cordelia

I ran the registry edit (pasted correctly, including REGEDIT4) and it definitely did not go well...I rebooting my computer and all the icons on the taskbar were blank, my wireless internet didn't work and all my files on both the Desktop and My Documents were completely gone. I needed my computer today so I decided to go ahead and run system restore. I had a restore point (after running ComboFix and everything) so it was no big deal, but I'm not sure what my plan of action should be now.

I ran ComboFix and it claimed to have found the ZeroAccess rootkit. Now computer is running quite a bit faster and despite MalwareBytes protection running again, I haven't noticed any rootkit warnings yet. Here's my log: ComboFix 12-05-03.03 - Sophia 03/05/2012 23:45:16.1.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.350 [GMT -7:00] Running from: c:\users\Sophia\Desktop\ComboFix.exe AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\JByNm7Ot.exe c:\users\Jonas\AppData\Roaming\.# c:\windows\$NtUninstallKB44522$\503164951\@ c:\windows\$NtUninstallKB44522$\503164951\cfg.ini c:\windows\$NtUninstallKB44522$\503164951\Desktop.ini c:\windows\$NtUninstallKB44522$\503164951\L\xadqgnnk c:\windows\$NtUninstallKB44522$\503164951\oemid c:\windows\$NtUninstallKB44522$\503164951\U\00000001.@ c:\windows\$NtUninstallKB44522$\503164951\U\00000002.@ c:\windows\$NtUninstallKB44522$\503164951\U\00000004.@ c:\windows\$NtUninstallKB44522$\503164951\U\80000000.@ c:\windows\$NtUninstallKB44522$\503164951\U\80000004.@ c:\windows\$NtUninstallKB44522$\503164951\U\80000032.@ c:\windows\$NtUninstallKB44522$\503164951\version c:\windows\$NtUninstallKB44522$\880855060 c:\windows\system32\actser.dll c:\windows\system32\amfilter.dll c:\windows\system32\AR5523.dll c:\windows\system32\artourservice.dll c:\windows\system32\atinrvxx.dll c:\windows\system32\dds_trash_log.cmd c:\windows\system32\DXEC02.dll c:\windows\system32\ipnat.dll c:\windows\system32\ipsecmon.dll c:\windows\system32\modemcsa.dll c:\windows\system32\nfmservice.dll c:\windows\system32\nsm1bus.dll c:\windows\system32\oracle_load_balancer_60_client-forms6i.dll c:\windows\system32\pcradminserver.dll c:\windows\system32\quickbooksdb.dll c:\windows\system32\Slpsvdr.dll c:\windows\system32\smserial.dll c:\windows\system32\snoopfreesvc.dll c:\windows\system32\Thumbs.db c:\windows\system32\usbio.dll c:\windows\system32\vrmonsvc.dll c:\windows\system32\zpnodecollector.dll c:\windows\Tasks\At1.job c:\windows\Tasks\At10.job c:\windows\Tasks\At12.job c:\windows\$NtUninstallKB44522$ . . . . Failed to delete . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_SaiMini -------\Service_kpf4 . . ((((((((((((((((((((((((( Files Created from 2012-04-04 to 2012-05-04 ))))))))))))))))))))))))))))))) . . 2012-05-04 07:10 . 2012-05-04 07:10 -------- d-----w- c:\users\Jonas\AppData\Local\temp 2012-05-04 07:10 . 2012-05-04 07:13 -------- d-----w- c:\users\Sophia\AppData\Local\temp 2012-05-04 07:10 . 2012-05-04 07:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-04 06:58 . 2012-05-04 06:58 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38BC171E-8AC5-4F99-8E67-A1C16FBA402C}\offreg.dll 2012-05-03 16:35 . 2012-05-03 16:35 -------- d-----w- c:\users\Sophia\Pavark 2012-05-03 16:33 . 2012-05-04 04:20 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-05-03 16:33 . 2012-05-03 16:50 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-05-01 06:32 . 2012-05-01 06:32 388096 ----a-r- c:\users\Sophia\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-01 06:32 . 2012-05-01 06:32 -------- d-----w- c:\program files\Trend Micro 2012-04-30 06:37 . 2012-04-30 06:37 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-30 05:54 . 2012-04-30 05:54 -------- d-----w- c:\users\Sophia\AppData\Roaming\Malwarebytes 2012-04-30 05:53 . 2012-04-30 05:53 -------- d-----w- c:\programdata\Malwarebytes 2012-04-30 05:53 . 2012-04-04 22:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-30 05:53 . 2012-04-30 05:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-30 04:19 . 2012-02-24 17:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-04-30 04:19 . 2012-05-01 03:03 -------- d-----w- c:\program files\Common Files\PC Tools 2012-04-30 04:19 . 2012-04-30 06:25 -------- d-----w- c:\program files\PC Tools 2012-04-30 04:15 . 2012-05-01 02:55 -------- d-----w- c:\programdata\PC Tools 2012-04-30 04:15 . 2012-04-30 04:15 -------- d-----w- c:\users\Sophia\AppData\Roaming\TestApp 2012-04-30 03:49 . 2012-04-30 07:19 -------- d-----w- c:\program files\Common Files\Media 2012-04-30 03:49 . 2012-04-30 06:22 -------- d-----w- c:\programdata\F4D55F0200049ADC0021DE69A60145BE 2012-04-27 21:01 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38BC171E-8AC5-4F99-8E67-A1C16FBA402C}\mpengine.dll 2012-04-11 14:13 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-11 14:13 . 2012-03-01 05:49 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-04-11 14:13 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-11 14:13 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-11 14:12 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-11 14:12 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-06 20:48 . 2012-04-06 20:48 -------- d-----w- c:\users\Sophia\AppData\Roaming\OpenOffice.org . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-30 06:37 . 2012-01-08 01:51 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-05 04:39 . 2010-05-16 23:19 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-03 00:00 . 2012-03-31 23:06 197120 ----a-w- c:\windows\system32\bzpdf.dll 2012-02-23 17:18 . 2009-12-07 00:30 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-22 07:30 . 2012-02-22 07:30 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-02-22 07:30 . 2012-02-22 07:30 161792 ----a-w- c:\windows\system32\msls31.dll 2012-02-22 07:30 . 2012-02-22 07:30 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-02-22 07:30 . 2012-02-22 07:30 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-02-22 07:30 . 2012-02-22 07:30 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-02-22 07:30 . 2012-02-22 07:30 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-02-22 07:30 . 2012-02-22 07:30 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-02-22 07:30 . 2012-02-22 07:30 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-02-22 07:30 . 2012-02-22 07:30 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-02-22 07:30 . 2012-02-22 07:30 367104 ----a-w- c:\windows\system32\html.iec 2012-02-22 07:30 . 2012-02-22 07:30 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-02-22 07:30 . 2012-02-22 07:30 152064 ----a-w- c:\windows\system32\wextract.exe 2012-02-22 07:30 . 2012-02-22 07:30 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-02-22 07:30 . 2012-02-22 07:30 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-02-22 07:30 . 2012-02-22 07:30 11776 ----a-w- c:\windows\system32\mshta.exe 2012-02-22 07:30 . 2012-02-22 07:30 101888 ----a-w- c:\windows\system32\admparse.dll 2012-02-22 07:30 . 2012-02-22 07:30 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-02-15 05:44 . 2012-03-13 21:56 826368 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-15 04:22 . 2012-03-13 21:56 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-15 04:22 . 2012-03-13 21:56 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 05:41 . 2012-03-13 21:58 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:41 . 2012-03-13 21:58 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-02-10 05:41 . 2012-03-13 21:58 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-02-10 05:41 . 2012-03-13 21:58 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-02-10 05:41 . 2012-03-13 21:58 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-02-07 18:02 . 2012-02-07 18:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-08-17 402608] "googletalk"="c:\users\Sophia\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240] "SuperHybridEngine"="AsusSender.exe" [2009-08-18 27648] "HotkeyService"="AsusSender.exe" [2009-08-18 27648] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-13 141600] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-10-26 74752] "EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2011-06-17 2510848] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . c:\users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . R1 etswtnjg;etswtnjg;c:\windows\system32\drivers\etswtnjg.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 133104] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 253088] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 133104] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2009-08-29 17408] R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at.sys [2009-10-15 80896] S1 aswSP;avast! Self Protection; [x] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-09 65584] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560] S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328] S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-14 249648] S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-20 394672] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . NETSVCS REQUIRES REPAIRS - current entries shown AeLookupSvc CertPropSvc SCPolicySvc lanmanserver gpsvc IKEEXT AudioSrv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp vnxservice ESDCR rootmodem pinnacleupdatesvc usbbus SWUMX20 InCDsrvR wandrv sweepsrv.sys EPOWER ROCKEYNT se44bus PDExchange tunmp oracleorahomepagingserver tbhsd UWProSys oracleorahomemanagementserver vwkernel avgarcln SRVLOC MRV6X32P ssm_mdm fallback cpsvc NsTrcNT dlcj_device USBMN1X1 asmagent KMW_KBD JavaQuickStarterService es1371 s716unic pgpsdkservice iviaspi pdcomp fasttraksvc ds1 rtl8185 oracleservicesecinst nHancer tpsrv LMouFilt mclogmanagerservice itmrtsvc bthidmgr qbposdbservices mr2kserv lusbaudio vaiomediaplatform-photoserver-appserver arkbcfltr nvsmu NIPALK si3114r nvstor32 websenserealtimeanalyzer winproxy JL2005C ftrtsvc agrsrvce bobo clipsrv MaVctrl tng-doba cypresslink lanusb WaveEnrollmentService PGPsdkDriver USB28xxOEM win32sl a016bus stllssvr SaiNtSub bgs_sdservice compaq_rba noipducservice ipsecmon ibmfilter pdiddcci retinaengine WaveFDE NVTCP sysmgmthp pnarp dpti2o ProcObsrv GT890x sscdmdm IOSLINK USBDeviceService DevUpper s716obex flashcom cmuda MKEMUSB umpusbxp AGV digictrl Epfwndis pacsptisvr nvrd32 stirusb WIBUKEY vmodem vc8secs netcfgsvr CE3 clientservice W700mgmt s716nd5 srtspx nuvaud2 mqdmbus procexp90 AlteraByteBlaster wencrservice wanatw asuskeyboardservice OneCareMP AX88772 viaagp1 nmap lvhidsvc TICalc smstsmgr persfw SecureStorageService SrvcEKIOMngr hpci oraclesnmppeerencapsulator tfsnpool SGIR surveyor tos_sps32 dbmanagerscheduler KLOGNT tme3srv beatjamupnpmusicserver szkg SeratoUsb CVPNDRVA Spsmqvsm s116obex arrayssl_vpn_service3,0,1,9 hcf_msft msfwsvc avg7updsvc klif se58unic videoacceleratorengine macformatservice transcode360 rpcnet bc_tdi_f adiloader WDM_YAMAHAAC97 kraidsvc sr netdevio cccredmgr LHidKe rismxdp ipahelper.exe wpsdrvnt winpppoverethernet NOWMEMDF acedrv05 prism_a02 btkrnl w200mgmt UMAXPCLS symndis DynDNS_Updater_Service mysql REVOSENS sshrmd nalntservice nimcdfxk RTSTOR AKSIFDH ctsfm2k webrootcommagentservice arcltsrv harmony mapserver6.3 cdvp nscirda bhmonitorservice iwebcal lxdm_device ftsata2 gv3 ntlmssp TermService wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr iphlpsvc seclogon AppInfo msiscsi MMCSS wercplsupport EapHost ProfSvc schedule hkmsvc SessionEnv winmgmt browser Themes BDESVC . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs . . Contents of the 'Scheduled Tasks' folder . 2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 06:37] . 2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 01:02] . 2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 01:02] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKLM-Run-Conime - c:\windows\system32\conime.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{22BF413B-C6D2-4D91-82A9-A0F997BA588C}"=hex:51,66,7a,6c,4c,1d,38,12,55,42,ac, 26,e0,88,ff,08,fd,bf,e3,b9,92,e4,1c,98 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce, 9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,38,12,47,fc,92, d7,c9,32,20,08,c6,3c,87,ad,d9,37,22,00 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:72,db,ec,c7,87,26,cd,01 . [HKEY_USERS\S-1-5-21-525104032-3259978678-3439254954-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-525104032-3259978678-3439254954-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(5356) c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Citrix\ICA Client\ssonsvr.exe c:\windows\system32\conhost.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\windows\system32\igfxsrvc.exe c:\program files\Citrix\ICA Client\WFCRUN32.EXE c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe c:\program files\EeePC\HotkeyService\HotKeyMon.exe c:\program files\Citrix\ICA Client\PNAMAIN.EXE c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe c:\windows\system32\sppsvc.exe c:\windows\system32\AsusSender.exe c:\windows\system32\AsusSender.exe c:\windows\system32\AsusSender.exe c:\windows\system32\AsusSender.exe . ************************************************************************** . Completion time: 2012-05-04 00:25:26 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-04 07:25 . Pre-Run: 24,468,480,000 bytes free Post-Run: 23,787,503,616 bytes free . - - End Of File - - ADBCEFF9FF8607308FA30BBEA94F67DB Thank you!

Here's attach.txt. Sorry for the multiple posts. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Starter Boot Device: \Device\HarddiskVolume1 Install Date: 06/12/2009 2:01:09 PM System Uptime: 01/05/2012 7:58:16 PM (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | 1005HA Processor: Intel® Atom CPU N270 @ 1.60GHz | PBGA 437 | 1600/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 100 GiB total, 18.867 GiB free. D: is FIXED (NTFS) - 123 GiB total, 90.42 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 7-Zip 9.20 AC3Filter 1.63b Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.4.6 MUI aioprnt aioscnnr Alice Greenfingers AMCap Apple Application Support Apple Mobile Device Support Apple Software Update ASUSUpdate for Eee PC AsusVibe2.0 AsusVibeCheckUpdate Atheros Client Installation Program Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver avast! Antivirus Bass Audio Decoder (remove only) Bing Bar Bonjour Bullzip PDF Printer 8.2.0.1394 CD Audio Reader Filter (remove only) center Chicken Invaders 2 Citrix online plug-in Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (PNA) Citrix online plug-in (SSON) Citrix online plug-in (USB) Citrix online plug-in (Web) Citrix Web Client Compatibility Pack for the 2007 Office system D3DX10 DCoder Image Source (remove only) DirectVobSub (remove only) Dream Day Wedding Married in Manhattan DScaler 5 Mpeg Decoders E-Cam Eee Docking 2.4.0 EeeSplendid essentials ffdshow v1.1.3966 [2011-08-09] FFMPEG Core Files (remove only) FontResizer Gabest MPEG Splitter (remove only) GamePark Console Google Chrome Google Talk (remove only) Google Toolbar for Internet Explorer Google Update Helper Haali Media Splitter HiJackThis Hotkey Service Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 6 Update 22 Junk Mail filter update Kodak AIO Printer KODAK AiO Software Last.fm 1.5.4.27091 LAV Filters (remove only) LocaleMe Malwarebytes Anti-Malware version 1.61.0.1400 Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft IntelliPoint 8.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Access MUI (French) 2007 Microsoft Office Access MUI (German) 2007 Microsoft Office Access MUI (Italian) 2007 Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office Excel MUI (Italian) 2007 Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office Groove MUI (French) 2007 Microsoft Office Groove MUI (German) 2007 Microsoft Office Groove MUI (Italian) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office InfoPath MUI (German) 2007 Microsoft Office InfoPath MUI (Italian) 2007 Microsoft Office Language Pack 2007 - Dutch/Nederlands Microsoft Office Language Pack 2007 - French/Français Microsoft Office Language Pack 2007 - German/Deutsch Microsoft Office Language Pack 2007 - Italian/Italiano Microsoft Office Live Add-in 1.3 Microsoft Office O MUI (Dutch) 2007 Microsoft Office O MUI (French) 2007 Microsoft Office O MUI (German) 2007 Microsoft Office O MUI (Italian) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office OneNote MUI (French) 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office OneNote MUI (Italian) 2007 Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office Outlook MUI (Italian) 2007 Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office PowerPoint MUI (Italian) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing (Italian) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Publisher MUI (German) 2007 Microsoft Office Publisher MUI (Italian) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Shared MUI (Italian) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office SharePoint Designer MUI (Dutch) 2007 Microsoft Office SharePoint Designer MUI (French) 2007 Microsoft Office SharePoint Designer MUI (German) 2007 Microsoft Office SharePoint Designer MUI (Italian) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word 2007 Help - Aggiornamento (KB963665) Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Office Word MUI (Italian) 2007 Microsoft Office X MUI (Dutch) 2007 Microsoft Office X MUI (French) 2007 Microsoft Office X MUI (German) 2007 Microsoft Office X MUI (Italian) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mise à jour Microsoft Office Excel 2007 Help (KB963678) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) Mise à jour Microsoft Office Word 2007 Help (KB963665) MSVCRT Oceanis Change Background Windows 7 ocr OpenOffice.org 3.3 OpenSource AVI Splitter (remove only) OpenSource DTS/AC3/DD+ Source Filter (remove only) OpenSource Flash Video Splitter (remove only) Opera 11.60 PiccoloTaxi Piggly PreReq QuickTime Ralink RT2860 Wireless LAN Card RealMedia (remove only) Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Skype web features Skype™ 5.5 Smileyville Super Hybrid Engine Synaptics Pointing Device Driver TeamViewer 5 Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) WIDCOMM Bluetooth Software Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Center Windows Mobile Device Center Driver Update WinRAR 4.01 (32-bit) Xfp Ver_2.0.13 - TDK_2.0.17 Zoom Player (remove only) . ==== Event Viewer Messages From Past Week ======== . 30/04/2012 9:57:03 PM, Error: Service Control Manager [7023] - The Sfusvc service terminated with the following error: The specified procedure could not be found. 30/04/2012 9:44:43 PM, Error: Service Control Manager [7023] - The Symredrv service terminated with the following error: The specified procedure could not be found. 30/04/2012 9:12:05 PM, Error: Service Control Manager [7023] - The AlteraByteBlaster service terminated with the following error: The specified procedure could not be found. 30/04/2012 9:00:06 PM, Error: Service Control Manager [7023] - The Lktimesync service terminated with the following error: The specified procedure could not be found. 30/04/2012 8:42:05 PM, Error: Service Control Manager [7023] - The PID_08A0 service terminated with the following error: The specified procedure could not be found. 30/04/2012 8:27:01 PM, Error: Service Control Manager [7023] - The DELTA service terminated with the following error: The specified procedure could not be found. 30/04/2012 8:11:57 PM, Error: Service Control Manager [7023] - The GcKernel service terminated with the following error: The specified procedure could not be found. 30/04/2012 8:11:01 PM, Error: Service Control Manager [7023] - The Atiavpci service terminated with the following error: The specified procedure could not be found. 30/04/2012 7:57:30 PM, Error: Service Control Manager [7023] - The Fa_scheduler service terminated with the following error: The specified procedure could not be found. 30/04/2012 7:49:42 PM, Error: Service Control Manager [7023] - The GBDevice service terminated with the following error: The specified procedure could not be found. 30/04/2012 11:57:04 PM, Error: Service Control Manager [7023] - The Msmpsvc service terminated with the following error: The specified procedure could not be found. 30/04/2012 11:42:37 PM, Error: Service Control Manager [7023] - The Fsaua service terminated with the following error: The specified procedure could not be found. 30/04/2012 11:27:01 PM, Error: Service Control Manager [7023] - The ASUSVRC service terminated with the following error: The specified procedure could not be found. 30/04/2012 11:12:02 PM, Error: Service Control Manager [7023] - The Iksysflt service terminated with the following error: The specified procedure could not be found. 30/04/2012 10:57:01 PM, Error: Service Control Manager [7023] - The Z800bus service terminated with the following error: The specified procedure could not be found. 30/04/2012 10:41:59 PM, Error: Service Control Manager [7023] - The TMBMServer service terminated with the following error: The specified procedure could not be found. 30/04/2012 10:27:21 PM, Error: Service Control Manager [7023] - The Elbycdio service terminated with the following error: The specified procedure could not be found. 30/04/2012 10:12:00 PM, Error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: The specified procedure could not be found. 01/05/2012 9:34:58 AM, Error: Service Control Manager [7023] - The WMIService service terminated with the following error: The specified procedure could not be found. 01/05/2012 9:20:20 AM, Error: Service Control Manager [7023] - The Mcafeeframework service terminated with the following error: The specified procedure could not be found. 01/05/2012 9:04:57 AM, Error: Service Control Manager [7023] - The RadProbe service terminated with the following error: The specified procedure could not be found. 01/05/2012 9:03:38 AM, Error: Service Control Manager [7023] - The Mssql $sony_mediamgr service terminated with the following error: The specified procedure could not be found. 01/05/2012 8:58:56 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 01/05/2012 8:53:26 PM, Error: Service Control Manager [7023] - The Smartscaps service terminated with the following error: The specified procedure could not be found. 01/05/2012 8:39:01 PM, Error: Service Control Manager [7023] - The W39n51 service terminated with the following error: The specified procedure could not be found. 01/05/2012 8:23:44 PM, Error: Service Control Manager [7023] - The Patrolagent service terminated with the following error: The specified procedure could not be found. 01/05/2012 8:16:21 PM, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s). 01/05/2012 8:08:48 PM, Error: Service Control Manager [7023] - The Maya70docserver service terminated with the following error: The specified procedure could not be found. 01/05/2012 8:07:56 PM, Error: Service Control Manager [7023] - The Lpds service terminated with the following error: The specified procedure could not be found. 01/05/2012 7:59:12 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom luafv 01/05/2012 7:59:09 PM, Error: Service Control Manager [7023] - The Ser2plms service terminated with the following error: The system cannot find the file specified. 01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The Nvgts service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The Fsaua service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The Fa_scheduler service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The DELTA service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The SED133x service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Pdlndsdl service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Msmpsvc service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Mcafeeframework service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Lxrsge10s service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Lktimesync service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The GBDevice service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - The WMIService service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - The Videoacceleratorengine service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - The Trlokom_rmhsvc service terminated with the following error: The system cannot find the file specified. 01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:05 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Z800bus service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Wmp54gssvc service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The TMBMServer service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Symredrv service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The PID_08A0 service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Oracleorahome92tnslistener service terminated with the following error: The system cannot find the file specified. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Iksysflt service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The GcKernel service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Elbycdio service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Atiavpci service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The AlteraByteBlaster service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:04 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The Sntnlusb service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The RadProbe service terminated with the following error: The specified module could not be found. 01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The BootScreen service terminated with the following error: The system cannot find the file specified. 01/05/2012 7:59:02 PM, Error: Service Control Manager [7023] - The Maplom service terminated with the following error: The specified module could not be found. 01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The Sfusvc service terminated with the following error: The specified module could not be found. 01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The Mssql $sony_mediamgr service terminated with the following error: The specified module could not be found. 01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The Jukebox3 service terminated with the following error: The system cannot find the file specified. 01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The ASUSVRC service terminated with the following error: The specified module could not be found. 01/05/2012 7:54:24 PM, Error: Service Control Manager [7023] - The Lxrsge10s service terminated with the following error: The specified procedure could not be found. 01/05/2012 7:40:01 PM, Error: Service Control Manager [7023] - The Pdlndsdl service terminated with the following error: The specified procedure could not be found. 01/05/2012 7:23:51 PM, Error: Service Control Manager [7023] - The SED133x service terminated with the following error: The specified procedure could not be found. 01/05/2012 7:23:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service. 01/05/2012 7:22:26 PM, Error: Service Control Manager [7023] - The Maplom service terminated with the following error: The specified procedure could not be found. 01/05/2012 7:22:10 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{30241194-5E19-4930-8815-E2BA8533BFFD} because another computer on the network has the same name. The server could not start. 01/05/2012 6:00:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 01/05/2012 3:53:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 01/05/2012 3:51:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. . ==== End Of File ===========================

TDSS Log, Part 2: 09:10:16.0140 7864 ============================================================ 09:10:16.0140 7864 Scan finished 09:10:16.0140 7864 ============================================================ 09:10:16.0211 4164 Detected object count: 3 09:10:16.0212 4164 Actual detected object count: 3 09:11:09.0358 4164 AsusService ( UnsignedFile.Multi.Generic ) - skipped by user 09:11:09.0358 4164 AsusService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:11:09.0361 4164 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user 09:11:09.0362 4164 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:11:09.0371 4164 sursayra ( UnsignedFile.Multi.Generic ) - skipped by user 09:11:09.0371 4164 sursayra ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:24:24.0656 3652 ============================================================ 19:24:24.0695 3652 Scan started 19:24:24.0695 3652 Mode: Manual; SigCheck; TDLFS; 19:24:24.0695 3652 ============================================================ 19:24:30.0833 3652 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys 19:24:32.0645 3652 1394ohci - ok 19:24:32.0889 3652 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys 19:24:33.0007 3652 ACPI - ok 19:24:33.0244 3652 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys 19:24:33.0838 3652 AcpiPmi - ok 19:24:35.0261 3652 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 19:24:35.0621 3652 AdobeFlashPlayerUpdateSvc - ok 19:24:36.0065 3652 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 19:24:36.0271 3652 adp94xx - ok 19:24:36.0549 3652 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 19:24:36.0755 3652 adpahci - ok 19:24:36.0884 3652 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 19:24:37.0145 3652 adpu320 - ok 19:24:37.0245 3652 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 19:24:37.0655 3652 AeLookupSvc - ok 19:24:38.0610 3652 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys 19:24:39.0117 3652 AFD - ok 19:24:39.0278 3652 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys 19:24:39.0348 3652 agp440 - ok 19:24:39.0526 3652 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 19:24:39.0782 3652 aic78xx - ok 19:24:40.0153 3652 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 19:24:40.0421 3652 ALG - ok 19:24:40.0532 3652 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys 19:24:40.0648 3652 aliide - ok 19:24:40.0746 3652 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys 19:24:40.0890 3652 amdagp - ok 19:24:40.0969 3652 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys 19:24:41.0041 3652 amdide - ok 19:24:41.0194 3652 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 19:24:41.0354 3652 AmdK8 - ok 19:24:41.0511 3652 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 19:24:41.0715 3652 AmdPPM - ok 19:24:41.0929 3652 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys 19:24:41.0982 3652 amdsata - ok 19:24:42.0162 3652 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 19:24:42.0247 3652 amdsbs - ok 19:24:42.0319 3652 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys 19:24:42.0404 3652 amdxata - ok 19:24:42.0477 3652 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys 19:24:42.0699 3652 AppID - ok 19:24:42.0817 3652 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 19:24:43.0677 3652 AppIDSvc - ok 19:24:43.0945 3652 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\windows\System32\appinfo.dll 19:24:44.0196 3652 Appinfo - ok 19:24:45.0153 3652 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 19:24:45.0246 3652 Apple Mobile Device - ok 19:24:45.0408 3652 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 19:24:45.0504 3652 arc - ok 19:24:45.0716 3652 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 19:24:45.0855 3652 arcsas - ok 19:24:45.0937 3652 arkbcfltr - ok 19:24:45.0997 3652 arrayssl_vpn_service3,0,1,9 - ok 19:24:46.0069 3652 AsusService (c4fb2613d3c75364bb159b9c23a00e7a) C:\Windows\System32\AsusService.exe 19:24:46.0253 3652 AsusService ( UnsignedFile.Multi.Generic ) - warning 19:24:46.0263 3652 AsusService - detected UnsignedFile.Multi.Generic (1) 19:24:46.0386 3652 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys 19:24:46.0572 3652 aswFsBlk - ok 19:24:46.0656 3652 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys 19:24:46.0793 3652 aswMonFlt - ok 19:24:46.0890 3652 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys 19:24:46.0930 3652 aswRdr - ok 19:24:47.0280 3652 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys 19:24:47.0359 3652 aswSP - ok 19:24:47.0498 3652 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys 19:24:47.0571 3652 aswTdi - ok 19:24:47.0761 3652 aswUpdSv (5debc3519d489411073fa7e56ffb4a93) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 19:24:47.0789 3652 aswUpdSv - ok 19:24:47.0887 3652 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 19:24:49.0509 3652 AsyncMac - ok 19:24:49.0651 3652 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys 19:24:49.0808 3652 atapi - ok 19:24:52.0311 3652 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys 19:24:52.0776 3652 athr - ok 19:24:53.0671 3652 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll 19:24:53.0968 3652 AudioEndpointBuilder - ok 19:24:54.0005 3652 Audiosrv (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll 19:24:54.0149 3652 Audiosrv - ok 19:24:54.0526 3652 avast! Antivirus (0aaf6b848185899cf76ae04e62eab3d2) C:\Program Files\Alwil Software\Avast4\ashServ.exe 19:24:54.0585 3652 avast! Antivirus - ok 19:24:55.0172 3652 avast! Mail Scanner (b2f564dc59b67763c73269e1a9da7f18) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 19:24:55.0318 3652 avast! Mail Scanner - ok 19:24:56.0031 3652 avast! Web Scanner (d86010c96abadda75356834d6113d37d) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 19:24:56.0342 3652 avast! Web Scanner - ok 19:24:56.0516 3652 avg7updsvc - ok 19:24:56.0841 3652 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\windows\System32\AxInstSV.dll 19:24:57.0325 3652 AxInstSV - ok 19:24:57.0994 3652 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 19:24:58.0285 3652 b06bdrv - ok 19:24:58.0542 3652 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 19:24:58.0784 3652 b57nd60x - ok 19:24:59.0512 3652 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE 19:24:59.0720 3652 BBSvc - ok 19:25:00.0347 3652 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE 19:25:00.0528 3652 BBUpdate - ok 19:25:00.0603 3652 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 19:25:01.0151 3652 BDESVC - ok 19:25:01.0192 3652 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 19:25:01.0398 3652 Beep - ok 19:25:02.0664 3652 BITS (53f476476f55a27f580661bde09c4ec4) C:\windows\System32\qmgr.dll 19:25:02.0908 3652 BITS - ok 19:25:02.0938 3652 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 19:25:03.0064 3652 blbdrive - ok 19:25:03.0680 3652 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe 19:25:03.0865 3652 Bonjour Service - ok 19:25:04.0074 3652 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys 19:25:04.0375 3652 bowser - ok 19:25:04.0464 3652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 19:25:04.0602 3652 BrFiltLo - ok 19:25:04.0667 3652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 19:25:04.0760 3652 BrFiltUp - ok 19:25:04.0905 3652 Browser (598e1280e7ff3744f4b8329366cc5635) C:\windows\System32\browser.dll 19:25:05.0105 3652 Browser - ok 19:25:05.0266 3652 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 19:25:05.0455 3652 Brserid - ok 19:25:05.0566 3652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 19:25:05.0699 3652 BrSerWdm - ok 19:25:05.0724 3652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 19:25:05.0818 3652 BrUsbMdm - ok 19:25:05.0891 3652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 19:25:05.0992 3652 BrUsbSer - ok 19:25:06.0105 3652 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys 19:25:06.0311 3652 BthEnum - ok 19:25:06.0383 3652 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 19:25:06.0512 3652 BTHMODEM - ok 19:25:06.0584 3652 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys 19:25:06.0774 3652 BthPan - ok 19:25:06.0940 3652 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys 19:25:07.0185 3652 BTHPORT - ok 19:25:07.0416 3652 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 19:25:07.0622 3652 bthserv - ok 19:25:07.0713 3652 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys 19:25:07.0841 3652 BTHUSB - ok 19:25:08.0079 3652 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys 19:25:08.0288 3652 btwaudio - ok 19:25:08.0549 3652 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys 19:25:08.0626 3652 btwavdt - ok 19:25:09.0820 3652 btwdins (f7434401ae320bb97903a3c1865242fb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 19:25:10.0019 3652 btwdins - ok 19:25:10.0140 3652 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys 19:25:10.0276 3652 btwl2cap - ok 19:25:10.0399 3652 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys 19:25:10.0470 3652 btwrchid - ok 19:25:10.0602 3652 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 19:25:10.0819 3652 cdfs - ok 19:25:11.0153 3652 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys 19:25:11.0416 3652 cdrom - ok 19:25:11.0603 3652 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll 19:25:11.0824 3652 CertPropSvc - ok 19:25:11.0939 3652 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 19:25:12.0083 3652 circlass - ok 19:25:12.0331 3652 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 19:25:12.0692 3652 CLFS - ok 19:25:13.0153 3652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:25:13.0256 3652 clr_optimization_v2.0.50727_32 - ok 19:25:13.0741 3652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:25:14.0107 3652 clr_optimization_v4.0.30319_32 - ok 19:25:14.0178 3652 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 19:25:14.0312 3652 CmBatt - ok 19:25:14.0637 3652 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys 19:25:14.0749 3652 cmdide - ok 19:25:15.0343 3652 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys 19:25:15.0705 3652 CNG - ok 19:25:15.0883 3652 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 19:25:15.0995 3652 Compbatt - ok 19:25:16.0181 3652 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys 19:25:16.0381 3652 CompositeBus - ok 19:25:16.0434 3652 COMSysApp - ok 19:25:16.0498 3652 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 19:25:16.0619 3652 crcdisk - ok 19:25:17.0063 3652 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\windows\system32\cryptsvc.dll 19:25:17.0456 3652 CryptSvc - ok 19:25:17.0632 3652 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 19:25:17.0701 3652 ctxusbm - ok 19:25:17.0852 3652 CVPNDRVA - ok 19:25:18.0584 3652 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll 19:25:18.0877 3652 DcomLaunch - ok 19:25:18.0994 3652 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 19:25:19.0446 3652 defragsvc - ok 19:25:19.0692 3652 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys 19:25:19.0925 3652 DfsC - ok 19:25:20.0483 3652 Dhcp (c56495fbd770712367cad35e5de72da6) C:\windows\system32\dhcpcore.dll 19:25:20.0882 3652 Dhcp - ok 19:25:21.0083 3652 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 19:25:21.0259 3652 discache - ok 19:25:21.0504 3652 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 19:25:21.0615 3652 Disk - ok 19:25:21.0851 3652 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\windows\System32\dnsrslvr.dll 19:25:22.0105 3652 Dnscache - ok 19:25:22.0207 3652 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\windows\System32\dot3svc.dll 19:25:22.0452 3652 dot3svc - ok 19:25:22.0809 3652 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\windows\system32\dps.dll 19:25:23.0030 3652 DPS - ok 19:25:23.0131 3652 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 19:25:23.0274 3652 drmkaud - ok 19:25:23.0422 3652 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys 19:25:23.0627 3652 DXGKrnl - ok 19:25:23.0675 3652 DynDNS_Updater_Service - ok 19:25:23.0932 3652 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 19:25:24.0058 3652 EapHost - ok 19:25:29.0610 3652 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 19:25:30.0351 3652 ebdrv - ok 19:25:32.0109 3652 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\System32\lsass.exe 19:25:32.0297 3652 EFS - ok 19:25:34.0575 3652 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 19:25:34.0852 3652 elxstor - ok 19:25:34.0926 3652 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys 19:25:35.0091 3652 ErrDev - ok 19:25:35.0933 3652 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 19:25:36.0163 3652 EventSystem - ok 19:25:36.0479 3652 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 19:25:36.0864 3652 exfat - ok 19:25:36.0978 3652 fallback - ok 19:25:37.0815 3652 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 19:25:38.0626 3652 fastfat - ok 19:25:40.0630 3652 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\windows\system32\fxssvc.exe 19:25:41.0186 3652 Fax - ok 19:25:41.0257 3652 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 19:25:41.0488 3652 fdc - ok 19:25:41.0976 3652 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 19:25:42.0375 3652 fdPHost - ok 19:25:42.0787 3652 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 19:25:43.0009 3652 FDResPub - ok 19:25:43.0390 3652 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 19:25:43.0446 3652 FileInfo - ok 19:25:43.0926 3652 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 19:25:44.0325 3652 Filetrace - ok 19:25:44.0514 3652 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 19:25:44.0655 3652 flpydisk - ok 19:25:44.0774 3652 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 19:25:44.0854 3652 FltMgr - ok 19:25:48.0862 3652 FontCache (7fe4995528a7529a761875151ee3d512) C:\windows\system32\FntCache.dll 19:25:50.0985 3652 FontCache - ok 19:25:51.0607 3652 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 19:25:51.0887 3652 FontCache3.0.0.0 - ok 19:25:52.0374 3652 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 19:25:52.0542 3652 FsDepends - ok 19:25:52.0763 3652 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\windows\system32\DRIVERS\fssfltr.sys 19:25:52.0813 3652 fssfltr - ok 19:25:58.0459 3652 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 19:25:58.0839 3652 fsssvc - ok 19:26:00.0252 3652 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\windows\system32\drivers\Fs_Rec.sys 19:26:00.0365 3652 Fs_Rec - ok 19:26:00.0689 3652 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\windows\system32\drivers\ftdibus.sys 19:26:00.0812 3652 FTDIBUS - ok 19:26:00.0947 3652 ftsata2 - ok 19:26:01.0455 3652 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\windows\system32\drivers\ftser2k.sys 19:26:01.0566 3652 FTSER2K - ok 19:26:02.0583 3652 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys 19:26:02.0995 3652 fvevol - ok 19:26:03.0201 3652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 19:26:03.0395 3652 gagp30kx - ok 19:26:03.0713 3652 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 19:26:03.0814 3652 GEARAspiWDM - ok 19:26:04.0321 3652 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\windows\System32\gpsvc.dll 19:26:04.0634 3652 gpsvc - ok 19:26:06.0707 3652 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 19:26:06.0883 3652 gupdate - ok 19:26:07.0039 3652 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 19:26:07.0166 3652 gupdatem - ok 19:26:07.0656 3652 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 19:26:08.0222 3652 gusvc - ok 19:26:08.0307 3652 hcf_msft - ok 19:26:08.0477 3652 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 19:26:09.0054 3652 hcw85cir - ok 19:26:09.0834 3652 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys 19:26:10.0090 3652 HdAudAddService - ok 19:26:10.0394 3652 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys 19:26:10.0557 3652 HDAudBus - ok 19:26:10.0688 3652 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 19:26:10.0807 3652 HidBatt - ok 19:26:11.0186 3652 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 19:26:11.0480 3652 HidBth - ok 19:26:11.0676 3652 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 19:26:11.0824 3652 HidIr - ok 19:26:12.0002 3652 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 19:26:12.0605 3652 hidserv - ok 19:26:13.0049 3652 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys 19:26:13.0205 3652 HidUsb - ok 19:26:16.0506 3652 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\windows\system32\kmsvc.dll 19:26:17.0498 3652 hkmsvc - ok 19:26:18.0058 3652 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\windows\system32\ListSvc.dll 19:26:18.0470 3652 HomeGroupListener - ok 19:26:18.0847 3652 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\windows\system32\provsvc.dll 19:26:19.0152 3652 HomeGroupProvider - ok 19:26:19.0275 3652 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys 19:26:19.0339 3652 HpSAMD - ok 19:26:20.0240 3652 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys 19:26:20.0605 3652 HTTP - ok 19:26:20.0683 3652 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys 19:26:20.0749 3652 hwpolicy - ok 19:26:21.0068 3652 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys 19:26:21.0241 3652 i8042prt - ok 19:26:22.0089 3652 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 19:26:22.0252 3652 iaStor - ok 19:26:23.0325 3652 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys 19:26:23.0600 3652 iaStorV - ok 19:26:25.0575 3652 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:26:25.0795 3652 idsvc - ok 19:26:44.0245 3652 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys 19:26:45.0291 3652 igfx - ok 19:26:47.0053 3652 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 19:26:47.0186 3652 iirsp - ok 19:26:48.0827 3652 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\windows\System32\ikeext.dll 19:26:49.0972 3652 IKEEXT - ok 19:26:54.0574 3652 IntcAzAudAddService (e345ec27c8dff8728f5c6f0413699dc5) C:\windows\system32\drivers\RTKVHDA.sys 19:26:55.0114 3652 IntcAzAudAddService - ok 19:26:56.0395 3652 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys 19:26:56.0513 3652 intelide - ok 19:26:56.0695 3652 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 19:26:56.0874 3652 intelppm - ok 19:26:57.0031 3652 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 19:26:57.0246 3652 IPBusEnum - ok 19:26:57.0473 3652 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 19:26:57.0649 3652 IpFilterDriver - ok 19:26:57.0932 3652 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys 19:26:58.0105 3652 IPMIDRV - ok 19:26:58.0222 3652 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 19:26:58.0374 3652 IPNAT - ok 19:27:00.0330 3652 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe 19:27:00.0498 3652 iPod Service - ok 19:27:00.0623 3652 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 19:27:00.0997 3652 IRENUM - ok 19:27:01.0362 3652 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys 19:27:01.0575 3652 isapnp - ok 19:27:02.0226 3652 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys 19:27:02.0434 3652 iScsiPrt - ok 19:27:02.0567 3652 itmrtsvc - ok 19:27:02.0734 3652 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys 19:27:02.0889 3652 kbdclass - ok 19:27:02.0953 3652 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys 19:27:03.0046 3652 kbdhid - ok 19:27:03.0231 3652 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys 19:27:03.0284 3652 kbfiltr - ok 19:27:03.0434 3652 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 19:27:03.0519 3652 KeyIso - ok 19:27:03.0594 3652 klif - ok 19:27:04.0650 3652 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe 19:27:04.0965 3652 Kodak AiO Network Discovery Service - ok 19:27:05.0320 3652 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys 19:27:05.0427 3652 KSecDD - ok 19:27:05.0862 3652 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys 19:27:05.0939 3652 KSecPkg - ok 19:27:06.0623 3652 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 19:27:07.0157 3652 KtmRm - ok 19:27:07.0497 3652 L1C (a158cea8644b8a5c1ec0e9a81b70f65a) C:\windows\system32\DRIVERS\L1C62x86.sys 19:27:07.0881 3652 L1C - ok 19:27:08.0302 3652 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\windows\system32\srvsvc.dll 19:27:08.0506 3652 LanmanServer - ok 19:27:08.0697 3652 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\windows\System32\wkssvc.dll 19:27:08.0905 3652 LanmanWorkstation - ok 19:27:09.0100 3652 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 19:27:09.0239 3652 lltdio - ok 19:27:09.0799 3652 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 19:27:10.0462 3652 lltdsvc - ok 19:27:10.0594 3652 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 19:27:11.0372 3652 lmhosts - ok 19:27:11.0616 3652 LMouFilt - ok 19:27:11.0835 3652 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 19:27:11.0933 3652 LSI_FC - ok 19:27:12.0527 3652 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 19:27:12.0813 3652 LSI_SAS - ok 19:27:12.0941 3652 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 19:27:13.0021 3652 LSI_SAS2 - ok 19:27:13.0362 3652 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 19:27:13.0571 3652 LSI_SCSI - ok 19:27:13.0839 3652 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 19:27:14.0045 3652 luafv - ok 19:27:14.0190 3652 lusbaudio - ok 19:27:14.0223 3652 macformatservice - ok 19:27:14.0858 3652 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys 19:27:15.0115 3652 MBAMProtector - ok 19:27:16.0866 3652 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 19:27:17.0044 3652 MBAMService - ok 19:27:17.0274 3652 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\windows\system32\drivers\mbamswissarmy.sys 19:27:17.0348 3652 MBAMSwissArmy - ok 19:27:17.0392 3652 mclogmanagerservice - ok 19:27:17.0544 3652 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 19:27:17.0647 3652 megasas - ok 19:27:17.0928 3652 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 19:27:18.0059 3652 MegaSR - ok 19:27:18.0254 3652 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 19:27:18.0437 3652 MMCSS - ok 19:27:18.0539 3652 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 19:27:18.0679 3652 Modem - ok 19:27:18.0826 3652 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 19:27:19.0122 3652 monitor - ok 19:27:19.0288 3652 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys 19:27:19.0353 3652 mouclass - ok 19:27:19.0566 3652 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 19:27:19.0734 3652 mouhid - ok 19:27:20.0009 3652 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys 19:27:20.0079 3652 mountmgr - ok 19:27:20.0363 3652 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys 19:27:20.0442 3652 mpio - ok 19:27:20.0676 3652 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 19:27:21.0090 3652 mpsdrv - ok 19:27:21.0226 3652 mr2kserv - ok 19:27:21.0443 3652 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys 19:27:21.0575 3652 MRxDAV - ok 19:27:21.0835 3652 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys 19:27:22.0202 3652 mrxsmb - ok 19:27:22.0408 3652 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys 19:27:22.0565 3652 mrxsmb10 - ok 19:27:22.0667 3652 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys 19:27:22.0778 3652 mrxsmb20 - ok 19:27:22.0895 3652 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys 19:27:22.0961 3652 msahci - ok 19:27:23.0045 3652 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys 19:27:23.0116 3652 msdsm - ok 19:27:23.0232 3652 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 19:27:23.0398 3652 MSDTC - ok 19:27:23.0523 3652 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 19:27:23.0697 3652 Msfs - ok 19:27:23.0710 3652 msfwsvc - ok 19:27:23.0742 3652 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 19:27:23.0897 3652 mshidkmdf - ok 19:27:23.0981 3652 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys 19:27:24.0029 3652 msisadrv - ok 19:27:24.0214 3652 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 19:27:24.0379 3652 MSiSCSI - ok 19:27:24.0586 3652 msiserver - ok 19:27:24.0667 3652 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 19:27:24.0788 3652 MSKSSRV - ok 19:27:24.0819 3652 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 19:27:24.0963 3652 MSPCLOCK - ok 19:27:25.0057 3652 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 19:27:25.0253 3652 MSPQM - ok 19:27:25.0482 3652 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 19:27:25.0558 3652 MsRPC - ok 19:27:25.0676 3652 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys 19:27:25.0732 3652 mssmbios - ok 19:27:25.0776 3652 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 19:27:25.0927 3652 MSTEE - ok 19:27:26.0041 3652 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 19:27:26.0159 3652 MTConfig - ok 19:27:26.0193 3652 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 19:27:26.0246 3652 Mup - ok 19:27:26.0734 3652 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\windows\system32\qagentRT.dll 19:27:26.0922 3652 napagent - ok 19:27:27.0103 3652 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 19:27:27.0225 3652 NativeWifiP - ok 19:27:27.0663 3652 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys 19:27:27.0778 3652 NDIS - ok 19:27:27.0887 3652 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 19:27:28.0409 3652 NdisCap - ok 19:27:28.0533 3652 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 19:27:28.0702 3652 NdisTapi - ok 19:27:28.0860 3652 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys 19:27:29.0062 3652 Ndisuio - ok 19:27:29.0311 3652 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys 19:27:29.0474 3652 NdisWan - ok 19:27:29.0605 3652 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys 19:27:29.0791 3652 NDProxy - ok 19:27:29.0942 3652 Netaapl (29c45722e20572b6440b57e3359e73ee) C:\windows\system32\DRIVERS\netaapl.sys 19:27:30.0025 3652 Netaapl - ok 19:27:30.0111 3652 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 19:27:30.0349 3652 NetBIOS - ok 19:27:30.0810 3652 NetBT (14797e657fcfe2f62b1c315bfd6b9006) C:\windows\system32\DRIVERS\netbt.sys 19:27:30.0932 3652 NetBT ( UnsignedFile.Multi.Generic ) - warning 19:27:30.0962 3652 NetBT - detected UnsignedFile.Multi.Generic (1) 19:27:31.0091 3652 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 19:27:31.0235 3652 Netlogon - ok 19:27:31.0547 3652 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 19:27:31.0866 3652 Netman - ok 19:27:32.0315 3652 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 19:27:32.0569 3652 netprofm - ok 19:27:32.0996 3652 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:27:33.0079 3652 NetTcpPortSharing - ok 19:27:33.0167 3652 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 19:27:33.0264 3652 nfrd960 - ok 19:27:33.0610 3652 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\windows\System32\nlasvc.dll 19:27:33.0913 3652 NlaSvc - ok 19:27:34.0125 3652 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 19:27:34.0437 3652 Npfs - ok 19:27:34.0575 3652 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 19:27:34.0810 3652 nsi - ok 19:27:34.0979 3652 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 19:27:35.0190 3652 nsiproxy - ok 19:27:35.0783 3652 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys 19:27:35.0983 3652 Ntfs - ok 19:27:36.0004 3652 ntlmssp - ok 19:27:36.0120 3652 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 19:27:36.0258 3652 Null - ok 19:27:36.0648 3652 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys 19:27:36.0713 3652 nvraid - ok 19:27:36.0782 3652 nvsmu - ok 19:27:37.0607 3652 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys 19:27:37.0739 3652 nvstor - ok 19:27:37.0856 3652 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys 19:27:37.0931 3652 nv_agp - ok 19:27:38.0571 3652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:27:38.0749 3652 odserv - ok 19:27:38.0879 3652 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys 19:27:38.0997 3652 ohci1394 - ok 19:27:39.0182 3652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:27:39.0241 3652 ose - ok 19:27:39.0749 3652 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 19:27:39.0999 3652 p2pimsvc - ok 19:27:40.0516 3652 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 19:27:40.0676 3652 p2psvc - ok 19:27:40.0764 3652 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 19:27:40.0890 3652 Parport - ok 19:27:40.0967 3652 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys 19:27:41.0028 3652 partmgr - ok 19:27:41.0095 3652 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 19:27:41.0227 3652 Parvdm - ok 19:27:41.0587 3652 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 19:27:41.0686 3652 PcaSvc - ok 19:27:41.0861 3652 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys 19:27:41.0921 3652 pci - ok 19:27:41.0982 3652 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys 19:27:42.0099 3652 pciide - ok 19:27:42.0248 3652 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 19:27:42.0323 3652 pcmcia - ok 19:27:42.0689 3652 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 19:27:42.0737 3652 pcw - ok 19:27:43.0194 3652 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 19:27:43.0400 3652 PEAUTH - ok 19:27:45.0441 3652 pla (9c1bff7910c89a1d12e57343475840cb) C:\windows\system32\pla.dll 19:27:45.0765 3652 pla - ok 19:27:46.0939 3652 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\windows\system32\umpnpmgr.dll 19:27:47.0155 3652 PlugPlay - ok 19:27:47.0292 3652 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 19:27:47.0376 3652 PNRPAutoReg - ok 19:27:47.0786 3652 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 19:27:47.0854 3652 PNRPsvc - ok 19:27:48.0259 3652 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\windows\system32\DRIVERS\point32.sys 19:27:48.0318 3652 Point32 - ok 19:27:48.0780 3652 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\windows\System32\ipsecsvc.dll 19:27:49.0007 3652 PolicyAgent - ok 19:27:49.0402 3652 Power (dbff83f709a91049621c1d35dd45c92c) C:\windows\system32\umpo.dll 19:27:49.0576 3652 Power - ok 19:27:49.0818 3652 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 19:27:49.0995 3652 PptpMiniport - ok 19:27:50.0136 3652 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 19:27:50.0246 3652 Processor - ok 19:27:50.0666 3652 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\windows\system32\profsvc.dll 19:27:50.0838 3652 ProfSvc - ok 19:27:50.0957 3652 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 19:27:51.0012 3652 ProtectedStorage - ok 19:27:51.0074 3652 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 19:27:51.0212 3652 Psched - ok 19:27:51.0255 3652 qbposdbservices - ok 19:27:52.0964 3652 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 19:27:53.0161 3652 ql2300 - ok 19:27:55.0025 3652 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 19:27:55.0140 3652 ql40xx - ok 19:27:55.0490 3652 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 19:27:55.0680 3652 QWAVE - ok 19:27:55.0777 3652 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 19:27:55.0885 3652 QWAVEdrv - ok 19:27:56.0532 3652 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\windows\WindowsMobile\rapimgr.dll 19:27:56.0627 3652 RapiMgr - ok 19:27:56.0734 3652 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 19:27:56.0871 3652 RasAcd - ok 19:27:57.0097 3652 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 19:27:57.0400 3652 RasAgileVpn - ok 19:27:57.0557 3652 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 19:27:57.0696 3652 RasAuto - ok 19:27:57.0917 3652 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 19:27:58.0113 3652 Rasl2tp - ok 19:27:58.0408 3652 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\windows\System32\rasmans.dll 19:27:58.0660 3652 RasMan - ok 19:27:58.0725 3652 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 19:27:58.0883 3652 RasPppoe - ok 19:27:59.0016 3652 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 19:27:59.0130 3652 RasSstp - ok 19:27:59.0182 3652 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys 19:27:59.0487 3652 rdbss - ok 19:27:59.0583 3652 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 19:27:59.0751 3652 rdpbus - ok 19:27:59.0852 3652 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys 19:28:00.0032 3652 RDPCDD - ok 19:28:00.0132 3652 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 19:28:00.0256 3652 RDPENCDD - ok 19:28:00.0314 3652 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 19:28:00.0477 3652 RDPREFMP - ok 19:28:00.0737 3652 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\windows\system32\drivers\RDPWD.sys 19:28:01.0075 3652 RDPWD - ok 19:28:01.0367 3652 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys 19:28:01.0519 3652 rdyboost - ok 19:28:01.0718 3652 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 19:28:01.0864 3652 RemoteAccess - ok 19:28:02.0077 3652 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 19:28:02.0205 3652 RemoteRegistry - ok 19:28:02.0511 3652 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys 19:28:02.0675 3652 RFCOMM - ok 19:28:02.0836 3652 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 19:28:03.0034 3652 RpcEptMapper - ok 19:28:03.0209 3652 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 19:28:03.0328 3652 RpcLocator - ok 19:28:04.0118 3652 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll 19:28:04.0340 3652 RpcSs - ok 19:28:04.0551 3652 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 19:28:04.0719 3652 rspndr - ok 19:28:04.0808 3652 s116obex - ok 19:28:04.0942 3652 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 19:28:05.0009 3652 SamSs - ok 19:28:05.0185 3652 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys 19:28:05.0236 3652 sbp2port - ok 19:28:05.0329 3652 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 19:28:05.0554 3652 SCardSvr - ok 19:28:05.0626 3652 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys 19:28:05.0753 3652 scfilter - ok 19:28:11.0993 3652 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\windows\system32\schedsvc.dll 19:28:12.0232 3652 Schedule - ok 19:28:12.0296 3652 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll 19:28:12.0512 3652 SCPolicySvc - ok 19:28:12.0613 3652 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\windows\System32\SDRSVC.dll 19:28:12.0803 3652 SDRSVC - ok 19:28:12.0880 3652 se58unic - ok 19:28:12.0987 3652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 19:28:13.0116 3652 secdrv - ok 19:28:13.0222 3652 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 19:28:13.0355 3652 seclogon - ok 19:28:13.0466 3652 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 19:28:13.0621 3652 SENS - ok 19:28:13.0801 3652 ser2at (0d78c1c2469888bd18e25406ee9b41f6) C:\windows\system32\DRIVERS\ser2at.sys 19:28:13.0902 3652 ser2at - ok 19:28:13.0930 3652 SeratoUsb - ok 19:28:13.0991 3652 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 19:28:14.0078 3652 Serenum - ok 19:28:14.0143 3652 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 19:28:14.0233 3652 Serial - ok 19:28:14.0311 3652 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 19:28:14.0394 3652 sermouse - ok 19:28:14.0757 3652 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\windows\system32\sessenv.dll 19:28:14.0909 3652 SessionEnv - ok 19:28:14.0983 3652 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys 19:28:15.0070 3652 sffdisk - ok 19:28:15.0140 3652 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys 19:28:15.0210 3652 sffp_mmc - ok 19:28:15.0288 3652 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys 19:28:15.0404 3652 sffp_sd - ok 19:28:15.0704 3652 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 19:28:15.0802 3652 sfloppy - ok 19:28:16.0770 3652 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 19:28:16.0939 3652 SharedAccess - ok 19:28:17.0036 3652 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\windows\System32\shsvcs.dll 19:28:17.0289 3652 ShellHWDetection - ok 19:28:17.0376 3652 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys 19:28:17.0425 3652 sisagp - ok 19:28:17.0580 3652 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 19:28:17.0657 3652 SiSRaid2 - ok 19:28:17.0802 3652 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 19:28:17.0866 3652 SiSRaid4 - ok 19:28:17.0997 3652 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 19:28:18.0135 3652 Smb - ok 19:28:18.0310 3652 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 19:28:18.0405 3652 SNMPTRAP - ok 19:28:18.0476 3652 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 19:28:18.0529 3652 spldr - ok 19:28:18.0952 3652 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\windows\System32\spoolsv.exe 19:28:19.0082 3652 Spooler - ok 19:28:22.0298 3652 sppsvc (4c287f9069fedbd791178876ee9de536) C:\windows\system32\sppsvc.exe 19:28:22.0718 3652 sppsvc - ok 19:28:23.0843 3652 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\windows\system32\sppuinotify.dll 19:28:24.0157 3652 sppuinotify - ok 19:28:24.0251 3652 Spsmqvsm - ok 19:28:24.0555 3652 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys 19:28:24.0766 3652 srv - ok 19:28:25.0068 3652 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys 19:28:25.0193 3652 srv2 - ok 19:28:25.0248 3652 SRVLOC - ok 19:28:25.0491 3652 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys 19:28:25.0605 3652 srvnet - ok 19:28:25.0799 3652 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 19:28:25.0992 3652 SSDPSRV - ok 19:28:26.0115 3652 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 19:28:26.0408 3652 SstpSvc - ok 19:28:26.0479 3652 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 19:28:26.0527 3652 stexstor - ok 19:28:26.0643 3652 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\windows\System32\wiaservc.dll 19:28:26.0964 3652 StiSvc - ok 19:28:27.0116 3652 sursayra (e6d35f3aa51a65eb35c1f2340154a25e) C:\windows\system32\drivers\jxgc.sys 19:28:27.0176 3652 sursayra ( UnsignedFile.Multi.Generic ) - warning 19:28:27.0177 3652 sursayra - detected UnsignedFile.Multi.Generic (1) 19:28:27.0272 3652 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys 19:28:27.0321 3652 swenum - ok 19:28:27.0421 3652 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 19:28:27.0688 3652 swprv - ok 19:28:27.0807 3652 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys 19:28:27.0870 3652 SynTP - ok 19:28:28.0303 3652 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\windows\system32\sysmain.dll 19:28:28.0463 3652 SysMain - ok 19:28:28.0515 3652 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\windows\System32\TabSvc.dll 19:28:28.0624 3652 TabletInputService - ok 19:28:28.0696 3652 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\windows\System32\tapisrv.dll 19:28:28.0863 3652 TapiSrv - ok 19:28:28.0912 3652 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 19:28:29.0056 3652 TBS - ok 19:28:29.0255 3652 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys 19:28:29.0404 3652 Tcpip - ok 19:28:29.0445 3652 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys 19:28:29.0560 3652 TCPIP6 - ok 19:28:29.0615 3652 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys 19:28:29.0755 3652 tcpipreg - ok 19:28:29.0809 3652 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys 19:28:29.0877 3652 TDPIPE - ok 19:28:29.0935 3652 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\windows\system32\drivers\tdtcp.sys 19:28:29.0987 3652 TDTCP - ok 19:28:30.0031 3652 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys 19:28:30.0142 3652 tdx - ok 19:28:30.0344 3652 TeamViewer5 (2a96c8fa665c02e6ad596c321b583112) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe 19:28:30.0404 3652 TeamViewer5 - ok 19:28:30.0563 3652 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys 19:28:30.0613 3652 TermDD - ok 19:28:30.0735 3652 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\windows\System32\termsrv.dll 19:28:30.0964 3652 TermService - ok 19:28:31.0018 3652 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 19:28:31.0116 3652 Themes - ok 19:28:31.0184 3652 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 19:28:31.0306 3652 THREADORDER - ok 19:28:31.0344 3652 tpsrv - ok 19:28:31.0416 3652 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 19:28:31.0573 3652 TrkWks - ok 19:28:31.0652 3652 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\windows\servicing\TrustedInstaller.exe 19:28:31.0739 3652 TrustedInstaller - ok 19:28:31.0875 3652 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys 19:28:32.0034 3652 tssecsrv - ok 19:28:32.0119 3652 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys 19:28:32.0249 3652 tunnel - ok 19:28:32.0340 3652 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 19:28:32.0390 3652 uagp35 - ok 19:28:32.0467 3652 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys 19:28:32.0609 3652 udfs - ok 19:28:32.0700 3652 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 19:28:32.0809 3652 UI0Detect - ok 19:28:32.0929 3652 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys 19:28:32.0985 3652 uliagpkx - ok 19:28:33.0027 3652 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys 19:28:33.0094 3652 umbus - ok 19:28:33.0142 3652 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 19:28:33.0195 3652 UmPass - ok 19:28:33.0401 3652 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 19:28:33.0583 3652 upnphost - ok 19:28:33.0651 3652 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\windows\system32\Drivers\usbaapl.sys 19:28:33.0757 3652 USBAAPL - ok 19:28:33.0815 3652 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys 19:28:33.0920 3652 usbccgp - ok 19:28:34.0026 3652 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys 19:28:34.0098 3652 usbcir - ok 19:28:34.0189 3652 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys 19:28:34.0255 3652 usbehci - ok 19:28:34.0378 3652 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys 19:28:34.0495 3652 usbhub - ok 19:28:34.0571 3652 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys 19:28:34.0638 3652 usbohci - ok 19:28:34.0713 3652 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 19:28:34.0793 3652 usbprint - ok 19:28:34.0943 3652 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 19:28:35.0033 3652 usbscan - ok 19:28:35.0223 3652 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS 19:28:35.0348 3652 USBSTOR - ok 19:28:35.0453 3652 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys 19:28:35.0522 3652 usbuhci - ok 19:28:35.0799 3652 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys 19:28:35.0912 3652 usbvideo - ok 19:28:35.0989 3652 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\windows\system32\DRIVERS\usb8023x.sys 19:28:36.0063 3652 usb_rndisx - ok 19:28:36.0176 3652 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 19:28:36.0334 3652 UxSms - ok 19:28:36.0402 3652 vaiomediaplatform-photoserver-appserver - ok 19:28:36.0470 3652 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 19:28:36.0544 3652 VaultSvc - ok 19:28:36.0611 3652 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys 19:28:36.0658 3652 vdrvroot - ok 19:28:37.0350 3652 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\windows\System32\vds.exe 19:28:37.0460 3652 vds - ok 19:28:37.0527 3652 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 19:28:37.0615 3652 vga - ok 19:28:37.0680 3652 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 19:28:37.0805 3652 VgaSave - ok 19:28:37.0924 3652 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys 19:28:38.0009 3652 vhdmp - ok 19:28:38.0069 3652 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys 19:28:38.0155 3652 viaagp - ok 19:28:38.0202 3652 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 19:28:38.0269 3652 ViaC7 - ok 19:28:38.0319 3652 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys 19:28:38.0369 3652 viaide - ok 19:28:38.0464 3652 videoacceleratorengine - ok 19:28:38.0549 3652 vnxservice - ok 19:28:38.0705 3652 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys 19:28:38.0774 3652 volmgr - ok 19:28:39.0041 3652 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 19:28:39.0123 3652 volmgrx - ok 19:28:39.0370 3652 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys 19:28:39.0438 3652 volsnap - ok 19:28:39.0617 3652 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 19:28:39.0684 3652 vsmraid - ok 19:28:40.0236 3652 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\windows\system32\vssvc.exe 19:28:40.0424 3652 VSS - ok 19:28:40.0472 3652 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 19:28:40.0557 3652 vwifibus - ok 19:28:40.0663 3652 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 19:28:40.0743 3652 vwififlt - ok 19:28:40.0822 3652 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 19:28:40.0916 3652 vwifimp - ok 19:28:41.0099 3652 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 19:28:41.0266 3652 W32Time - ok 19:28:41.0353 3652 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 19:28:41.0443 3652 WacomPen - ok 19:28:41.0495 3652 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys 19:28:41.0639 3652 WANARP - ok 19:28:41.0687 3652 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys 19:28:41.0800 3652 Wanarpv6 - ok 19:28:42.0133 3652 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\windows\system32\wbengine.exe 19:28:42.0320 3652 wbengine - ok 19:28:42.0405 3652 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 19:28:42.0510 3652 WbioSrvc - ok 19:28:42.0806 3652 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\windows\WindowsMobile\wcescomm.dll 19:28:42.0892 3652 WcesComm - ok 19:28:43.0070 3652 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\windows\System32\wcncsvc.dll 19:28:43.0230 3652 wcncsvc - ok 19:28:43.0288 3652 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 19:28:43.0428 3652 WcsPlugInService - ok 19:28:43.0565 3652 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 19:28:43.0615 3652 Wd - ok 19:28:43.0744 3652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 19:28:43.0835 3652 Wdf01000 - ok 19:28:44.0058 3652 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 19:28:44.0162 3652 WdiServiceHost - ok 19:28:44.0186 3652 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 19:28:44.0262 3652 WdiSystemHost - ok 19:28:44.0353 3652 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\windows\System32\webclnt.dll 19:28:44.0470 3652 WebClient - ok 19:28:44.0599 3652 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 19:28:44.0743 3652 Wecsvc - ok 19:28:44.0788 3652 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 19:28:44.0927 3652 wercplsupport - ok 19:28:44.0995 3652 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 19:28:45.0141 3652 WerSvc - ok 19:28:45.0229 3652 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 19:28:45.0365 3652 WfpLwf - ok 19:28:45.0412 3652 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 19:28:45.0461 3652 WIMMount - ok 19:28:45.0504 3652 WinHttpAutoProxySvc - ok 19:28:45.0613 3652 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 19:28:45.0775 3652 Winmgmt - ok 19:28:46.0363 3652 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\windows\system32\WsmSvc.dll 19:28:46.0686 3652 WinRM - ok 19:28:46.0867 3652 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys 19:28:46.0938 3652 WinUsb - ok 19:28:47.0163 3652 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 19:28:47.0324 3652 Wlansvc - ok 19:28:48.0255 3652 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:28:48.0446 3652 wlidsvc - ok 19:28:48.0689 3652 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys 19:28:48.0771 3652 WmiAcpi - ok 19:28:48.0944 3652 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 19:28:49.0036 3652 wmiApSrv - ok 19:28:50.0130 3652 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe 19:28:50.0447 3652 WMPNetworkSvc - ok 19:28:50.0484 3652 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 19:28:50.0633 3652 WPCSvc - ok 19:28:50.0719 3652 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\windows\system32\wpdbusenum.dll 19:28:50.0903 3652 WPDBusEnum - ok 19:28:51.0024 3652 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 19:28:51.0153 3652 ws2ifsl - ok 19:28:51.0190 3652 WSearch - ok 19:28:52.0333 3652 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\windows\system32\wuaueng.dll 19:28:52.0632 3652 wuauserv - ok 19:28:52.0945 3652 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys 19:28:53.0075 3652 WudfPf - ok 19:28:53.0148 3652 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys 19:28:53.0328 3652 WUDFRd - ok 19:28:53.0381 3652 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll 19:28:53.0553 3652 wudfsvc - ok 19:28:53.0667 3652 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 19:28:53.0788 3652 WwanSvc - ok 19:28:53.0966 3652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 19:28:55.0071 3652 \Device\Harddisk0\DR0 - ok 19:28:55.0112 3652 Boot (0x1200) (63216fc123dfb3a96ab997153c169ae1) \Device\Harddisk0\DR0\Partition0 19:28:55.0116 3652 \Device\Harddisk0\DR0\Partition0 - ok 19:28:55.0168 3652 Boot (0x1200) (216285b664e1e91b5f69990f91c2ba61) \Device\Harddisk0\DR0\Partition1 19:28:55.0174 3652 \Device\Harddisk0\DR0\Partition1 - ok 19:28:55.0176 3652 ============================================================ 19:28:55.0176 3652 Scan finished 19:28:55.0176 3652 ============================================================ 19:28:55.0664 6800 Detected object count: 3 19:28:55.0664 6800 Actual detected object count: 3 19:36:52.0173 6800 AsusService ( UnsignedFile.Multi.Generic ) - skipped by user 19:36:52.0180 6800 AsusService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:36:52.0226 6800 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user 19:36:52.0227 6800 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:36:52.0236 6800 sursayra ( UnsignedFile.Multi.Generic ) - skipped by user 19:36:52.0237 6800 sursayra ( UnsignedFile.Multi.Generic ) - User select action: Skip

Hi Maniac, I couldn't post my TDSS log because the forum kept telling me that the post was too long, or my browser would freeze when I posted it. I'll try to post it over multiple posts, then. Sorry for the inconvenience. TDSS Log, part 1: 09:07:15.0698 1036 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43 09:07:17.0609 1036 ============================================================ 09:07:17.0610 1036 Current date / time: 2012/05/01 09:07:17.0609 09:07:17.0610 1036 SystemInfo: 09:07:17.0610 1036 09:07:17.0610 1036 OS Version: 6.1.7600 ServicePack: 0.0 09:07:17.0610 1036 Product type: Workstation 09:07:17.0611 1036 ComputerName: JONAS-NET 09:07:17.0611 1036 UserName: Sophia 09:07:17.0611 1036 Windows directory: C:\windows 09:07:17.0611 1036 System windows directory: C:\windows 09:07:17.0612 1036 Processor architecture: Intel x86 09:07:17.0612 1036 Number of processors: 2 09:07:17.0612 1036 Page size: 0x1000 09:07:17.0612 1036 Boot type: Normal boot 09:07:17.0612 1036 ============================================================ 09:07:20.0133 1036 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:07:20.0150 1036 ============================================================ 09:07:20.0150 1036 \Device\Harddisk0\DR0: 09:07:20.0151 1036 MBR partitions: 09:07:20.0151 1036 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000 09:07:20.0151 1036 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0xF5BC800 09:07:20.0151 1036 ============================================================ 09:07:20.0208 1036 C: <-> \Device\Harddisk0\DR0\Partition0 09:07:20.0311 1036 D: <-> \Device\Harddisk0\DR0\Partition1 09:07:20.0311 1036 ============================================================ 09:07:20.0311 1036 Initialize success 09:07:20.0311 1036 ============================================================ 09:07:44.0631 7864 ============================================================ 09:07:44.0631 7864 Scan started 09:07:44.0631 7864 Mode: Manual; SigCheck; TDLFS; 09:07:44.0631 7864 ============================================================ 09:07:52.0021 7864 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys 09:07:54.0416 7864 1394ohci - ok 09:07:55.0095 7864 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys 09:07:55.0651 7864 ACPI - ok 09:07:55.0783 7864 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys 09:07:56.0279 7864 AcpiPmi - ok 09:07:58.0794 7864 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 09:07:58.0886 7864 AdobeFlashPlayerUpdateSvc - ok 09:07:59.0427 7864 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 09:07:59.0808 7864 adp94xx - ok 09:08:01.0224 7864 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 09:08:02.0482 7864 adpahci - ok 09:08:02.0813 7864 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 09:08:02.0899 7864 adpu320 - ok 09:08:04.0397 7864 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 09:08:04.0936 7864 AeLookupSvc - ok 09:08:05.0606 7864 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys 09:08:06.0042 7864 AFD - ok 09:08:06.0123 7864 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys 09:08:06.0265 7864 agp440 - ok 09:08:06.0494 7864 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 09:08:06.0668 7864 aic78xx - ok 09:08:07.0050 7864 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 09:08:07.0297 7864 ALG - ok 09:08:07.0473 7864 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys 09:08:07.0525 7864 aliide - ok 09:08:07.0575 7864 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys 09:08:07.0628 7864 amdagp - ok 09:08:07.0781 7864 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys 09:08:07.0828 7864 amdide - ok 09:08:07.0887 7864 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 09:08:08.0375 7864 AmdK8 - ok 09:08:08.0569 7864 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 09:08:08.0692 7864 AmdPPM - ok 09:08:08.0911 7864 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys 09:08:09.0018 7864 amdsata - ok 09:08:09.0489 7864 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 09:08:09.0568 7864 amdsbs - ok 09:08:09.0689 7864 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys 09:08:09.0798 7864 amdxata - ok 09:08:09.0931 7864 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys 09:08:10.0220 7864 AppID - ok 09:08:10.0277 7864 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 09:08:10.0979 7864 AppIDSvc - ok 09:08:12.0756 7864 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\windows\System32\appinfo.dll 09:08:13.0727 7864 Appinfo - ok 09:08:14.0317 7864 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 09:08:14.0424 7864 Apple Mobile Device - ok 09:08:14.0673 7864 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 09:08:14.0750 7864 arc - ok 09:08:15.0305 7864 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 09:08:15.0518 7864 arcsas - ok 09:08:15.0615 7864 arkbcfltr - ok 09:08:15.0652 7864 arrayssl_vpn_service3,0,1,9 - ok 09:08:16.0143 7864 AsusService (c4fb2613d3c75364bb159b9c23a00e7a) C:\Windows\System32\AsusService.exe 09:08:16.0348 7864 AsusService ( UnsignedFile.Multi.Generic ) - warning 09:08:16.0348 7864 AsusService - detected UnsignedFile.Multi.Generic (1) 09:08:16.0501 7864 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys 09:08:18.0459 7864 aswFsBlk - ok 09:08:18.0560 7864 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys 09:08:18.0706 7864 aswMonFlt - ok 09:08:18.0775 7864 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys 09:08:18.0852 7864 aswRdr - ok 09:08:19.0263 7864 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys 09:08:19.0375 7864 aswSP - ok 09:08:19.0478 7864 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys 09:08:19.0519 7864 aswTdi - ok 09:08:19.0576 7864 aswUpdSv (5debc3519d489411073fa7e56ffb4a93) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 09:08:19.0672 7864 aswUpdSv - ok 09:08:19.0730 7864 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 09:08:20.0512 7864 AsyncMac - ok 09:08:20.0662 7864 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys 09:08:20.0708 7864 atapi - ok 09:08:21.0381 7864 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys 09:08:21.0681 7864 athr - ok 09:08:22.0244 7864 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll 09:08:22.0504 7864 AudioEndpointBuilder - ok 09:08:22.0528 7864 Audiosrv (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll 09:08:22.0687 7864 Audiosrv - ok 09:08:22.0895 7864 avast! Antivirus (0aaf6b848185899cf76ae04e62eab3d2) C:\Program Files\Alwil Software\Avast4\ashServ.exe 09:08:22.0955 7864 avast! Antivirus - ok 09:08:23.0020 7864 avast! Mail Scanner (b2f564dc59b67763c73269e1a9da7f18) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 09:08:23.0095 7864 avast! Mail Scanner - ok 09:08:23.0399 7864 avast! Web Scanner (d86010c96abadda75356834d6113d37d) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 09:08:23.0464 7864 avast! Web Scanner - ok 09:08:23.0525 7864 avg7updsvc - ok 09:08:23.0686 7864 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\windows\System32\AxInstSV.dll 09:08:23.0993 7864 AxInstSV - ok 09:08:24.0833 7864 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 09:08:25.0130 7864 b06bdrv - ok 09:08:25.0403 7864 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 09:08:25.0517 7864 b57nd60x - ok 09:08:25.0882 7864 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE 09:08:26.0023 7864 BBSvc - ok 09:08:26.0236 7864 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE 09:08:26.0466 7864 BBUpdate - ok 09:08:26.0766 7864 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 09:08:27.0078 7864 BDESVC - ok 09:08:27.0118 7864 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 09:08:27.0261 7864 Beep - ok 09:08:27.0689 7864 BITS (53f476476f55a27f580661bde09c4ec4) C:\windows\System32\qmgr.dll 09:08:28.0172 7864 BITS - ok 09:08:28.0250 7864 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 09:08:28.0456 7864 blbdrive - ok 09:08:28.0749 7864 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe 09:08:28.0841 7864 Bonjour Service - ok 09:08:29.0010 7864 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys 09:08:29.0186 7864 bowser - ok 09:08:29.0280 7864 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 09:08:29.0429 7864 BrFiltLo - ok 09:08:29.0457 7864 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 09:08:29.0551 7864 BrFiltUp - ok 09:08:29.0727 7864 Browser (598e1280e7ff3744f4b8329366cc5635) C:\windows\System32\browser.dll 09:08:29.0972 7864 Browser - ok 09:08:30.0076 7864 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 09:08:30.0200 7864 Brserid - ok 09:08:30.0298 7864 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 09:08:30.0450 7864 BrSerWdm - ok 09:08:30.0490 7864 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 09:08:30.0565 7864 BrUsbMdm - ok 09:08:30.0612 7864 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 09:08:30.0695 7864 BrUsbSer - ok 09:08:30.0779 7864 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys 09:08:30.0887 7864 BthEnum - ok 09:08:30.0956 7864 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 09:08:31.0029 7864 BTHMODEM - ok 09:08:31.0276 7864 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys 09:08:31.0378 7864 BthPan - ok 09:08:31.0739 7864 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys 09:08:31.0917 7864 BTHPORT - ok 09:08:32.0184 7864 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 09:08:32.0337 7864 bthserv - ok 09:08:32.0472 7864 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys 09:08:32.0538 7864 BTHUSB - ok 09:08:32.0703 7864 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys 09:08:32.0768 7864 btwaudio - ok 09:08:32.0843 7864 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys 09:08:32.0887 7864 btwavdt - ok 09:08:33.0320 7864 btwdins (f7434401ae320bb97903a3c1865242fb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 09:08:33.0477 7864 btwdins - ok 09:08:33.0538 7864 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys 09:08:33.0578 7864 btwl2cap - ok 09:08:33.0634 7864 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys 09:08:33.0669 7864 btwrchid - ok 09:08:33.0779 7864 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 09:08:33.0940 7864 cdfs - ok 09:08:34.0076 7864 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys 09:08:34.0196 7864 cdrom - ok 09:08:34.0329 7864 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll 09:08:34.0511 7864 CertPropSvc - ok 09:08:34.0603 7864 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 09:08:34.0686 7864 circlass - ok 09:08:34.0810 7864 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 09:08:34.0890 7864 CLFS - ok 09:08:35.0113 7864 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:08:35.0170 7864 clr_optimization_v2.0.50727_32 - ok 09:08:35.0418 7864 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:08:35.0580 7864 clr_optimization_v4.0.30319_32 - ok 09:08:35.0658 7864 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 09:08:35.0760 7864 CmBatt - ok 09:08:35.0855 7864 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys 09:08:35.0901 7864 cmdide - ok 09:08:36.0080 7864 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys 09:08:36.0198 7864 CNG - ok 09:08:36.0276 7864 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 09:08:36.0325 7864 Compbatt - ok 09:08:36.0435 7864 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys 09:08:36.0519 7864 CompositeBus - ok 09:08:36.0549 7864 COMSysApp - ok 09:08:36.0636 7864 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 09:08:36.0701 7864 crcdisk - ok 09:08:37.0002 7864 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\windows\system32\cryptsvc.dll 09:08:37.0243 7864 CryptSvc - ok 09:08:37.0377 7864 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys 09:08:37.0490 7864 ctxusbm - ok 09:08:37.0673 7864 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll 09:08:37.0864 7864 DcomLaunch - ok 09:08:38.0098 7864 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 09:08:38.0421 7864 defragsvc - ok 09:08:38.0586 7864 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys 09:08:38.0738 7864 DfsC - ok 09:08:38.0960 7864 Dhcp (c56495fbd770712367cad35e5de72da6) C:\windows\system32\dhcpcore.dll 09:08:39.0231 7864 Dhcp - ok 09:08:39.0350 7864 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 09:08:39.0534 7864 discache - ok 09:08:39.0680 7864 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 09:08:39.0729 7864 Disk - ok 09:08:40.0056 7864 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\windows\System32\dnsrslvr.dll 09:08:40.0171 7864 Dnscache - ok 09:08:40.0334 7864 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\windows\System32\dot3svc.dll 09:08:40.0515 7864 dot3svc - ok 09:08:40.0712 7864 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\windows\system32\dps.dll 09:08:40.0838 7864 DPS - ok 09:08:40.0916 7864 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 09:08:41.0041 7864 drmkaud - ok 09:08:41.0681 7864 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys 09:08:41.0796 7864 DXGKrnl - ok 09:08:41.0828 7864 DynDNS_Updater_Service - ok 09:08:42.0232 7864 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 09:08:42.0396 7864 EapHost - ok 09:08:45.0343 7864 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 09:08:45.0667 7864 ebdrv - ok 09:08:46.0786 7864 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\System32\lsass.exe 09:08:46.0891 7864 EFS - ok 09:08:47.0282 7864 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 09:08:47.0400 7864 elxstor - ok 09:08:47.0422 7864 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys 09:08:47.0488 7864 ErrDev - ok 09:08:47.0690 7864 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 09:08:47.0846 7864 EventSystem - ok 09:08:48.0014 7864 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 09:08:48.0154 7864 exfat - ok 09:08:48.0188 7864 fallback - ok 09:08:48.0244 7864 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 09:08:48.0409 7864 fastfat - ok 09:08:48.0784 7864 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\windows\system32\fxssvc.exe 09:08:49.0000 7864 Fax - ok 09:08:49.0083 7864 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 09:08:49.0206 7864 fdc - ok 09:08:49.0236 7864 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 09:08:49.0405 7864 fdPHost - ok 09:08:49.0473 7864 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 09:08:49.0644 7864 FDResPub - ok 09:08:49.0900 7864 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 09:08:50.0011 7864 FileInfo - ok 09:08:50.0108 7864 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 09:08:50.0226 7864 Filetrace - ok 09:08:50.0260 7864 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 09:08:50.0343 7864 flpydisk - ok 09:08:50.0452 7864 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 09:08:50.0512 7864 FltMgr - ok 09:08:52.0004 7864 FontCache (7fe4995528a7529a761875151ee3d512) C:\windows\system32\FntCache.dll 09:08:52.0269 7864 FontCache - ok 09:08:52.0460 7864 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:08:52.0520 7864 FontCache3.0.0.0 - ok 09:08:52.0617 7864 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 09:08:52.0743 7864 FsDepends - ok 09:08:52.0855 7864 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\windows\system32\DRIVERS\fssfltr.sys 09:08:52.0896 7864 fssfltr - ok 09:08:54.0177 7864 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 09:08:54.0374 7864 fsssvc - ok 09:08:54.0935 7864 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\windows\system32\drivers\Fs_Rec.sys 09:08:54.0983 7864 Fs_Rec - ok 09:08:55.0091 7864 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\windows\system32\drivers\ftdibus.sys 09:08:55.0155 7864 FTDIBUS - ok 09:08:55.0212 7864 ftsata2 - ok 09:08:55.0325 7864 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\windows\system32\drivers\ftser2k.sys 09:08:55.0379 7864 FTSER2K - ok 09:08:55.0559 7864 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys 09:08:55.0629 7864 fvevol - ok 09:08:55.0715 7864 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 09:08:55.0762 7864 gagp30kx - ok 09:08:55.0805 7864 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 09:08:55.0846 7864 GEARAspiWDM - ok 09:08:56.0104 7864 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\windows\System32\gpsvc.dll 09:08:56.0273 7864 gpsvc - ok 09:08:56.0499 7864 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 09:08:56.0544 7864 gupdate - ok 09:08:56.0615 7864 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 09:08:56.0660 7864 gupdatem - ok 09:08:56.0774 7864 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 09:08:56.0841 7864 gusvc - ok 09:08:56.0872 7864 hcf_msft - ok 09:08:56.0922 7864 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 09:08:57.0156 7864 hcw85cir - ok 09:08:57.0366 7864 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys 09:08:57.0483 7864 HdAudAddService - ok 09:08:57.0683 7864 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys 09:08:57.0810 7864 HDAudBus - ok 09:08:57.0901 7864 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 09:08:58.0009 7864 HidBatt - ok 09:08:58.0103 7864 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 09:08:58.0213 7864 HidBth - ok 09:08:58.0262 7864 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 09:08:58.0362 7864 HidIr - ok 09:08:58.0432 7864 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 09:08:58.0553 7864 hidserv - ok 09:08:58.0633 7864 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys 09:08:58.0730 7864 HidUsb - ok 09:08:58.0784 7864 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\windows\system32\kmsvc.dll 09:08:58.0932 7864 hkmsvc - ok 09:08:58.0978 7864 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\windows\system32\ListSvc.dll 09:08:59.0140 7864 HomeGroupListener - ok 09:08:59.0367 7864 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\windows\system32\provsvc.dll 09:08:59.0462 7864 HomeGroupProvider - ok 09:08:59.0531 7864 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys 09:08:59.0586 7864 HpSAMD - ok 09:08:59.0670 7864 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys 09:08:59.0838 7864 HTTP - ok 09:08:59.0878 7864 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys 09:08:59.0926 7864 hwpolicy - ok 09:09:00.0109 7864 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys 09:09:00.0195 7864 i8042prt - ok 09:09:00.0269 7864 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys 09:09:00.0390 7864 iaStor - ok 09:09:00.0664 7864 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys 09:09:00.0748 7864 iaStorV - ok 09:09:00.0949 7864 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:09:01.0075 7864 idsvc - ok 09:09:01.0634 7864 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys 09:09:02.0005 7864 igfx - ok 09:09:02.0163 7864 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 09:09:02.0216 7864 iirsp - ok 09:09:02.0329 7864 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\windows\System32\ikeext.dll 09:09:02.0525 7864 IKEEXT - ok 09:09:02.0970 7864 IntcAzAudAddService (e345ec27c8dff8728f5c6f0413699dc5) C:\windows\system32\drivers\RTKVHDA.sys 09:09:03.0272 7864 IntcAzAudAddService - ok 09:09:03.0436 7864 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys 09:09:03.0487 7864 intelide - ok 09:09:03.0537 7864 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 09:09:03.0608 7864 intelppm - ok 09:09:03.0665 7864 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 09:09:03.0807 7864 IPBusEnum - ok 09:09:03.0833 7864 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 09:09:03.0956 7864 IpFilterDriver - ok 09:09:04.0000 7864 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys 09:09:04.0078 7864 IPMIDRV - ok 09:09:04.0125 7864 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 09:09:04.0257 7864 IPNAT - ok 09:09:04.0377 7864 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe 09:09:04.0471 7864 iPod Service - ok 09:09:04.0514 7864 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 09:09:04.0653 7864 IRENUM - ok 09:09:04.0702 7864 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys 09:09:04.0751 7864 isapnp - ok 09:09:04.0911 7864 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys 09:09:05.0005 7864 iScsiPrt - ok 09:09:05.0080 7864 itmrtsvc - ok 09:09:05.0133 7864 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys 09:09:05.0191 7864 kbdclass - ok 09:09:05.0225 7864 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys 09:09:05.0300 7864 kbdhid - ok 09:09:05.0344 7864 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys 09:09:05.0413 7864 kbfiltr - ok 09:09:05.0472 7864 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 09:09:05.0531 7864 KeyIso - ok 09:09:05.0568 7864 klif - ok 09:09:06.0512 7864 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe 09:09:06.0622 7864 Kodak AiO Network Discovery Service - ok 09:09:06.0826 7864 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys 09:09:06.0941 7864 KSecDD - ok 09:09:07.0160 7864 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys 09:09:07.0305 7864 KSecPkg - ok 09:09:07.0580 7864 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 09:09:07.0822 7864 KtmRm - ok 09:09:08.0001 7864 L1C (a158cea8644b8a5c1ec0e9a81b70f65a) C:\windows\system32\DRIVERS\L1C62x86.sys 09:09:08.0113 7864 L1C - ok 09:09:08.0475 7864 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\windows\system32\srvsvc.dll 09:09:08.0603 7864 LanmanServer - ok 09:09:08.0784 7864 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\windows\System32\wkssvc.dll 09:09:08.0978 7864 LanmanWorkstation - ok 09:09:09.0098 7864 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 09:09:09.0216 7864 lltdio - ok 09:09:09.0339 7864 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 09:09:09.0579 7864 lltdsvc - ok 09:09:09.0613 7864 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 09:09:09.0741 7864 lmhosts - ok 09:09:09.0823 7864 LMouFilt - ok 09:09:10.0004 7864 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 09:09:10.0080 7864 LSI_FC - ok 09:09:10.0303 7864 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 09:09:10.0370 7864 LSI_SAS - ok 09:09:10.0563 7864 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 09:09:10.0872 7864 LSI_SAS2 - ok 09:09:11.0038 7864 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 09:09:11.0119 7864 LSI_SCSI - ok 09:09:11.0255 7864 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 09:09:11.0490 7864 luafv - ok 09:09:11.0523 7864 lusbaudio - ok 09:09:11.0573 7864 macformatservice - ok 09:09:11.0744 7864 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys 09:09:11.0848 7864 MBAMProtector - ok 09:09:12.0171 7864 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 09:09:12.0372 7864 MBAMService - ok 09:09:12.0496 7864 mclogmanagerservice - ok 09:09:12.0583 7864 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 09:09:12.0643 7864 megasas - ok 09:09:12.0905 7864 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 09:09:13.0000 7864 MegaSR - ok 09:09:13.0138 7864 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 09:09:13.0308 7864 MMCSS - ok 09:09:13.0398 7864 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 09:09:13.0540 7864 Modem - ok 09:09:13.0631 7864 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 09:09:13.0710 7864 monitor - ok 09:09:13.0829 7864 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys 09:09:13.0881 7864 mouclass - ok 09:09:13.0943 7864 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 09:09:14.0047 7864 mouhid - ok 09:09:14.0213 7864 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys 09:09:14.0277 7864 mountmgr - ok 09:09:14.0488 7864 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys 09:09:14.0570 7864 mpio - ok 09:09:14.0667 7864 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 09:09:14.0804 7864 mpsdrv - ok 09:09:14.0907 7864 mr2kserv - ok 09:09:15.0072 7864 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys 09:09:15.0176 7864 MRxDAV - ok 09:09:15.0237 7864 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys 09:09:15.0388 7864 mrxsmb - ok 09:09:15.0746 7864 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys 09:09:15.0952 7864 mrxsmb10 - ok 09:09:16.0117 7864 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys 09:09:16.0241 7864 mrxsmb20 - ok 09:09:16.0352 7864 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys 09:09:16.0409 7864 msahci - ok 09:09:16.0538 7864 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys 09:09:16.0613 7864 msdsm - ok 09:09:16.0840 7864 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 09:09:16.0943 7864 MSDTC - ok 09:09:17.0030 7864 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 09:09:17.0165 7864 Msfs - ok 09:09:17.0195 7864 msfwsvc - ok 09:09:17.0238 7864 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 09:09:17.0378 7864 mshidkmdf - ok 09:09:17.0434 7864 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys 09:09:17.0490 7864 msisadrv - ok 09:09:17.0677 7864 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 09:09:17.0856 7864 MSiSCSI - ok 09:09:17.0871 7864 msiserver - ok 09:09:17.0942 7864 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 09:09:18.0093 7864 MSKSSRV - ok 09:09:18.0127 7864 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 09:09:18.0243 7864 MSPCLOCK - ok 09:09:18.0366 7864 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 09:09:18.0506 7864 MSPQM - ok 09:09:18.0835 7864 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 09:09:18.0942 7864 MsRPC - ok 09:09:19.0157 7864 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys 09:09:19.0211 7864 mssmbios - ok 09:09:19.0273 7864 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 09:09:19.0410 7864 MSTEE - ok 09:09:19.0462 7864 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 09:09:19.0544 7864 MTConfig - ok 09:09:19.0647 7864 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 09:09:19.0700 7864 Mup - ok 09:09:20.0371 7864 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\windows\system32\qagentRT.dll 09:09:20.0659 7864 napagent - ok 09:09:20.0890 7864 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 09:09:21.0062 7864 NativeWifiP - ok 09:09:21.0847 7864 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys 09:09:21.0991 7864 NDIS - ok 09:09:22.0034 7864 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 09:09:22.0204 7864 NdisCap - ok 09:09:22.0294 7864 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 09:09:22.0455 7864 NdisTapi - ok 09:09:22.0576 7864 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys 09:09:22.0714 7864 Ndisuio - ok 09:09:22.0896 7864 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys 09:09:23.0039 7864 NdisWan - ok 09:09:23.0127 7864 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys 09:09:23.0243 7864 NDProxy - ok 09:09:23.0302 7864 Netaapl (29c45722e20572b6440b57e3359e73ee) C:\windows\system32\DRIVERS\netaapl.sys 09:09:23.0411 7864 Netaapl - ok 09:09:23.0499 7864 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 09:09:23.0665 7864 NetBIOS - ok 09:09:24.0000 7864 NetBT (14797e657fcfe2f62b1c315bfd6b9006) C:\windows\system32\DRIVERS\netbt.sys 09:09:24.0130 7864 NetBT ( UnsignedFile.Multi.Generic ) - warning 09:09:24.0130 7864 NetBT - detected UnsignedFile.Multi.Generic (1) 09:09:24.0227 7864 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 09:09:24.0293 7864 Netlogon - ok 09:09:24.0886 7864 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 09:09:25.0288 7864 Netman - ok 09:09:26.0002 7864 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 09:09:26.0236 7864 netprofm - ok 09:09:26.0676 7864 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 09:09:26.0765 7864 NetTcpPortSharing - ok 09:09:26.0882 7864 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 09:09:26.0931 7864 nfrd960 - ok 09:09:27.0367 7864 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\windows\System32\nlasvc.dll 09:09:27.0605 7864 NlaSvc - ok 09:09:27.0692 7864 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 09:09:27.0807 7864 Npfs - ok 09:09:27.0922 7864 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 09:09:28.0046 7864 nsi - ok 09:09:28.0098 7864 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 09:09:28.0254 7864 nsiproxy - ok 09:09:30.0293 7864 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys 09:09:30.0464 7864 Ntfs - ok 09:09:30.0479 7864 ntlmssp - ok 09:09:30.0551 7864 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 09:09:30.0691 7864 Null - ok 09:09:30.0903 7864 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys 09:09:31.0064 7864 nvraid - ok 09:09:31.0319 7864 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys 09:09:31.0426 7864 nvstor - ok 09:09:31.0664 7864 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys 09:09:31.0757 7864 nv_agp - ok 09:09:32.0869 7864 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:09:33.0220 7864 odserv - ok 09:09:33.0361 7864 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys 09:09:33.0424 7864 ohci1394 - ok 09:09:33.0676 7864 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:09:33.0770 7864 ose - ok 09:09:34.0245 7864 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 09:09:34.0525 7864 p2pimsvc - ok 09:09:35.0160 7864 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 09:09:35.0501 7864 p2psvc - ok 09:09:35.0708 7864 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 09:09:35.0844 7864 Parport - ok 09:09:36.0035 7864 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys 09:09:36.0139 7864 partmgr - ok 09:09:36.0198 7864 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 09:09:36.0284 7864 Parvdm - ok 09:09:36.0646 7864 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 09:09:36.0785 7864 PcaSvc - ok 09:09:37.0105 7864 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys 09:09:37.0250 7864 pci - ok 09:09:37.0308 7864 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys 09:09:37.0354 7864 pciide - ok 09:09:37.0609 7864 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 09:09:37.0714 7864 pcmcia - ok 09:09:37.0825 7864 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 09:09:37.0873 7864 pcw - ok 09:09:38.0679 7864 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 09:09:39.0077 7864 PEAUTH - ok 09:09:40.0864 7864 pla (9c1bff7910c89a1d12e57343475840cb) C:\windows\system32\pla.dll 09:09:41.0225 7864 pla - ok 09:09:42.0989 7864 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\windows\system32\umpnpmgr.dll 09:09:43.0223 7864 PlugPlay - ok 09:09:43.0286 7864 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 09:09:43.0382 7864 PNRPAutoReg - ok 09:09:43.0883 7864 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 09:09:43.0955 7864 PNRPsvc - ok 09:09:44.0284 7864 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\windows\system32\DRIVERS\point32.sys 09:09:44.0341 7864 Point32 - ok 09:09:44.0472 7864 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\windows\System32\ipsecsvc.dll 09:09:44.0724 7864 PolicyAgent - ok 09:09:44.0991 7864 Power (dbff83f709a91049621c1d35dd45c92c) C:\windows\system32\umpo.dll 09:09:45.0251 7864 Power - ok 09:09:45.0318 7864 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 09:09:45.0436 7864 PptpMiniport - ok 09:09:45.0472 7864 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 09:09:45.0538 7864 Processor - ok 09:09:45.0584 7864 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\windows\system32\profsvc.dll 09:09:45.0754 7864 ProfSvc - ok 09:09:45.0848 7864 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 09:09:45.0905 7864 ProtectedStorage - ok 09:09:46.0033 7864 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 09:09:46.0167 7864 Psched - ok 09:09:46.0195 7864 qbposdbservices - ok 09:09:46.0450 7864 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 09:09:46.0616 7864 ql2300 - ok 09:09:46.0810 7864 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 09:09:46.0871 7864 ql40xx - ok 09:09:46.0941 7864 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 09:09:47.0042 7864 QWAVE - ok 09:09:47.0081 7864 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 09:09:47.0160 7864 QWAVEdrv - ok 09:09:47.0238 7864 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\windows\WindowsMobile\rapimgr.dll 09:09:47.0299 7864 RapiMgr - ok 09:09:47.0345 7864 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 09:09:47.0470 7864 RasAcd - ok 09:09:47.0512 7864 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 09:09:47.0647 7864 RasAgileVpn - ok 09:09:47.0702 7864 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 09:09:47.0836 7864 RasAuto - ok 09:09:47.0870 7864 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 09:09:47.0997 7864 Rasl2tp - ok 09:09:48.0041 7864 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\windows\System32\rasmans.dll 09:09:48.0194 7864 RasMan - ok 09:09:48.0228 7864 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 09:09:48.0344 7864 RasPppoe - ok 09:09:48.0400 7864 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 09:09:48.0508 7864 RasSstp - ok 09:09:48.0573 7864 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys 09:09:48.0731 7864 rdbss - ok 09:09:48.0800 7864 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 09:09:48.0899 7864 rdpbus - ok 09:09:48.0924 7864 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys 09:09:49.0051 7864 RDPCDD - ok 09:09:49.0138 7864 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 09:09:49.0257 7864 RDPENCDD - ok 09:09:49.0297 7864 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 09:09:49.0422 7864 RDPREFMP - ok 09:09:49.0485 7864 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\windows\system32\drivers\RDPWD.sys 09:09:49.0600 7864 RDPWD - ok 09:09:49.0663 7864 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys 09:09:49.0727 7864 rdyboost - ok 09:09:49.0790 7864 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 09:09:49.0915 7864 RemoteAccess - ok 09:09:49.0964 7864 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 09:09:50.0097 7864 RemoteRegistry - ok 09:09:50.0154 7864 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys 09:09:50.0230 7864 RFCOMM - ok 09:09:50.0369 7864 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 09:09:50.0533 7864 RpcEptMapper - ok 09:09:50.0575 7864 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 09:09:50.0652 7864 RpcLocator - ok 09:09:50.0718 7864 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll 09:09:50.0850 7864 RpcSs - ok 09:09:50.0896 7864 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 09:09:51.0026 7864 rspndr - ok 09:09:51.0060 7864 s116obex - ok 09:09:51.0109 7864 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 09:09:51.0173 7864 SamSs - ok 09:09:51.0311 7864 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys 09:09:51.0384 7864 sbp2port - ok 09:09:51.0576 7864 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 09:09:51.0732 7864 SCardSvr - ok 09:09:51.0759 7864 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys 09:09:51.0878 7864 scfilter - ok 09:09:51.0991 7864 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\windows\system32\schedsvc.dll 09:09:52.0166 7864 Schedule - ok 09:09:52.0201 7864 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll 09:09:52.0324 7864 SCPolicySvc - ok 09:09:52.0374 7864 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\windows\System32\SDRSVC.dll 09:09:52.0508 7864 SDRSVC - ok 09:09:52.0542 7864 se58unic - ok 09:09:52.0593 7864 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 09:09:52.0739 7864 secdrv - ok 09:09:52.0778 7864 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 09:09:52.0936 7864 seclogon - ok 09:09:52.0971 7864 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 09:09:53.0129 7864 SENS - ok 09:09:53.0234 7864 ser2at (0d78c1c2469888bd18e25406ee9b41f6) C:\windows\system32\DRIVERS\ser2at.sys 09:09:53.0312 7864 ser2at - ok 09:09:53.0365 7864 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 09:09:53.0430 7864 Serenum - ok 09:09:53.0475 7864 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 09:09:53.0542 7864 Serial - ok 09:09:53.0573 7864 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 09:09:53.0674 7864 sermouse - ok 09:09:53.0753 7864 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\windows\system32\sessenv.dll 09:09:53.0924 7864 SessionEnv - ok 09:09:53.0976 7864 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys 09:09:54.0043 7864 sffdisk - ok 09:09:54.0085 7864 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys 09:09:54.0162 7864 sffp_mmc - ok 09:09:54.0190 7864 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys 09:09:54.0276 7864 sffp_sd - ok 09:09:54.0341 7864 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 09:09:54.0401 7864 sfloppy - ok 09:09:54.0492 7864 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 09:09:54.0644 7864 SharedAccess - ok 09:09:54.0704 7864 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\windows\System32\shsvcs.dll 09:09:54.0812 7864 ShellHWDetection - ok 09:09:54.0859 7864 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys 09:09:54.0928 7864 sisagp - ok 09:09:54.0977 7864 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 09:09:55.0033 7864 SiSRaid2 - ok 09:09:55.0079 7864 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 09:09:55.0131 7864 SiSRaid4 - ok 09:09:55.0175 7864 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 09:09:55.0331 7864 Smb - ok 09:09:55.0416 7864 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 09:09:55.0504 7864 SNMPTRAP - ok 09:09:55.0552 7864 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 09:09:55.0605 7864 spldr - ok 09:09:55.0666 7864 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\windows\System32\spoolsv.exe 09:09:55.0788 7864 Spooler - ok 09:09:56.0076 7864 sppsvc (4c287f9069fedbd791178876ee9de536) C:\windows\system32\sppsvc.exe 09:09:56.0346 7864 sppsvc - ok 09:09:56.0878 7864 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\windows\system32\sppuinotify.dll 09:09:57.0170 7864 sppuinotify - ok 09:09:57.0302 7864 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys 09:09:57.0441 7864 srv - ok 09:09:57.0530 7864 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys 09:09:57.0657 7864 srv2 - ok 09:09:57.0699 7864 SRVLOC - ok 09:09:57.0761 7864 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys 09:09:57.0875 7864 srvnet - ok 09:09:57.0918 7864 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 09:09:58.0093 7864 SSDPSRV - ok 09:09:58.0144 7864 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 09:09:58.0327 7864 SstpSvc - ok 09:09:58.0380 7864 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 09:09:58.0437 7864 stexstor - ok 09:09:58.0617 7864 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\windows\System32\wiaservc.dll 09:09:58.0779 7864 StiSvc - ok 09:09:58.0854 7864 sursayra (e6d35f3aa51a65eb35c1f2340154a25e) C:\windows\system32\drivers\jxgc.sys 09:09:58.0911 7864 sursayra ( UnsignedFile.Multi.Generic ) - warning 09:09:58.0911 7864 sursayra - detected UnsignedFile.Multi.Generic (1) 09:09:58.0956 7864 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys 09:09:59.0012 7864 swenum - ok 09:09:59.0081 7864 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 09:09:59.0250 7864 swprv - ok 09:09:59.0314 7864 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys 09:09:59.0369 7864 SynTP - ok 09:09:59.0486 7864 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\windows\system32\sysmain.dll 09:09:59.0619 7864 SysMain - ok 09:09:59.0649 7864 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\windows\System32\TabSvc.dll 09:09:59.0767 7864 TabletInputService - ok 09:09:59.0817 7864 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\windows\System32\tapisrv.dll 09:09:59.0972 7864 TapiSrv - ok 09:10:00.0023 7864 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 09:10:00.0167 7864 TBS - ok 09:10:00.0401 7864 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys 09:10:00.0540 7864 Tcpip - ok 09:10:00.0603 7864 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys 09:10:00.0721 7864 TCPIP6 - ok 09:10:00.0804 7864 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys 09:10:00.0926 7864 tcpipreg - ok 09:10:00.0954 7864 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys 09:10:01.0012 7864 TDPIPE - ok 09:10:01.0058 7864 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\windows\system32\drivers\tdtcp.sys 09:10:01.0125 7864 TDTCP - ok 09:10:01.0154 7864 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys 09:10:01.0264 7864 tdx - ok 09:10:01.0398 7864 TeamViewer5 (2a96c8fa665c02e6ad596c321b583112) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe 09:10:01.0451 7864 TeamViewer5 - ok 09:10:01.0488 7864 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys 09:10:01.0538 7864 TermDD - ok 09:10:01.0613 7864 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\windows\System32\termsrv.dll 09:10:01.0784 7864 TermService - ok 09:10:01.0810 7864 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 09:10:01.0895 7864 Themes - ok 09:10:01.0937 7864 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 09:10:02.0054 7864 THREADORDER - ok 09:10:02.0087 7864 tpsrv - ok 09:10:02.0131 7864 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 09:10:02.0292 7864 TrkWks - ok 09:10:02.0378 7864 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\windows\servicing\TrustedInstaller.exe 09:10:02.0467 7864 TrustedInstaller - ok 09:10:02.0527 7864 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys 09:10:02.0648 7864 tssecsrv - ok 09:10:02.0714 7864 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys 09:10:02.0843 7864 tunnel - ok 09:10:02.0891 7864 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 09:10:02.0941 7864 uagp35 - ok 09:10:02.0984 7864 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys 09:10:03.0108 7864 udfs - ok 09:10:03.0162 7864 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 09:10:03.0248 7864 UI0Detect - ok 09:10:03.0305 7864 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys 09:10:03.0355 7864 uliagpkx - ok 09:10:03.0402 7864 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys 09:10:03.0458 7864 umbus - ok 09:10:03.0484 7864 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 09:10:03.0538 7864 UmPass - ok 09:10:03.0597 7864 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 09:10:03.0778 7864 upnphost - ok 09:10:03.0816 7864 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\windows\system32\Drivers\usbaapl.sys 09:10:03.0892 7864 USBAAPL - ok 09:10:03.0935 7864 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys 09:10:04.0041 7864 usbccgp - ok 09:10:04.0092 7864 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys 09:10:04.0157 7864 usbcir - ok 09:10:04.0201 7864 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys 09:10:04.0282 7864 usbehci - ok 09:10:04.0387 7864 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys 09:10:04.0473 7864 usbhub - ok 09:10:04.0505 7864 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys 09:10:04.0570 7864 usbohci - ok 09:10:04.0644 7864 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 09:10:04.0748 7864 usbprint - ok 09:10:04.0807 7864 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 09:10:04.0894 7864 usbscan - ok 09:10:04.0939 7864 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS 09:10:05.0054 7864 USBSTOR - ok 09:10:05.0092 7864 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys 09:10:05.0160 7864 usbuhci - ok 09:10:05.0209 7864 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys 09:10:05.0297 7864 usbvideo - ok 09:10:05.0341 7864 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\windows\system32\DRIVERS\usb8023x.sys 09:10:05.0425 7864 usb_rndisx - ok 09:10:05.0457 7864 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 09:10:05.0579 7864 UxSms - ok 09:10:05.0619 7864 vaiomediaplatform-photoserver-appserver - ok 09:10:05.0669 7864 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe 09:10:05.0725 7864 VaultSvc - ok 09:10:05.0753 7864 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys 09:10:05.0799 7864 vdrvroot - ok 09:10:05.0884 7864 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\windows\System32\vds.exe 09:10:05.0997 7864 vds - ok 09:10:06.0043 7864 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 09:10:06.0108 7864 vga - ok 09:10:06.0140 7864 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 09:10:06.0270 7864 VgaSave - ok 09:10:06.0315 7864 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys 09:10:06.0372 7864 vhdmp - ok 09:10:06.0406 7864 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys 09:10:06.0456 7864 viaagp - ok 09:10:06.0486 7864 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 09:10:06.0553 7864 ViaC7 - ok 09:10:06.0581 7864 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys 09:10:06.0629 7864 viaide - ok 09:10:06.0655 7864 videoacceleratorengine - ok 09:10:06.0688 7864 vnxservice - ok 09:10:06.0741 7864 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys 09:10:06.0798 7864 volmgr - ok 09:10:06.0844 7864 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 09:10:06.0917 7864 volmgrx - ok 09:10:06.0964 7864 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys 09:10:07.0042 7864 volsnap - ok 09:10:07.0089 7864 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 09:10:07.0153 7864 vsmraid - ok 09:10:07.0272 7864 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\windows\system32\vssvc.exe 09:10:07.0406 7864 VSS - ok 09:10:07.0430 7864 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 09:10:07.0499 7864 vwifibus - ok 09:10:07.0537 7864 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 09:10:07.0605 7864 vwififlt - ok 09:10:07.0653 7864 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 09:10:07.0718 7864 vwifimp - ok 09:10:07.0804 7864 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 09:10:07.0989 7864 W32Time - ok 09:10:08.0051 7864 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 09:10:08.0109 7864 WacomPen - ok 09:10:08.0159 7864 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys 09:10:08.0277 7864 WANARP - ok 09:10:08.0309 7864 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys 09:10:08.0423 7864 Wanarpv6 - ok 09:10:08.0557 7864 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\windows\system32\wbengine.exe 09:10:08.0732 7864 wbengine - ok 09:10:08.0790 7864 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 09:10:08.0890 7864 WbioSrvc - ok 09:10:08.0978 7864 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\windows\WindowsMobile\wcescomm.dll 09:10:09.0049 7864 WcesComm - ok 09:10:09.0121 7864 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\windows\System32\wcncsvc.dll 09:10:09.0248 7864 wcncsvc - ok 09:10:09.0287 7864 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 09:10:09.0421 7864 WcsPlugInService - ok 09:10:09.0493 7864 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 09:10:09.0543 7864 Wd - ok 09:10:09.0885 7864 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 09:10:09.0980 7864 Wdf01000 - ok 09:10:10.0032 7864 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 09:10:10.0125 7864 WdiServiceHost - ok 09:10:10.0137 7864 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 09:10:10.0228 7864 WdiSystemHost - ok 09:10:10.0311 7864 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\windows\System32\webclnt.dll 09:10:10.0430 7864 WebClient - ok 09:10:10.0483 7864 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 09:10:10.0634 7864 Wecsvc - ok 09:10:10.0681 7864 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 09:10:10.0803 7864 wercplsupport - ok 09:10:10.0868 7864 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 09:10:11.0005 7864 WerSvc - ok 09:10:11.0047 7864 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 09:10:11.0159 7864 WfpLwf - ok 09:10:11.0201 7864 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 09:10:11.0247 7864 WIMMount - ok 09:10:11.0281 7864 WinHttpAutoProxySvc - ok 09:10:11.0365 7864 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 09:10:11.0504 7864 Winmgmt - ok 09:10:11.0638 7864 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\windows\system32\WsmSvc.dll 09:10:11.0830 7864 WinRM - ok 09:10:11.0966 7864 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys 09:10:12.0041 7864 WinUsb - ok 09:10:12.0151 7864 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 09:10:12.0306 7864 Wlansvc - ok 09:10:12.0562 7864 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 09:10:12.0727 7864 wlidsvc - ok 09:10:12.0911 7864 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys 09:10:12.0982 7864 WmiAcpi - ok 09:10:13.0091 7864 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 09:10:13.0182 7864 wmiApSrv - ok 09:10:13.0374 7864 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe 09:10:13.0568 7864 WMPNetworkSvc - ok 09:10:13.0606 7864 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 09:10:13.0724 7864 WPCSvc - ok 09:10:13.0758 7864 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\windows\system32\wpdbusenum.dll 09:10:13.0903 7864 WPDBusEnum - ok 09:10:13.0990 7864 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 09:10:14.0108 7864 ws2ifsl - ok 09:10:14.0128 7864 WSearch - ok 09:10:14.0327 7864 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\windows\system32\wuaueng.dll 09:10:14.0634 7864 wuauserv - ok 09:10:14.0824 7864 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys 09:10:14.0960 7864 WudfPf - ok 09:10:15.0024 7864 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys 09:10:15.0152 7864 WUDFRd - ok 09:10:15.0227 7864 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll 09:10:15.0395 7864 wudfsvc - ok 09:10:15.0632 7864 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 09:10:15.0755 7864 WwanSvc - ok 09:10:15.0867 7864 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 09:10:16.0081 7864 \Device\Harddisk0\DR0 - ok 09:10:16.0092 7864 Boot (0x1200) (63216fc123dfb3a96ab997153c169ae1) \Device\Harddisk0\DR0\Partition0 09:10:16.0096 7864 \Device\Harddisk0\DR0\Partition0 - ok 09:10:16.0134 7864 Boot (0x1200) (216285b664e1e91b5f69990f91c2ba61) \Device\Harddisk0\DR0\Partition1 09:10:16.0138 7864 \Device\Harddisk0\DR0\Partition1 - ok

Hi Maniac, Thank you so much for your help. I have decided to try and remove the Rootkits before reformatting...I followed your instructions and attached my logs. For the TDSSKiller, none of the three processes found could be cured so I skipped them all. I have attached the log. For MalwareBytes, I followed your instructions and removed the one process found. Here is the log: Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.01.09 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Sophia :: JONAS-NET [administrator] Protection: Enabled 01/05/2012 7:37:10 PM mbam-log-2012-05-01 (19-37-10).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 223956 Time elapsed: 17 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\System32\backupexecrpcservice.dll (RootKit.0Access.H) -> Quarantined and deleted successfully. (end) MalwareBytes has given me warnings about the following processes in the past couple hours - after I had already scanned, removed, and restarted. C:\WINDOWS\SYSTEM32\SYMMPI.DLL ROOTKIT.0ACCESS.H C:\WINDOWS\SYSTEM32\VX1000.DLL ROOTKIT.0ACCESS.H C:\WINDOWS\SYSTEM32\CDRBSDRV.DLL ROOTKIT.0ACCESS.H I chose to quarantine all these files, but clearly something is still at work on my computer. Here is the DDS log (I have attached the other one): . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Sophia at 20:54:23 on 2012-05-01 Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.203 [GMT -7:00] . AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Citrix\ICA Client\ssonsvr.exe C:\windows\system32\Dwm.exe C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe C:\windows\Explorer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\windows\System32\spoolsv.exe C:\Windows\WindowsMobile\wmdc.exe C:\windows\system32\taskhost.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Windows\System32\AsusService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE C:\Program Files\EeePC\HotkeyService\HotkeyService.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\ASUS\Eee Docking\Eee Docking.exe C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\svchost.exe -k WindowsMobile C:\windows\system32\wbem\wmiprvse.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\windows\system32\svchost.exe -k bthsvcs C:\Program Files\Citrix\ICA Client\PNAMAIN.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\windows\system32\notepad.exe C:\Program Files\Windows Live\Companion\companionuser.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\taskmgr.exe C:\windows\system32\svchost.exe -k SDRSVC C:\Program Files\Opera\opera.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\windows\system32\taskhost.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\windows\system32\conhost.exe C:\windows\system32\conhost.exe C:\windows\system32\conhost.exe C:\ProgramData\JByNm7Ot.exe C:\windows\system32\conhost.exe C:\ProgramData\JByNm7Ot.exe C:\ProgramData\JByNm7Ot.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft\BingBar\BingBar.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Microsoft\BingBar\BingApp.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files\Internet Explorer\iexplore.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com uDefault_Page_URL = hxxp://asus.msn.com uWinlogon: Shell=c:\program files\oceanis\systemsetting\WallPaperAgent.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex \AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer \SkypeIEPlugin.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared \windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live \companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar \GoogleToolbar_32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Windows 7 Starter Helper: {d381ff29-7cfb-4d4e-b92a-c4eddc696614} - c:\program files\oceanis\systemsetting \StarterHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe uRun: [googletalk] c:\users\sophia\appdata\roaming\google\google talk\googletalk.exe /autostart uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe mRun: [superHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exe mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe" mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Conime] %windir%\system32\conime.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray StartupFolder: c:\users\sophia\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files \openoffice.org 3\program\quickstart.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe \AsusVibeLauncher.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hotkey~1.lnk - c:\program files\eeepc\hotkeyservice \HotKeyMon.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\online~1.lnk - c:\windows\installer\{b8a2256e-6225- 4d9e-b1c9-c26ca1e22feb}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tmchlang.lnk - c:\program files\trend micro\internet security\TmChLang.exe uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live \companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer \WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c: \progra~1\micros~2\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars \internet explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars \internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c: \progra~1\micros~2\office12\REFIEBAR.DLL LSP: mswsock.dll DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100 TCP: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD} : DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\24C454E4A502552434 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\742796E646 : DhcpNameServer = 192.168.1.1 64.59.150.134 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\751667563734F666665656 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{853186AB-46C4-45FE-B101-4168BC3608D6} : DhcpNameServer = 64.71.255.198 64.71.255.253 TCP: Interfaces\{F3DE0D00-0A55-4134-BAD8-1F1FA770FF7B} : DhcpNameServer = 192.168.0.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery \AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll . ============= SERVICES / DRIVERS =============== . . =============== Created Last 30 ================ . 2012-05-01 16:12:03 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-05-01 06:32:29 388096 ----a-r- c:\users\sophia\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4 -12fcba4883d7}\HiJackThis.exe 2012-05-01 06:32:28 -------- d-----w- c:\program files\Trend Micro 2012-04-30 15:53:45 -------- d-----w- c:\users\sophia\appdata\local\{F86687B7-AB8A-4FD4-9535-43E43B885297} 2012-04-30 15:52:36 -------- d-----w- c:\users\sophia\appdata\local\{55A5E1F2-E45A-4C22-9824-DDB986C07951} 2012-04-30 06:37:26 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-30 06:29:43 -------- d-----w- c:\users\sophia\appdata\local\{C2D573D6-F57C-45A5-AA3B-FC96F238D57E} 2012-04-30 05:54:23 -------- d-----w- c:\users\sophia\appdata\roaming\Malwarebytes 2012-04-30 05:53:57 -------- d-----w- c:\programdata\Malwarebytes 2012-04-30 05:53:52 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-30 05:53:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-30 04:19:54 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-04-30 04:19:53 -------- d-----w- c:\program files\common files\PC Tools 2012-04-30 04:19:50 -------- d-----w- c:\program files\PC Tools 2012-04-30 04:15:21 -------- d-----w- c:\programdata\PC Tools 2012-04-30 04:15:12 -------- d-----w- c:\users\sophia\appdata\roaming\TestApp 2012-04-30 04:10:29 87552 ----a-w- c:\programdata\JByNm7Ot.exe 2012-04-30 03:50:15 0 --sha-w- c:\windows\system32\dds_trash_log.cmd 2012-04-30 03:49:43 -------- d-----w- c:\program files\common files\Media 2012-04-30 03:49:37 -------- d-----w- c:\programdata\F4D55F0200049ADC0021DE69A60145BE 2012-04-27 21:01:17 6734704 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{38bc171e-8ac5- 4f99-8e67-a1c16fba402c}\mpengine.dll 2012-04-12 13:42:42 -------- d-----w- c:\users\sophia\appdata\local\{4790FD7E-E933-47BB-A5ED-236E5AB64449} 2012-04-11 14:13:43 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-11 14:13:42 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-11 14:13:42 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-04-11 14:13:41 158720 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-11 14:12:45 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-11 14:12:40 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-06 20:48:23 -------- d-----w- c:\users\sophia\appdata\roaming\OpenOffice.org . ==================== Find3M ==================== . 2012-04-30 06:37:26 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-05 04:39:54 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-03 00:00:00 197120 ----a-w- c:\windows\system32\bzpdf.dll 2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-23 17:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-15 05:44:57 826368 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-15 04:22:43 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-15 04:22:18 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 05:41:38 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:41:20 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-02-10 05:41:20 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-02-10 05:41:20 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-02-10 05:41:19 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-02-07 18:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-02-03 04:01:58 2341376 ----a-w- c:\windows\system32\win32k.sys . ============= FINISH: 20:59:14.12 =============== Thank you very much for your help! TDSSKiller.2.7.33.0_01.05.2012_09.07.15_log.txtAttach.txt

Hello, Yesterday I managed to come down with an ugly mass of malware including Smart Fortress 2012. I downloaded MalwareBytes which thankfully got my computer running again, but is still giving me repeated warnings about blocking Rootkit 0Access.H. Everytime I scan, I find another bunch of the rootkits. Here are my DDS logs: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Sophia at 23:37:53 on 2012-04-30 Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.80 [GMT -7:00] . AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Citrix\ICA Client\ssonsvr.exe C:\windows\system32\Dwm.exe C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe C:\windows\Explorer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\WindowsMobile\wmdc.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Winamp\winampa.exe C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\windows\System32\spoolsv.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\windows\system32\taskhost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ASUS\Eee Docking\Eee Docking.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE C:\Windows\System32\AsusService.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\EeePC\HotkeyService\HotkeyService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\windows\System32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\svchost.exe -k WindowsMobile C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Citrix\ICA Client\PNAMAIN.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\windows\system32\svchost.exe -k bthsvcs C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\windows\system32\taskhost.exe C:\Users\Sophia\AppData\Roaming\Google\Google Talk\googletalk.exe C:\windows\system32\conhost.exe C:\Program Files\Opera\opera.exe C:\windows\system32\conhost.exe C:\windows\system32\msiexec.exe C:\windows\System32\svchost.exe -k swprv C:\windows\system32\NOTEPAD.EXE C:\windows\system32\conhost.exe C:\windows\System32\svchost.exe -k WerSvcGroup C:\windows\system32\conhost.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com uDefault_Page_URL = hxxp://asus.msn.com uWinlogon: Shell=c:\program files\oceanis\systemsetting\WallPaperAgent.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Windows 7 Starter Helper: {d381ff29-7cfb-4d4e-b92a-c4eddc696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe uRun: [googletalk] c:\users\sophia\appdata\roaming\google\google talk\googletalk.exe /autostart uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe mRun: [superHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exe mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe" mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Conime] %windir%\system32\conime.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript StartupFolder: c:\users\sophia\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hotkey~1.lnk - c:\program files\eeepc\hotkeyservice\HotKeyMon.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\online~1.lnk - c:\windows\installer\{b8a2256e-6225-4d9e-b1c9-c26ca1e22feb}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tmchlang.lnk - c:\program files\trend micro\internet security\TmChLang.exe uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL LSP: mswsock.dll DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100 TCP: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD} : DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\24C454E4A502552434 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\742796E646 : DhcpNameServer = 192.168.1.1 64.59.150.134 TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\751667563734F666665656 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{853186AB-46C4-45FE-B101-4168BC3608D6} : DhcpNameServer = 64.71.255.198 64.71.255.253 TCP: Interfaces\{F3DE0D00-0A55-4134-BAD8-1F1FA770FF7B} : DhcpNameServer = 192.168.0.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll . ============= SERVICES / DRIVERS =============== . R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-5 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-5 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-12-5 53328] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-12-6 29472] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] . =============== Created Last 30 ================ . 2012-05-01 06:32:29 388096 ----a-r- c:\users\sophia\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2012-05-01 06:32:28 -------- d-----w- c:\program files\Trend Micro 2012-05-01 06:22:15 54016 ----a-w- c:\windows\system32\drivers\jxgc.sys 2012-04-30 15:53:45 -------- d-----w- c:\users\sophia\appdata\local\{F86687B7-AB8A-4FD4-9535-43E43B885297} 2012-04-30 15:52:36 -------- d-----w- c:\users\sophia\appdata\local\{55A5E1F2-E45A-4C22-9824-DDB986C07951} 2012-04-30 06:37:26 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-30 06:29:43 -------- d-----w- c:\users\sophia\appdata\local\{C2D573D6-F57C-45A5-AA3B-FC96F238D57E} 2012-04-30 05:54:23 -------- d-----w- c:\users\sophia\appdata\roaming\Malwarebytes 2012-04-30 05:53:57 -------- d-----w- c:\programdata\Malwarebytes 2012-04-30 05:53:52 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-30 05:53:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-30 04:19:54 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-04-30 04:19:53 -------- d-----w- c:\program files\common files\PC Tools 2012-04-30 04:19:50 -------- d-----w- c:\program files\PC Tools 2012-04-30 04:15:21 -------- d-----w- c:\programdata\PC Tools 2012-04-30 04:15:12 -------- d-----w- c:\users\sophia\appdata\roaming\TestApp 2012-04-30 04:10:29 87552 ----a-w- c:\programdata\JByNm7Ot.exe 2012-04-30 03:50:15 0 --sha-w- c:\windows\system32\dds_trash_log.cmd 2012-04-30 03:49:43 -------- d-----w- c:\program files\common files\Media 2012-04-30 03:49:37 -------- d-----w- c:\programdata\F4D55F0200049ADC0021DE69A60145BE 2012-04-27 21:01:17 6734704 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{38bc171e-8ac5-4f99-8e67-a1c16fba402c}\mpengine.dll 2012-04-12 13:42:42 -------- d-----w- c:\users\sophia\appdata\local\{4790FD7E-E933-47BB-A5ED-236E5AB64449} 2012-04-11 14:13:43 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-11 14:13:42 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-11 14:13:42 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-04-11 14:13:41 158720 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-11 14:12:45 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-11 14:12:40 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-06 20:48:23 -------- d-----w- c:\users\sophia\appdata\roaming\OpenOffice.org . ==================== Find3M ==================== . 2012-04-30 06:37:26 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-05 04:39:54 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-03 00:00:00 197120 ----a-w- c:\windows\system32\bzpdf.dll 2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-23 17:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-15 05:44:57 826368 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-15 04:22:43 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-15 04:22:18 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 05:41:38 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:41:20 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-02-10 05:41:20 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-02-10 05:41:20 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-02-10 05:41:19 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-02-07 18:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-02-03 04:01:58 2341376 ----a-w- c:\windows\system32\win32k.sys . ============= FINISH: 23:41:04.07 =============== Thank you very much! Attach.txt