Jump to content

klesh45

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

 Content Type 

Everything posted by klesh45

  1. klesh45
    The Computer? Everything seems to be going great, all traces that lurked on Firefox are now gone, can't find anything related to WhiteSmoke. Safe to say it's all good now?
  2. klesh45
    ComboFix 12-05-15.04 - Brian 05/15/2012 16:27:09.2.1 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1997 [GMT -7:00] Running from: c:\users\Brian\Desktop\ComboFix.exe Command switches used :: c:\users\Brian\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 ))))))))))))))))))))))))))))))) . . 2012-05-15 23:34 . 2012-05-15 23:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-14 20:32 . 2012-05-14 20:32 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\programdata\Malwarebytes 2012-05-14 19:03 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-14 10:21 . 2012-05-14 10:21 -------- d-----w- c:\users\Brian\AppData\Roaming\ooVoo Details 2012-05-14 10:20 . 2012-05-14 10:20 -------- d-----w- c:\program files (x86)\Conduit 2012-05-14 10:20 . 2012-05-14 10:26 -------- d-----w- c:\users\Brian\AppData\Local\Conduit 2012-05-14 10:20 . 2004-07-03 00:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll 2012-05-14 10:20 . 2012-05-14 10:21 -------- d-----w- c:\program files (x86)\iNTERNET Turbo 2012-05-12 01:31 . 2012-05-12 01:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-05-12 01:30 . 2012-05-12 01:30 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll 2012-05-12 01:30 . 2012-05-12 01:30 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll 2012-05-12 01:30 . 2012-05-12 01:30 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-05-12 01:30 . 2012-05-12 01:30 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-05-11 09:28 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 09:28 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 09:28 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-05-11 09:28 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2012-05-11 09:28 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll 2012-05-11 09:28 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll 2012-05-11 09:28 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2012-05-11 09:28 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2012-05-11 09:28 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2012-05-11 09:28 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2012-05-11 09:27 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 09:27 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 09:27 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 09:27 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 09:27 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 09:27 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 09:27 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 09:27 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-01 06:54 . 2012-04-13 10:11 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:45 . 2012-04-13 10:11 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:40 . 2012-04-13 10:11 80896 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:35 . 2012-04-13 10:11 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:49 . 2012-04-13 10:11 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:45 . 2012-04-13 10:11 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:40 . 2012-04-13 10:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-28 06:56 . 2012-04-13 10:12 2311168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 06:49 . 2012-04-13 10:12 1390080 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 06:48 . 2012-04-13 10:12 1493504 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 06:42 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-28 01:18 . 2012-04-13 10:12 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-02-28 01:11 . 2012-04-13 10:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11 . 2012-04-13 10:12 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 01:03 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-23 10:24 . 2012-02-23 10:24 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-02-23 10:24 . 2012-02-23 10:24 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-02-23 10:24 . 2012-02-23 10:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-02-23 10:24 . 2012-02-23 10:24 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-02-23 10:24 . 2012-02-23 10:24 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-02-23 10:24 . 2012-02-23 10:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-02-23 10:24 . 2012-02-23 10:24 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-02-23 10:24 . 2012-02-23 10:24 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-02-23 10:23 . 2012-02-23 10:23 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-02-23 10:23 . 2012-02-23 10:23 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-02-23 10:23 . 2012-02-23 10:23 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-02-23 10:23 . 2012-02-23 10:23 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-02-23 10:23 . 2012-02-23 10:23 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-02-23 10:23 . 2012-02-23 10:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-02-23 10:23 . 2012-02-23 10:23 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-02-23 10:23 . 2012-02-23 10:23 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-02-23 10:23 . 2012-02-23 10:23 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-02-23 10:23 . 2012-02-23 10:23 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-02-23 10:23 . 2012-02-23 10:23 222208 ----a-w- c:\windows\system32\msls31.dll 2012-02-23 10:23 . 2012-02-23 10:23 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-02-23 10:23 . 2012-02-23 10:23 12288 ----a-w- c:\windows\system32\mshta.exe 2012-02-23 10:23 . 2012-02-23 10:23 114176 ----a-w- c:\windows\system32\admparse.dll 2012-02-23 10:23 . 2012-02-23 10:23 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-02-23 10:23 . 2012-02-23 10:23 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-02-23 10:23 . 2012-02-23 10:23 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-02-23 10:23 . 2012-02-23 10:23 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-02-23 10:23 . 2012-02-23 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-02-23 10:23 . 2012-02-23 10:23 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-02-23 10:23 . 2012-02-23 10:23 448512 ----a-w- c:\windows\system32\html.iec 2012-02-23 10:23 . 2012-02-23 10:23 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-02-23 10:23 . 2012-02-23 10:23 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-02-23 10:23 . 2012-02-23 10:23 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-02-23 10:23 . 2012-02-23 10:23 160256 ----a-w- c:\windows\system32\wextract.exe 2012-02-23 10:23 . 2012-02-23 10:23 603648 ----a-w- c:\windows\system32\vbscript.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-05-15_22.45.43 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-05-14 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-05-15 22:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-05-14 20:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-05-15 22:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-05-15 22:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-05-14 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 05:10 . 2012-05-15 23:38 44370 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-08-26 20:31 . 2012-05-15 23:38 11354 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-786997053-1296620380-1412284102-1002_UserData.bin - 2012-05-15 22:44 . 2012-05-15 22:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-05-15 23:35 . 2012-05-15 23:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-05-15 22:44 . 2012-05-15 22:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-05-15 23:35 . 2012-05-15 23:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-05-15 22:43 390876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-05-15 23:34 390876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-08-26 23:28 . 2012-05-15 23:34 1324052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-786997053-1296620380-1412284102-1002-8192.dat - 2011-08-26 23:28 . 2012-05-15 22:43 1324052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-786997053-1296620380-1412284102-1002-8192.dat - 2009-07-14 02:34 . 2012-05-15 22:04 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 02:34 . 2012-05-15 23:03 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992] R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-05-19 18:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-05-11 c:\windows\Tasks\HPCeeScheduleForBrian.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 391192] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 410648] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408] "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192] . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785 uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13 FF - prefs.js: network.proxy.type - 0 . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files (x86)\Common Files\Java\Java Update\jusched.exe . ************************************************************************** . Completion time: 2012-05-15 16:45:56 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-15 23:45 ComboFix2.txt 2012-05-15 22:54 . Pre-Run: 200,338,493,440 bytes free Post-Run: 200,044,150,784 bytes free . - - End Of File - - 8C4E95DD785D07E844EC38A3662D3DA4
  3. klesh45
    ComboFix 12-05-15.04 - Brian 05/15/2012 15:31:58.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.2115 [GMT -7:00] Running from: c:\users\Brian\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 ))))))))))))))))))))))))))))))) . . 2012-05-15 22:44 . 2012-05-15 22:44 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS 2012-05-15 22:41 . 2012-05-15 22:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-14 20:32 . 2012-05-14 20:32 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\programdata\Malwarebytes 2012-05-14 19:03 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-14 10:21 . 2012-05-14 10:21 -------- d-----w- c:\users\Brian\AppData\Roaming\ooVoo Details 2012-05-14 10:20 . 2012-05-14 10:20 -------- d-----w- c:\program files (x86)\Conduit 2012-05-14 10:20 . 2012-05-14 10:26 -------- d-----w- c:\users\Brian\AppData\Local\Conduit 2012-05-14 10:20 . 2004-07-03 00:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll 2012-05-14 10:20 . 2012-05-14 10:21 -------- d-----w- c:\program files (x86)\iNTERNET Turbo 2012-05-12 01:31 . 2012-05-12 01:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-05-12 01:30 . 2012-05-12 01:30 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll 2012-05-12 01:30 . 2012-05-12 01:30 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll 2012-05-12 01:30 . 2012-05-12 01:30 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-05-12 01:30 . 2012-05-12 01:30 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-05-11 09:28 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 09:28 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 09:28 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-05-11 09:28 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2012-05-11 09:28 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll 2012-05-11 09:28 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll 2012-05-11 09:28 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2012-05-11 09:28 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2012-05-11 09:28 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2012-05-11 09:28 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2012-05-11 09:27 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 09:27 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 09:27 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 09:27 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 09:27 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 09:27 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 09:27 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 09:27 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-01 06:54 . 2012-04-13 10:11 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:45 . 2012-04-13 10:11 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:40 . 2012-04-13 10:11 80896 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:35 . 2012-04-13 10:11 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:49 . 2012-04-13 10:11 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:45 . 2012-04-13 10:11 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:40 . 2012-04-13 10:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-28 06:56 . 2012-04-13 10:12 2311168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 06:49 . 2012-04-13 10:12 1390080 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 06:48 . 2012-04-13 10:12 1493504 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 06:42 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-28 01:18 . 2012-04-13 10:12 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-02-28 01:11 . 2012-04-13 10:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11 . 2012-04-13 10:12 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 01:03 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-23 10:24 . 2012-02-23 10:24 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-02-23 10:24 . 2012-02-23 10:24 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-02-23 10:24 . 2012-02-23 10:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-02-23 10:24 . 2012-02-23 10:24 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-02-23 10:24 . 2012-02-23 10:24 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-02-23 10:24 . 2012-02-23 10:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-02-23 10:24 . 2012-02-23 10:24 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-02-23 10:24 . 2012-02-23 10:24 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-02-23 10:23 . 2012-02-23 10:23 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-02-23 10:23 . 2012-02-23 10:23 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-02-23 10:23 . 2012-02-23 10:23 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-02-23 10:23 . 2012-02-23 10:23 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-02-23 10:23 . 2012-02-23 10:23 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-02-23 10:23 . 2012-02-23 10:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-02-23 10:23 . 2012-02-23 10:23 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-02-23 10:23 . 2012-02-23 10:23 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-02-23 10:23 . 2012-02-23 10:23 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-02-23 10:23 . 2012-02-23 10:23 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-02-23 10:23 . 2012-02-23 10:23 222208 ----a-w- c:\windows\system32\msls31.dll 2012-02-23 10:23 . 2012-02-23 10:23 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-02-23 10:23 . 2012-02-23 10:23 12288 ----a-w- c:\windows\system32\mshta.exe 2012-02-23 10:23 . 2012-02-23 10:23 114176 ----a-w- c:\windows\system32\admparse.dll 2012-02-23 10:23 . 2012-02-23 10:23 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-02-23 10:23 . 2012-02-23 10:23 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-02-23 10:23 . 2012-02-23 10:23 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-02-23 10:23 . 2012-02-23 10:23 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-02-23 10:23 . 2012-02-23 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-02-23 10:23 . 2012-02-23 10:23 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-02-23 10:23 . 2012-02-23 10:23 448512 ----a-w- c:\windows\system32\html.iec 2012-02-23 10:23 . 2012-02-23 10:23 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-02-23 10:23 . 2012-02-23 10:23 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-02-23 10:23 . 2012-02-23 10:23 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-02-23 10:23 . 2012-02-23 10:23 160256 ----a-w- c:\windows\system32\wextract.exe 2012-02-23 10:23 . 2012-02-23 10:23 603648 ----a-w- c:\windows\system32\vbscript.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992] R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-05-19 18:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-05-11 c:\windows\Tasks\HPCeeScheduleForBrian.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 391192] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 410648] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408] "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785 uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{cce665dd-f6dd-4808-968e-eaec971f70ef} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe . ************************************************************************** . Completion time: 2012-05-15 15:54:11 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-15 22:54 . Pre-Run: 200,028,020,736 bytes free Post-Run: 200,285,569,024 bytes free . - - End Of File - - FEE690D6AC74ECDAA71E6D8F418F51E8
  4. klesh45
    14:57:31.0089 5428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:57:31.0090 5428 BrSerWdm - ok 14:57:31.0121 5428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:57:31.0122 5428 BrUsbMdm - ok 14:57:31.0144 5428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:57:31.0144 5428 BrUsbSer - ok 14:57:31.0170 5428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 14:57:31.0171 5428 BTHMODEM - ok 14:57:31.0226 5428 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:57:31.0227 5428 bthserv - ok 14:57:31.0259 5428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:57:31.0260 5428 cdfs - ok 14:57:31.0302 5428 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 14:57:31.0303 5428 cdrom - ok 14:57:31.0333 5428 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 14:57:31.0334 5428 CertPropSvc - ok 14:57:31.0408 5428 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 14:57:31.0410 5428 CinemaNow Service - ok 14:57:31.0451 5428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 14:57:31.0452 5428 circlass - ok 14:57:31.0511 5428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:57:31.0514 5428 CLFS - ok 14:57:31.0606 5428 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:57:31.0607 5428 clr_optimization_v2.0.50727_32 - ok 14:57:31.0653 5428 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:57:31.0654 5428 clr_optimization_v2.0.50727_64 - ok 14:57:31.0740 5428 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:57:31.0742 5428 clr_optimization_v4.0.30319_32 - ok 14:57:31.0791 5428 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:57:31.0793 5428 clr_optimization_v4.0.30319_64 - ok 14:57:31.0832 5428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 14:57:31.0833 5428 CmBatt - ok 14:57:31.0864 5428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 14:57:31.0865 5428 cmdide - ok 14:57:31.0938 5428 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 14:57:31.0941 5428 CNG - ok 14:57:31.0969 5428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 14:57:31.0970 5428 Compbatt - ok 14:57:31.0996 5428 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 14:57:31.0996 5428 CompositeBus - ok 14:57:32.0010 5428 COMSysApp - ok 14:57:32.0051 5428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 14:57:32.0052 5428 crcdisk - ok 14:57:32.0111 5428 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll 14:57:32.0113 5428 CryptSvc - ok 14:57:32.0187 5428 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 14:57:32.0192 5428 DcomLaunch - ok 14:57:32.0233 5428 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:57:32.0238 5428 defragsvc - ok 14:57:32.0281 5428 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 14:57:32.0282 5428 DfsC - ok 14:57:32.0327 5428 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 14:57:32.0329 5428 Dhcp - ok 14:57:32.0360 5428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:57:32.0361 5428 discache - ok 14:57:32.0404 5428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 14:57:32.0404 5428 Disk - ok 14:57:32.0455 5428 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 14:57:32.0457 5428 Dnscache - ok 14:57:32.0523 5428 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 14:57:32.0525 5428 dot3svc - ok 14:57:32.0566 5428 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 14:57:32.0568 5428 DPS - ok 14:57:32.0597 5428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:57:32.0598 5428 drmkaud - ok 14:57:32.0680 5428 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 14:57:32.0686 5428 DXGKrnl - ok 14:57:32.0714 5428 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:57:32.0715 5428 EapHost - ok 14:57:32.0891 5428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 14:57:32.0911 5428 ebdrv - ok 14:57:33.0035 5428 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 14:57:33.0037 5428 EFS - ok 14:57:33.0121 5428 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 14:57:33.0125 5428 ehRecvr - ok 14:57:33.0169 5428 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:57:33.0170 5428 ehSched - ok 14:57:33.0273 5428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 14:57:33.0277 5428 elxstor - ok 14:57:33.0300 5428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 14:57:33.0300 5428 ErrDev - ok 14:57:33.0373 5428 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:57:33.0376 5428 EventSystem - ok 14:57:33.0433 5428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:57:33.0435 5428 exfat - ok 14:57:33.0476 5428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:57:33.0478 5428 fastfat - ok 14:57:33.0546 5428 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 14:57:33.0551 5428 Fax - ok 14:57:33.0577 5428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 14:57:33.0577 5428 fdc - ok 14:57:33.0610 5428 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:57:33.0611 5428 fdPHost - ok 14:57:33.0635 5428 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:57:33.0636 5428 FDResPub - ok 14:57:33.0663 5428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:57:33.0664 5428 FileInfo - ok 14:57:33.0682 5428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:57:33.0683 5428 Filetrace - ok 14:57:33.0713 5428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 14:57:33.0714 5428 flpydisk - ok 14:57:33.0764 5428 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 14:57:33.0766 5428 FltMgr - ok 14:57:33.0878 5428 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 14:57:33.0886 5428 FontCache - ok 14:57:33.0951 5428 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:57:33.0952 5428 FontCache3.0.0.0 - ok 14:57:34.0020 5428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:57:34.0021 5428 FsDepends - ok 14:57:34.0078 5428 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 14:57:34.0079 5428 Fs_Rec - ok 14:57:34.0134 5428 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:57:34.0135 5428 fvevol - ok 14:57:34.0168 5428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:57:34.0169 5428 gagp30kx - ok 14:57:34.0284 5428 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 14:57:34.0286 5428 GameConsoleService - ok 14:57:34.0333 5428 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:57:34.0334 5428 GEARAspiWDM - ok 14:57:34.0416 5428 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 14:57:34.0422 5428 gpsvc - ok 14:57:34.0462 5428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:57:34.0463 5428 hcw85cir - ok 14:57:34.0515 5428 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 14:57:34.0517 5428 HdAudAddService - ok 14:57:34.0546 5428 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:57:34.0547 5428 HDAudBus - ok 14:57:34.0579 5428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 14:57:34.0579 5428 HidBatt - ok 14:57:34.0611 5428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 14:57:34.0612 5428 HidBth - ok 14:57:34.0639 5428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 14:57:34.0640 5428 HidIr - ok 14:57:34.0671 5428 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:57:34.0672 5428 hidserv - ok 14:57:34.0697 5428 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 14:57:34.0698 5428 HidUsb - ok 14:57:34.0728 5428 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 14:57:34.0729 5428 hkmsvc - ok 14:57:34.0770 5428 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 14:57:34.0773 5428 HomeGroupListener - ok 14:57:34.0819 5428 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 14:57:34.0822 5428 HomeGroupProvider - ok 14:57:34.0944 5428 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 14:57:34.0945 5428 HP Support Assistant Service - ok 14:57:35.0033 5428 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 14:57:35.0035 5428 HP Wireless Assistant Service - ok 14:57:35.0082 5428 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 14:57:35.0084 5428 HPDrvMntSvc.exe - ok 14:57:35.0173 5428 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 14:57:35.0178 5428 hpqwmiex - ok 14:57:35.0238 5428 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 14:57:35.0239 5428 HpSAMD - ok 14:57:35.0294 5428 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 14:57:35.0295 5428 HPWMISVC - ok 14:57:35.0379 5428 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 14:57:35.0384 5428 HTTP - ok 14:57:35.0420 5428 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 14:57:35.0420 5428 hwpolicy - ok 14:57:35.0453 5428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:57:35.0454 5428 i8042prt - ok 14:57:35.0538 5428 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys 14:57:35.0544 5428 iaStor - ok 14:57:35.0601 5428 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 14:57:35.0604 5428 iaStorV - ok 14:57:35.0733 5428 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:57:35.0739 5428 idsvc - ok 14:57:36.0173 5428 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys 14:57:36.0240 5428 igfx - ok 14:57:36.0370 5428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 14:57:36.0371 5428 iirsp - ok 14:57:36.0450 5428 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 14:57:36.0456 5428 IKEEXT - ok 14:57:36.0619 5428 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys 14:57:36.0633 5428 IntcAzAudAddService - ok 14:57:36.0763 5428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 14:57:36.0764 5428 intelide - ok 14:57:36.0812 5428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 14:57:36.0813 5428 intelppm - ok 14:57:36.0855 5428 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:57:36.0857 5428 IPBusEnum - ok 14:57:36.0897 5428 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:57:36.0898 5428 IpFilterDriver - ok 14:57:36.0956 5428 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 14:57:36.0960 5428 iphlpsvc - ok 14:57:37.0003 5428 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 14:57:37.0004 5428 IPMIDRV - ok 14:57:37.0023 5428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:57:37.0025 5428 IPNAT - ok 14:57:37.0137 5428 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe 14:57:37.0143 5428 iPod Service - ok 14:57:37.0184 5428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:57:37.0185 5428 IRENUM - ok 14:57:37.0214 5428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 14:57:37.0215 5428 isapnp - ok 14:57:37.0259 5428 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 14:57:37.0263 5428 iScsiPrt - ok 14:57:37.0298 5428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 14:57:37.0299 5428 kbdclass - ok 14:57:37.0340 5428 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 14:57:37.0340 5428 kbdhid - ok 14:57:37.0402 5428 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:57:37.0403 5428 KeyIso - ok 14:57:37.0432 5428 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 14:57:37.0433 5428 KSecDD - ok 14:57:37.0499 5428 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 14:57:37.0501 5428 KSecPkg - ok 14:57:37.0535 5428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:57:37.0538 5428 ksthunk - ok 14:57:37.0610 5428 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:57:37.0613 5428 KtmRm - ok 14:57:37.0715 5428 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 14:57:37.0718 5428 LanmanServer - ok 14:57:37.0799 5428 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 14:57:37.0802 5428 LanmanWorkstation - ok 14:57:37.0900 5428 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 14:57:37.0901 5428 LightScribeService - ok 14:57:37.0947 5428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:57:37.0948 5428 lltdio - ok 14:57:38.0003 5428 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:57:38.0006 5428 lltdsvc - ok 14:57:38.0035 5428 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:57:38.0037 5428 lmhosts - ok 14:57:38.0083 5428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:57:38.0084 5428 LSI_FC - ok 14:57:38.0118 5428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:57:38.0122 5428 LSI_SAS - ok 14:57:38.0150 5428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:57:38.0151 5428 LSI_SAS2 - ok 14:57:38.0178 5428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:57:38.0180 5428 LSI_SCSI - ok 14:57:38.0220 5428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:57:38.0221 5428 luafv - ok 14:57:38.0268 5428 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 14:57:38.0269 5428 Mcx2Svc - ok 14:57:38.0317 5428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 14:57:38.0317 5428 megasas - ok 14:57:38.0381 5428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 14:57:38.0383 5428 MegaSR - ok 14:57:38.0501 5428 Microsoft SharePoint Workspace Audit Service - ok 14:57:38.0540 5428 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:57:38.0544 5428 MMCSS - ok 14:57:38.0584 5428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:57:38.0585 5428 Modem - ok 14:57:38.0613 5428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:57:38.0614 5428 monitor - ok 14:57:38.0643 5428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:57:38.0644 5428 mouclass - ok 14:57:38.0673 5428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:57:38.0674 5428 mouhid - ok 14:57:38.0697 5428 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 14:57:38.0698 5428 mountmgr - ok 14:57:38.0765 5428 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 14:57:38.0766 5428 MozillaMaintenance - ok 14:57:38.0812 5428 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 14:57:38.0814 5428 mpio - ok 14:57:38.0848 5428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:57:38.0852 5428 mpsdrv - ok 14:57:38.0940 5428 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 14:57:38.0946 5428 MpsSvc - ok 14:57:38.0978 5428 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 14:57:38.0982 5428 MRxDAV - ok 14:57:39.0031 5428 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:57:39.0033 5428 mrxsmb - ok 14:57:39.0080 5428 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:57:39.0082 5428 mrxsmb10 - ok 14:57:39.0123 5428 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:57:39.0127 5428 mrxsmb20 - ok 14:57:39.0168 5428 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys 14:57:39.0169 5428 msahci - ok 14:57:39.0215 5428 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 14:57:39.0216 5428 msdsm - ok 14:57:39.0265 5428 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:57:39.0267 5428 MSDTC - ok 14:57:39.0323 5428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:57:39.0324 5428 Msfs - ok 14:57:39.0339 5428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:57:39.0340 5428 mshidkmdf - ok 14:57:39.0394 5428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 14:57:39.0395 5428 msisadrv - ok 14:57:39.0446 5428 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:57:39.0448 5428 MSiSCSI - ok 14:57:39.0461 5428 msiserver - ok 14:57:39.0501 5428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:57:39.0502 5428 MSKSSRV - ok 14:57:39.0512 5428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:57:39.0513 5428 MSPCLOCK - ok 14:57:39.0527 5428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:57:39.0527 5428 MSPQM - ok 14:57:39.0582 5428 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 14:57:39.0585 5428 MsRPC - ok 14:57:39.0616 5428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 14:57:39.0617 5428 mssmbios - ok 14:57:39.0631 5428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:57:39.0631 5428 MSTEE - ok 14:57:39.0673 5428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 14:57:39.0674 5428 MTConfig - ok 14:57:39.0702 5428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:57:39.0703 5428 Mup - ok 14:57:39.0775 5428 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 14:57:39.0779 5428 napagent - ok 14:57:39.0827 5428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:57:39.0830 5428 NativeWifiP - ok 14:57:39.0917 5428 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 14:57:39.0923 5428 NDIS - ok 14:57:39.0948 5428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:57:39.0949 5428 NdisCap - ok 14:57:39.0973 5428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:57:39.0974 5428 NdisTapi - ok 14:57:40.0004 5428 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 14:57:40.0005 5428 Ndisuio - ok 14:57:40.0035 5428 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 14:57:40.0037 5428 NdisWan - ok 14:57:40.0055 5428 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 14:57:40.0056 5428 NDProxy - ok 14:57:40.0087 5428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:57:40.0088 5428 NetBIOS - ok 14:57:40.0127 5428 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 14:57:40.0129 5428 NetBT - ok 14:57:40.0190 5428 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:57:40.0192 5428 Netlogon - ok 14:57:40.0253 5428 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:57:40.0256 5428 Netman - ok 14:57:40.0296 5428 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:57:40.0300 5428 netprofm - ok 14:57:40.0385 5428 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:57:40.0386 5428 NetTcpPortSharing - ok 14:57:40.0652 5428 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 14:57:40.0685 5428 netw5v64 - ok 14:57:40.0823 5428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 14:57:40.0823 5428 nfrd960 - ok 14:57:40.0885 5428 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 14:57:40.0888 5428 NlaSvc - ok 14:57:41.0098 5428 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 14:57:41.0115 5428 NOBU - ok 14:57:41.0238 5428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:57:41.0239 5428 Npfs - ok 14:57:41.0278 5428 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:57:41.0280 5428 nsi - ok 14:57:41.0306 5428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:57:41.0307 5428 nsiproxy - ok 14:57:41.0440 5428 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 14:57:41.0450 5428 Ntfs - ok 14:57:41.0580 5428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:57:41.0581 5428 Null - ok 14:57:41.0627 5428 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 14:57:41.0629 5428 nvraid - ok 14:57:41.0667 5428 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 14:57:41.0668 5428 nvstor - ok 14:57:41.0707 5428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 14:57:41.0709 5428 nv_agp - ok 14:57:41.0756 5428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 14:57:41.0757 5428 ohci1394 - ok 14:57:41.0860 5428 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:57:41.0861 5428 ose - ok 14:57:42.0155 5428 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:57:42.0184 5428 osppsvc - ok 14:57:42.0330 5428 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:57:42.0333 5428 p2pimsvc - ok 14:57:42.0380 5428 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:57:42.0384 5428 p2psvc - ok 14:57:42.0438 5428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 14:57:42.0439 5428 Parport - ok 14:57:42.0491 5428 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 14:57:42.0492 5428 partmgr - ok 14:57:42.0554 5428 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:57:42.0556 5428 PcaSvc - ok 14:57:42.0590 5428 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 14:57:42.0592 5428 pci - ok 14:57:42.0622 5428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 14:57:42.0622 5428 pciide - ok 14:57:42.0683 5428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 14:57:42.0685 5428 pcmcia - ok 14:57:42.0717 5428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:57:42.0718 5428 pcw - ok 14:57:42.0779 5428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:57:42.0783 5428 PEAUTH - ok 14:57:42.0879 5428 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:57:42.0880 5428 PerfHost - ok 14:57:43.0023 5428 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 14:57:43.0033 5428 pla - ok 14:57:43.0094 5428 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 14:57:43.0099 5428 PlugPlay - ok 14:57:43.0122 5428 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:57:43.0123 5428 PNRPAutoReg - ok 14:57:43.0432 5428 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:57:43.0435 5428 PNRPsvc - ok 14:57:43.0533 5428 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 14:57:43.0537 5428 PolicyAgent - ok 14:57:43.0590 5428 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:57:43.0593 5428 Power - ok 14:57:43.0685 5428 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 14:57:43.0686 5428 PptpMiniport - ok 14:57:43.0721 5428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 14:57:43.0722 5428 Processor - ok 14:57:43.0772 5428 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll 14:57:43.0775 5428 ProfSvc - ok 14:57:43.0824 5428 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:57:43.0825 5428 ProtectedStorage - ok 14:57:43.0870 5428 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 14:57:43.0871 5428 Psched - ok 14:57:44.0013 5428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 14:57:44.0022 5428 ql2300 - ok 14:57:44.0154 5428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 14:57:44.0156 5428 ql40xx - ok 14:57:44.0212 5428 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:57:44.0215 5428 QWAVE - ok 14:57:44.0251 5428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:57:44.0252 5428 QWAVEdrv - ok 14:57:44.0278 5428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:57:44.0279 5428 RasAcd - ok 14:57:44.0311 5428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:57:44.0312 5428 RasAgileVpn - ok 14:57:44.0359 5428 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:57:44.0364 5428 RasAuto - ok 14:57:44.0413 5428 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:57:44.0414 5428 Rasl2tp - ok 14:57:44.0462 5428 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 14:57:44.0465 5428 RasMan - ok 14:57:44.0494 5428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:57:44.0495 5428 RasPppoe - ok 14:57:44.0521 5428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:57:44.0522 5428 RasSstp - ok 14:57:44.0563 5428 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 14:57:44.0565 5428 rdbss - ok 14:57:44.0608 5428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 14:57:44.0609 5428 rdpbus - ok 14:57:44.0633 5428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:57:44.0634 5428 RDPCDD - ok 14:57:44.0658 5428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:57:44.0659 5428 RDPENCDD - ok 14:57:44.0690 5428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:57:44.0690 5428 RDPREFMP - ok 14:57:44.0749 5428 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys 14:57:44.0751 5428 RDPWD - ok 14:57:44.0795 5428 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 14:57:44.0797 5428 rdyboost - ok 14:57:44.0840 5428 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:57:44.0841 5428 RemoteAccess - ok 14:57:44.0890 5428 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:57:44.0892 5428 RemoteRegistry - ok 14:57:44.0920 5428 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:57:44.0922 5428 RpcEptMapper - ok 14:57:44.0965 5428 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:57:44.0967 5428 RpcLocator - ok 14:57:45.0062 5428 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 14:57:45.0067 5428 RpcSs - ok 14:57:45.0114 5428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:57:45.0115 5428 rspndr - ok 14:57:45.0170 5428 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys 14:57:45.0173 5428 RSUSBSTOR - ok 14:57:45.0233 5428 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:57:45.0235 5428 RTL8167 - ok 14:57:45.0335 5428 rtl8192se (cd8f32bb993b98e6705f11504a7f7250) C:\Windows\system32\DRIVERS\rtl8192se.sys 14:57:45.0342 5428 rtl8192se - ok 14:57:45.0491 5428 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe 14:57:45.0493 5428 RtVOsdService - ok 14:57:45.0612 5428 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:57:45.0614 5428 SamSs - ok 14:57:45.0668 5428 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 14:57:45.0669 5428 sbp2port - ok 14:57:45.0718 5428 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:57:45.0720 5428 SCardSvr - ok 14:57:45.0751 5428 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 14:57:45.0752 5428 scfilter - ok 14:57:45.0856 5428 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 14:57:45.0864 5428 Schedule - ok 14:57:45.0896 5428 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 14:57:45.0897 5428 SCPolicySvc - ok 14:57:45.0943 5428 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys 14:57:45.0944 5428 sdbus - ok 14:57:46.0003 5428 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 14:57:46.0006 5428 SDRSVC - ok 14:57:46.0024 5428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:57:46.0025 5428 secdrv - ok 14:57:46.0051 5428 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 14:57:46.0053 5428 seclogon - ok 14:57:46.0075 5428 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:57:46.0077 5428 SENS - ok 14:57:46.0123 5428 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:57:46.0125 5428 SensrSvc - ok 14:57:46.0158 5428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 14:57:46.0158 5428 Serenum - ok 14:57:46.0205 5428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 14:57:46.0207 5428 Serial - ok 14:57:46.0240 5428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 14:57:46.0241 5428 sermouse - ok 14:57:46.0303 5428 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 14:57:46.0305 5428 SessionEnv - ok 14:57:46.0342 5428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 14:57:46.0343 5428 sffdisk - ok 14:57:46.0382 5428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 14:57:46.0382 5428 sffp_mmc - ok 14:57:46.0425 5428 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 14:57:46.0425 5428 sffp_sd - ok 14:57:46.0475 5428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 14:57:46.0475 5428 sfloppy - ok 14:57:46.0528 5428 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:57:46.0531 5428 SharedAccess - ok 14:57:46.0592 5428 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 14:57:46.0596 5428 ShellHWDetection - ok 14:57:46.0640 5428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:57:46.0641 5428 SiSRaid2 - ok 14:57:46.0686 5428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 14:57:46.0687 5428 SiSRaid4 - ok 14:57:46.0721 5428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:57:46.0722 5428 Smb - ok 14:57:46.0777 5428 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:57:46.0781 5428 SNMPTRAP - ok 14:57:46.0807 5428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:57:46.0808 5428 spldr - ok 14:57:46.0879 5428 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 14:57:46.0885 5428 Spooler - ok 14:57:47.0081 5428 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 14:57:47.0103 5428 sppsvc - ok 14:57:47.0238 5428 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:57:47.0240 5428 sppuinotify - ok 14:57:47.0312 5428 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 14:57:47.0315 5428 srv - ok 14:57:47.0379 5428 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 14:57:47.0382 5428 srv2 - ok 14:57:47.0452 5428 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 14:57:47.0454 5428 SrvHsfHDA - ok 14:57:47.0558 5428 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 14:57:47.0567 5428 SrvHsfV92 - ok 14:57:47.0741 5428 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 14:57:47.0746 5428 SrvHsfWinac - ok 14:57:47.0793 5428 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 14:57:47.0794 5428 srvnet - ok 14:57:47.0846 5428 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:57:47.0852 5428 SSDPSRV - ok 14:57:47.0886 5428 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:57:47.0888 5428 SstpSvc - ok 14:57:47.0928 5428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 14:57:47.0928 5428 stexstor - ok 14:57:47.0994 5428 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 14:57:47.0999 5428 stisvc - ok 14:57:48.0020 5428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 14:57:48.0021 5428 swenum - ok 14:57:48.0078 5428 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:57:48.0083 5428 swprv - ok 14:57:48.0204 5428 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys 14:57:48.0213 5428 SynTP - ok 14:57:48.0437 5428 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 14:57:48.0451 5428 SysMain - ok 14:57:48.0531 5428 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 14:57:48.0533 5428 TabletInputService - ok 14:57:48.0576 5428 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 14:57:48.0580 5428 TapiSrv - ok 14:57:48.0609 5428 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:57:48.0614 5428 TBS - ok 14:57:48.0790 5428 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 14:57:48.0802 5428 Tcpip - ok 14:57:49.0037 5428 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 14:57:49.0051 5428 TCPIP6 - ok 14:57:49.0143 5428 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 14:57:49.0144 5428 tcpipreg - ok 14:57:49.0181 5428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:57:49.0182 5428 TDPIPE - ok 14:57:49.0214 5428 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 14:57:49.0215 5428 TDTCP - ok 14:57:49.0246 5428 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 14:57:49.0247 5428 tdx - ok 14:57:49.0289 5428 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 14:57:49.0290 5428 TermDD - ok 14:57:49.0367 5428 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 14:57:49.0373 5428 TermService - ok 14:57:49.0415 5428 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:57:49.0417 5428 Themes - ok 14:57:49.0463 5428 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:57:49.0464 5428 THREADORDER - ok 14:57:49.0496 5428 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:57:49.0498 5428 TrkWks - ok 14:57:49.0570 5428 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 14:57:49.0572 5428 TrustedInstaller - ok 14:57:49.0616 5428 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:57:49.0617 5428 tssecsrv - ok 14:57:49.0647 5428 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 14:57:49.0651 5428 tunnel - ok 14:57:49.0686 5428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 14:57:49.0687 5428 uagp35 - ok 14:57:49.0747 5428 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys 14:57:49.0750 5428 udfs - ok 14:57:49.0792 5428 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:57:49.0797 5428 UI0Detect - ok 14:57:49.0847 5428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 14:57:49.0848 5428 uliagpkx - ok 14:57:49.0893 5428 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 14:57:49.0894 5428 umbus - ok 14:57:49.0926 5428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 14:57:49.0926 5428 UmPass - ok 14:57:49.0995 5428 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:57:49.0998 5428 upnphost - ok 14:57:50.0052 5428 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 14:57:50.0055 5428 USBAAPL64 - ok 14:57:50.0100 5428 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 14:57:50.0104 5428 usbaudio - ok 14:57:50.0154 5428 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 14:57:50.0156 5428 usbccgp - ok 14:57:50.0203 5428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 14:57:50.0204 5428 usbcir - ok 14:57:50.0247 5428 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys 14:57:50.0250 5428 usbehci - ok 14:57:50.0289 5428 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 14:57:50.0291 5428 usbhub - ok 14:57:50.0319 5428 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys 14:57:50.0320 5428 usbohci - ok 14:57:50.0383 5428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 14:57:50.0384 5428 usbprint - ok 14:57:50.0420 5428 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:57:50.0421 5428 USBSTOR - ok 14:57:50.0439 5428 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys 14:57:50.0439 5428 usbuhci - ok 14:57:50.0480 5428 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:57:50.0482 5428 UxSms - ok 14:57:50.0535 5428 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:57:50.0537 5428 VaultSvc - ok 14:57:50.0576 5428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 14:57:50.0577 5428 vdrvroot - ok 14:57:50.0635 5428 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 14:57:50.0640 5428 vds - ok 14:57:50.0665 5428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:57:50.0666 5428 vga - ok 14:57:50.0690 5428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:57:50.0691 5428 VgaSave - ok 14:57:50.0743 5428 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 14:57:50.0745 5428 vhdmp - ok 14:57:50.0772 5428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 14:57:50.0773 5428 viaide - ok 14:57:50.0812 5428 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 14:57:50.0813 5428 volmgr - ok 14:57:50.0860 5428 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 14:57:50.0863 5428 volmgrx - ok 14:57:50.0906 5428 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 14:57:50.0908 5428 volsnap - ok 14:57:50.0949 5428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 14:57:50.0951 5428 vsmraid - ok 14:57:51.0078 5428 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 14:57:51.0089 5428 VSS - ok 14:57:51.0218 5428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:57:51.0218 5428 vwifibus - ok 14:57:51.0248 5428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:57:51.0249 5428 vwififlt - ok 14:57:51.0272 5428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 14:57:51.0273 5428 vwifimp - ok 14:57:51.0337 5428 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:57:51.0341 5428 W32Time - ok 14:57:51.0397 5428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 14:57:51.0397 5428 WacomPen - ok 14:57:51.0460 5428 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 14:57:51.0461 5428 WANARP - ok 14:57:51.0474 5428 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 14:57:51.0475 5428 Wanarpv6 - ok 14:57:51.0626 5428 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:57:51.0634 5428 WatAdminSvc - ok 14:57:51.0759 5428 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 14:57:51.0769 5428 wbengine - ok 14:57:51.0897 5428 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:57:51.0899 5428 WbioSrvc - ok 14:57:52.0010 5428 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 14:57:52.0013 5428 wcncsvc - ok 14:57:52.0076 5428 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:57:52.0078 5428 WcsPlugInService - ok 14:57:52.0143 5428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 14:57:52.0144 5428 Wd - ok 14:57:52.0209 5428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:57:52.0214 5428 Wdf01000 - ok 14:57:52.0255 5428 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:57:52.0257 5428 WdiServiceHost - ok 14:57:52.0269 5428 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:57:52.0272 5428 WdiSystemHost - ok 14:57:52.0335 5428 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 14:57:52.0339 5428 WebClient - ok 14:57:52.0370 5428 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:57:52.0376 5428 Wecsvc - ok 14:57:52.0411 5428 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:57:52.0413 5428 wercplsupport - ok 14:57:52.0444 5428 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:57:52.0447 5428 WerSvc - ok 14:57:52.0521 5428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:57:52.0522 5428 WfpLwf - ok 14:57:52.0553 5428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:57:52.0554 5428 WIMMount - ok 14:57:52.0604 5428 WinDefend - ok 14:57:52.0621 5428 WinHttpAutoProxySvc - ok 14:57:52.0703 5428 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:57:52.0705 5428 Winmgmt - ok 14:57:52.0834 5428 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 14:57:52.0848 5428 WinRM - ok 14:57:53.0029 5428 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:57:53.0036 5428 Wlansvc - ok 14:57:53.0247 5428 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:57:53.0261 5428 wlidsvc - ok 14:57:53.0399 5428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 14:57:53.0400 5428 WmiAcpi - ok 14:57:53.0489 5428 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:57:53.0493 5428 wmiApSrv - ok 14:57:53.0562 5428 WMPNetworkSvc - ok 14:57:53.0591 5428 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:57:53.0593 5428 WPCSvc - ok 14:57:53.0625 5428 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 14:57:53.0627 5428 WPDBusEnum - ok 14:57:53.0662 5428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:57:53.0663 5428 ws2ifsl - ok 14:57:53.0716 5428 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll 14:57:53.0718 5428 wscsvc - ok 14:57:53.0729 5428 WSearch - ok 14:57:53.0880 5428 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll 14:57:53.0896 5428 wuauserv - ok 14:57:54.0042 5428 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 14:57:54.0043 5428 WudfPf - ok 14:57:54.0072 5428 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:57:54.0077 5428 WUDFRd - ok 14:57:54.0116 5428 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 14:57:54.0119 5428 wudfsvc - ok 14:57:54.0167 5428 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:57:54.0170 5428 WwanSvc - ok 14:57:54.0226 5428 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 14:57:54.0229 5428 yukonw7 - ok 14:57:54.0275 5428 MBR (0x1B8) (8ffbb27037b29e6fbfc4eb4fbd8c137e) \Device\Harddisk0\DR0 14:57:54.0312 5428 \Device\Harddisk0\DR0 - ok 14:57:54.0352 5428 Boot (0x1200) (c496ac5169381a53411fbd2bfbbf90fd) \Device\Harddisk0\DR0\Partition0 14:57:54.0354 5428 \Device\Harddisk0\DR0\Partition0 - ok 14:57:54.0376 5428 Boot (0x1200) (2a3c115f434efa736afb940118af559b) \Device\Harddisk0\DR0\Partition1 14:57:54.0377 5428 \Device\Harddisk0\DR0\Partition1 - ok 14:57:54.0419 5428 Boot (0x1200) (fd7cb2589a26cf2b7e5ead4264b06109) \Device\Harddisk0\DR0\Partition2 14:57:54.0421 5428 \Device\Harddisk0\DR0\Partition2 - ok 14:57:54.0449 5428 Boot (0x1200) (e2e9bf26d0f3321161d32c27fb773c68) \Device\Harddisk0\DR0\Partition3 14:57:54.0449 5428 \Device\Harddisk0\DR0\Partition3 - ok 14:57:54.0453 5428 ============================================================ 14:57:54.0454 5428 Scan finished 14:57:54.0454 5428 ============================================================ 14:57:54.0474 4548 Detected object count: 0 14:57:54.0474 4548 Actual detected object count: 0 Nothing was found, am I safe?
  5. klesh45
    14:55:34.0455 6116 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 14:55:35.0398 6116 ============================================================ 14:55:35.0398 6116 Current date / time: 2012/05/15 14:55:35.0398 14:55:35.0399 6116 SystemInfo: 14:55:35.0399 6116 14:55:35.0399 6116 OS Version: 6.1.7600 ServicePack: 0.0 14:55:35.0399 6116 Product type: Workstation 14:55:35.0399 6116 ComputerName: COMPAQ 14:55:35.0399 6116 UserName: Brian 14:55:35.0399 6116 Windows directory: C:\Windows 14:55:35.0399 6116 System windows directory: C:\Windows 14:55:35.0399 6116 Running under WOW64 14:55:35.0399 6116 Processor architecture: Intel x64 14:55:35.0399 6116 Number of processors: 1 14:55:35.0399 6116 Page size: 0x1000 14:55:35.0399 6116 Boot type: Normal boot 14:55:35.0399 6116 ============================================================ 14:55:36.0830 6116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:55:36.0835 6116 ============================================================ 14:55:36.0835 6116 \Device\Harddisk0\DR0: 14:55:36.0835 6116 MBR partitions: 14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23114800 14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23178800, BlocksNum 0x2282000 14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 14:55:36.0835 6116 ============================================================ 14:55:36.0866 6116 C: <-> \Device\Harddisk0\DR0\Partition1 14:55:36.0923 6116 D: <-> \Device\Harddisk0\DR0\Partition2 14:55:36.0972 6116 ============================================================ 14:55:36.0972 6116 Initialize success 14:55:36.0972 6116 ============================================================ 14:56:12.0214 5996 ============================================================ 14:56:12.0214 5996 Scan started 14:56:12.0214 5996 Mode: Manual; 14:56:12.0214 5996 ============================================================ 14:56:12.0587 5996 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 14:56:12.0598 5996 1394ohci - ok 14:56:12.0694 5996 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 14:56:12.0730 5996 ACPI - ok 14:56:12.0779 5996 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 14:56:12.0781 5996 AcpiPmi - ok 14:56:12.0862 5996 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 14:56:12.0923 5996 adp94xx - ok 14:56:12.0984 5996 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 14:56:12.0996 5996 adpahci - ok 14:56:13.0056 5996 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 14:56:13.0066 5996 adpu320 - ok 14:56:13.0111 5996 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:56:13.0115 5996 AeLookupSvc - ok 14:56:13.0219 5996 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 14:56:13.0222 5996 AERTFilters - ok 14:56:13.0297 5996 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 14:56:13.0303 5996 AFD - ok 14:56:13.0344 5996 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 14:56:13.0347 5996 agp440 - ok 14:56:13.0406 5996 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:56:13.0408 5996 ALG - ok 14:56:13.0451 5996 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 14:56:13.0453 5996 aliide - ok 14:56:13.0504 5996 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 14:56:13.0505 5996 amdide - ok 14:56:13.0542 5996 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 14:56:13.0544 5996 AmdK8 - ok 14:56:13.0571 5996 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 14:56:13.0573 5996 AmdPPM - ok 14:56:13.0629 5996 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 14:56:13.0650 5996 amdsata - ok 14:56:13.0710 5996 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 14:56:13.0727 5996 amdsbs - ok 14:56:13.0748 5996 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 14:56:13.0749 5996 amdxata - ok 14:56:13.0801 5996 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 14:56:13.0803 5996 AppID - ok 14:56:13.0844 5996 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:56:13.0846 5996 AppIDSvc - ok 14:56:13.0900 5996 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 14:56:13.0902 5996 Appinfo - ok 14:56:14.0008 5996 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:56:14.0024 5996 Apple Mobile Device - ok 14:56:14.0088 5996 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 14:56:14.0090 5996 arc - ok 14:56:14.0137 5996 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 14:56:14.0139 5996 arcsas - ok 14:56:14.0184 5996 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:56:14.0186 5996 AsyncMac - ok 14:56:14.0211 5996 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 14:56:14.0212 5996 atapi - ok 14:56:14.0303 5996 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 14:56:14.0311 5996 AudioEndpointBuilder - ok 14:56:14.0324 5996 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 14:56:14.0331 5996 AudioSrv - ok 14:56:14.0618 5996 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 14:56:14.0705 5996 AVGIDSAgent - ok 14:56:14.0858 5996 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 14:56:14.0890 5996 AVGIDSDriver - ok 14:56:14.0905 5996 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 14:56:14.0907 5996 AVGIDSEH - ok 14:56:14.0922 5996 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 14:56:14.0923 5996 AVGIDSFilter - ok 14:56:14.0988 5996 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 14:56:14.0996 5996 Avgldx64 - ok 14:56:15.0064 5996 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 14:56:15.0066 5996 Avgmfx64 - ok 14:56:15.0115 5996 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 14:56:15.0116 5996 Avgrkx64 - ok 14:56:15.0180 5996 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 14:56:15.0192 5996 Avgtdia - ok 14:56:15.0326 5996 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 14:56:15.0334 5996 avgwd - ok 14:56:15.0405 5996 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 14:56:15.0407 5996 AxInstSV - ok 14:56:15.0485 5996 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 14:56:15.0516 5996 b06bdrv - ok 14:56:15.0607 5996 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:56:15.0636 5996 b57nd60a - ok 14:56:15.0831 5996 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 14:56:15.0834 5996 BBSvc - ok 14:56:15.0949 5996 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 14:56:15.0953 5996 BBUpdate - ok 14:56:15.0988 5996 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:56:15.0990 5996 BDESVC - ok 14:56:16.0035 5996 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:56:16.0037 5996 Beep - ok 14:56:16.0137 5996 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 14:56:16.0168 5996 BFE - ok 14:56:16.0285 5996 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 14:56:16.0320 5996 BITS - ok 14:56:16.0417 5996 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 14:56:16.0418 5996 blbdrive - ok 14:56:16.0553 5996 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 14:56:16.0573 5996 Bonjour Service - ok 14:56:16.0608 5996 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 14:56:16.0610 5996 bowser - ok 14:56:16.0653 5996 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:56:16.0655 5996 BrFiltLo - ok 14:56:16.0686 5996 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:56:16.0687 5996 BrFiltUp - ok 14:56:16.0730 5996 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 14:56:16.0733 5996 Browser - ok 14:56:16.0778 5996 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:56:16.0783 5996 Brserid - ok 14:56:16.0813 5996 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:56:16.0814 5996 BrSerWdm - ok 14:56:16.0877 5996 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:56:16.0878 5996 BrUsbMdm - ok 14:56:16.0929 5996 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:56:16.0931 5996 BrUsbSer - ok 14:56:17.0285 5996 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 14:56:17.0319 5996 BTHMODEM - ok 14:56:17.0390 5996 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:56:17.0395 5996 bthserv - ok 14:56:17.0436 5996 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:56:17.0438 5996 cdfs - ok 14:56:17.0486 5996 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 14:56:17.0492 5996 cdrom - ok 14:56:17.0541 5996 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 14:56:17.0542 5996 CertPropSvc - ok 14:56:17.0641 5996 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 14:56:17.0651 5996 CinemaNow Service - ok 14:56:17.0706 5996 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 14:56:17.0707 5996 circlass - ok 14:56:17.0761 5996 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:56:17.0766 5996 CLFS - ok 14:56:17.0852 5996 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:56:17.0854 5996 clr_optimization_v2.0.50727_32 - ok 14:56:17.0897 5996 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:56:17.0899 5996 clr_optimization_v2.0.50727_64 - ok 14:56:18.0017 5996 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:56:18.0020 5996 clr_optimization_v4.0.30319_32 - ok 14:56:18.0068 5996 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:56:18.0070 5996 clr_optimization_v4.0.30319_64 - ok 14:56:18.0118 5996 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 14:56:18.0119 5996 CmBatt - ok 14:56:18.0150 5996 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 14:56:18.0151 5996 cmdide - ok 14:56:18.0227 5996 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 14:56:18.0236 5996 CNG - ok 14:56:18.0280 5996 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 14:56:18.0281 5996 Compbatt - ok 14:56:18.0338 5996 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 14:56:18.0340 5996 CompositeBus - ok 14:56:18.0361 5996 COMSysApp - ok 14:56:18.0406 5996 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 14:56:18.0407 5996 crcdisk - ok 14:56:18.0475 5996 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll 14:56:18.0480 5996 CryptSvc - ok 14:56:18.0552 5996 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 14:56:18.0558 5996 DcomLaunch - ok 14:56:18.0600 5996 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:56:18.0604 5996 defragsvc - ok 14:56:18.0646 5996 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 14:56:18.0648 5996 DfsC - ok 14:56:18.0715 5996 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 14:56:18.0731 5996 Dhcp - ok 14:56:18.0771 5996 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:56:18.0772 5996 discache - ok 14:56:18.0814 5996 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 14:56:18.0816 5996 Disk - ok 14:56:18.0866 5996 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 14:56:18.0871 5996 Dnscache - ok 14:56:18.0923 5996 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 14:56:18.0929 5996 dot3svc - ok 14:56:18.0962 5996 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 14:56:18.0967 5996 DPS - ok 14:56:18.0999 5996 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:56:19.0000 5996 drmkaud - ok 14:56:19.0088 5996 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 14:56:19.0107 5996 DXGKrnl - ok 14:56:19.0156 5996 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:56:19.0158 5996 EapHost - ok 14:56:19.0364 5996 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 14:56:19.0440 5996 ebdrv - ok 14:56:19.0569 5996 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 14:56:19.0571 5996 EFS - ok 14:56:19.0688 5996 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 14:56:19.0697 5996 ehRecvr - ok 14:56:19.0738 5996 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:56:19.0752 5996 ehSched - ok 14:56:19.0849 5996 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 14:56:19.0866 5996 elxstor - ok 14:56:19.0889 5996 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 14:56:19.0893 5996 ErrDev - ok 14:56:19.0984 5996 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:56:19.0996 5996 EventSystem - ok 14:56:20.0034 5996 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:56:20.0039 5996 exfat - ok 14:56:20.0077 5996 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:56:20.0086 5996 fastfat - ok 14:56:20.0170 5996 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 14:56:20.0179 5996 Fax - ok 14:56:20.0210 5996 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 14:56:20.0211 5996 fdc - ok 14:56:20.0254 5996 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:56:20.0256 5996 fdPHost - ok 14:56:20.0282 5996 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:56:20.0284 5996 FDResPub - ok 14:56:20.0306 5996 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:56:20.0308 5996 FileInfo - ok 14:56:20.0349 5996 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:56:20.0351 5996 Filetrace - ok 14:56:20.0380 5996 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 14:56:20.0382 5996 flpydisk - ok 14:56:20.0440 5996 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 14:56:20.0479 5996 FltMgr - ok 14:56:20.0600 5996 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 14:56:20.0612 5996 FontCache - ok 14:56:20.0687 5996 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:56:20.0689 5996 FontCache3.0.0.0 - ok 14:56:20.0751 5996 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:56:20.0753 5996 FsDepends - ok 14:56:20.0812 5996 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 14:56:20.0813 5996 Fs_Rec - ok 14:56:20.0890 5996 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:56:20.0893 5996 fvevol - ok 14:56:20.0934 5996 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:56:20.0936 5996 gagp30kx - ok 14:56:21.0060 5996 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 14:56:21.0069 5996 GameConsoleService - ok 14:56:21.0133 5996 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:56:21.0135 5996 GEARAspiWDM - ok 14:56:21.0220 5996 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 14:56:21.0229 5996 gpsvc - ok 14:56:21.0262 5996 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:56:21.0264 5996 hcw85cir - ok 14:56:21.0331 5996 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 14:56:21.0336 5996 HdAudAddService - ok 14:56:21.0390 5996 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:56:21.0392 5996 HDAudBus - ok 14:56:21.0446 5996 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 14:56:21.0447 5996 HidBatt - ok 14:56:21.0470 5996 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 14:56:21.0472 5996 HidBth - ok 14:56:21.0539 5996 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 14:56:21.0540 5996 HidIr - ok 14:56:21.0581 5996 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:56:21.0583 5996 hidserv - ok 14:56:21.0634 5996 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 14:56:21.0636 5996 HidUsb - ok 14:56:21.0664 5996 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 14:56:21.0666 5996 hkmsvc - ok 14:56:21.0701 5996 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 14:56:21.0709 5996 HomeGroupListener - ok 14:56:21.0741 5996 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 14:56:21.0751 5996 HomeGroupProvider - ok 14:56:21.0898 5996 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 14:56:21.0903 5996 HP Support Assistant Service - ok 14:56:22.0011 5996 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 14:56:22.0021 5996 HP Wireless Assistant Service - ok 14:56:22.0083 5996 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 14:56:22.0085 5996 HPDrvMntSvc.exe - ok 14:56:22.0180 5996 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 14:56:22.0190 5996 hpqwmiex - ok 14:56:22.0260 5996 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 14:56:22.0262 5996 HpSAMD - ok 14:56:22.0350 5996 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 14:56:22.0351 5996 HPWMISVC - ok 14:56:22.0439 5996 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 14:56:22.0447 5996 HTTP - ok 14:56:22.0464 5996 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 14:56:22.0465 5996 hwpolicy - ok 14:56:22.0518 5996 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:56:22.0521 5996 i8042prt - ok 14:56:22.0601 5996 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys 14:56:22.0605 5996 iaStor - ok 14:56:22.0668 5996 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 14:56:22.0676 5996 iaStorV - ok 14:56:22.0820 5996 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:56:22.0832 5996 idsvc - ok 14:56:23.0268 5996 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys 14:56:23.0464 5996 igfx - ok 14:56:23.0603 5996 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 14:56:23.0605 5996 iirsp - ok 14:56:23.0693 5996 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 14:56:23.0707 5996 IKEEXT - ok 14:56:23.0863 5996 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys 14:56:23.0913 5996 IntcAzAudAddService - ok 14:56:24.0041 5996 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 14:56:24.0043 5996 intelide - ok 14:56:24.0099 5996 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 14:56:24.0101 5996 intelppm - ok 14:56:24.0145 5996 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:56:24.0148 5996 IPBusEnum - ok 14:56:24.0188 5996 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:56:24.0192 5996 IpFilterDriver - ok 14:56:24.0255 5996 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 14:56:24.0270 5996 iphlpsvc - ok 14:56:24.0312 5996 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 14:56:24.0314 5996 IPMIDRV - ok 14:56:24.0335 5996 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:56:24.0337 5996 IPNAT - ok 14:56:24.0483 5996 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe 14:56:24.0524 5996 iPod Service - ok 14:56:24.0573 5996 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:56:24.0577 5996 IRENUM - ok 14:56:24.0600 5996 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 14:56:24.0602 5996 isapnp - ok 14:56:24.0647 5996 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 14:56:24.0656 5996 iScsiPrt - ok 14:56:24.0709 5996 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 14:56:24.0711 5996 kbdclass - ok 14:56:24.0751 5996 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 14:56:24.0752 5996 kbdhid - ok 14:56:24.0813 5996 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:56:24.0814 5996 KeyIso - ok 14:56:24.0843 5996 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 14:56:24.0846 5996 KSecDD - ok 14:56:24.0879 5996 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 14:56:24.0882 5996 KSecPkg - ok 14:56:24.0924 5996 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:56:24.0925 5996 ksthunk - ok 14:56:24.0982 5996 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:56:24.0992 5996 KtmRm - ok 14:56:25.0050 5996 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 14:56:25.0057 5996 LanmanServer - ok 14:56:25.0108 5996 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 14:56:25.0115 5996 LanmanWorkstation - ok 14:56:25.0233 5996 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 14:56:25.0235 5996 LightScribeService - ok 14:56:25.0279 5996 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:56:25.0280 5996 lltdio - ok 14:56:25.0336 5996 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:56:25.0363 5996 lltdsvc - ok 14:56:25.0391 5996 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:56:25.0393 5996 lmhosts - ok 14:56:25.0438 5996 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:56:25.0440 5996 LSI_FC - ok 14:56:25.0476 5996 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:56:25.0482 5996 LSI_SAS - ok 14:56:25.0505 5996 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:56:25.0508 5996 LSI_SAS2 - ok 14:56:25.0544 5996 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:56:25.0547 5996 LSI_SCSI - ok 14:56:25.0575 5996 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:56:25.0577 5996 luafv - ok 14:56:25.0621 5996 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 14:56:25.0623 5996 Mcx2Svc - ok 14:56:25.0670 5996 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 14:56:25.0671 5996 megasas - ok 14:56:25.0725 5996 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 14:56:25.0731 5996 MegaSR - ok 14:56:25.0857 5996 Microsoft SharePoint Workspace Audit Service - ok 14:56:25.0909 5996 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:56:25.0912 5996 MMCSS - ok 14:56:25.0949 5996 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:56:25.0950 5996 Modem - ok 14:56:26.0005 5996 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:56:26.0005 5996 monitor - ok 14:56:26.0040 5996 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:56:26.0042 5996 mouclass - ok 14:56:26.0071 5996 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:56:26.0073 5996 mouhid - ok 14:56:26.0121 5996 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 14:56:26.0123 5996 mountmgr - ok 14:56:26.0176 5996 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 14:56:26.0208 5996 MozillaMaintenance - ok 14:56:26.0256 5996 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 14:56:26.0259 5996 mpio - ok 14:56:26.0304 5996 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:56:26.0306 5996 mpsdrv - ok 14:56:26.0394 5996 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 14:56:26.0410 5996 MpsSvc - ok 14:56:26.0447 5996 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 14:56:26.0450 5996 MRxDAV - ok 14:56:26.0502 5996 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:56:26.0509 5996 mrxsmb - ok 14:56:26.0547 5996 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:56:26.0563 5996 mrxsmb10 - ok 14:56:26.0604 5996 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:56:26.0607 5996 mrxsmb20 - ok 14:56:26.0646 5996 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys 14:56:26.0648 5996 msahci - ok 14:56:26.0693 5996 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 14:56:26.0697 5996 msdsm - ok 14:56:26.0743 5996 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:56:26.0746 5996 MSDTC - ok 14:56:26.0800 5996 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:56:26.0802 5996 Msfs - ok 14:56:26.0839 5996 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:56:26.0841 5996 mshidkmdf - ok 14:56:26.0883 5996 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 14:56:26.0885 5996 msisadrv - ok 14:56:26.0937 5996 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:56:26.0949 5996 MSiSCSI - ok 14:56:26.0959 5996 msiserver - ok 14:56:27.0001 5996 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:56:27.0002 5996 MSKSSRV - ok 14:56:27.0033 5996 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:56:27.0034 5996 MSPCLOCK - ok 14:56:27.0049 5996 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:56:27.0050 5996 MSPQM - ok 14:56:27.0097 5996 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 14:56:27.0107 5996 MsRPC - ok 14:56:27.0141 5996 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 14:56:27.0142 5996 mssmbios - ok 14:56:27.0167 5996 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:56:27.0168 5996 MSTEE - ok 14:56:27.0207 5996 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 14:56:27.0209 5996 MTConfig - ok 14:56:27.0247 5996 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:56:27.0249 5996 Mup - ok 14:56:27.0311 5996 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 14:56:27.0318 5996 napagent - ok 14:56:27.0414 5996 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:56:27.0429 5996 NativeWifiP - ok 14:56:27.0520 5996 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 14:56:27.0530 5996 NDIS - ok 14:56:27.0571 5996 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:56:27.0572 5996 NdisCap - ok 14:56:27.0609 5996 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:56:27.0611 5996 NdisTapi - ok 14:56:27.0646 5996 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 14:56:27.0648 5996 Ndisuio - ok 14:56:27.0680 5996 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 14:56:27.0691 5996 NdisWan - ok 14:56:27.0711 5996 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 14:56:27.0713 5996 NDProxy - ok 14:56:27.0756 5996 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:56:27.0758 5996 NetBIOS - ok 14:56:27.0795 5996 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 14:56:27.0798 5996 NetBT - ok 14:56:27.0846 5996 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:56:27.0848 5996 Netlogon - ok 14:56:27.0918 5996 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:56:27.0931 5996 Netman - ok 14:56:27.0976 5996 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:56:27.0982 5996 netprofm - ok 14:56:28.0066 5996 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:56:28.0069 5996 NetTcpPortSharing - ok 14:56:28.0353 5996 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 14:56:28.0454 5996 netw5v64 - ok 14:56:28.0589 5996 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 14:56:28.0591 5996 nfrd960 - ok 14:56:28.0656 5996 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 14:56:28.0672 5996 NlaSvc - ok 14:56:28.0898 5996 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 14:56:28.0976 5996 NOBU - ok 14:56:29.0105 5996 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:56:29.0107 5996 Npfs - ok 14:56:29.0145 5996 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:56:29.0150 5996 nsi - ok 14:56:29.0173 5996 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:56:29.0174 5996 nsiproxy - ok 14:56:29.0295 5996 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 14:56:29.0331 5996 Ntfs - ok 14:56:29.0491 5996 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:56:29.0492 5996 Null - ok 14:56:29.0538 5996 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 14:56:29.0541 5996 nvraid - ok 14:56:29.0578 5996 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 14:56:29.0589 5996 nvstor - ok 14:56:29.0616 5996 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 14:56:29.0622 5996 nv_agp - ok 14:56:29.0665 5996 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 14:56:29.0670 5996 ohci1394 - ok 14:56:29.0772 5996 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:56:29.0775 5996 ose - ok 14:56:30.0133 5996 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:56:30.0229 5996 osppsvc - ok 14:56:30.0374 5996 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:56:30.0389 5996 p2pimsvc - ok 14:56:30.0436 5996 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:56:30.0444 5996 p2psvc - ok 14:56:30.0515 5996 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 14:56:30.0517 5996 Parport - ok 14:56:30.0569 5996 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 14:56:30.0609 5996 partmgr - ok 14:56:30.0673 5996 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:56:30.0685 5996 PcaSvc - ok 14:56:30.0746 5996 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 14:56:30.0756 5996 pci - ok 14:56:30.0777 5996 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 14:56:30.0779 5996 pciide - ok 14:56:30.0842 5996 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 14:56:30.0848 5996 pcmcia - ok 14:56:30.0873 5996 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:56:30.0875 5996 pcw - ok 14:56:30.0936 5996 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:56:30.0956 5996 PEAUTH - ok 14:56:31.0057 5996 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:56:31.0059 5996 PerfHost - ok 14:56:31.0212 5996 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 14:56:31.0243 5996 pla - ok 14:56:31.0305 5996 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 14:56:31.0317 5996 PlugPlay - ok 14:56:31.0366 5996 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:56:31.0371 5996 PNRPAutoReg - ok 14:56:31.0408 5996 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:56:31.0412 5996 PNRPsvc - ok 14:56:31.0477 5996 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 14:56:31.0496 5996 PolicyAgent - ok 14:56:31.0557 5996 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:56:31.0569 5996 Power - ok 14:56:31.0638 5996 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 14:56:31.0640 5996 PptpMiniport - ok 14:56:31.0688 5996 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 14:56:31.0690 5996 Processor - ok 14:56:31.0751 5996 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll 14:56:31.0762 5996 ProfSvc - ok 14:56:31.0802 5996 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:56:31.0803 5996 ProtectedStorage - ok 14:56:31.0862 5996 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 14:56:31.0864 5996 Psched - ok 14:56:31.0991 5996 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 14:56:32.0020 5996 ql2300 - ok 14:56:32.0165 5996 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 14:56:32.0168 5996 ql40xx - ok 14:56:32.0224 5996 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:56:32.0231 5996 QWAVE - ok 14:56:32.0249 5996 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:56:32.0251 5996 QWAVEdrv - ok 14:56:32.0279 5996 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:56:32.0280 5996 RasAcd - ok 14:56:32.0333 5996 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:56:32.0335 5996 RasAgileVpn - ok 14:56:32.0395 5996 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:56:32.0399 5996 RasAuto - ok 14:56:32.0421 5996 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:56:32.0426 5996 Rasl2tp - ok 14:56:32.0469 5996 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 14:56:32.0484 5996 RasMan - ok 14:56:32.0527 5996 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:56:32.0529 5996 RasPppoe - ok 14:56:32.0576 5996 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:56:32.0578 5996 RasSstp - ok 14:56:32.0622 5996 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 14:56:32.0631 5996 rdbss - ok 14:56:32.0673 5996 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 14:56:32.0675 5996 rdpbus - ok 14:56:32.0700 5996 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:56:32.0701 5996 RDPCDD - ok 14:56:32.0736 5996 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:56:32.0737 5996 RDPENCDD - ok 14:56:32.0765 5996 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:56:32.0766 5996 RDPREFMP - ok 14:56:32.0819 5996 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys 14:56:32.0861 5996 RDPWD - ok 14:56:32.0918 5996 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 14:56:32.0926 5996 rdyboost - ok 14:56:32.0963 5996 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:56:32.0967 5996 RemoteAccess - ok 14:56:33.0012 5996 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:56:33.0024 5996 RemoteRegistry - ok 14:56:33.0061 5996 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:56:33.0064 5996 RpcEptMapper - ok 14:56:33.0099 5996 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:56:33.0101 5996 RpcLocator - ok 14:56:33.0160 5996 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 14:56:33.0164 5996 RpcSs - ok 14:56:33.0212 5996 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:56:33.0214 5996 rspndr - ok 14:56:33.0293 5996 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys 14:56:33.0300 5996 RSUSBSTOR - ok 14:56:33.0356 5996 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:56:33.0391 5996 RTL8167 - ok 14:56:33.0530 5996 rtl8192se (cd8f32bb993b98e6705f11504a7f7250) C:\Windows\system32\DRIVERS\rtl8192se.sys 14:56:33.0545 5996 rtl8192se - ok 14:56:33.0691 5996 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe 14:56:33.0706 5996 RtVOsdService - ok 14:56:33.0835 5996 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:56:33.0836 5996 SamSs - ok 14:56:33.0893 5996 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 14:56:33.0896 5996 sbp2port - ok 14:56:33.0951 5996 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:56:33.0961 5996 SCardSvr - ok 14:56:33.0985 5996 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 14:56:33.0986 5996 scfilter - ok 14:56:34.0084 5996 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 14:56:34.0102 5996 Schedule - ok 14:56:34.0152 5996 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 14:56:34.0153 5996 SCPolicySvc - ok 14:56:34.0210 5996 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys 14:56:34.0212 5996 sdbus - ok 14:56:34.0259 5996 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 14:56:34.0271 5996 SDRSVC - ok 14:56:34.0305 5996 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:56:34.0307 5996 secdrv - ok 14:56:34.0329 5996 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 14:56:34.0331 5996 seclogon - ok 14:56:34.0355 5996 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:56:34.0358 5996 SENS - ok 14:56:34.0412 5996 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:56:34.0414 5996 SensrSvc - ok 14:56:34.0447 5996 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 14:56:34.0451 5996 Serenum - ok 14:56:34.0494 5996 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 14:56:34.0499 5996 Serial - ok 14:56:34.0529 5996 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 14:56:34.0550 5996 sermouse - ok 14:56:34.0604 5996 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 14:56:34.0606 5996 SessionEnv - ok 14:56:34.0640 5996 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 14:56:34.0642 5996 sffdisk - ok 14:56:34.0682 5996 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 14:56:34.0683 5996 sffp_mmc - ok 14:56:34.0714 5996 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 14:56:34.0715 5996 sffp_sd - ok 14:56:34.0764 5996 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 14:56:34.0765 5996 sfloppy - ok 14:56:34.0829 5996 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:56:34.0842 5996 SharedAccess - ok 14:56:34.0901 5996 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 14:56:34.0915 5996 ShellHWDetection - ok 14:56:34.0954 5996 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:56:34.0955 5996 SiSRaid2 - ok 14:56:34.0997 5996 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 14:56:34.0999 5996 SiSRaid4 - ok 14:56:35.0042 5996 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:56:35.0045 5996 Smb - ok 14:56:35.0109 5996 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:56:35.0112 5996 SNMPTRAP - ok 14:56:35.0140 5996 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:56:35.0141 5996 spldr - ok 14:56:35.0215 5996 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 14:56:35.0223 5996 Spooler - ok 14:56:35.0461 5996 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 14:56:35.0521 5996 sppsvc - ok 14:56:35.0657 5996 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:56:35.0659 5996 sppuinotify - ok 14:56:35.0730 5996 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 14:56:35.0739 5996 srv - ok 14:56:35.0811 5996 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 14:56:35.0825 5996 srv2 - ok 14:56:35.0884 5996 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 14:56:35.0900 5996 SrvHsfHDA - ok 14:56:36.0001 5996 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 14:56:36.0039 5996 SrvHsfV92 - ok 14:56:36.0233 5996 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 14:56:36.0248 5996 SrvHsfWinac - ok 14:56:36.0312 5996 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 14:56:36.0317 5996 srvnet - ok 14:56:36.0381 5996 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:56:36.0390 5996 SSDPSRV - ok 14:56:36.0417 5996 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:56:36.0420 5996 SstpSvc - ok 14:56:36.0463 5996 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 14:56:36.0464 5996 stexstor - ok 14:56:36.0537 5996 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 14:56:36.0552 5996 stisvc - ok 14:56:36.0586 5996 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 14:56:36.0587 5996 swenum - ok 14:56:36.0643 5996 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:56:36.0661 5996 swprv - ok 14:56:36.0802 5996 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys 14:56:36.0835 5996 SynTP - ok 14:56:37.0050 5996 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 14:56:37.0085 5996 SysMain - ok 14:56:37.0211 5996 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 14:56:37.0214 5996 TabletInputService - ok 14:56:37.0257 5996 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 14:56:37.0269 5996 TapiSrv - ok 14:56:37.0299 5996 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:56:37.0302 5996 TBS - ok 14:56:37.0477 5996 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 14:56:37.0519 5996 Tcpip - ok 14:56:37.0756 5996 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 14:56:37.0767 5996 TCPIP6 - ok 14:56:37.0865 5996 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 14:56:37.0867 5996 tcpipreg - ok 14:56:37.0906 5996 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:56:37.0907 5996 TDPIPE - ok 14:56:37.0947 5996 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 14:56:37.0949 5996 TDTCP - ok 14:56:38.0003 5996 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 14:56:38.0005 5996 tdx - ok 14:56:38.0036 5996 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 14:56:38.0038 5996 TermDD - ok 14:56:38.0118 5996 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 14:56:38.0138 5996 TermService - ok 14:56:38.0159 5996 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:56:38.0164 5996 Themes - ok 14:56:38.0207 5996 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:56:38.0209 5996 THREADORDER - ok 14:56:38.0263 5996 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:56:38.0266 5996 TrkWks - ok 14:56:38.0334 5996 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 14:56:38.0337 5996 TrustedInstaller - ok 14:56:38.0383 5996 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:56:38.0385 5996 tssecsrv - ok 14:56:38.0415 5996 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 14:56:38.0418 5996 tunnel - ok 14:56:38.0463 5996 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 14:56:38.0465 5996 uagp35 - ok 14:56:38.0527 5996 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys 14:56:38.0531 5996 udfs - ok 14:56:38.0581 5996 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:56:38.0586 5996 UI0Detect - ok 14:56:38.0622 5996 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 14:56:38.0624 5996 uliagpkx - ok 14:56:38.0679 5996 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 14:56:38.0684 5996 umbus - ok 14:56:38.0712 5996 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 14:56:38.0716 5996 UmPass - ok 14:56:38.0784 5996 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:56:38.0798 5996 upnphost - ok 14:56:38.0852 5996 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 14:56:38.0865 5996 USBAAPL64 - ok 14:56:38.0922 5996 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 14:56:38.0939 5996 usbaudio - ok 14:56:38.0997 5996 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 14:56:39.0000 5996 usbccgp - ok 14:56:39.0045 5996 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 14:56:39.0047 5996 usbcir - ok 14:56:39.0090 5996 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys 14:56:39.0091 5996 usbehci - ok 14:56:39.0155 5996 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 14:56:39.0169 5996 usbhub - ok 14:56:39.0197 5996 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys 14:56:39.0199 5996 usbohci - ok 14:56:39.0251 5996 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 14:56:39.0253 5996 usbprint - ok 14:56:39.0288 5996 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:56:39.0291 5996 USBSTOR - ok 14:56:39.0322 5996 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys 14:56:39.0325 5996 usbuhci - ok 14:56:39.0402 5996 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:56:39.0405 5996 UxSms - ok 14:56:39.0447 5996 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 14:56:39.0448 5996 VaultSvc - ok 14:56:39.0497 5996 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 14:56:39.0499 5996 vdrvroot - ok 14:56:39.0559 5996 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 14:56:39.0576 5996 vds - ok 14:56:39.0599 5996 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:56:39.0600 5996 vga - ok 14:56:39.0625 5996 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:56:39.0627 5996 VgaSave - ok 14:56:39.0676 5996 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 14:56:39.0685 5996 vhdmp - ok 14:56:39.0716 5996 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 14:56:39.0717 5996 viaide - ok 14:56:39.0756 5996 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 14:56:39.0758 5996 volmgr - ok 14:56:39.0816 5996 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 14:56:39.0821 5996 volmgrx - ok 14:56:39.0882 5996 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 14:56:39.0911 5996 volsnap - ok 14:56:39.0968 5996 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 14:56:39.0971 5996 vsmraid - ok 14:56:40.0110 5996 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 14:56:40.0150 5996 VSS - ok 14:56:40.0284 5996 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:56:40.0289 5996 vwifibus - ok 14:56:40.0336 5996 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:56:40.0338 5996 vwififlt - ok 14:56:40.0382 5996 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 14:56:40.0386 5996 vwifimp - ok 14:56:40.0451 5996 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:56:40.0464 5996 W32Time - ok 14:56:40.0509 5996 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 14:56:40.0511 5996 WacomPen - ok 14:56:40.0571 5996 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 14:56:40.0573 5996 WANARP - ok 14:56:40.0599 5996 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 14:56:40.0600 5996 Wanarpv6 - ok 14:56:40.0726 5996 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:56:40.0803 5996 WatAdminSvc - ok 14:56:40.0935 5996 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 14:56:40.0965 5996 wbengine - ok 14:56:41.0110 5996 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:56:41.0120 5996 WbioSrvc - ok 14:56:41.0199 5996 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 14:56:41.0212 5996 wcncsvc - ok 14:56:41.0239 5996 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:56:41.0245 5996 WcsPlugInService - ok 14:56:41.0310 5996 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 14:56:41.0311 5996 Wd - ok 14:56:41.0376 5996 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:56:41.0388 5996 Wdf01000 - ok 14:56:41.0457 5996 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:56:41.0460 5996 WdiServiceHost - ok 14:56:41.0472 5996 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:56:41.0475 5996 WdiSystemHost - ok 14:56:41.0526 5996 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 14:56:41.0531 5996 WebClient - ok 14:56:41.0571 5996 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:56:41.0579 5996 Wecsvc - ok 14:56:41.0608 5996 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:56:41.0611 5996 wercplsupport - ok 14:56:41.0653 5996 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:56:41.0656 5996 WerSvc - ok 14:56:41.0732 5996 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:56:41.0734 5996 WfpLwf - ok 14:56:41.0765 5996 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:56:41.0766 5996 WIMMount - ok 14:56:41.0825 5996 WinDefend - ok 14:56:41.0840 5996 WinHttpAutoProxySvc - ok 14:56:41.0923 5996 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:56:41.0932 5996 Winmgmt - ok 14:56:42.0065 5996 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 14:56:42.0113 5996 WinRM - ok 14:56:42.0300 5996 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:56:42.0320 5996 Wlansvc - ok 14:56:42.0522 5996 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:56:42.0574 5996 wlidsvc - ok 14:56:42.0721 5996 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 14:56:42.0723 5996 WmiAcpi - ok 14:56:42.0813 5996 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:56:42.0822 5996 wmiApSrv - ok 14:56:42.0885 5996 WMPNetworkSvc - ok 14:56:42.0916 5996 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:56:42.0919 5996 WPCSvc - ok 14:56:42.0944 5996 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 14:56:42.0951 5996 WPDBusEnum - ok 14:56:42.0985 5996 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:56:42.0986 5996 ws2ifsl - ok 14:56:43.0042 5996 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll 14:56:43.0045 5996 wscsvc - ok 14:56:43.0055 5996 WSearch - ok 14:56:43.0204 5996 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll 14:56:43.0252 5996 wuauserv - ok 14:56:43.0398 5996 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 14:56:43.0403 5996 WudfPf - ok 14:56:43.0453 5996 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:56:43.0463 5996 WUDFRd - ok 14:56:43.0505 5996 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 14:56:43.0508 5996 wudfsvc - ok 14:56:43.0565 5996 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:56:43.0569 5996 WwanSvc - ok 14:56:43.0639 5996 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 14:56:43.0651 5996 yukonw7 - ok 14:56:43.0698 5996 MBR (0x1B8) (8ffbb27037b29e6fbfc4eb4fbd8c137e) \Device\Harddisk0\DR0 14:56:43.0737 5996 \Device\Harddisk0\DR0 - ok 14:56:43.0774 5996 Boot (0x1200) (c496ac5169381a53411fbd2bfbbf90fd) \Device\Harddisk0\DR0\Partition0 14:56:43.0776 5996 \Device\Harddisk0\DR0\Partition0 - ok 14:56:43.0798 5996 Boot (0x1200) (2a3c115f434efa736afb940118af559b) \Device\Harddisk0\DR0\Partition1 14:56:43.0799 5996 \Device\Harddisk0\DR0\Partition1 - ok 14:56:43.0841 5996 Boot (0x1200) (fd7cb2589a26cf2b7e5ead4264b06109) \Device\Harddisk0\DR0\Partition2 14:56:43.0843 5996 \Device\Harddisk0\DR0\Partition2 - ok 14:56:43.0871 5996 Boot (0x1200) (e2e9bf26d0f3321161d32c27fb773c68) \Device\Harddisk0\DR0\Partition3 14:56:43.0872 5996 \Device\Harddisk0\DR0\Partition3 - ok 14:56:43.0876 5996 ============================================================ 14:56:43.0876 5996 Scan finished 14:56:43.0876 5996 ============================================================ 14:56:43.0895 4592 Detected object count: 0 14:56:43.0895 4592 Actual detected object count: 0 14:57:27.0590 5428 ============================================================ 14:57:27.0591 5428 Scan started 14:57:27.0591 5428 Mode: Manual; 14:57:27.0591 5428 ============================================================ 14:57:27.0799 5428 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 14:57:27.0801 5428 1394ohci - ok 14:57:27.0871 5428 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 14:57:27.0876 5428 ACPI - ok 14:57:27.0924 5428 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 14:57:27.0924 5428 AcpiPmi - ok 14:57:27.0972 5428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 14:57:27.0976 5428 adp94xx - ok 14:57:28.0046 5428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 14:57:28.0049 5428 adpahci - ok 14:57:28.0131 5428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 14:57:28.0135 5428 adpu320 - ok 14:57:28.0177 5428 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:57:28.0178 5428 AeLookupSvc - ok 14:57:28.0275 5428 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 14:57:28.0276 5428 AERTFilters - ok 14:57:28.0343 5428 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 14:57:28.0346 5428 AFD - ok 14:57:28.0388 5428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 14:57:28.0389 5428 agp440 - ok 14:57:28.0436 5428 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:57:28.0437 5428 ALG - ok 14:57:28.0462 5428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 14:57:28.0463 5428 aliide - ok 14:57:28.0491 5428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 14:57:28.0492 5428 amdide - ok 14:57:28.0520 5428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 14:57:28.0523 5428 AmdK8 - ok 14:57:28.0548 5428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 14:57:28.0549 5428 AmdPPM - ok 14:57:28.0596 5428 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 14:57:28.0597 5428 amdsata - ok 14:57:28.0655 5428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 14:57:28.0656 5428 amdsbs - ok 14:57:28.0679 5428 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 14:57:28.0680 5428 amdxata - ok 14:57:28.0723 5428 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 14:57:28.0724 5428 AppID - ok 14:57:28.0766 5428 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:57:28.0767 5428 AppIDSvc - ok 14:57:28.0789 5428 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 14:57:28.0790 5428 Appinfo - ok 14:57:28.0884 5428 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:57:28.0886 5428 Apple Mobile Device - ok 14:57:28.0919 5428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 14:57:28.0920 5428 arc - ok 14:57:28.0968 5428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 14:57:28.0969 5428 arcsas - ok 14:57:29.0015 5428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:57:29.0015 5428 AsyncMac - ok 14:57:29.0044 5428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 14:57:29.0044 5428 atapi - ok 14:57:29.0113 5428 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 14:57:29.0117 5428 AudioEndpointBuilder - ok 14:57:29.0130 5428 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 14:57:29.0134 5428 AudioSrv - ok 14:57:29.0440 5428 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 14:57:29.0468 5428 AVGIDSAgent - ok 14:57:29.0636 5428 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 14:57:29.0637 5428 AVGIDSDriver - ok 14:57:29.0663 5428 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 14:57:29.0664 5428 AVGIDSEH - ok 14:57:29.0678 5428 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 14:57:29.0678 5428 AVGIDSFilter - ok 14:57:29.0724 5428 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 14:57:29.0726 5428 Avgldx64 - ok 14:57:29.0744 5428 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 14:57:29.0745 5428 Avgmfx64 - ok 14:57:29.0774 5428 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 14:57:29.0774 5428 Avgrkx64 - ok 14:57:29.0824 5428 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 14:57:29.0827 5428 Avgtdia - ok 14:57:29.0960 5428 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 14:57:29.0962 5428 avgwd - ok 14:57:30.0006 5428 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 14:57:30.0017 5428 AxInstSV - ok 14:57:30.0092 5428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 14:57:30.0096 5428 b06bdrv - ok 14:57:30.0154 5428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:57:30.0156 5428 b57nd60a - ok 14:57:30.0310 5428 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 14:57:30.0311 5428 BBSvc - ok 14:57:30.0428 5428 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 14:57:30.0430 5428 BBUpdate - ok 14:57:30.0475 5428 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:57:30.0476 5428 BDESVC - ok 14:57:30.0514 5428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:57:30.0514 5428 Beep - ok 14:57:30.0574 5428 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 14:57:30.0579 5428 BFE - ok 14:57:30.0664 5428 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 14:57:30.0670 5428 BITS - ok 14:57:30.0740 5428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 14:57:30.0741 5428 blbdrive - ok 14:57:30.0861 5428 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 14:57:30.0864 5428 Bonjour Service - ok 14:57:30.0898 5428 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 14:57:30.0899 5428 bowser - ok 14:57:30.0943 5428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:57:30.0944 5428 BrFiltLo - ok 14:57:30.0975 5428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:57:30.0976 5428 BrFiltUp - ok 14:57:31.0017 5428 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 14:57:31.0021 5428 Browser - ok 14:57:31.0059 5428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:57:31.0061 5428 Brserid - ok
  6. klesh45
    . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Brian at 3:45:32 on 2012-05-15 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1701 [GMT -7:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe C:\Program Files\Realtek\RtVOsd\RtVOsd.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\3686F696365673 : DhcpNameServer = 24.116.2.50 24.116.2.34 TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\4456E6E6977237D27457563747D275946494 : DhcpNameServer = 66.82.4.8 66.82.4.12 TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\4557C6C69737 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\771697E65636F6C6C696E637 : DhcpNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\C4F657467596C6C6F677D27657563747 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-12 98208] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-11 129976] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-05-14 20:32:45 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-05-14 19:03:44 -------- d-----w- C:\Users\Brian\AppData\Roaming\Malwarebytes 2012-05-14 19:03:37 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE 2012-05-14 19:03:33 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-05-14 19:03:33 -------- d-----w- C:\ProgramData\Malwarebytes 2012-05-14 19:03:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-05-14 10:21:26 -------- d-----w- C:\Users\Brian\AppData\Roaming\ooVoo Details 2012-05-14 10:20:57 -------- d-----w- C:\Program Files (x86)\Conduit 2012-05-14 10:20:54 -------- d-----w- C:\Users\Brian\AppData\Local\Conduit 2012-05-14 10:20:51 327749 ----a-w- C:\Windows\SysWow64\drvc.dll 2012-05-14 10:20:31 -------- d-----w- C:\Program Files (x86)\iNTERNET Turbo 2012-05-12 01:31:07 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-05-12 01:30:51 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll 2012-05-12 01:30:51 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll 2012-05-12 01:30:51 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-05-12 01:30:51 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-05-11 09:28:30 1541120 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-11 09:28:30 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-11 09:28:29 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-05-11 09:28:29 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-05-11 09:28:29 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll 2012-05-11 09:28:29 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2012-05-11 09:28:29 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-05-11 09:28:29 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll 2012-05-11 09:28:29 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-05-11 09:28:29 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2012-05-11 09:27:48 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-11 09:27:46 3143680 ----a-w- C:\Windows\System32\win32k.sys 2012-05-11 09:27:45 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-11 09:27:45 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-11 09:27:40 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-11 09:27:36 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-11 09:27:32 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 09:27:32 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll . ==================== Find3M ==================== . 2012-03-01 06:54:38 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-03-01 06:45:41 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-03-01 06:40:14 80896 ----a-w- C:\Windows\System32\imagehlp.dll 2012-03-01 06:35:16 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-03-01 05:49:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-03-01 05:45:05 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-03-01 05:40:44 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-23 10:24:05 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2012-02-23 10:24:05 161792 ----a-w- C:\Windows\SysWow64\msls31.dll 2012-02-23 10:24:02 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll 2012-02-23 10:24:01 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2012-02-23 10:24:01 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe 2012-02-23 10:24:01 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll 2012-02-23 10:24:00 63488 ----a-w- C:\Windows\SysWow64\tdc.ocx 2012-02-23 10:24:00 367104 ----a-w- C:\Windows\SysWow64\html.iec . ============= FINISH: 3:46:40.23 =============== -------------Second Log--------------- . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 8/26/2011 1:29:39 PM System Uptime: 5/15/2012 3:06:37 AM (0 hours ago) . Motherboard: Hewlett-Packard | | 1484 Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 281 GiB total, 184.025 GiB free. D: is FIXED (NTFS) - 17 GiB total, 2.496 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP89: 4/13/2012 3:09:06 AM - Windows Update RP90: 4/30/2012 1:26:17 AM - Scheduled Checkpoint RP91: 5/2/2012 3:00:14 AM - Windows Update RP92: 5/11/2012 3:00:22 AM - Windows Update RP93: 5/14/2012 3:27:16 AM - Removed ooVoo . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.0 MUI Adobe Shockwave Player 11.5 Apple Application Support Apple Software Update Audacity 1.3.13 (Unicode) Bejeweled 2 Deluxe Bing Bar Blackhawk Striker 2 Build-a-lot 2 Chuzzle Deluxe CinemaNow Media Manager Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDVD 9 CyberLink YouCam Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 FATE Final Drive Nitro Heroes of Hellas 2 - Olympia Hewlett-Packard ACLM.NET v1.1.2.0 HP Advisor HP Customer Experience Enhancements HP Documentation HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP Photo Creations HP Power Manager HP Quick Launch HP Setup HP Software Framework HP Support Assistant Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 20 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Choice Guard Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Rise Of Nations Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) MSXML4 Parser Norton Online Backup Penguins! PhotoNow! Plants vs. Zombies Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader REALTEK Wireless LAN Software Recovery Manager Revo Uninstaller 1.93 Rise of Nations Thrones and Patriots Roxio CinemaNow 2.0 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Virtual Families Virtual Villagers - The Secret City Visual Studio 2008 x64 Redistributables Wheel of Fortune 2 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 5/9/2012 3:10:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 5/15/2012 3:33:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 5/13/2012 10:19:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. . ==== End Of File =========================== -----------RougeKiller Log----------------------- RogueKiller V7.4.4 [05/08/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User: Brian [Admin rights] Mode: Scan -- Date: 05/15/2012 03:49:38 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEVT-60A23T0 +++++ --- User --- [MBR] 6bcf3dd14c642cff97fa0a0ff0620cfe [bSP] 57e03b796349a7f1515f6689363ea785 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 287273 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 588744704 | Size: 17668 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt Note, I didn't delete anything with RougeKiller, just to make sure I didn't do anything I was suppose to.
  7. klesh45
    So, I downloaded a program I trust and use often for converting all sorts of files, and this time I had to reinstall it due to it being out of date. In the process of installing 'Super.exe' I was asked whether or not I want to Install Whitesmoke Toolbar and ooVoo Video Chat. I clicked no, however after the program installed, I was informed that both the other programs were install, despite I said I didn't want them. To put it all short, I don't want this toolbar, and I really don't trust it. This computer is my main business computer where I do try to keep up with keeping everything secure, and frankly I'm afraid to log into anything other than my email right now. I have run AVG with the latest updates, to find nothing at all in the computer. Then I installed Malwarebytes, a program I have used in the past, however no results were sent back. Now, I'm considering installing HijackThis and see if I can find anything. But of course I don't trust making any changes unless someone reviews my logs. Please Help, Brian
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.