:50.0131 1164 Number of processors: 1 20:04:50.0131 1164 Page size: 0x1000 20:04:50.0131 1164 Boot type: Normal boot 20:04:50.0131 1164 ============================================================ 20:04:50.0648 1164 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 20:04:50.0870 1164 ============================================================ 20:04:50.0870 1164 \Device\Harddisk0\DR0: 20:04:50.0881 1164 MBR partitions: 20:04:50.0881 1164 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCF2A6B1 20:04:50.0881 1164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0xCF2E200, BlocksNum 0x1065210 20:04:50.0881 1164 ============================================================ 20:04:50.0902 1164 C: <-> \Device\Harddisk0\DR0\Partition0 20:04:50.0929 1164 D: <-> \Device\Harddisk0\DR0\Partition1 20:04:50.0930 1164 ============================================================ 20:04:50.0930 1164 Initialize success 20:04:50.0930 1164 ============================================================ 20:05:21.0298 3040 ============================================================ 20:05:21.0298 3040 Scan started 20:05:21.0299 3040 Mode: Manual; SigCheck; TDLFS; 20:05:21.0299 3040 ============================================================ 20:05:21.0864 3040 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 20:05:22.0052 3040 1394ohci - ok 20:05:22.0126 3040 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 20:05:22.0150 3040 ACPI - ok 20:05:22.0206 3040 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 20:05:22.0321 3040 AcpiPmi - ok 20:05:22.0445 3040 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:05:22.0466 3040 AdobeARMservice - ok 20:05:22.0655 3040 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:05:22.0670 3040 AdobeFlashPlayerUpdateSvc - ok 20:05:22.0895 3040 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:05:22.0921 3040 adp94xx - ok 20:05:22.0987 3040 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:05:23.0026 3040 adpahci - ok 20:05:23.0092 3040 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:05:23.0125 3040 adpu320 - ok 20:05:23.0199 3040 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:05:23.0357 3040 AeLookupSvc - ok 20:05:23.0468 3040 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 20:05:23.0554 3040 AFD - ok 20:05:23.0618 3040 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 20:05:23.0634 3040 agp440 - ok 20:05:23.0825 3040 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:05:23.0876 3040 ALG - ok 20:05:23.0929 3040 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 20:05:23.0945 3040 aliide - ok 20:05:23.0994 3040 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 20:05:24.0007 3040 amdide - ok 20:05:24.0083 3040 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:05:24.0160 3040 AmdK8 - ok 20:05:24.0221 3040 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:05:24.0274 3040 AmdPPM - ok 20:05:24.0339 3040 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 20:05:24.0367 3040 amdsata - ok 20:05:24.0428 3040 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:05:24.0448 3040 amdsbs - ok 20:05:24.0486 3040 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 20:05:24.0500 3040 amdxata - ok 20:05:24.0546 3040 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys 20:05:24.0952 3040 androidusb - ok 20:05:25.0015 3040 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 20:05:25.0233 3040 AppID - ok 20:05:25.0268 3040 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:05:25.0341 3040 AppIDSvc - ok 20:05:25.0410 3040 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 20:05:25.0479 3040 Appinfo - ok 20:05:25.0532 3040 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 20:05:25.0577 3040 AppMgmt - ok 20:05:25.0635 3040 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:05:25.0650 3040 arc - ok 20:05:25.0843 3040 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:05:25.0859 3040 arcsas - ok 20:05:25.0904 3040 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:05:25.0962 3040 AsyncMac - ok 20:05:26.0025 3040 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 20:05:26.0039 3040 atapi - ok 20:05:26.0140 3040 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:05:26.0263 3040 AudioEndpointBuilder - ok 20:05:26.0292 3040 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:05:26.0344 3040 AudioSrv - ok 20:05:26.0414 3040 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys 20:05:26.0428 3040 Avgfwfd - ok 20:05:26.0638 3040 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe 20:05:26.0842 3040 avgfws - ok 20:05:27.0194 3040 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 20:05:27.0298 3040 AVGIDSAgent - ok 20:05:27.0440 3040 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 20:05:27.0457 3040 AVGIDSDriver - ok 20:05:27.0490 3040 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 20:05:27.0503 3040 AVGIDSEH - ok 20:05:27.0546 3040 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 20:05:27.0560 3040 AVGIDSFilter - ok 20:05:27.0616 3040 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 20:05:27.0635 3040 Avgldx64 - ok 20:05:27.0803 3040 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 20:05:27.0817 3040 Avgmfx64 - ok 20:05:27.0874 3040 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 20:05:27.0889 3040 Avgrkx64 - ok 20:05:27.0950 3040 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 20:05:27.0971 3040 Avgtdia - ok 20:05:28.0072 3040 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 20:05:28.0106 3040 avgwd - ok 20:05:28.0178 3040 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 20:05:28.0274 3040 AxInstSV - ok 20:05:28.0348 3040 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:05:28.0400 3040 b06bdrv - ok 20:05:28.0476 3040 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:05:28.0529 3040 b57nd60a - ok 20:05:28.0603 3040 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:05:28.0658 3040 BDESVC - ok 20:05:28.0842 3040 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:05:28.0913 3040 Beep - ok 20:05:29.0006 3040 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 20:05:29.0069 3040 BFE - ok 20:05:29.0151 3040 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 20:05:29.0228 3040 BITS - ok 20:05:29.0308 3040 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:05:29.0362 3040 blbdrive - ok 20:05:29.0409 3040 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 20:05:29.0435 3040 bowser - ok 20:05:29.0488 3040 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:05:29.0576 3040 BrFiltLo - ok 20:05:29.0605 3040 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:05:29.0625 3040 BrFiltUp - ok 20:05:29.0811 3040 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 20:05:29.0871 3040 Browser - ok 20:05:29.0929 3040 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:05:30.0006 3040 Brserid - ok 20:05:30.0044 3040 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:05:30.0102 3040 BrSerWdm - ok 20:05:30.0145 3040 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:05:30.0185 3040 BrUsbMdm - ok 20:05:30.0228 3040 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:05:30.0264 3040 BrUsbSer - ok 20:05:30.0309 3040 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:05:30.0354 3040 BTHMODEM - ok 20:05:30.0422 3040 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:05:30.0481 3040 bthserv - ok 20:05:30.0561 3040 CAXHWBS2 (46f088d1247e825b313200254edd9e5b) C:\Windows\system32\DRIVERS\CAXHWBS2.sys 20:05:30.0615 3040 CAXHWBS2 - ok 20:05:30.0662 3040 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:05:30.0838 3040 cdfs - ok 20:05:30.0901 3040 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 20:05:30.0937 3040 cdrom - ok 20:05:30.0998 3040 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:05:31.0062 3040 CertPropSvc - ok 20:05:31.0112 3040 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:05:31.0147 3040 circlass - ok 20:05:31.0224 3040 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:05:31.0245 3040 CLFS - ok 20:05:31.0346 3040 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:05:31.0387 3040 clr_optimization_v2.0.50727_32 - ok 20:05:31.0453 3040 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:05:31.0465 3040 clr_optimization_v2.0.50727_64 - ok 20:05:31.0613 3040 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:05:31.0626 3040 clr_optimization_v4.0.30319_32 - ok 20:05:31.0824 3040 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:05:31.0837 3040 clr_optimization_v4.0.30319_64 - ok 20:05:31.0900 3040 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:05:31.0931 3040 CmBatt - ok 20:05:31.0973 3040 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 20:05:31.0990 3040 cmdide - ok 20:05:32.0053 3040 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 20:05:32.0104 3040 CNG - ok 20:05:32.0140 3040 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:05:32.0157 3040 Compbatt - ok 20:05:32.0209 3040 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 20:05:32.0247 3040 CompositeBus - ok 20:05:32.0273 3040 COMSysApp - ok 20:05:32.0315 3040 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:05:32.0333 3040 crcdisk - ok 20:05:32.0410 3040 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 20:05:32.0474 3040 CryptSvc - ok 20:05:32.0534 3040 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 20:05:32.0598 3040 CSC - ok 20:05:32.0820 3040 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 20:05:32.0877 3040 CscService - ok 20:05:32.0945 3040 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 20:05:32.0957 3040 dc3d - ok 20:05:33.0041 3040 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:05:33.0107 3040 DcomLaunch - ok 20:05:33.0153 3040 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:05:33.0219 3040 defragsvc - ok 20:05:33.0278 3040 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 20:05:33.0347 3040 DfsC - ok 20:05:33.0417 3040 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 20:05:33.0483 3040 Dhcp - ok 20:05:33.0527 3040 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:05:33.0593 3040 discache - ok 20:05:33.0648 3040 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:05:33.0663 3040 Disk - ok 20:05:33.0854 3040 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 20:05:33.0925 3040 Dnscache - ok 20:05:33.0990 3040 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 20:05:34.0070 3040 dot3svc - ok 20:05:34.0126 3040 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 20:05:34.0193 3040 DPS - ok 20:05:34.0235 3040 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:05:34.0273 3040 drmkaud - ok 20:05:34.0365 3040 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 20:05:34.0402 3040 DXGKrnl - ok 20:05:34.0441 3040 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:05:34.0507 3040 EapHost - ok 20:05:34.0831 3040 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:05:34.0907 3040 ebdrv - ok 20:05:35.0016 3040 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 20:05:35.0084 3040 EFS - ok 20:05:35.0183 3040 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 20:05:35.0257 3040 ehRecvr - ok 20:05:35.0297 3040 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:05:35.0333 3040 ehSched - ok 20:05:35.0433 3040 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:05:35.0478 3040 elxstor - ok 20:05:35.0525 3040 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 20:05:35.0558 3040 ErrDev - ok 20:05:35.0648 3040 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:05:35.0863 3040 EventSystem - ok 20:05:35.0904 3040 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:05:35.0970 3040 exfat - ok 20:05:36.0023 3040 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:05:36.0098 3040 fastfat - ok 20:05:36.0195 3040 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 20:05:36.0305 3040 Fax - ok 20:05:36.0341 3040 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:05:36.0379 3040 fdc - ok 20:05:36.0428 3040 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:05:36.0503 3040 fdPHost - ok 20:05:36.0546 3040 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:05:36.0609 3040 FDResPub - ok 20:05:36.0650 3040 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:05:36.0666 3040 FileInfo - ok 20:05:36.0822 3040 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:05:36.0890 3040 Filetrace - ok 20:05:36.0918 3040 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:05:36.0941 3040 flpydisk - ok 20:05:37.0006 3040 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 20:05:37.0039 3040 FltMgr - ok 20:05:37.0137 3040 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 20:05:37.0223 3040 FontCache - ok 20:05:37.0341 3040 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:05:37.0362 3040 FontCache3.0.0.0 - ok 20:05:37.0424 3040 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:05:37.0445 3040 FsDepends - ok 20:05:37.0490 3040 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 20:05:37.0504 3040 Fs_Rec - ok 20:05:37.0565 3040 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:05:37.0606 3040 fvevol - ok 20:05:37.0649 3040 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:05:37.0665 3040 gagp30kx - ok 20:05:37.0871 3040 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 20:05:37.0962 3040 gpsvc - ok 20:05:37.0998 3040 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:05:38.0058 3040 hcw85cir - ok 20:05:38.0136 3040 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 20:05:38.0189 3040 HdAudAddService - ok 20:05:38.0243 3040 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 20:05:38.0288 3040 HDAudBus - ok 20:05:38.0331 3040 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:05:38.0361 3040 HidBatt - ok 20:05:38.0393 3040 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:05:38.0445 3040 HidBth - ok 20:05:38.0490 3040 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:05:38.0527 3040 HidIr - ok 20:05:38.0570 3040 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 20:05:38.0633 3040 hidserv - ok 20:05:38.0822 3040 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 20:05:38.0842 3040 HidUsb - ok 20:05:38.0886 3040 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 20:05:38.0966 3040 hkmsvc - ok 20:05:39.0013 3040 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 20:05:39.0081 3040 HomeGroupListener - ok 20:05:39.0137 3040 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 20:05:39.0203 3040 HomeGroupProvider - ok 20:05:39.0246 3040 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 20:05:39.0262 3040 HpSAMD - ok 20:05:39.0361 3040 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll 20:05:39.0411 3040 HsfXAudioService - ok 20:05:39.0522 3040 HSF_DP (64667d9808fd09fabedccf62e8f52662) C:\Windows\system32\DRIVERS\CAX_DP.sys 20:05:39.0595 3040 HSF_DP - ok 20:05:39.0908 3040 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 20:05:39.0998 3040 HTTP - ok 20:05:40.0044 3040 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 20:05:40.0058 3040 hwpolicy - ok 20:05:40.0128 3040 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 20:05:40.0155 3040 i8042prt - ok 20:05:40.0226 3040 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 20:05:40.0261 3040 iaStorV - ok 20:05:40.0418 3040 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:05:40.0489 3040 idsvc - ok 20:05:40.0523 3040 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:05:40.0541 3040 iirsp - ok 20:05:40.0625 3040 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 20:05:40.0840 3040 IKEEXT - ok 20:05:40.0986 3040 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys 20:05:41.0078 3040 IntcAzAudAddService - ok 20:05:41.0230 3040 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 20:05:41.0256 3040 intelide - ok 20:05:41.0310 3040 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:05:41.0344 3040 intelppm - ok 20:05:41.0391 3040 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:05:41.0467 3040 IPBusEnum - ok 20:05:41.0525 3040 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:05:41.0597 3040 IpFilterDriver - ok 20:05:41.0664 3040 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 20:05:41.0862 3040 iphlpsvc - ok 20:05:41.0915 3040 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 20:05:41.0948 3040 IPMIDRV - ok 20:05:41.0985 3040 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:05:42.0059 3040 IPNAT - ok 20:05:42.0105 3040 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:05:42.0187 3040 IRENUM - ok 20:05:42.0234 3040 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 20:05:42.0248 3040 isapnp - ok 20:05:42.0307 3040 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 20:05:42.0338 3040 iScsiPrt - ok 20:05:42.0393 3040 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:05:42.0415 3040 kbdclass - ok 20:05:42.0461 3040 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 20:05:42.0486 3040 kbdhid - ok 20:05:42.0512 3040 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:05:42.0535 3040 KeyIso - ok 20:05:42.0562 3040 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 20:05:42.0583 3040 KSecDD - ok 20:05:42.0634 3040 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 20:05:42.0664 3040 KSecPkg - ok 20:05:42.0839 3040 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:05:42.0899 3040 ksthunk - ok 20:05:42.0958 3040 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:05:43.0035 3040 KtmRm - ok 20:05:43.0100 3040 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 20:05:43.0183 3040 LanmanServer - ok 20:05:43.0232 3040 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 20:05:43.0301 3040 LanmanWorkstation - ok 20:05:43.0354 3040 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:05:43.0419 3040 lltdio - ok 20:05:43.0487 3040 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:05:43.0568 3040 lltdsvc - ok 20:05:43.0597 3040 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:05:43.0645 3040 lmhosts - ok 20:05:43.0840 3040 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:05:43.0861 3040 LSI_FC - ok 20:05:43.0913 3040 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:05:43.0952 3040 LSI_SAS - ok 20:05:44.0010 3040 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:05:44.0041 3040 LSI_SAS2 - ok 20:05:44.0097 3040 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:05:44.0124 3040 LSI_SCSI - ok 20:05:44.0178 3040 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:05:44.0247 3040 luafv - ok 20:05:44.0328 3040 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 20:05:44.0348 3040 MBAMProtector - ok 20:05:44.0488 3040 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 20:05:44.0540 3040 MBAMService - ok 20:05:44.0583 3040 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 20:05:44.0629 3040 Mcx2Svc - ok 20:05:44.0801 3040 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 20:05:44.0844 3040 mdmxsdk - ok 20:05:44.0875 3040 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:05:44.0889 3040 megasas - ok 20:05:44.0940 3040 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:05:44.0967 3040 MegaSR - ok 20:05:45.0029 3040 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:05:45.0088 3040 MMCSS - ok 20:05:45.0117 3040 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:05:45.0180 3040 Modem - ok 20:05:45.0235 3040 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:05:45.0276 3040 monitor - ok 20:05:45.0321 3040 motmodem (060f0ef84f430802df3788f3dcfd009c) C:\Windows\system32\DRIVERS\motmodem.sys 20:05:45.0407 3040 motmodem - ok 20:05:45.0527 3040 MotoHelper (98a10ac4257a3ba48c9611338544ee49) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 20:05:45.0551 3040 MotoHelper - ok 20:05:45.0612 3040 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:05:45.0629 3040 mouclass - ok 20:05:45.0819 3040 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:05:45.0852 3040 mouhid - ok 20:05:45.0905 3040 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 20:05:45.0930 3040 mountmgr - ok 20:05:45.0983 3040 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 20:05:46.0024 3040 mpio - ok 20:05:46.0067 3040 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:05:46.0128 3040 mpsdrv - ok 20:05:46.0213 3040 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 20:05:46.0302 3040 MpsSvc - ok 20:05:46.0350 3040 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 20:05:46.0396 3040 MRxDAV - ok 20:05:46.0453 3040 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:05:46.0518 3040 mrxsmb - ok 20:05:46.0582 3040 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:05:46.0629 3040 mrxsmb10 - ok 20:05:46.0804 3040 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:05:46.0838 3040 mrxsmb20 - ok 20:05:46.0881 3040 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 20:05:46.0898 3040 msahci - ok 20:05:46.0948 3040 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 20:05:46.0970 3040 msdsm - ok 20:05:47.0021 3040 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:05:47.0066 3040 MSDTC - ok 20:05:47.0135 3040 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:05:47.0186 3040 Msfs - ok 20:05:47.0253 3040 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:05:47.0320 3040 mshidkmdf - ok 20:05:47.0355 3040 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 20:05:47.0369 3040 msisadrv - ok 20:05:47.0438 3040 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:05:47.0510 3040 MSiSCSI - ok 20:05:47.0528 3040 msiserver - ok 20:05:47.0577 3040 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:05:47.0636 3040 MSKSSRV - ok 20:05:47.0844 3040 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:05:47.0905 3040 MSPCLOCK - ok 20:05:47.0944 3040 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:05:48.0003 3040 MSPQM - ok 20:05:48.0058 3040 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 20:05:48.0091 3040 MsRPC - ok 20:05:48.0145 3040 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 20:05:48.0160 3040 mssmbios - ok 20:05:48.0207 3040 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:05:48.0272 3040 MSTEE - ok 20:05:48.0301 3040 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:05:48.0337 3040 MTConfig - ok 20:05:48.0376 3040 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:05:48.0395 3040 Mup - ok 20:05:48.0456 3040 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 20:05:48.0539 3040 napagent - ok 20:05:48.0600 3040 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:05:48.0667 3040 NativeWifiP - ok 20:05:48.0970 3040 NBService (2637f26312ecceeb6f110e95f1ece243) C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe 20:05:49.0047 3040 NBService ( UnsignedFile.Multi.Generic ) - warning 20:05:49.0047 3040 NBService - detected UnsignedFile.Multi.Generic (1) 20:05:49.0138 3040 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 20:05:49.0199 3040 NDIS - ok 20:05:49.0250 3040 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:05:49.0312 3040 NdisCap - ok 20:05:49.0364 3040 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:05:49.0424 3040 NdisTapi - ok 20:05:49.0474 3040 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 20:05:49.0531 3040 Ndisuio - ok 20:05:49.0581 3040 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 20:05:49.0650 3040 NdisWan - ok 20:05:49.0825 3040 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 20:05:49.0874 3040 NDProxy - ok 20:05:49.0939 3040 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:05:50.0000 3040 NetBIOS - ok 20:05:50.0056 3040 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 20:05:50.0141 3040 NetBT - ok 20:05:50.0175 3040 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:05:50.0200 3040 Netlogon - ok 20:05:50.0269 3040 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:05:50.0352 3040 Netman - ok 20:05:50.0424 3040 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:05:50.0514 3040 netprofm - ok 20:05:50.0635 3040 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:05:50.0663 3040 NetTcpPortSharing - ok 20:05:50.0832 3040 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:05:50.0847 3040 nfrd960 - ok 20:05:50.0920 3040 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 20:05:50.0995 3040 NlaSvc - ok 20:05:51.0043 3040 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:05:51.0093 3040 Npfs - ok 20:05:51.0139 3040 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:05:51.0215 3040 nsi - ok 20:05:51.0250 3040 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:05:51.0308 3040 nsiproxy - ok 20:05:51.0446 3040 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 20:05:51.0577 3040 Ntfs - ok 20:05:51.0835 3040 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:05:51.0899 3040 Null - ok 20:05:51.0977 3040 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 20:05:52.0028 3040 NVENETFD - ok 20:05:52.0650 3040 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:05:53.0234 3040 nvlddmkm - ok 20:05:53.0412 3040 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys 20:05:53.0456 3040 NVNET - ok 20:05:53.0500 3040 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 20:05:53.0530 3040 nvraid - ok 20:05:53.0589 3040 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 20:05:53.0608 3040 nvstor - ok 20:05:53.0654 3040 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 20:05:53.0810 3040 nv_agp - ok 20:05:53.0860 3040 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 20:05:53.0895 3040 ohci1394 - ok 20:05:53.0956 3040 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:05:54.0030 3040 p2pimsvc - ok 20:05:54.0086 3040 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:05:54.0130 3040 p2psvc - ok 20:05:54.0173 3040 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:05:54.0207 3040 Parport - ok 20:05:54.0250 3040 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 20:05:54.0272 3040 partmgr - ok 20:05:54.0316 3040 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:05:54.0374 3040 PcaSvc - ok 20:05:54.0421 3040 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 20:05:54.0447 3040 pci - ok 20:05:54.0494 3040 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 20:05:54.0507 3040 pciide - ok 20:05:54.0556 3040 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:05:54.0591 3040 pcmcia - ok 20:05:54.0626 3040 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:05:54.0641 3040 pcw - ok 20:05:54.0830 3040 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:05:54.0928 3040 PEAUTH - ok 20:05:55.0020 3040 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 20:05:55.0163 3040 PeerDistSvc - ok 20:05:55.0258 3040 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:05:55.0301 3040 PerfHost - ok 20:05:55.0486 3040 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 20:05:55.0604 3040 pla - ok 20:05:55.0860 3040 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 20:05:55.0952 3040 PlugPlay - ok 20:05:55.0984 3040 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:05:56.0011 3040 PNRPAutoReg - ok 20:05:56.0051 3040 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:05:56.0079 3040 PNRPsvc - ok 20:05:56.0174 3040 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 20:05:56.0197 3040 Point64 - ok 20:05:56.0268 3040 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 20:05:56.0353 3040 PolicyAgent - ok 20:05:56.0419 3040 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:05:56.0499 3040 Power - ok 20:05:56.0563 3040 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 20:05:56.0632 3040 PptpMiniport - ok 20:05:56.0805 3040 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:05:56.0845 3040 Processor - ok 20:05:56.0907 3040 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 20:05:56.0982 3040 ProfSvc - ok 20:05:57.0022 3040 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:05:57.0056 3040 ProtectedStorage - ok 20:05:57.0113 3040 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 20:05:57.0193 3040 Psched - ok 20:05:57.0342 3040 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:05:57.0438 3040 ql2300 - ok 20:05:57.0571 3040 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:05:57.0590 3040 ql40xx - ok 20:05:57.0643 3040 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:05:57.0833 3040 QWAVE - ok 20:05:57.0869 3040 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:05:57.0915 3040 QWAVEdrv - ok 20:05:57.0958 3040 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:05:58.0024 3040 RasAcd - ok 20:05:58.0071 3040 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:05:58.0128 3040 RasAgileVpn - ok 20:05:58.0170 3040 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:05:58.0247 3040 RasAuto - ok 20:05:58.0306 3040 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:05:58.0389 3040 Rasl2tp - ok 20:05:58.0444 3040 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 20:05:58.0523 3040 RasMan - ok 20:05:58.0571 3040 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:05:58.0627 3040 RasPppoe - ok 20:05:58.0820 3040 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:05:58.0931 3040 RasSstp - ok 20:05:58.0994 3040 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 20:05:59.0071 3040 rdbss - ok 20:05:59.0109 3040 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:05:59.0151 3040 rdpbus - ok 20:05:59.0179 3040 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:05:59.0246 3040 RDPCDD - ok 20:05:59.0302 3040 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 20:05:59.0348 3040 RDPDR - ok 20:05:59.0389 3040 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:05:59.0450 3040 RDPENCDD - ok 20:05:59.0496 3040 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:05:59.0545 3040 RDPREFMP - ok 20:05:59.0621 3040 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 20:05:59.0667 3040 RdpVideoMiniport - ok 20:05:59.0845 3040 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 20:05:59.0907 3040 RDPWD - ok 20:05:59.0965 3040 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 20:05:59.0994 3040 rdyboost - ok 20:06:00.0038 3040 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:06:00.0114 3040 RemoteAccess - ok 20:06:00.0164 3040 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:06:00.0246 3040 RemoteRegistry - ok 20:06:00.0299 3040 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:06:00.0373 3040 RpcEptMapper - ok 20:06:00.0416 3040 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:06:00.0453 3040 RpcLocator - ok 20:06:00.0519 3040 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:06:00.0578 3040 RpcSs - ok 20:06:00.0636 3040 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:06:00.0820 3040 rspndr - ok 20:06:00.0868 3040 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 20:06:00.0912 3040 s3cap - ok 20:06:00.0955 3040 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:06:00.0978 3040 SamSs - ok 20:06:01.0016 3040 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 20:06:01.0036 3040 sbp2port - ok 20:06:01.0083 3040 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:06:01.0165 3040 SCardSvr - ok 20:06:01.0220 3040 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 20:06:01.0280 3040 scfilter - ok 20:06:01.0380 3040 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 20:06:01.0523 3040 Schedule - ok 20:06:01.0575 3040 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:06:01.0625 3040 SCPolicySvc - ok 20:06:01.0806 3040 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 20:06:01.0866 3040 SDRSVC - ok 20:06:01.0943 3040 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:06:01.0998 3040 secdrv - ok 20:06:02.0038 3040 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 20:06:02.0087 3040 seclogon - ok 20:06:02.0126 3040 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 20:06:02.0181 3040 SENS - ok 20:06:02.0219 3040 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:06:02.0271 3040 SensrSvc - ok 20:06:02.0296 3040 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:06:02.0338 3040 Serenum - ok 20:06:02.0380 3040 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:06:02.0409 3040 Serial - ok 20:06:02.0447 3040 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:06:02.0499 3040 sermouse - ok 20:06:02.0572 3040 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 20:06:02.0644 3040 SessionEnv - ok 20:06:02.0815 3040 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 20:06:02.0869 3040 sffdisk - ok 20:06:02.0905 3040 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 20:06:02.0938 3040 sffp_mmc - ok 20:06:02.0970 3040 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 20:06:03.0013 3040 sffp_sd - ok 20:06:03.0053 3040 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:06:03.0099 3040 sfloppy - ok 20:06:03.0153 3040 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:06:03.0241 3040 SharedAccess - ok 20:06:03.0296 3040 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 20:06:03.0382 3040 ShellHWDetection - ok 20:06:03.0432 3040 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:06:03.0457 3040 SiSRaid2 - ok 20:06:03.0478 3040 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:06:03.0497 3040 SiSRaid4 - ok 20:06:03.0553 3040 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:06:03.0639 3040 Smb - ok 20:06:03.0835 3040 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:06:03.0883 3040 SNMPTRAP - ok 20:06:03.0910 3040 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:06:03.0923 3040 spldr - ok 20:06:03.0991 3040 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 20:06:04.0060 3040 Spooler - ok 20:06:04.0258 3040 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 20:06:04.0472 3040 sppsvc - ok 20:06:04.0569 3040 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:06:04.0633 3040 sppuinotify - ok 20:06:04.0853 3040 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 20:06:04.0922 3040 srv - ok 20:06:04.0979 3040 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 20:06:05.0024 3040 srv2 - ok 20:06:05.0071 3040 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 20:06:05.0108 3040 srvnet - ok 20:06:05.0171 3040 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys 20:06:05.0229 3040 ssadbus - ok 20:06:05.0284 3040 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys 20:06:05.0335 3040 ssadmdfl - ok 20:06:05.0400 3040 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys 20:06:05.0451 3040 ssadmdm - ok 20:06:05.0508 3040 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:06:05.0592 3040 SSDPSRV - ok 20:06:05.0643 3040 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:06:05.0825 3040 SstpSvc - ok 20:06:05.0873 3040 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:06:05.0887 3040 stexstor - ok 20:06:05.0960 3040 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 20:06:06.0026 3040 stisvc - ok 20:06:06.0084 3040 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 20:06:06.0099 3040 storflt - ok 20:06:06.0137 3040 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 20:06:06.0152 3040 storvsc - ok 20:06:06.0180 3040 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 20:06:06.0208 3040 swenum - ok 20:06:06.0275 3040 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:06:06.0366 3040 swprv - ok 20:06:06.0404 3040 Synth3dVsc - ok 20:06:06.0532 3040 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 20:06:06.0812 3040 SysMain - ok 20:06:06.0926 3040 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 20:06:06.0975 3040 TabletInputService - ok 20:06:07.0024 3040 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 20:06:07.0106 3040 TapiSrv - ok 20:06:07.0147 3040 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:06:07.0222 3040 TBS - ok 20:06:07.0395 3040 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 20:06:07.0497 3040 Tcpip - ok 20:06:07.0897 3040 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 20:06:07.0982 3040 TCPIP6 - ok 20:06:08.0142 3040 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 20:06:08.0210 3040 tcpipreg - ok 20:06:08.0261 3040 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:06:08.0307 3040 TDPIPE - ok 20:06:08.0355 3040 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 20:06:08.0390 3040 TDTCP - ok 20:06:08.0458 3040 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 20:06:08.0519 3040 tdx - ok 20:06:08.0577 3040 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 20:06:08.0599 3040 TermDD - ok 20:06:08.0803 3040 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 20:06:08.0896 3040 TermService - ok 20:06:08.0936 3040 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:06:08.0980 3040 Themes - ok 20:06:09.0027 3040 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:06:09.0080 3040 THREADORDER - ok 20:06:09.0148 3040 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:06:09.0234 3040 TrkWks - ok 20:06:09.0311 3040 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 20:06:09.0392 3040 TrustedInstaller - ok 20:06:09.0443 3040 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:06:09.0509 3040 tssecsrv - ok 20:06:09.0559 3040 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 20:06:09.0609 3040 TsUsbFlt - ok 20:06:09.0626 3040 tsusbhub - ok 20:06:09.0817 3040 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 20:06:09.0892 3040 tunnel - ok 20:06:09.0933 3040 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:06:09.0952 3040 uagp35 - ok 20:06:10.0010 3040 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 20:06:10.0085 3040 udfs - ok 20:06:10.0142 3040 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:06:10.0184 3040 UI0Detect - ok 20:06:10.0230 3040 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 20:06:10.0247 3040 uliagpkx - ok 20:06:10.0297 3040 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 20:06:10.0340 3040 umbus - ok 20:06:10.0380 3040 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:06:10.0421 3040 UmPass - ok 20:06:10.0467 3040 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 20:06:10.0520 3040 UmRdpService - ok 20:06:10.0576 3040 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:06:10.0661 3040 upnphost - ok 20:06:10.0849 3040 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 20:06:10.0895 3040 usbccgp - ok 20:06:10.0937 3040 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 20:06:10.0978 3040 usbcir - ok 20:06:11.0026 3040 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 20:06:11.0053 3040 usbehci - ok 20:06:11.0119 3040 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 20:06:11.0159 3040 usbhub - ok 20:06:11.0204 3040 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 20:06:11.0246 3040 usbohci - ok 20:06:11.0290 3040 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:06:11.0338 3040 usbprint - ok 20:06:11.0390 3040 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:06:11.0435 3040 USBSTOR - ok 20:06:11.0477 3040 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 20:06:11.0519 3040 usbuhci - ok 20:06:11.0561 3040 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:06:11.0642 3040 UxSms - ok 20:06:11.0801 3040 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:06:11.0827 3040 VaultSvc - ok 20:06:11.0901 3040 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 20:06:11.0916 3040 vdrvroot - ok 20:06:11.0991 3040 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 20:06:12.0068 3040 vds - ok 20:06:12.0132 3040 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:06:12.0163 3040 vga - ok 20:06:12.0201 3040 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:06:12.0267 3040 VgaSave - ok 20:06:12.0295 3040 VGPU - ok 20:06:12.0357 3040 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 20:06:12.0384 3040 vhdmp - ok 20:06:12.0424 3040 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 20:06:12.0439 3040 viaide - ok 20:06:12.0492 3040 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 20:06:12.0526 3040 vmbus - ok 20:06:12.0569 3040 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 20:06:12.0605 3040 VMBusHID - ok 20:06:12.0648 3040 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 20:06:12.0664 3040 volmgr - ok 20:06:12.0857 3040 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 20:06:12.0888 3040 volmgrx - ok 20:06:12.0940 3040 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 20:06:12.0986 3040 volsnap - ok 20:06:13.0030 3040 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:06:13.0058 3040 vsmraid - ok 20:06:13.0175 3040 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 20:06:13.0305 3040 VSS - ok 20:06:13.0456 3040 VST64HWBS2 (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS 20:06:13.0511 3040 VST64HWBS2 - ok 20:06:13.0623 3040 VST64_DPV (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 20:06:13.0842 3040 VST64_DPV - ok 20:06:13.0967 3040 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 20:06:14.0018 3040 vwifibus - ok 20:06:14.0090 3040 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:06:14.0159 3040 W32Time - ok 20:06:14.0208 3040 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:06:14.0250 3040 WacomPen - ok 20:06:14.0318 3040 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:06:14.0395 3040 WANARP - ok 20:06:14.0419 3040 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:06:14.0472 3040 Wanarpv6 - ok 20:06:14.0578 3040 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 20:06:14.0657 3040 WatAdminSvc - ok 20:06:14.0898 3040 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 20:06:14.0998 3040 wbengine - ok 20:06:15.0108 3040 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:06:15.0154 3040 WbioSrvc - ok 20:06:15.0210 3040 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 20:06:15.0272 3040 wcncsvc - ok 20:06:15.0318 3040 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:06:15.0355 3040 WcsPlugInService - ok 20:06:15.0417 3040 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:06:15.0432 3040 Wd - ok 20:06:15.0489 3040 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:06:15.0529 3040 Wdf01000 - ok 20:06:15.0564 3040 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:06:15.0814 3040 WdiServiceHost - ok 20:06:15.0830 3040 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:06:15.0867 3040 WdiSystemHost - ok 20:06:15.0921 3040 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 20:06:15.0984 3040 WebClient - ok 20:06:16.0039 3040 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:06:16.0119 3040 Wecsvc - ok 20:06:16.0171 3040 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:06:16.0248 3040 wercplsupport - ok 20:06:16.0295 3040 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:06:16.0353 3040 WerSvc - ok 20:06:16.0433 3040 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:06:16.0494 3040 WfpLwf - ok 20:06:16.0529 3040 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:06:16.0543 3040 WIMMount - ok 20:06:16.0614 3040 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 20:06:16.0819 3040 winachsf - ok 20:06:16.0885 3040 WinDefend - ok 20:06:16.0919 3040 WinHttpAutoProxySvc - ok 20:06:17.0003 3040 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:06:17.0083 3040 Winmgmt - ok 20:06:17.0224 3040 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 20:06:17.0353 3040 WinRM - ok 20:06:17.0533 3040 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 20:06:17.0577 3040 WinUSB - ok 20:06:17.0652 3040 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:06:17.0861 3040 Wlansvc - ok 20:06:17.0903 3040 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 20:06:17.0947 3040 WmiAcpi - ok 20:06:18.0036 3040 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:06:18.0121 3040 wmiApSrv - ok 20:06:18.0192 3040 WMPNetworkSvc - ok 20:06:18.0324 3040 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe 20:06:18.0357 3040 WMZuneComm - ok 20:06:18.0405 3040 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:06:18.0443 3040 WPCSvc - ok 20:06:18.0489 3040 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 20:06:18.0544 3040 WPDBusEnum - ok 20:06:18.0584 3040 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:06:18.0655 3040 ws2ifsl - ok 20:06:18.0827 3040 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 20:06:18.0881 3040 wscsvc - ok 20:06:18.0900 3040 WSearch - ok 20:06:19.0042 3040 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 20:06:19.0183 3040 wuauserv - ok 20:06:19.0333 3040 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 20:06:19.0423 3040 WudfPf - ok 20:06:19.0481 3040 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:06:19.0549 3040 WUDFRd - ok 20:06:19.0601 3040 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 20:06:19.0656 3040 wudfsvc - ok 20:06:19.0828 3040 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:06:19.0890 3040 WwanSvc - ok 20:06:19.0934 3040 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 20:06:19.0970 3040 XAudio - ok 20:06:20.0473 3040 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe 20:06:20.0951 3040 ZuneNetworkSvc - ok 20:06:21.0105 3040 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 20:06:21.0158 3040 ZuneWlanCfgSvc - ok 20:06:21.0216 3040 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:06:21.0304 3040 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 20:06:21.0304 3040 \Device\Harddisk0\DR0 - detected TDSS File System (1) 20:06:21.0319 3040 Boot (0x1200) (e376c8c4ab5392a4ccea97eea69739cf) \Device\Harddisk0\DR0\Partition0 20:06:21.0321 3040 \Device\Harddisk0\DR0\Partition0 - ok 20:06:21.0364 3040 Boot (0x1200) (e15b387fcd9cf3b3c1ddd29343943c59) \Device\Harddisk0\DR0\Partition1 20:06:21.0365 3040 \Device\Harddisk0\DR0\Partition1 - ok 20:06:21.0371 3040 ============================================================ 20:06:21.0371 3040 Scan finished 20:06:21.0371 3040 ============================================================ 20:06:21.0397 1520 Detected object count: 2 20:06:21.0397 1520 Actual detected object count: 2 20:12:20.0863 1520 NBService ( UnsignedFile.Multi.Generic ) - skipped by user 20:12:20.0863 1520 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:12:20.0920 1520 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine 20:12:20.0922 1520 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine 20:12:20.0923 1520 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine 20:12:20.0932 1520 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 20:12:20.0934 1520 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 20:12:20.0937 1520 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 20:12:20.0940 1520 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 20:12:20.0950 1520 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 20:12:20.0956 1520 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 20:12:20.0963 1520 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 20:12:20.0992 1520 \Device\Harddisk0\DR0\TDLFS\sspr - copied to quarantine 20:12:20.0997 1520 \Device\Harddisk0\DR0\TDLFS\r.dll - copied to quarantine 20:12:20.0998 1520 \Device\Harddisk0\DR0\TDLFS - deleted 20:12:20.0998 1520 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete 20:13:26.0388 0384 Deinitialize success
  20. PaperBoy68
    Deleted the 6 HJ registry entries. Thank you.
  21. PaperBoy68
    RK log: RogueKiller V7.3.3 [04/22/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Scott [Admin rights] Mode: Scan -- Date: 04/24/2012 19:43:53 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 6 ¤¤¤ [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowVideos (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST312021 3AS SCSI Disk Device +++++ --- User --- [MBR] e1ca38b1a169bd73b3f87feefdefc78b [bSP] 66ea49a97b20ef3eecde3787a2414395 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 106068 Mo 1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 217244160 | Size: 8394 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt
  22. PaperBoy68
    Thank you MrCharlie, for repying to my post. Here are the DDS logs: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Scott at 19:21:21 on 2012-04-24 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1471.830 [GMT -5:00] . AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Nero\Nero 7\Nero PhotoShow 4\data\Xtras\mssysmgr.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [Nero PhotoShow Media Manager] C:\PROGRA~2\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Scott\Desktop\PartyPoker.lnk DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces\{B11A958E-3007-46C8-AE62-BEC6BF778EB7} : DhcpNameServer = 192.168.0.1 205.171.3.25 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" IE-X64: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Scott\Desktop\PartyPoker.lnk . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\p64mlj5p.default\ FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-9 654408] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-8-10 227184] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 CAXHWBS2;CAXHWBS2;C:\Windows\system32\DRIVERS\CAXHWBS2.sys --> C:\Windows\system32\DRIVERS\CAXHWBS2.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-10-24 2391832] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-15 253088] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] . =============== Created Last 30 ================ . 2012-04-21 12:55:20 -------- d-----w- C:\Users\Scott\AppData\Local\ElevatedDiagnostics 2012-04-15 09:50:03 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-12 08:36:09 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-04-12 08:36:08 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-04-12 08:36:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-12 08:35:23 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-12 08:35:22 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-12 08:35:22 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-12 08:35:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-12 08:35:21 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-12 08:35:21 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-12 08:35:21 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-11 13:24:42 -------- d-----w- C:\Users\Scott\AppData\Local\Apps 2012-04-11 13:21:27 -------- d-----w- C:\Users\Scott\AppData\Roaming\FastStone 2012-04-11 13:20:17 -------- d-----w- C:\Program Files (x86)\FastStone Image Viewer . ==================== Find3M ==================== . 2012-04-15 09:50:03 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-20 15:16:39 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-02-17 06:38:27 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-16 11:53:00 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-02-16 11:53:00 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-02-16 11:53:00 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-02-16 11:53:00 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 19:22:28.13 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 11/24/2011 6:09:51 AM System Uptime: 4/24/2012 6:38:33 PM (1 hours ago) . Motherboard: ASUSTek Computer INC. | | NAGAMI2L Processor: AMD Athlon 64 Processor 3500+ | Socket 939 | 2200/199mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 104 GiB total, 77.022 GiB free. D: is FIXED (FAT32) - 8 GiB total, 0.479 GiB free. E: is CDROM () F: is CDROM () G: is Removable H: is Removable I: is Removable J: is Removable K: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\AWY0001\2&DABA3FF&1 Manufacturer: Name: PNP Device ID: ACPI\AWY0001\2&DABA3FF&1 Service: . ==== System Restore Points =================== . RP51: 4/12/2012 3:32:17 AM - Windows Update RP52: 4/12/2012 10:02:46 PM - Windows Update RP53: 4/14/2012 11:26:07 PM - Installed HiJackThis RP54: 4/15/2012 1:39:56 AM - Installed HiJackThis RP55: 4/24/2012 4:03:33 AM - Removed HiJackThis RP56: 4/24/2012 4:08:10 AM - Installed HiJackThis RP57: 4/24/2012 4:42:11 AM - Removed HiJackThis . ==== Installed Programs ====================== . Adobe AIR Adobe Reader X (10.1.3) Adobe Shockwave Player 11.6 Auslogics Disk Defrag DVD Shrink 3.2 FastStone Image Viewer 4.6 Java Auto Updater Java 6 Update 31 K-Lite Codec Pack 7.0.0 (Standard) LG USB Modem Driver Macromedia Flash Player 8 Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MotoHelper 2.0.53 Driver 5.2.0 MotoHelper MergeModules Mozilla Firefox 11.0 (x86 en-US) MP3 Rocket MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Ultra Edition Nero PhotoShow Express 4 OpenAL PartyPoker Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) swMSM Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual Studio 2008 x64 Redistributables VLC media player 1.1.11 . ==== Event Viewer Messages From Past Week ======== . 4/23/2012 3:43:40 PM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=32) while initializing logging resources for channel Microsoft-Windows-Known Folders API Service. 4/22/2012 6:13:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED} 4/22/2012 6:13:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect. 4/22/2012 6:13:12 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 4/19/2012 5:40:37 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 4/19/2012 5:40:37 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. . ==== End Of File =========================== Thank you for your assistance.
  23. PaperBoy68
    For the last two weeks I've been getting pop-up's that say "Authentication Requested". It asks for a user name and password. It says the request is coming from "AxView". I always close the window but it keeps coming back. Have run multiple scans with MBAM with no detections. (HJT logfile attached) Please advise. Thank You.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.