klesh45
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by klesh45
-
-
ComboFix 12-05-15.04 - Brian 05/15/2012 16:27:09.2.1 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1997 [GMT -7:00]
Running from: c:\users\Brian\Desktop\ComboFix.exe
Command switches used :: c:\users\Brian\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))
.
.
2012-05-15 23:34 . 2012-05-15 23:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-14 20:32 . 2012-05-14 20:32 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\programdata\Malwarebytes
2012-05-14 19:03 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-14 10:21 . 2012-05-14 10:21 -------- d-----w- c:\users\Brian\AppData\Roaming\ooVoo Details
2012-05-14 10:20 . 2012-05-14 10:20 -------- d-----w- c:\program files (x86)\Conduit
2012-05-14 10:20 . 2012-05-14 10:26 -------- d-----w- c:\users\Brian\AppData\Local\Conduit
2012-05-14 10:20 . 2004-07-03 00:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2012-05-14 10:20 . 2012-05-14 10:21 -------- d-----w- c:\program files (x86)\iNTERNET Turbo
2012-05-12 01:31 . 2012-05-12 01:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-12 01:30 . 2012-05-12 01:30 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-05-12 01:30 . 2012-05-12 01:30 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-05-12 01:30 . 2012-05-12 01:30 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-12 01:30 . 2012-05-12 01:30 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-05-11 09:28 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 09:28 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 09:28 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-11 09:28 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-11 09:28 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-11 09:28 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-05-11 09:28 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-05-11 09:28 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-05-11 09:28 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-05-11 09:28 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-05-11 09:27 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 09:27 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 09:27 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 09:27 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 09:27 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 09:27 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 09:27 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 09:27 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 06:54 . 2012-04-13 10:11 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-13 10:11 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-13 10:11 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-13 10:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-13 10:11 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-13 10:11 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-13 10:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-13 10:12 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-13 10:12 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-13 10:12 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-13 10:12 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-13 10:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-13 10:12 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-23 10:24 . 2012-02-23 10:24 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-02-23 10:24 . 2012-02-23 10:24 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-02-23 10:24 . 2012-02-23 10:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-02-23 10:24 . 2012-02-23 10:24 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-02-23 10:24 . 2012-02-23 10:24 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-02-23 10:24 . 2012-02-23 10:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-02-23 10:24 . 2012-02-23 10:24 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-02-23 10:24 . 2012-02-23 10:24 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-02-23 10:23 . 2012-02-23 10:23 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-02-23 10:23 . 2012-02-23 10:23 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-02-23 10:23 . 2012-02-23 10:23 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-02-23 10:23 . 2012-02-23 10:23 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-02-23 10:23 . 2012-02-23 10:23 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-02-23 10:23 . 2012-02-23 10:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-02-23 10:23 . 2012-02-23 10:23 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-02-23 10:23 . 2012-02-23 10:23 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-23 10:23 . 2012-02-23 10:23 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-02-23 10:23 . 2012-02-23 10:23 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-23 10:23 . 2012-02-23 10:23 222208 ----a-w- c:\windows\system32\msls31.dll
2012-02-23 10:23 . 2012-02-23 10:23 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-23 10:23 . 2012-02-23 10:23 12288 ----a-w- c:\windows\system32\mshta.exe
2012-02-23 10:23 . 2012-02-23 10:23 114176 ----a-w- c:\windows\system32\admparse.dll
2012-02-23 10:23 . 2012-02-23 10:23 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-02-23 10:23 . 2012-02-23 10:23 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-23 10:23 . 2012-02-23 10:23 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-23 10:23 . 2012-02-23 10:23 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-02-23 10:23 . 2012-02-23 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-23 10:23 . 2012-02-23 10:23 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-23 10:23 . 2012-02-23 10:23 448512 ----a-w- c:\windows\system32\html.iec
2012-02-23 10:23 . 2012-02-23 10:23 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-02-23 10:23 . 2012-02-23 10:23 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-23 10:23 . 2012-02-23 10:23 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-02-23 10:23 . 2012-02-23 10:23 160256 ----a-w- c:\windows\system32\wextract.exe
2012-02-23 10:23 . 2012-02-23 10:23 603648 ----a-w- c:\windows\system32\vbscript.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-15_22.45.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-05-14 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-15 22:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-14 20:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-15 22:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-15 22:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-14 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2012-05-15 23:38 44370 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-08-26 20:31 . 2012-05-15 23:38 11354 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-786997053-1296620380-1412284102-1002_UserData.bin
- 2012-05-15 22:44 . 2012-05-15 22:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-15 23:35 . 2012-05-15 23:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-15 22:44 . 2012-05-15 22:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-15 23:35 . 2012-05-15 23:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-05-15 22:43 390876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-15 23:34 390876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-26 23:28 . 2012-05-15 23:34 1324052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-786997053-1296620380-1412284102-1002-8192.dat
- 2011-08-26 23:28 . 2012-05-15 22:43 1324052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-786997053-1296620380-1412284102-1002-8192.dat
- 2009-07-14 02:34 . 2012-05-15 22:04 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-05-15 23:03 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 18:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-11 c:\windows\Tasks\HPCeeScheduleForBrian.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 410648]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
.
**************************************************************************
.
Completion time: 2012-05-15 16:45:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-15 23:45
ComboFix2.txt 2012-05-15 22:54
.
Pre-Run: 200,338,493,440 bytes free
Post-Run: 200,044,150,784 bytes free
.
- - End Of File - - 8C4E95DD785D07E844EC38A3662D3DA4
-
ComboFix 12-05-15.04 - Brian 05/15/2012 15:31:58.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.2115 [GMT -7:00]
Running from: c:\users\Brian\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))
.
.
2012-05-15 22:44 . 2012-05-15 22:44 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-05-15 22:41 . 2012-05-15 22:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-14 20:32 . 2012-05-14 20:32 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\programdata\Malwarebytes
2012-05-14 19:03 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-14 10:21 . 2012-05-14 10:21 -------- d-----w- c:\users\Brian\AppData\Roaming\ooVoo Details
2012-05-14 10:20 . 2012-05-14 10:20 -------- d-----w- c:\program files (x86)\Conduit
2012-05-14 10:20 . 2012-05-14 10:26 -------- d-----w- c:\users\Brian\AppData\Local\Conduit
2012-05-14 10:20 . 2004-07-03 00:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2012-05-14 10:20 . 2012-05-14 10:21 -------- d-----w- c:\program files (x86)\iNTERNET Turbo
2012-05-12 01:31 . 2012-05-12 01:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-12 01:30 . 2012-05-12 01:30 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-05-12 01:30 . 2012-05-12 01:30 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-05-12 01:30 . 2012-05-12 01:30 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-12 01:30 . 2012-05-12 01:30 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-05-11 09:28 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 09:28 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 09:28 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-11 09:28 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-11 09:28 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-11 09:28 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-05-11 09:28 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-05-11 09:28 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-05-11 09:28 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-05-11 09:28 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-05-11 09:27 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 09:27 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 09:27 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 09:27 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 09:27 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 09:27 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 09:27 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 09:27 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 06:54 . 2012-04-13 10:11 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-13 10:11 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-13 10:11 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-13 10:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-13 10:11 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-13 10:11 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-13 10:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-13 10:12 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-13 10:12 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-13 10:12 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-13 10:12 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-13 10:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-13 10:12 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-23 10:24 . 2012-02-23 10:24 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-02-23 10:24 . 2012-02-23 10:24 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-02-23 10:24 . 2012-02-23 10:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-02-23 10:24 . 2012-02-23 10:24 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-02-23 10:24 . 2012-02-23 10:24 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-02-23 10:24 . 2012-02-23 10:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-02-23 10:24 . 2012-02-23 10:24 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-02-23 10:24 . 2012-02-23 10:24 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-02-23 10:23 . 2012-02-23 10:23 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-02-23 10:23 . 2012-02-23 10:23 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-02-23 10:23 . 2012-02-23 10:23 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-02-23 10:23 . 2012-02-23 10:23 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-02-23 10:23 . 2012-02-23 10:23 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-02-23 10:23 . 2012-02-23 10:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-02-23 10:23 . 2012-02-23 10:23 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-02-23 10:23 . 2012-02-23 10:23 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-23 10:23 . 2012-02-23 10:23 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-02-23 10:23 . 2012-02-23 10:23 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-23 10:23 . 2012-02-23 10:23 222208 ----a-w- c:\windows\system32\msls31.dll
2012-02-23 10:23 . 2012-02-23 10:23 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-23 10:23 . 2012-02-23 10:23 12288 ----a-w- c:\windows\system32\mshta.exe
2012-02-23 10:23 . 2012-02-23 10:23 114176 ----a-w- c:\windows\system32\admparse.dll
2012-02-23 10:23 . 2012-02-23 10:23 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-02-23 10:23 . 2012-02-23 10:23 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-23 10:23 . 2012-02-23 10:23 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-23 10:23 . 2012-02-23 10:23 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-02-23 10:23 . 2012-02-23 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-23 10:23 . 2012-02-23 10:23 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-23 10:23 . 2012-02-23 10:23 448512 ----a-w- c:\windows\system32\html.iec
2012-02-23 10:23 . 2012-02-23 10:23 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-02-23 10:23 . 2012-02-23 10:23 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-23 10:23 . 2012-02-23 10:23 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-02-23 10:23 . 2012-02-23 10:23 160256 ----a-w- c:\windows\system32\wextract.exe
2012-02-23 10:23 . 2012-02-23 10:23 603648 ----a-w- c:\windows\system32\vbscript.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 18:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-11 c:\windows\Tasks\HPCeeScheduleForBrian.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 410648]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{cce665dd-f6dd-4808-968e-eaec971f70ef} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
.
**************************************************************************
.
Completion time: 2012-05-15 15:54:11 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-15 22:54
.
Pre-Run: 200,028,020,736 bytes free
Post-Run: 200,285,569,024 bytes free
.
- - End Of File - - FEE690D6AC74ECDAA71E6D8F418F51E8
-
14:57:31.0089 5428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:31.0090 5428 BrSerWdm - ok
14:57:31.0121 5428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:31.0122 5428 BrUsbMdm - ok
14:57:31.0144 5428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:31.0144 5428 BrUsbSer - ok
14:57:31.0170 5428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:57:31.0171 5428 BTHMODEM - ok
14:57:31.0226 5428 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:57:31.0227 5428 bthserv - ok
14:57:31.0259 5428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:57:31.0260 5428 cdfs - ok
14:57:31.0302 5428 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:57:31.0303 5428 cdrom - ok
14:57:31.0333 5428 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:57:31.0334 5428 CertPropSvc - ok
14:57:31.0408 5428 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:57:31.0410 5428 CinemaNow Service - ok
14:57:31.0451 5428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:57:31.0452 5428 circlass - ok
14:57:31.0511 5428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:57:31.0514 5428 CLFS - ok
14:57:31.0606 5428 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:31.0607 5428 clr_optimization_v2.0.50727_32 - ok
14:57:31.0653 5428 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:31.0654 5428 clr_optimization_v2.0.50727_64 - ok
14:57:31.0740 5428 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:31.0742 5428 clr_optimization_v4.0.30319_32 - ok
14:57:31.0791 5428 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:31.0793 5428 clr_optimization_v4.0.30319_64 - ok
14:57:31.0832 5428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:57:31.0833 5428 CmBatt - ok
14:57:31.0864 5428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:57:31.0865 5428 cmdide - ok
14:57:31.0938 5428 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
14:57:31.0941 5428 CNG - ok
14:57:31.0969 5428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:57:31.0970 5428 Compbatt - ok
14:57:31.0996 5428 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:57:31.0996 5428 CompositeBus - ok
14:57:32.0010 5428 COMSysApp - ok
14:57:32.0051 5428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:57:32.0052 5428 crcdisk - ok
14:57:32.0111 5428 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
14:57:32.0113 5428 CryptSvc - ok
14:57:32.0187 5428 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:57:32.0192 5428 DcomLaunch - ok
14:57:32.0233 5428 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:57:32.0238 5428 defragsvc - ok
14:57:32.0281 5428 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:57:32.0282 5428 DfsC - ok
14:57:32.0327 5428 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
14:57:32.0329 5428 Dhcp - ok
14:57:32.0360 5428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:57:32.0361 5428 discache - ok
14:57:32.0404 5428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:57:32.0404 5428 Disk - ok
14:57:32.0455 5428 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
14:57:32.0457 5428 Dnscache - ok
14:57:32.0523 5428 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
14:57:32.0525 5428 dot3svc - ok
14:57:32.0566 5428 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
14:57:32.0568 5428 DPS - ok
14:57:32.0597 5428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:57:32.0598 5428 drmkaud - ok
14:57:32.0680 5428 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:57:32.0686 5428 DXGKrnl - ok
14:57:32.0714 5428 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:57:32.0715 5428 EapHost - ok
14:57:32.0891 5428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:57:32.0911 5428 ebdrv - ok
14:57:33.0035 5428 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
14:57:33.0037 5428 EFS - ok
14:57:33.0121 5428 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
14:57:33.0125 5428 ehRecvr - ok
14:57:33.0169 5428 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:57:33.0170 5428 ehSched - ok
14:57:33.0273 5428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:57:33.0277 5428 elxstor - ok
14:57:33.0300 5428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:57:33.0300 5428 ErrDev - ok
14:57:33.0373 5428 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:57:33.0376 5428 EventSystem - ok
14:57:33.0433 5428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:57:33.0435 5428 exfat - ok
14:57:33.0476 5428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:57:33.0478 5428 fastfat - ok
14:57:33.0546 5428 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
14:57:33.0551 5428 Fax - ok
14:57:33.0577 5428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:57:33.0577 5428 fdc - ok
14:57:33.0610 5428 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:57:33.0611 5428 fdPHost - ok
14:57:33.0635 5428 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:57:33.0636 5428 FDResPub - ok
14:57:33.0663 5428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:57:33.0664 5428 FileInfo - ok
14:57:33.0682 5428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:57:33.0683 5428 Filetrace - ok
14:57:33.0713 5428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:57:33.0714 5428 flpydisk - ok
14:57:33.0764 5428 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:57:33.0766 5428 FltMgr - ok
14:57:33.0878 5428 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
14:57:33.0886 5428 FontCache - ok
14:57:33.0951 5428 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:33.0952 5428 FontCache3.0.0.0 - ok
14:57:34.0020 5428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:57:34.0021 5428 FsDepends - ok
14:57:34.0078 5428 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
14:57:34.0079 5428 Fs_Rec - ok
14:57:34.0134 5428 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:57:34.0135 5428 fvevol - ok
14:57:34.0168 5428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:57:34.0169 5428 gagp30kx - ok
14:57:34.0284 5428 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:57:34.0286 5428 GameConsoleService - ok
14:57:34.0333 5428 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:34.0334 5428 GEARAspiWDM - ok
14:57:34.0416 5428 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
14:57:34.0422 5428 gpsvc - ok
14:57:34.0462 5428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:57:34.0463 5428 hcw85cir - ok
14:57:34.0515 5428 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:57:34.0517 5428 HdAudAddService - ok
14:57:34.0546 5428 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:57:34.0547 5428 HDAudBus - ok
14:57:34.0579 5428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:57:34.0579 5428 HidBatt - ok
14:57:34.0611 5428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:57:34.0612 5428 HidBth - ok
14:57:34.0639 5428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:57:34.0640 5428 HidIr - ok
14:57:34.0671 5428 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:57:34.0672 5428 hidserv - ok
14:57:34.0697 5428 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:57:34.0698 5428 HidUsb - ok
14:57:34.0728 5428 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
14:57:34.0729 5428 hkmsvc - ok
14:57:34.0770 5428 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
14:57:34.0773 5428 HomeGroupListener - ok
14:57:34.0819 5428 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
14:57:34.0822 5428 HomeGroupProvider - ok
14:57:34.0944 5428 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:57:34.0945 5428 HP Support Assistant Service - ok
14:57:35.0033 5428 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:57:35.0035 5428 HP Wireless Assistant Service - ok
14:57:35.0082 5428 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:57:35.0084 5428 HPDrvMntSvc.exe - ok
14:57:35.0173 5428 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:57:35.0178 5428 hpqwmiex - ok
14:57:35.0238 5428 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:57:35.0239 5428 HpSAMD - ok
14:57:35.0294 5428 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:57:35.0295 5428 HPWMISVC - ok
14:57:35.0379 5428 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:57:35.0384 5428 HTTP - ok
14:57:35.0420 5428 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:57:35.0420 5428 hwpolicy - ok
14:57:35.0453 5428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:57:35.0454 5428 i8042prt - ok
14:57:35.0538 5428 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
14:57:35.0544 5428 iaStor - ok
14:57:35.0601 5428 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:57:35.0604 5428 iaStorV - ok
14:57:35.0733 5428 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:35.0739 5428 idsvc - ok
14:57:36.0173 5428 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:57:36.0240 5428 igfx - ok
14:57:36.0370 5428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:57:36.0371 5428 iirsp - ok
14:57:36.0450 5428 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
14:57:36.0456 5428 IKEEXT - ok
14:57:36.0619 5428 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys
14:57:36.0633 5428 IntcAzAudAddService - ok
14:57:36.0763 5428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:57:36.0764 5428 intelide - ok
14:57:36.0812 5428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:57:36.0813 5428 intelppm - ok
14:57:36.0855 5428 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:57:36.0857 5428 IPBusEnum - ok
14:57:36.0897 5428 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:36.0898 5428 IpFilterDriver - ok
14:57:36.0956 5428 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
14:57:36.0960 5428 iphlpsvc - ok
14:57:37.0003 5428 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:57:37.0004 5428 IPMIDRV - ok
14:57:37.0023 5428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:57:37.0025 5428 IPNAT - ok
14:57:37.0137 5428 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
14:57:37.0143 5428 iPod Service - ok
14:57:37.0184 5428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:57:37.0185 5428 IRENUM - ok
14:57:37.0214 5428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:57:37.0215 5428 isapnp - ok
14:57:37.0259 5428 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:57:37.0263 5428 iScsiPrt - ok
14:57:37.0298 5428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:37.0299 5428 kbdclass - ok
14:57:37.0340 5428 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:57:37.0340 5428 kbdhid - ok
14:57:37.0402 5428 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:57:37.0403 5428 KeyIso - ok
14:57:37.0432 5428 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:57:37.0433 5428 KSecDD - ok
14:57:37.0499 5428 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:57:37.0501 5428 KSecPkg - ok
14:57:37.0535 5428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:57:37.0538 5428 ksthunk - ok
14:57:37.0610 5428 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:57:37.0613 5428 KtmRm - ok
14:57:37.0715 5428 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
14:57:37.0718 5428 LanmanServer - ok
14:57:37.0799 5428 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
14:57:37.0802 5428 LanmanWorkstation - ok
14:57:37.0900 5428 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:57:37.0901 5428 LightScribeService - ok
14:57:37.0947 5428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:57:37.0948 5428 lltdio - ok
14:57:38.0003 5428 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:57:38.0006 5428 lltdsvc - ok
14:57:38.0035 5428 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:57:38.0037 5428 lmhosts - ok
14:57:38.0083 5428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:57:38.0084 5428 LSI_FC - ok
14:57:38.0118 5428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:57:38.0122 5428 LSI_SAS - ok
14:57:38.0150 5428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:57:38.0151 5428 LSI_SAS2 - ok
14:57:38.0178 5428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:57:38.0180 5428 LSI_SCSI - ok
14:57:38.0220 5428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:57:38.0221 5428 luafv - ok
14:57:38.0268 5428 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
14:57:38.0269 5428 Mcx2Svc - ok
14:57:38.0317 5428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:57:38.0317 5428 megasas - ok
14:57:38.0381 5428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:57:38.0383 5428 MegaSR - ok
14:57:38.0501 5428 Microsoft SharePoint Workspace Audit Service - ok
14:57:38.0540 5428 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:57:38.0544 5428 MMCSS - ok
14:57:38.0584 5428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:57:38.0585 5428 Modem - ok
14:57:38.0613 5428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:57:38.0614 5428 monitor - ok
14:57:38.0643 5428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:57:38.0644 5428 mouclass - ok
14:57:38.0673 5428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:57:38.0674 5428 mouhid - ok
14:57:38.0697 5428 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:57:38.0698 5428 mountmgr - ok
14:57:38.0765 5428 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:57:38.0766 5428 MozillaMaintenance - ok
14:57:38.0812 5428 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:57:38.0814 5428 mpio - ok
14:57:38.0848 5428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:57:38.0852 5428 mpsdrv - ok
14:57:38.0940 5428 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
14:57:38.0946 5428 MpsSvc - ok
14:57:38.0978 5428 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:57:38.0982 5428 MRxDAV - ok
14:57:39.0031 5428 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:39.0033 5428 mrxsmb - ok
14:57:39.0080 5428 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:39.0082 5428 mrxsmb10 - ok
14:57:39.0123 5428 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:39.0127 5428 mrxsmb20 - ok
14:57:39.0168 5428 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys
14:57:39.0169 5428 msahci - ok
14:57:39.0215 5428 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:57:39.0216 5428 msdsm - ok
14:57:39.0265 5428 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:57:39.0267 5428 MSDTC - ok
14:57:39.0323 5428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:57:39.0324 5428 Msfs - ok
14:57:39.0339 5428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:57:39.0340 5428 mshidkmdf - ok
14:57:39.0394 5428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:57:39.0395 5428 msisadrv - ok
14:57:39.0446 5428 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:57:39.0448 5428 MSiSCSI - ok
14:57:39.0461 5428 msiserver - ok
14:57:39.0501 5428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:57:39.0502 5428 MSKSSRV - ok
14:57:39.0512 5428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:39.0513 5428 MSPCLOCK - ok
14:57:39.0527 5428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:57:39.0527 5428 MSPQM - ok
14:57:39.0582 5428 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:57:39.0585 5428 MsRPC - ok
14:57:39.0616 5428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:57:39.0617 5428 mssmbios - ok
14:57:39.0631 5428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:57:39.0631 5428 MSTEE - ok
14:57:39.0673 5428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:57:39.0674 5428 MTConfig - ok
14:57:39.0702 5428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:57:39.0703 5428 Mup - ok
14:57:39.0775 5428 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
14:57:39.0779 5428 napagent - ok
14:57:39.0827 5428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:57:39.0830 5428 NativeWifiP - ok
14:57:39.0917 5428 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:57:39.0923 5428 NDIS - ok
14:57:39.0948 5428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:39.0949 5428 NdisCap - ok
14:57:39.0973 5428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:39.0974 5428 NdisTapi - ok
14:57:40.0004 5428 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:40.0005 5428 Ndisuio - ok
14:57:40.0035 5428 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:40.0037 5428 NdisWan - ok
14:57:40.0055 5428 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:57:40.0056 5428 NDProxy - ok
14:57:40.0087 5428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:57:40.0088 5428 NetBIOS - ok
14:57:40.0127 5428 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:57:40.0129 5428 NetBT - ok
14:57:40.0190 5428 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:57:40.0192 5428 Netlogon - ok
14:57:40.0253 5428 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:57:40.0256 5428 Netman - ok
14:57:40.0296 5428 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:57:40.0300 5428 netprofm - ok
14:57:40.0385 5428 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:57:40.0386 5428 NetTcpPortSharing - ok
14:57:40.0652 5428 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:57:40.0685 5428 netw5v64 - ok
14:57:40.0823 5428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:57:40.0823 5428 nfrd960 - ok
14:57:40.0885 5428 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
14:57:40.0888 5428 NlaSvc - ok
14:57:41.0098 5428 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:57:41.0115 5428 NOBU - ok
14:57:41.0238 5428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:57:41.0239 5428 Npfs - ok
14:57:41.0278 5428 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:57:41.0280 5428 nsi - ok
14:57:41.0306 5428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:57:41.0307 5428 nsiproxy - ok
14:57:41.0440 5428 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:57:41.0450 5428 Ntfs - ok
14:57:41.0580 5428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:57:41.0581 5428 Null - ok
14:57:41.0627 5428 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
14:57:41.0629 5428 nvraid - ok
14:57:41.0667 5428 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
14:57:41.0668 5428 nvstor - ok
14:57:41.0707 5428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:57:41.0709 5428 nv_agp - ok
14:57:41.0756 5428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:57:41.0757 5428 ohci1394 - ok
14:57:41.0860 5428 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:41.0861 5428 ose - ok
14:57:42.0155 5428 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:57:42.0184 5428 osppsvc - ok
14:57:42.0330 5428 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:57:42.0333 5428 p2pimsvc - ok
14:57:42.0380 5428 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:57:42.0384 5428 p2psvc - ok
14:57:42.0438 5428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:57:42.0439 5428 Parport - ok
14:57:42.0491 5428 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
14:57:42.0492 5428 partmgr - ok
14:57:42.0554 5428 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:57:42.0556 5428 PcaSvc - ok
14:57:42.0590 5428 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:57:42.0592 5428 pci - ok
14:57:42.0622 5428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:57:42.0622 5428 pciide - ok
14:57:42.0683 5428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:42.0685 5428 pcmcia - ok
14:57:42.0717 5428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:57:42.0718 5428 pcw - ok
14:57:42.0779 5428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:57:42.0783 5428 PEAUTH - ok
14:57:42.0879 5428 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:57:42.0880 5428 PerfHost - ok
14:57:43.0023 5428 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
14:57:43.0033 5428 pla - ok
14:57:43.0094 5428 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
14:57:43.0099 5428 PlugPlay - ok
14:57:43.0122 5428 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:57:43.0123 5428 PNRPAutoReg - ok
14:57:43.0432 5428 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:57:43.0435 5428 PNRPsvc - ok
14:57:43.0533 5428 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
14:57:43.0537 5428 PolicyAgent - ok
14:57:43.0590 5428 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:57:43.0593 5428 Power - ok
14:57:43.0685 5428 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:57:43.0686 5428 PptpMiniport - ok
14:57:43.0721 5428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:57:43.0722 5428 Processor - ok
14:57:43.0772 5428 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
14:57:43.0775 5428 ProfSvc - ok
14:57:43.0824 5428 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:57:43.0825 5428 ProtectedStorage - ok
14:57:43.0870 5428 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:57:43.0871 5428 Psched - ok
14:57:44.0013 5428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:57:44.0022 5428 ql2300 - ok
14:57:44.0154 5428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:44.0156 5428 ql40xx - ok
14:57:44.0212 5428 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:57:44.0215 5428 QWAVE - ok
14:57:44.0251 5428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:57:44.0252 5428 QWAVEdrv - ok
14:57:44.0278 5428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:57:44.0279 5428 RasAcd - ok
14:57:44.0311 5428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:44.0312 5428 RasAgileVpn - ok
14:57:44.0359 5428 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:57:44.0364 5428 RasAuto - ok
14:57:44.0413 5428 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:44.0414 5428 Rasl2tp - ok
14:57:44.0462 5428 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
14:57:44.0465 5428 RasMan - ok
14:57:44.0494 5428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:44.0495 5428 RasPppoe - ok
14:57:44.0521 5428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:57:44.0522 5428 RasSstp - ok
14:57:44.0563 5428 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:57:44.0565 5428 rdbss - ok
14:57:44.0608 5428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:44.0609 5428 rdpbus - ok
14:57:44.0633 5428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:44.0634 5428 RDPCDD - ok
14:57:44.0658 5428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:57:44.0659 5428 RDPENCDD - ok
14:57:44.0690 5428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:57:44.0690 5428 RDPREFMP - ok
14:57:44.0749 5428 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
14:57:44.0751 5428 RDPWD - ok
14:57:44.0795 5428 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:57:44.0797 5428 rdyboost - ok
14:57:44.0840 5428 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:57:44.0841 5428 RemoteAccess - ok
14:57:44.0890 5428 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:57:44.0892 5428 RemoteRegistry - ok
14:57:44.0920 5428 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:57:44.0922 5428 RpcEptMapper - ok
14:57:44.0965 5428 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:57:44.0967 5428 RpcLocator - ok
14:57:45.0062 5428 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:57:45.0067 5428 RpcSs - ok
14:57:45.0114 5428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:57:45.0115 5428 rspndr - ok
14:57:45.0170 5428 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
14:57:45.0173 5428 RSUSBSTOR - ok
14:57:45.0233 5428 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:57:45.0235 5428 RTL8167 - ok
14:57:45.0335 5428 rtl8192se (cd8f32bb993b98e6705f11504a7f7250) C:\Windows\system32\DRIVERS\rtl8192se.sys
14:57:45.0342 5428 rtl8192se - ok
14:57:45.0491 5428 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
14:57:45.0493 5428 RtVOsdService - ok
14:57:45.0612 5428 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:57:45.0614 5428 SamSs - ok
14:57:45.0668 5428 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:57:45.0669 5428 sbp2port - ok
14:57:45.0718 5428 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:57:45.0720 5428 SCardSvr - ok
14:57:45.0751 5428 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:57:45.0752 5428 scfilter - ok
14:57:45.0856 5428 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
14:57:45.0864 5428 Schedule - ok
14:57:45.0896 5428 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:57:45.0897 5428 SCPolicySvc - ok
14:57:45.0943 5428 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
14:57:45.0944 5428 sdbus - ok
14:57:46.0003 5428 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
14:57:46.0006 5428 SDRSVC - ok
14:57:46.0024 5428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:57:46.0025 5428 secdrv - ok
14:57:46.0051 5428 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
14:57:46.0053 5428 seclogon - ok
14:57:46.0075 5428 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:57:46.0077 5428 SENS - ok
14:57:46.0123 5428 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:57:46.0125 5428 SensrSvc - ok
14:57:46.0158 5428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:57:46.0158 5428 Serenum - ok
14:57:46.0205 5428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:57:46.0207 5428 Serial - ok
14:57:46.0240 5428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:57:46.0241 5428 sermouse - ok
14:57:46.0303 5428 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
14:57:46.0305 5428 SessionEnv - ok
14:57:46.0342 5428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:57:46.0343 5428 sffdisk - ok
14:57:46.0382 5428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:57:46.0382 5428 sffp_mmc - ok
14:57:46.0425 5428 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:57:46.0425 5428 sffp_sd - ok
14:57:46.0475 5428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:46.0475 5428 sfloppy - ok
14:57:46.0528 5428 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:57:46.0531 5428 SharedAccess - ok
14:57:46.0592 5428 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
14:57:46.0596 5428 ShellHWDetection - ok
14:57:46.0640 5428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:46.0641 5428 SiSRaid2 - ok
14:57:46.0686 5428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:46.0687 5428 SiSRaid4 - ok
14:57:46.0721 5428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:57:46.0722 5428 Smb - ok
14:57:46.0777 5428 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:57:46.0781 5428 SNMPTRAP - ok
14:57:46.0807 5428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:57:46.0808 5428 spldr - ok
14:57:46.0879 5428 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
14:57:46.0885 5428 Spooler - ok
14:57:47.0081 5428 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
14:57:47.0103 5428 sppsvc - ok
14:57:47.0238 5428 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:57:47.0240 5428 sppuinotify - ok
14:57:47.0312 5428 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:57:47.0315 5428 srv - ok
14:57:47.0379 5428 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:57:47.0382 5428 srv2 - ok
14:57:47.0452 5428 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:57:47.0454 5428 SrvHsfHDA - ok
14:57:47.0558 5428 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:57:47.0567 5428 SrvHsfV92 - ok
14:57:47.0741 5428 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:57:47.0746 5428 SrvHsfWinac - ok
14:57:47.0793 5428 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:57:47.0794 5428 srvnet - ok
14:57:47.0846 5428 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:57:47.0852 5428 SSDPSRV - ok
14:57:47.0886 5428 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:57:47.0888 5428 SstpSvc - ok
14:57:47.0928 5428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:57:47.0928 5428 stexstor - ok
14:57:47.0994 5428 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
14:57:47.0999 5428 stisvc - ok
14:57:48.0020 5428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:57:48.0021 5428 swenum - ok
14:57:48.0078 5428 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:57:48.0083 5428 swprv - ok
14:57:48.0204 5428 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
14:57:48.0213 5428 SynTP - ok
14:57:48.0437 5428 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
14:57:48.0451 5428 SysMain - ok
14:57:48.0531 5428 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
14:57:48.0533 5428 TabletInputService - ok
14:57:48.0576 5428 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
14:57:48.0580 5428 TapiSrv - ok
14:57:48.0609 5428 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:57:48.0614 5428 TBS - ok
14:57:48.0790 5428 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
14:57:48.0802 5428 Tcpip - ok
14:57:49.0037 5428 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
14:57:49.0051 5428 TCPIP6 - ok
14:57:49.0143 5428 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:57:49.0144 5428 tcpipreg - ok
14:57:49.0181 5428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:57:49.0182 5428 TDPIPE - ok
14:57:49.0214 5428 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
14:57:49.0215 5428 TDTCP - ok
14:57:49.0246 5428 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:57:49.0247 5428 tdx - ok
14:57:49.0289 5428 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
14:57:49.0290 5428 TermDD - ok
14:57:49.0367 5428 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
14:57:49.0373 5428 TermService - ok
14:57:49.0415 5428 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:57:49.0417 5428 Themes - ok
14:57:49.0463 5428 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:57:49.0464 5428 THREADORDER - ok
14:57:49.0496 5428 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:57:49.0498 5428 TrkWks - ok
14:57:49.0570 5428 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
14:57:49.0572 5428 TrustedInstaller - ok
14:57:49.0616 5428 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:49.0617 5428 tssecsrv - ok
14:57:49.0647 5428 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:57:49.0651 5428 tunnel - ok
14:57:49.0686 5428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:57:49.0687 5428 uagp35 - ok
14:57:49.0747 5428 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
14:57:49.0750 5428 udfs - ok
14:57:49.0792 5428 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:57:49.0797 5428 UI0Detect - ok
14:57:49.0847 5428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:57:49.0848 5428 uliagpkx - ok
14:57:49.0893 5428 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:57:49.0894 5428 umbus - ok
14:57:49.0926 5428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:57:49.0926 5428 UmPass - ok
14:57:49.0995 5428 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:57:49.0998 5428 upnphost - ok
14:57:50.0052 5428 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:57:50.0055 5428 USBAAPL64 - ok
14:57:50.0100 5428 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
14:57:50.0104 5428 usbaudio - ok
14:57:50.0154 5428 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:50.0156 5428 usbccgp - ok
14:57:50.0203 5428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:57:50.0204 5428 usbcir - ok
14:57:50.0247 5428 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys
14:57:50.0250 5428 usbehci - ok
14:57:50.0289 5428 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
14:57:50.0291 5428 usbhub - ok
14:57:50.0319 5428 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
14:57:50.0320 5428 usbohci - ok
14:57:50.0383 5428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:57:50.0384 5428 usbprint - ok
14:57:50.0420 5428 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:50.0421 5428 USBSTOR - ok
14:57:50.0439 5428 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys
14:57:50.0439 5428 usbuhci - ok
14:57:50.0480 5428 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:57:50.0482 5428 UxSms - ok
14:57:50.0535 5428 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:57:50.0537 5428 VaultSvc - ok
14:57:50.0576 5428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:57:50.0577 5428 vdrvroot - ok
14:57:50.0635 5428 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
14:57:50.0640 5428 vds - ok
14:57:50.0665 5428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:50.0666 5428 vga - ok
14:57:50.0690 5428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:57:50.0691 5428 VgaSave - ok
14:57:50.0743 5428 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:57:50.0745 5428 vhdmp - ok
14:57:50.0772 5428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:57:50.0773 5428 viaide - ok
14:57:50.0812 5428 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:57:50.0813 5428 volmgr - ok
14:57:50.0860 5428 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:57:50.0863 5428 volmgrx - ok
14:57:50.0906 5428 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:57:50.0908 5428 volsnap - ok
14:57:50.0949 5428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:50.0951 5428 vsmraid - ok
14:57:51.0078 5428 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
14:57:51.0089 5428 VSS - ok
14:57:51.0218 5428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:57:51.0218 5428 vwifibus - ok
14:57:51.0248 5428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:57:51.0249 5428 vwififlt - ok
14:57:51.0272 5428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:57:51.0273 5428 vwifimp - ok
14:57:51.0337 5428 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:57:51.0341 5428 W32Time - ok
14:57:51.0397 5428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:57:51.0397 5428 WacomPen - ok
14:57:51.0460 5428 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:57:51.0461 5428 WANARP - ok
14:57:51.0474 5428 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:57:51.0475 5428 Wanarpv6 - ok
14:57:51.0626 5428 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:51.0634 5428 WatAdminSvc - ok
14:57:51.0759 5428 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
14:57:51.0769 5428 wbengine - ok
14:57:51.0897 5428 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:57:51.0899 5428 WbioSrvc - ok
14:57:52.0010 5428 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
14:57:52.0013 5428 wcncsvc - ok
14:57:52.0076 5428 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:57:52.0078 5428 WcsPlugInService - ok
14:57:52.0143 5428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:57:52.0144 5428 Wd - ok
14:57:52.0209 5428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:57:52.0214 5428 Wdf01000 - ok
14:57:52.0255 5428 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:57:52.0257 5428 WdiServiceHost - ok
14:57:52.0269 5428 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:57:52.0272 5428 WdiSystemHost - ok
14:57:52.0335 5428 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
14:57:52.0339 5428 WebClient - ok
14:57:52.0370 5428 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:57:52.0376 5428 Wecsvc - ok
14:57:52.0411 5428 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:57:52.0413 5428 wercplsupport - ok
14:57:52.0444 5428 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:57:52.0447 5428 WerSvc - ok
14:57:52.0521 5428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:52.0522 5428 WfpLwf - ok
14:57:52.0553 5428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:57:52.0554 5428 WIMMount - ok
14:57:52.0604 5428 WinDefend - ok
14:57:52.0621 5428 WinHttpAutoProxySvc - ok
14:57:52.0703 5428 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:57:52.0705 5428 Winmgmt - ok
14:57:52.0834 5428 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
14:57:52.0848 5428 WinRM - ok
14:57:53.0029 5428 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:57:53.0036 5428 Wlansvc - ok
14:57:53.0247 5428 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:53.0261 5428 wlidsvc - ok
14:57:53.0399 5428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:57:53.0400 5428 WmiAcpi - ok
14:57:53.0489 5428 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:57:53.0493 5428 wmiApSrv - ok
14:57:53.0562 5428 WMPNetworkSvc - ok
14:57:53.0591 5428 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:57:53.0593 5428 WPCSvc - ok
14:57:53.0625 5428 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
14:57:53.0627 5428 WPDBusEnum - ok
14:57:53.0662 5428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:57:53.0663 5428 ws2ifsl - ok
14:57:53.0716 5428 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
14:57:53.0718 5428 wscsvc - ok
14:57:53.0729 5428 WSearch - ok
14:57:53.0880 5428 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
14:57:53.0896 5428 wuauserv - ok
14:57:54.0042 5428 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:57:54.0043 5428 WudfPf - ok
14:57:54.0072 5428 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:54.0077 5428 WUDFRd - ok
14:57:54.0116 5428 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
14:57:54.0119 5428 wudfsvc - ok
14:57:54.0167 5428 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:57:54.0170 5428 WwanSvc - ok
14:57:54.0226 5428 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
14:57:54.0229 5428 yukonw7 - ok
14:57:54.0275 5428 MBR (0x1B8) (8ffbb27037b29e6fbfc4eb4fbd8c137e) \Device\Harddisk0\DR0
14:57:54.0312 5428 \Device\Harddisk0\DR0 - ok
14:57:54.0352 5428 Boot (0x1200) (c496ac5169381a53411fbd2bfbbf90fd) \Device\Harddisk0\DR0\Partition0
14:57:54.0354 5428 \Device\Harddisk0\DR0\Partition0 - ok
14:57:54.0376 5428 Boot (0x1200) (2a3c115f434efa736afb940118af559b) \Device\Harddisk0\DR0\Partition1
14:57:54.0377 5428 \Device\Harddisk0\DR0\Partition1 - ok
14:57:54.0419 5428 Boot (0x1200) (fd7cb2589a26cf2b7e5ead4264b06109) \Device\Harddisk0\DR0\Partition2
14:57:54.0421 5428 \Device\Harddisk0\DR0\Partition2 - ok
14:57:54.0449 5428 Boot (0x1200) (e2e9bf26d0f3321161d32c27fb773c68) \Device\Harddisk0\DR0\Partition3
14:57:54.0449 5428 \Device\Harddisk0\DR0\Partition3 - ok
14:57:54.0453 5428 ============================================================
14:57:54.0454 5428 Scan finished
14:57:54.0454 5428 ============================================================
14:57:54.0474 4548 Detected object count: 0
14:57:54.0474 4548 Actual detected object count: 0
Nothing was found, am I safe?
-
14:55:34.0455 6116 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
14:55:35.0398 6116 ============================================================
14:55:35.0398 6116 Current date / time: 2012/05/15 14:55:35.0398
14:55:35.0399 6116 SystemInfo:
14:55:35.0399 6116
14:55:35.0399 6116 OS Version: 6.1.7600 ServicePack: 0.0
14:55:35.0399 6116 Product type: Workstation
14:55:35.0399 6116 ComputerName: COMPAQ
14:55:35.0399 6116 UserName: Brian
14:55:35.0399 6116 Windows directory: C:\Windows
14:55:35.0399 6116 System windows directory: C:\Windows
14:55:35.0399 6116 Running under WOW64
14:55:35.0399 6116 Processor architecture: Intel x64
14:55:35.0399 6116 Number of processors: 1
14:55:35.0399 6116 Page size: 0x1000
14:55:35.0399 6116 Boot type: Normal boot
14:55:35.0399 6116 ============================================================
14:55:36.0830 6116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:55:36.0835 6116 ============================================================
14:55:36.0835 6116 \Device\Harddisk0\DR0:
14:55:36.0835 6116 MBR partitions:
14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23114800
14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23178800, BlocksNum 0x2282000
14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
14:55:36.0835 6116 ============================================================
14:55:36.0866 6116 C: <-> \Device\Harddisk0\DR0\Partition1
14:55:36.0923 6116 D: <-> \Device\Harddisk0\DR0\Partition2
14:55:36.0972 6116 ============================================================
14:55:36.0972 6116 Initialize success
14:55:36.0972 6116 ============================================================
14:56:12.0214 5996 ============================================================
14:56:12.0214 5996 Scan started
14:56:12.0214 5996 Mode: Manual;
14:56:12.0214 5996 ============================================================
14:56:12.0587 5996 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:56:12.0598 5996 1394ohci - ok
14:56:12.0694 5996 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:56:12.0730 5996 ACPI - ok
14:56:12.0779 5996 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:56:12.0781 5996 AcpiPmi - ok
14:56:12.0862 5996 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:56:12.0923 5996 adp94xx - ok
14:56:12.0984 5996 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:56:12.0996 5996 adpahci - ok
14:56:13.0056 5996 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:56:13.0066 5996 adpu320 - ok
14:56:13.0111 5996 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:56:13.0115 5996 AeLookupSvc - ok
14:56:13.0219 5996 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:56:13.0222 5996 AERTFilters - ok
14:56:13.0297 5996 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
14:56:13.0303 5996 AFD - ok
14:56:13.0344 5996 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:56:13.0347 5996 agp440 - ok
14:56:13.0406 5996 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:56:13.0408 5996 ALG - ok
14:56:13.0451 5996 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:56:13.0453 5996 aliide - ok
14:56:13.0504 5996 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:56:13.0505 5996 amdide - ok
14:56:13.0542 5996 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:56:13.0544 5996 AmdK8 - ok
14:56:13.0571 5996 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:56:13.0573 5996 AmdPPM - ok
14:56:13.0629 5996 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
14:56:13.0650 5996 amdsata - ok
14:56:13.0710 5996 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:56:13.0727 5996 amdsbs - ok
14:56:13.0748 5996 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
14:56:13.0749 5996 amdxata - ok
14:56:13.0801 5996 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:56:13.0803 5996 AppID - ok
14:56:13.0844 5996 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:56:13.0846 5996 AppIDSvc - ok
14:56:13.0900 5996 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
14:56:13.0902 5996 Appinfo - ok
14:56:14.0008 5996 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:14.0024 5996 Apple Mobile Device - ok
14:56:14.0088 5996 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:56:14.0090 5996 arc - ok
14:56:14.0137 5996 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:56:14.0139 5996 arcsas - ok
14:56:14.0184 5996 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:56:14.0186 5996 AsyncMac - ok
14:56:14.0211 5996 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:56:14.0212 5996 atapi - ok
14:56:14.0303 5996 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:56:14.0311 5996 AudioEndpointBuilder - ok
14:56:14.0324 5996 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:56:14.0331 5996 AudioSrv - ok
14:56:14.0618 5996 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
14:56:14.0705 5996 AVGIDSAgent - ok
14:56:14.0858 5996 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
14:56:14.0890 5996 AVGIDSDriver - ok
14:56:14.0905 5996 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
14:56:14.0907 5996 AVGIDSEH - ok
14:56:14.0922 5996 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
14:56:14.0923 5996 AVGIDSFilter - ok
14:56:14.0988 5996 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
14:56:14.0996 5996 Avgldx64 - ok
14:56:15.0064 5996 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
14:56:15.0066 5996 Avgmfx64 - ok
14:56:15.0115 5996 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
14:56:15.0116 5996 Avgrkx64 - ok
14:56:15.0180 5996 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
14:56:15.0192 5996 Avgtdia - ok
14:56:15.0326 5996 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
14:56:15.0334 5996 avgwd - ok
14:56:15.0405 5996 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
14:56:15.0407 5996 AxInstSV - ok
14:56:15.0485 5996 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:56:15.0516 5996 b06bdrv - ok
14:56:15.0607 5996 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:56:15.0636 5996 b57nd60a - ok
14:56:15.0831 5996 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
14:56:15.0834 5996 BBSvc - ok
14:56:15.0949 5996 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
14:56:15.0953 5996 BBUpdate - ok
14:56:15.0988 5996 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:56:15.0990 5996 BDESVC - ok
14:56:16.0035 5996 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:56:16.0037 5996 Beep - ok
14:56:16.0137 5996 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
14:56:16.0168 5996 BFE - ok
14:56:16.0285 5996 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
14:56:16.0320 5996 BITS - ok
14:56:16.0417 5996 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:56:16.0418 5996 blbdrive - ok
14:56:16.0553 5996 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:56:16.0573 5996 Bonjour Service - ok
14:56:16.0608 5996 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:56:16.0610 5996 bowser - ok
14:56:16.0653 5996 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:56:16.0655 5996 BrFiltLo - ok
14:56:16.0686 5996 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:56:16.0687 5996 BrFiltUp - ok
14:56:16.0730 5996 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
14:56:16.0733 5996 Browser - ok
14:56:16.0778 5996 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:56:16.0783 5996 Brserid - ok
14:56:16.0813 5996 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:56:16.0814 5996 BrSerWdm - ok
14:56:16.0877 5996 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:56:16.0878 5996 BrUsbMdm - ok
14:56:16.0929 5996 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:56:16.0931 5996 BrUsbSer - ok
14:56:17.0285 5996 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:56:17.0319 5996 BTHMODEM - ok
14:56:17.0390 5996 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:56:17.0395 5996 bthserv - ok
14:56:17.0436 5996 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:56:17.0438 5996 cdfs - ok
14:56:17.0486 5996 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:56:17.0492 5996 cdrom - ok
14:56:17.0541 5996 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:56:17.0542 5996 CertPropSvc - ok
14:56:17.0641 5996 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:56:17.0651 5996 CinemaNow Service - ok
14:56:17.0706 5996 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:56:17.0707 5996 circlass - ok
14:56:17.0761 5996 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:56:17.0766 5996 CLFS - ok
14:56:17.0852 5996 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:17.0854 5996 clr_optimization_v2.0.50727_32 - ok
14:56:17.0897 5996 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:17.0899 5996 clr_optimization_v2.0.50727_64 - ok
14:56:18.0017 5996 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:18.0020 5996 clr_optimization_v4.0.30319_32 - ok
14:56:18.0068 5996 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:18.0070 5996 clr_optimization_v4.0.30319_64 - ok
14:56:18.0118 5996 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:56:18.0119 5996 CmBatt - ok
14:56:18.0150 5996 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:56:18.0151 5996 cmdide - ok
14:56:18.0227 5996 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
14:56:18.0236 5996 CNG - ok
14:56:18.0280 5996 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:56:18.0281 5996 Compbatt - ok
14:56:18.0338 5996 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:56:18.0340 5996 CompositeBus - ok
14:56:18.0361 5996 COMSysApp - ok
14:56:18.0406 5996 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:56:18.0407 5996 crcdisk - ok
14:56:18.0475 5996 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
14:56:18.0480 5996 CryptSvc - ok
14:56:18.0552 5996 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:56:18.0558 5996 DcomLaunch - ok
14:56:18.0600 5996 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:56:18.0604 5996 defragsvc - ok
14:56:18.0646 5996 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:56:18.0648 5996 DfsC - ok
14:56:18.0715 5996 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
14:56:18.0731 5996 Dhcp - ok
14:56:18.0771 5996 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:56:18.0772 5996 discache - ok
14:56:18.0814 5996 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:56:18.0816 5996 Disk - ok
14:56:18.0866 5996 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
14:56:18.0871 5996 Dnscache - ok
14:56:18.0923 5996 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
14:56:18.0929 5996 dot3svc - ok
14:56:18.0962 5996 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
14:56:18.0967 5996 DPS - ok
14:56:18.0999 5996 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:56:19.0000 5996 drmkaud - ok
14:56:19.0088 5996 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:56:19.0107 5996 DXGKrnl - ok
14:56:19.0156 5996 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:56:19.0158 5996 EapHost - ok
14:56:19.0364 5996 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:56:19.0440 5996 ebdrv - ok
14:56:19.0569 5996 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
14:56:19.0571 5996 EFS - ok
14:56:19.0688 5996 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
14:56:19.0697 5996 ehRecvr - ok
14:56:19.0738 5996 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:56:19.0752 5996 ehSched - ok
14:56:19.0849 5996 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:56:19.0866 5996 elxstor - ok
14:56:19.0889 5996 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:56:19.0893 5996 ErrDev - ok
14:56:19.0984 5996 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:56:19.0996 5996 EventSystem - ok
14:56:20.0034 5996 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:56:20.0039 5996 exfat - ok
14:56:20.0077 5996 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:56:20.0086 5996 fastfat - ok
14:56:20.0170 5996 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
14:56:20.0179 5996 Fax - ok
14:56:20.0210 5996 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:56:20.0211 5996 fdc - ok
14:56:20.0254 5996 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:56:20.0256 5996 fdPHost - ok
14:56:20.0282 5996 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:56:20.0284 5996 FDResPub - ok
14:56:20.0306 5996 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:56:20.0308 5996 FileInfo - ok
14:56:20.0349 5996 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:56:20.0351 5996 Filetrace - ok
14:56:20.0380 5996 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:56:20.0382 5996 flpydisk - ok
14:56:20.0440 5996 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:56:20.0479 5996 FltMgr - ok
14:56:20.0600 5996 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
14:56:20.0612 5996 FontCache - ok
14:56:20.0687 5996 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:56:20.0689 5996 FontCache3.0.0.0 - ok
14:56:20.0751 5996 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:56:20.0753 5996 FsDepends - ok
14:56:20.0812 5996 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
14:56:20.0813 5996 Fs_Rec - ok
14:56:20.0890 5996 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:56:20.0893 5996 fvevol - ok
14:56:20.0934 5996 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:56:20.0936 5996 gagp30kx - ok
14:56:21.0060 5996 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:56:21.0069 5996 GameConsoleService - ok
14:56:21.0133 5996 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:56:21.0135 5996 GEARAspiWDM - ok
14:56:21.0220 5996 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
14:56:21.0229 5996 gpsvc - ok
14:56:21.0262 5996 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:56:21.0264 5996 hcw85cir - ok
14:56:21.0331 5996 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:56:21.0336 5996 HdAudAddService - ok
14:56:21.0390 5996 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:56:21.0392 5996 HDAudBus - ok
14:56:21.0446 5996 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:56:21.0447 5996 HidBatt - ok
14:56:21.0470 5996 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:56:21.0472 5996 HidBth - ok
14:56:21.0539 5996 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:56:21.0540 5996 HidIr - ok
14:56:21.0581 5996 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:56:21.0583 5996 hidserv - ok
14:56:21.0634 5996 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:56:21.0636 5996 HidUsb - ok
14:56:21.0664 5996 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
14:56:21.0666 5996 hkmsvc - ok
14:56:21.0701 5996 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
14:56:21.0709 5996 HomeGroupListener - ok
14:56:21.0741 5996 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
14:56:21.0751 5996 HomeGroupProvider - ok
14:56:21.0898 5996 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:56:21.0903 5996 HP Support Assistant Service - ok
14:56:22.0011 5996 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:56:22.0021 5996 HP Wireless Assistant Service - ok
14:56:22.0083 5996 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:56:22.0085 5996 HPDrvMntSvc.exe - ok
14:56:22.0180 5996 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:56:22.0190 5996 hpqwmiex - ok
14:56:22.0260 5996 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:56:22.0262 5996 HpSAMD - ok
14:56:22.0350 5996 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:56:22.0351 5996 HPWMISVC - ok
14:56:22.0439 5996 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:56:22.0447 5996 HTTP - ok
14:56:22.0464 5996 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:56:22.0465 5996 hwpolicy - ok
14:56:22.0518 5996 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:56:22.0521 5996 i8042prt - ok
14:56:22.0601 5996 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
14:56:22.0605 5996 iaStor - ok
14:56:22.0668 5996 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:56:22.0676 5996 iaStorV - ok
14:56:22.0820 5996 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:56:22.0832 5996 idsvc - ok
14:56:23.0268 5996 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:56:23.0464 5996 igfx - ok
14:56:23.0603 5996 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:56:23.0605 5996 iirsp - ok
14:56:23.0693 5996 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
14:56:23.0707 5996 IKEEXT - ok
14:56:23.0863 5996 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys
14:56:23.0913 5996 IntcAzAudAddService - ok
14:56:24.0041 5996 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:56:24.0043 5996 intelide - ok
14:56:24.0099 5996 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:56:24.0101 5996 intelppm - ok
14:56:24.0145 5996 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:56:24.0148 5996 IPBusEnum - ok
14:56:24.0188 5996 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:56:24.0192 5996 IpFilterDriver - ok
14:56:24.0255 5996 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
14:56:24.0270 5996 iphlpsvc - ok
14:56:24.0312 5996 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:56:24.0314 5996 IPMIDRV - ok
14:56:24.0335 5996 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:56:24.0337 5996 IPNAT - ok
14:56:24.0483 5996 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
14:56:24.0524 5996 iPod Service - ok
14:56:24.0573 5996 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:56:24.0577 5996 IRENUM - ok
14:56:24.0600 5996 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:56:24.0602 5996 isapnp - ok
14:56:24.0647 5996 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:56:24.0656 5996 iScsiPrt - ok
14:56:24.0709 5996 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:56:24.0711 5996 kbdclass - ok
14:56:24.0751 5996 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:56:24.0752 5996 kbdhid - ok
14:56:24.0813 5996 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:56:24.0814 5996 KeyIso - ok
14:56:24.0843 5996 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:56:24.0846 5996 KSecDD - ok
14:56:24.0879 5996 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:56:24.0882 5996 KSecPkg - ok
14:56:24.0924 5996 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:56:24.0925 5996 ksthunk - ok
14:56:24.0982 5996 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:56:24.0992 5996 KtmRm - ok
14:56:25.0050 5996 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
14:56:25.0057 5996 LanmanServer - ok
14:56:25.0108 5996 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
14:56:25.0115 5996 LanmanWorkstation - ok
14:56:25.0233 5996 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:56:25.0235 5996 LightScribeService - ok
14:56:25.0279 5996 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:56:25.0280 5996 lltdio - ok
14:56:25.0336 5996 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:56:25.0363 5996 lltdsvc - ok
14:56:25.0391 5996 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:56:25.0393 5996 lmhosts - ok
14:56:25.0438 5996 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:56:25.0440 5996 LSI_FC - ok
14:56:25.0476 5996 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:56:25.0482 5996 LSI_SAS - ok
14:56:25.0505 5996 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:56:25.0508 5996 LSI_SAS2 - ok
14:56:25.0544 5996 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:56:25.0547 5996 LSI_SCSI - ok
14:56:25.0575 5996 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:56:25.0577 5996 luafv - ok
14:56:25.0621 5996 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
14:56:25.0623 5996 Mcx2Svc - ok
14:56:25.0670 5996 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:56:25.0671 5996 megasas - ok
14:56:25.0725 5996 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:56:25.0731 5996 MegaSR - ok
14:56:25.0857 5996 Microsoft SharePoint Workspace Audit Service - ok
14:56:25.0909 5996 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:56:25.0912 5996 MMCSS - ok
14:56:25.0949 5996 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:56:25.0950 5996 Modem - ok
14:56:26.0005 5996 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:56:26.0005 5996 monitor - ok
14:56:26.0040 5996 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:56:26.0042 5996 mouclass - ok
14:56:26.0071 5996 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:56:26.0073 5996 mouhid - ok
14:56:26.0121 5996 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:56:26.0123 5996 mountmgr - ok
14:56:26.0176 5996 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:56:26.0208 5996 MozillaMaintenance - ok
14:56:26.0256 5996 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:56:26.0259 5996 mpio - ok
14:56:26.0304 5996 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:56:26.0306 5996 mpsdrv - ok
14:56:26.0394 5996 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
14:56:26.0410 5996 MpsSvc - ok
14:56:26.0447 5996 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:56:26.0450 5996 MRxDAV - ok
14:56:26.0502 5996 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:56:26.0509 5996 mrxsmb - ok
14:56:26.0547 5996 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:56:26.0563 5996 mrxsmb10 - ok
14:56:26.0604 5996 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:56:26.0607 5996 mrxsmb20 - ok
14:56:26.0646 5996 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys
14:56:26.0648 5996 msahci - ok
14:56:26.0693 5996 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:56:26.0697 5996 msdsm - ok
14:56:26.0743 5996 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:56:26.0746 5996 MSDTC - ok
14:56:26.0800 5996 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:56:26.0802 5996 Msfs - ok
14:56:26.0839 5996 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:56:26.0841 5996 mshidkmdf - ok
14:56:26.0883 5996 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:56:26.0885 5996 msisadrv - ok
14:56:26.0937 5996 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:56:26.0949 5996 MSiSCSI - ok
14:56:26.0959 5996 msiserver - ok
14:56:27.0001 5996 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:56:27.0002 5996 MSKSSRV - ok
14:56:27.0033 5996 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:56:27.0034 5996 MSPCLOCK - ok
14:56:27.0049 5996 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:56:27.0050 5996 MSPQM - ok
14:56:27.0097 5996 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:56:27.0107 5996 MsRPC - ok
14:56:27.0141 5996 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:56:27.0142 5996 mssmbios - ok
14:56:27.0167 5996 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:56:27.0168 5996 MSTEE - ok
14:56:27.0207 5996 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:56:27.0209 5996 MTConfig - ok
14:56:27.0247 5996 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:56:27.0249 5996 Mup - ok
14:56:27.0311 5996 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
14:56:27.0318 5996 napagent - ok
14:56:27.0414 5996 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:56:27.0429 5996 NativeWifiP - ok
14:56:27.0520 5996 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:56:27.0530 5996 NDIS - ok
14:56:27.0571 5996 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:56:27.0572 5996 NdisCap - ok
14:56:27.0609 5996 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:56:27.0611 5996 NdisTapi - ok
14:56:27.0646 5996 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:56:27.0648 5996 Ndisuio - ok
14:56:27.0680 5996 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:56:27.0691 5996 NdisWan - ok
14:56:27.0711 5996 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:56:27.0713 5996 NDProxy - ok
14:56:27.0756 5996 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:56:27.0758 5996 NetBIOS - ok
14:56:27.0795 5996 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:56:27.0798 5996 NetBT - ok
14:56:27.0846 5996 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:56:27.0848 5996 Netlogon - ok
14:56:27.0918 5996 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:56:27.0931 5996 Netman - ok
14:56:27.0976 5996 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:56:27.0982 5996 netprofm - ok
14:56:28.0066 5996 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:56:28.0069 5996 NetTcpPortSharing - ok
14:56:28.0353 5996 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:56:28.0454 5996 netw5v64 - ok
14:56:28.0589 5996 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:56:28.0591 5996 nfrd960 - ok
14:56:28.0656 5996 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
14:56:28.0672 5996 NlaSvc - ok
14:56:28.0898 5996 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:56:28.0976 5996 NOBU - ok
14:56:29.0105 5996 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:56:29.0107 5996 Npfs - ok
14:56:29.0145 5996 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:56:29.0150 5996 nsi - ok
14:56:29.0173 5996 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:56:29.0174 5996 nsiproxy - ok
14:56:29.0295 5996 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:56:29.0331 5996 Ntfs - ok
14:56:29.0491 5996 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:56:29.0492 5996 Null - ok
14:56:29.0538 5996 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
14:56:29.0541 5996 nvraid - ok
14:56:29.0578 5996 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
14:56:29.0589 5996 nvstor - ok
14:56:29.0616 5996 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:56:29.0622 5996 nv_agp - ok
14:56:29.0665 5996 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:56:29.0670 5996 ohci1394 - ok
14:56:29.0772 5996 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:56:29.0775 5996 ose - ok
14:56:30.0133 5996 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:56:30.0229 5996 osppsvc - ok
14:56:30.0374 5996 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:56:30.0389 5996 p2pimsvc - ok
14:56:30.0436 5996 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:56:30.0444 5996 p2psvc - ok
14:56:30.0515 5996 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:56:30.0517 5996 Parport - ok
14:56:30.0569 5996 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
14:56:30.0609 5996 partmgr - ok
14:56:30.0673 5996 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:56:30.0685 5996 PcaSvc - ok
14:56:30.0746 5996 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:56:30.0756 5996 pci - ok
14:56:30.0777 5996 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:56:30.0779 5996 pciide - ok
14:56:30.0842 5996 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:56:30.0848 5996 pcmcia - ok
14:56:30.0873 5996 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:56:30.0875 5996 pcw - ok
14:56:30.0936 5996 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:56:30.0956 5996 PEAUTH - ok
14:56:31.0057 5996 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:56:31.0059 5996 PerfHost - ok
14:56:31.0212 5996 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
14:56:31.0243 5996 pla - ok
14:56:31.0305 5996 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
14:56:31.0317 5996 PlugPlay - ok
14:56:31.0366 5996 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:56:31.0371 5996 PNRPAutoReg - ok
14:56:31.0408 5996 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:56:31.0412 5996 PNRPsvc - ok
14:56:31.0477 5996 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
14:56:31.0496 5996 PolicyAgent - ok
14:56:31.0557 5996 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:56:31.0569 5996 Power - ok
14:56:31.0638 5996 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:56:31.0640 5996 PptpMiniport - ok
14:56:31.0688 5996 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:56:31.0690 5996 Processor - ok
14:56:31.0751 5996 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
14:56:31.0762 5996 ProfSvc - ok
14:56:31.0802 5996 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:56:31.0803 5996 ProtectedStorage - ok
14:56:31.0862 5996 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:56:31.0864 5996 Psched - ok
14:56:31.0991 5996 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:56:32.0020 5996 ql2300 - ok
14:56:32.0165 5996 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:56:32.0168 5996 ql40xx - ok
14:56:32.0224 5996 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:56:32.0231 5996 QWAVE - ok
14:56:32.0249 5996 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:56:32.0251 5996 QWAVEdrv - ok
14:56:32.0279 5996 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:56:32.0280 5996 RasAcd - ok
14:56:32.0333 5996 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:56:32.0335 5996 RasAgileVpn - ok
14:56:32.0395 5996 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:56:32.0399 5996 RasAuto - ok
14:56:32.0421 5996 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:56:32.0426 5996 Rasl2tp - ok
14:56:32.0469 5996 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
14:56:32.0484 5996 RasMan - ok
14:56:32.0527 5996 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:56:32.0529 5996 RasPppoe - ok
14:56:32.0576 5996 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:56:32.0578 5996 RasSstp - ok
14:56:32.0622 5996 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:56:32.0631 5996 rdbss - ok
14:56:32.0673 5996 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:56:32.0675 5996 rdpbus - ok
14:56:32.0700 5996 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:56:32.0701 5996 RDPCDD - ok
14:56:32.0736 5996 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:56:32.0737 5996 RDPENCDD - ok
14:56:32.0765 5996 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:56:32.0766 5996 RDPREFMP - ok
14:56:32.0819 5996 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
14:56:32.0861 5996 RDPWD - ok
14:56:32.0918 5996 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:56:32.0926 5996 rdyboost - ok
14:56:32.0963 5996 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:56:32.0967 5996 RemoteAccess - ok
14:56:33.0012 5996 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:56:33.0024 5996 RemoteRegistry - ok
14:56:33.0061 5996 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:56:33.0064 5996 RpcEptMapper - ok
14:56:33.0099 5996 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:56:33.0101 5996 RpcLocator - ok
14:56:33.0160 5996 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:56:33.0164 5996 RpcSs - ok
14:56:33.0212 5996 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:56:33.0214 5996 rspndr - ok
14:56:33.0293 5996 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
14:56:33.0300 5996 RSUSBSTOR - ok
14:56:33.0356 5996 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:56:33.0391 5996 RTL8167 - ok
14:56:33.0530 5996 rtl8192se (cd8f32bb993b98e6705f11504a7f7250) C:\Windows\system32\DRIVERS\rtl8192se.sys
14:56:33.0545 5996 rtl8192se - ok
14:56:33.0691 5996 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
14:56:33.0706 5996 RtVOsdService - ok
14:56:33.0835 5996 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:56:33.0836 5996 SamSs - ok
14:56:33.0893 5996 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:56:33.0896 5996 sbp2port - ok
14:56:33.0951 5996 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:56:33.0961 5996 SCardSvr - ok
14:56:33.0985 5996 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:56:33.0986 5996 scfilter - ok
14:56:34.0084 5996 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
14:56:34.0102 5996 Schedule - ok
14:56:34.0152 5996 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:56:34.0153 5996 SCPolicySvc - ok
14:56:34.0210 5996 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
14:56:34.0212 5996 sdbus - ok
14:56:34.0259 5996 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
14:56:34.0271 5996 SDRSVC - ok
14:56:34.0305 5996 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:56:34.0307 5996 secdrv - ok
14:56:34.0329 5996 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
14:56:34.0331 5996 seclogon - ok
14:56:34.0355 5996 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:56:34.0358 5996 SENS - ok
14:56:34.0412 5996 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:56:34.0414 5996 SensrSvc - ok
14:56:34.0447 5996 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:56:34.0451 5996 Serenum - ok
14:56:34.0494 5996 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:56:34.0499 5996 Serial - ok
14:56:34.0529 5996 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:56:34.0550 5996 sermouse - ok
14:56:34.0604 5996 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
14:56:34.0606 5996 SessionEnv - ok
14:56:34.0640 5996 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:56:34.0642 5996 sffdisk - ok
14:56:34.0682 5996 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:56:34.0683 5996 sffp_mmc - ok
14:56:34.0714 5996 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:56:34.0715 5996 sffp_sd - ok
14:56:34.0764 5996 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:56:34.0765 5996 sfloppy - ok
14:56:34.0829 5996 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:56:34.0842 5996 SharedAccess - ok
14:56:34.0901 5996 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
14:56:34.0915 5996 ShellHWDetection - ok
14:56:34.0954 5996 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:56:34.0955 5996 SiSRaid2 - ok
14:56:34.0997 5996 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:56:34.0999 5996 SiSRaid4 - ok
14:56:35.0042 5996 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:56:35.0045 5996 Smb - ok
14:56:35.0109 5996 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:56:35.0112 5996 SNMPTRAP - ok
14:56:35.0140 5996 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:56:35.0141 5996 spldr - ok
14:56:35.0215 5996 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
14:56:35.0223 5996 Spooler - ok
14:56:35.0461 5996 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
14:56:35.0521 5996 sppsvc - ok
14:56:35.0657 5996 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:56:35.0659 5996 sppuinotify - ok
14:56:35.0730 5996 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:56:35.0739 5996 srv - ok
14:56:35.0811 5996 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:56:35.0825 5996 srv2 - ok
14:56:35.0884 5996 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:56:35.0900 5996 SrvHsfHDA - ok
14:56:36.0001 5996 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:56:36.0039 5996 SrvHsfV92 - ok
14:56:36.0233 5996 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:56:36.0248 5996 SrvHsfWinac - ok
14:56:36.0312 5996 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:56:36.0317 5996 srvnet - ok
14:56:36.0381 5996 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:56:36.0390 5996 SSDPSRV - ok
14:56:36.0417 5996 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:56:36.0420 5996 SstpSvc - ok
14:56:36.0463 5996 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:56:36.0464 5996 stexstor - ok
14:56:36.0537 5996 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
14:56:36.0552 5996 stisvc - ok
14:56:36.0586 5996 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:56:36.0587 5996 swenum - ok
14:56:36.0643 5996 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:56:36.0661 5996 swprv - ok
14:56:36.0802 5996 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
14:56:36.0835 5996 SynTP - ok
14:56:37.0050 5996 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
14:56:37.0085 5996 SysMain - ok
14:56:37.0211 5996 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
14:56:37.0214 5996 TabletInputService - ok
14:56:37.0257 5996 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
14:56:37.0269 5996 TapiSrv - ok
14:56:37.0299 5996 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:56:37.0302 5996 TBS - ok
14:56:37.0477 5996 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
14:56:37.0519 5996 Tcpip - ok
14:56:37.0756 5996 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
14:56:37.0767 5996 TCPIP6 - ok
14:56:37.0865 5996 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:56:37.0867 5996 tcpipreg - ok
14:56:37.0906 5996 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:56:37.0907 5996 TDPIPE - ok
14:56:37.0947 5996 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
14:56:37.0949 5996 TDTCP - ok
14:56:38.0003 5996 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:56:38.0005 5996 tdx - ok
14:56:38.0036 5996 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
14:56:38.0038 5996 TermDD - ok
14:56:38.0118 5996 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
14:56:38.0138 5996 TermService - ok
14:56:38.0159 5996 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:56:38.0164 5996 Themes - ok
14:56:38.0207 5996 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:56:38.0209 5996 THREADORDER - ok
14:56:38.0263 5996 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:56:38.0266 5996 TrkWks - ok
14:56:38.0334 5996 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
14:56:38.0337 5996 TrustedInstaller - ok
14:56:38.0383 5996 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:56:38.0385 5996 tssecsrv - ok
14:56:38.0415 5996 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:56:38.0418 5996 tunnel - ok
14:56:38.0463 5996 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:56:38.0465 5996 uagp35 - ok
14:56:38.0527 5996 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
14:56:38.0531 5996 udfs - ok
14:56:38.0581 5996 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:56:38.0586 5996 UI0Detect - ok
14:56:38.0622 5996 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:56:38.0624 5996 uliagpkx - ok
14:56:38.0679 5996 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:56:38.0684 5996 umbus - ok
14:56:38.0712 5996 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:56:38.0716 5996 UmPass - ok
14:56:38.0784 5996 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:56:38.0798 5996 upnphost - ok
14:56:38.0852 5996 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:56:38.0865 5996 USBAAPL64 - ok
14:56:38.0922 5996 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
14:56:38.0939 5996 usbaudio - ok
14:56:38.0997 5996 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
14:56:39.0000 5996 usbccgp - ok
14:56:39.0045 5996 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:56:39.0047 5996 usbcir - ok
14:56:39.0090 5996 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys
14:56:39.0091 5996 usbehci - ok
14:56:39.0155 5996 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
14:56:39.0169 5996 usbhub - ok
14:56:39.0197 5996 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
14:56:39.0199 5996 usbohci - ok
14:56:39.0251 5996 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:56:39.0253 5996 usbprint - ok
14:56:39.0288 5996 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:56:39.0291 5996 USBSTOR - ok
14:56:39.0322 5996 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys
14:56:39.0325 5996 usbuhci - ok
14:56:39.0402 5996 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:56:39.0405 5996 UxSms - ok
14:56:39.0447 5996 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:56:39.0448 5996 VaultSvc - ok
14:56:39.0497 5996 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:56:39.0499 5996 vdrvroot - ok
14:56:39.0559 5996 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
14:56:39.0576 5996 vds - ok
14:56:39.0599 5996 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:56:39.0600 5996 vga - ok
14:56:39.0625 5996 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:56:39.0627 5996 VgaSave - ok
14:56:39.0676 5996 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:56:39.0685 5996 vhdmp - ok
14:56:39.0716 5996 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:56:39.0717 5996 viaide - ok
14:56:39.0756 5996 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:56:39.0758 5996 volmgr - ok
14:56:39.0816 5996 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:56:39.0821 5996 volmgrx - ok
14:56:39.0882 5996 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:56:39.0911 5996 volsnap - ok
14:56:39.0968 5996 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:56:39.0971 5996 vsmraid - ok
14:56:40.0110 5996 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
14:56:40.0150 5996 VSS - ok
14:56:40.0284 5996 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:56:40.0289 5996 vwifibus - ok
14:56:40.0336 5996 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:56:40.0338 5996 vwififlt - ok
14:56:40.0382 5996 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:56:40.0386 5996 vwifimp - ok
14:56:40.0451 5996 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:56:40.0464 5996 W32Time - ok
14:56:40.0509 5996 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:56:40.0511 5996 WacomPen - ok
14:56:40.0571 5996 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:56:40.0573 5996 WANARP - ok
14:56:40.0599 5996 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:56:40.0600 5996 Wanarpv6 - ok
14:56:40.0726 5996 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:56:40.0803 5996 WatAdminSvc - ok
14:56:40.0935 5996 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
14:56:40.0965 5996 wbengine - ok
14:56:41.0110 5996 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:56:41.0120 5996 WbioSrvc - ok
14:56:41.0199 5996 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
14:56:41.0212 5996 wcncsvc - ok
14:56:41.0239 5996 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:56:41.0245 5996 WcsPlugInService - ok
14:56:41.0310 5996 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:56:41.0311 5996 Wd - ok
14:56:41.0376 5996 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:56:41.0388 5996 Wdf01000 - ok
14:56:41.0457 5996 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:56:41.0460 5996 WdiServiceHost - ok
14:56:41.0472 5996 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:56:41.0475 5996 WdiSystemHost - ok
14:56:41.0526 5996 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
14:56:41.0531 5996 WebClient - ok
14:56:41.0571 5996 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:56:41.0579 5996 Wecsvc - ok
14:56:41.0608 5996 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:56:41.0611 5996 wercplsupport - ok
14:56:41.0653 5996 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:56:41.0656 5996 WerSvc - ok
14:56:41.0732 5996 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:56:41.0734 5996 WfpLwf - ok
14:56:41.0765 5996 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:56:41.0766 5996 WIMMount - ok
14:56:41.0825 5996 WinDefend - ok
14:56:41.0840 5996 WinHttpAutoProxySvc - ok
14:56:41.0923 5996 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:56:41.0932 5996 Winmgmt - ok
14:56:42.0065 5996 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
14:56:42.0113 5996 WinRM - ok
14:56:42.0300 5996 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:56:42.0320 5996 Wlansvc - ok
14:56:42.0522 5996 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:56:42.0574 5996 wlidsvc - ok
14:56:42.0721 5996 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:56:42.0723 5996 WmiAcpi - ok
14:56:42.0813 5996 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:56:42.0822 5996 wmiApSrv - ok
14:56:42.0885 5996 WMPNetworkSvc - ok
14:56:42.0916 5996 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:56:42.0919 5996 WPCSvc - ok
14:56:42.0944 5996 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
14:56:42.0951 5996 WPDBusEnum - ok
14:56:42.0985 5996 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:56:42.0986 5996 ws2ifsl - ok
14:56:43.0042 5996 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
14:56:43.0045 5996 wscsvc - ok
14:56:43.0055 5996 WSearch - ok
14:56:43.0204 5996 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
14:56:43.0252 5996 wuauserv - ok
14:56:43.0398 5996 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:56:43.0403 5996 WudfPf - ok
14:56:43.0453 5996 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:56:43.0463 5996 WUDFRd - ok
14:56:43.0505 5996 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
14:56:43.0508 5996 wudfsvc - ok
14:56:43.0565 5996 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:56:43.0569 5996 WwanSvc - ok
14:56:43.0639 5996 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
14:56:43.0651 5996 yukonw7 - ok
14:56:43.0698 5996 MBR (0x1B8) (8ffbb27037b29e6fbfc4eb4fbd8c137e) \Device\Harddisk0\DR0
14:56:43.0737 5996 \Device\Harddisk0\DR0 - ok
14:56:43.0774 5996 Boot (0x1200) (c496ac5169381a53411fbd2bfbbf90fd) \Device\Harddisk0\DR0\Partition0
14:56:43.0776 5996 \Device\Harddisk0\DR0\Partition0 - ok
14:56:43.0798 5996 Boot (0x1200) (2a3c115f434efa736afb940118af559b) \Device\Harddisk0\DR0\Partition1
14:56:43.0799 5996 \Device\Harddisk0\DR0\Partition1 - ok
14:56:43.0841 5996 Boot (0x1200) (fd7cb2589a26cf2b7e5ead4264b06109) \Device\Harddisk0\DR0\Partition2
14:56:43.0843 5996 \Device\Harddisk0\DR0\Partition2 - ok
14:56:43.0871 5996 Boot (0x1200) (e2e9bf26d0f3321161d32c27fb773c68) \Device\Harddisk0\DR0\Partition3
14:56:43.0872 5996 \Device\Harddisk0\DR0\Partition3 - ok
14:56:43.0876 5996 ============================================================
14:56:43.0876 5996 Scan finished
14:56:43.0876 5996 ============================================================
14:56:43.0895 4592 Detected object count: 0
14:56:43.0895 4592 Actual detected object count: 0
14:57:27.0590 5428 ============================================================
14:57:27.0591 5428 Scan started
14:57:27.0591 5428 Mode: Manual;
14:57:27.0591 5428 ============================================================
14:57:27.0799 5428 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:57:27.0801 5428 1394ohci - ok
14:57:27.0871 5428 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:57:27.0876 5428 ACPI - ok
14:57:27.0924 5428 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:57:27.0924 5428 AcpiPmi - ok
14:57:27.0972 5428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:57:27.0976 5428 adp94xx - ok
14:57:28.0046 5428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:57:28.0049 5428 adpahci - ok
14:57:28.0131 5428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:57:28.0135 5428 adpu320 - ok
14:57:28.0177 5428 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:57:28.0178 5428 AeLookupSvc - ok
14:57:28.0275 5428 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:57:28.0276 5428 AERTFilters - ok
14:57:28.0343 5428 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
14:57:28.0346 5428 AFD - ok
14:57:28.0388 5428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:57:28.0389 5428 agp440 - ok
14:57:28.0436 5428 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:57:28.0437 5428 ALG - ok
14:57:28.0462 5428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:57:28.0463 5428 aliide - ok
14:57:28.0491 5428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:57:28.0492 5428 amdide - ok
14:57:28.0520 5428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:57:28.0523 5428 AmdK8 - ok
14:57:28.0548 5428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:57:28.0549 5428 AmdPPM - ok
14:57:28.0596 5428 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
14:57:28.0597 5428 amdsata - ok
14:57:28.0655 5428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:57:28.0656 5428 amdsbs - ok
14:57:28.0679 5428 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
14:57:28.0680 5428 amdxata - ok
14:57:28.0723 5428 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:57:28.0724 5428 AppID - ok
14:57:28.0766 5428 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:57:28.0767 5428 AppIDSvc - ok
14:57:28.0789 5428 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
14:57:28.0790 5428 Appinfo - ok
14:57:28.0884 5428 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:57:28.0886 5428 Apple Mobile Device - ok
14:57:28.0919 5428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:57:28.0920 5428 arc - ok
14:57:28.0968 5428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:57:28.0969 5428 arcsas - ok
14:57:29.0015 5428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:29.0015 5428 AsyncMac - ok
14:57:29.0044 5428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:57:29.0044 5428 atapi - ok
14:57:29.0113 5428 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:57:29.0117 5428 AudioEndpointBuilder - ok
14:57:29.0130 5428 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:57:29.0134 5428 AudioSrv - ok
14:57:29.0440 5428 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
14:57:29.0468 5428 AVGIDSAgent - ok
14:57:29.0636 5428 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
14:57:29.0637 5428 AVGIDSDriver - ok
14:57:29.0663 5428 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
14:57:29.0664 5428 AVGIDSEH - ok
14:57:29.0678 5428 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
14:57:29.0678 5428 AVGIDSFilter - ok
14:57:29.0724 5428 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
14:57:29.0726 5428 Avgldx64 - ok
14:57:29.0744 5428 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
14:57:29.0745 5428 Avgmfx64 - ok
14:57:29.0774 5428 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
14:57:29.0774 5428 Avgrkx64 - ok
14:57:29.0824 5428 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
14:57:29.0827 5428 Avgtdia - ok
14:57:29.0960 5428 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
14:57:29.0962 5428 avgwd - ok
14:57:30.0006 5428 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
14:57:30.0017 5428 AxInstSV - ok
14:57:30.0092 5428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:57:30.0096 5428 b06bdrv - ok
14:57:30.0154 5428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:30.0156 5428 b57nd60a - ok
14:57:30.0310 5428 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
14:57:30.0311 5428 BBSvc - ok
14:57:30.0428 5428 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
14:57:30.0430 5428 BBUpdate - ok
14:57:30.0475 5428 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:57:30.0476 5428 BDESVC - ok
14:57:30.0514 5428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:57:30.0514 5428 Beep - ok
14:57:30.0574 5428 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
14:57:30.0579 5428 BFE - ok
14:57:30.0664 5428 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
14:57:30.0670 5428 BITS - ok
14:57:30.0740 5428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:30.0741 5428 blbdrive - ok
14:57:30.0861 5428 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:57:30.0864 5428 Bonjour Service - ok
14:57:30.0898 5428 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:57:30.0899 5428 bowser - ok
14:57:30.0943 5428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:57:30.0944 5428 BrFiltLo - ok
14:57:30.0975 5428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:57:30.0976 5428 BrFiltUp - ok
14:57:31.0017 5428 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
14:57:31.0021 5428 Browser - ok
14:57:31.0059 5428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:57:31.0061 5428 Brserid - ok
-
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Brian at 3:45:32 on 2012-05-15
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1701 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\3686F696365673 : DhcpNameServer = 24.116.2.50 24.116.2.34
TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\4456E6E6977237D27457563747D275946494 : DhcpNameServer = 66.82.4.8 66.82.4.12
TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\4557C6C69737 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\771697E65636F6C6C696E637 : DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\C4F657467596C6C6F677D27657563747 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-12 98208]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-11 129976]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-05-14 20:32:45 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-05-14 19:03:44 -------- d-----w- C:\Users\Brian\AppData\Roaming\Malwarebytes
2012-05-14 19:03:37 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-14 19:03:33 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-14 19:03:33 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-14 19:03:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-14 10:21:26 -------- d-----w- C:\Users\Brian\AppData\Roaming\ooVoo Details
2012-05-14 10:20:57 -------- d-----w- C:\Program Files (x86)\Conduit
2012-05-14 10:20:54 -------- d-----w- C:\Users\Brian\AppData\Local\Conduit
2012-05-14 10:20:51 327749 ----a-w- C:\Windows\SysWow64\drvc.dll
2012-05-14 10:20:31 -------- d-----w- C:\Program Files (x86)\iNTERNET Turbo
2012-05-12 01:31:07 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-12 01:30:51 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-05-12 01:30:51 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-05-12 01:30:51 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-12 01:30:51 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-05-11 09:28:30 1541120 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-11 09:28:30 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-11 09:28:29 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-05-11 09:28:29 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-05-11 09:28:29 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-05-11 09:28:29 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-05-11 09:28:29 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-05-11 09:28:29 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-05-11 09:28:29 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-05-11 09:28:29 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-05-11 09:27:48 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-11 09:27:46 3143680 ----a-w- C:\Windows\System32\win32k.sys
2012-05-11 09:27:45 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-11 09:27:45 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-11 09:27:40 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-11 09:27:36 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-11 09:27:32 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 09:27:32 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
.
==================== Find3M ====================
.
2012-03-01 06:54:38 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:45:41 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:40:14 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:35:16 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:49:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:45:05 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:40:44 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-23 10:24:05 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2012-02-23 10:24:05 161792 ----a-w- C:\Windows\SysWow64\msls31.dll
2012-02-23 10:24:02 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll
2012-02-23 10:24:01 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-02-23 10:24:01 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2012-02-23 10:24:01 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2012-02-23 10:24:00 63488 ----a-w- C:\Windows\SysWow64\tdc.ocx
2012-02-23 10:24:00 367104 ----a-w- C:\Windows\SysWow64\html.iec
.
============= FINISH: 3:46:40.23 ===============
-------------Second Log---------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 8/26/2011 1:29:39 PM
System Uptime: 5/15/2012 3:06:37 AM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 1484
Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 281 GiB total, 184.025 GiB free.
D: is FIXED (NTFS) - 17 GiB total, 2.496 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP89: 4/13/2012 3:09:06 AM - Windows Update
RP90: 4/30/2012 1:26:17 AM - Scheduled Checkpoint
RP91: 5/2/2012 3:00:14 AM - Windows Update
RP92: 5/11/2012 3:00:22 AM - Windows Update
RP93: 5/14/2012 3:27:16 AM - Removed ooVoo
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0 MUI
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
Audacity 1.3.13 (Unicode)
Bejeweled 2 Deluxe
Bing Bar
Blackhawk Striker 2
Build-a-lot 2
Chuzzle Deluxe
CinemaNow Media Manager
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink MediaShow
CyberLink PowerDVD 9
CyberLink YouCam
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
Energy Star Digital Logo
Escape Rosecliff Island
ESU for Microsoft Windows 7
FATE
Final Drive Nitro
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.2.0
HP Advisor
HP Customer Experience Enhancements
HP Documentation
HP Game Console
HP Games
HP MediaSmart CinemaNow 2.0
HP Photo Creations
HP Power Manager
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Rapid Storage Technology
Java Auto Updater
Java 6 Update 20
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
LightScribe System Software
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Rise Of Nations
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MSXML4 Parser
Norton Online Backup
Penguins!
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Software
Recovery Manager
Revo Uninstaller 1.93
Rise of Nations Thrones and Patriots
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Virtual Families
Virtual Villagers - The Secret City
Visual Studio 2008 x64 Redistributables
Wheel of Fortune 2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
5/9/2012 3:10:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
5/15/2012 3:33:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/13/2012 10:19:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
.
==== End Of File ===========================
-----------RougeKiller Log-----------------------
RogueKiller V7.4.4 [05/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Brian [Admin rights]
Mode: Scan -- Date: 05/15/2012 03:49:38
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-60A23T0 +++++
--- User ---
[MBR] 6bcf3dd14c642cff97fa0a0ff0620cfe
[bSP] 57e03b796349a7f1515f6689363ea785 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 287273 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 588744704 | Size: 17668 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
Note, I didn't delete anything with RougeKiller, just to make sure I didn't do anything I was suppose to.
-
So, I downloaded a program I trust and use often for converting all sorts of files, and this time I had to reinstall it due to it being out of date. In the process of installing 'Super.exe' I was asked whether or not I want to Install Whitesmoke Toolbar and ooVoo Video Chat. I clicked no, however after the program installed, I was informed that both the other programs were install, despite I said I didn't want them.
To put it all short, I don't want this toolbar, and I really don't trust it. This computer is my main business computer where I do try to keep up with keeping everything secure, and frankly I'm afraid to log into anything other than my email right now.
I have run AVG with the latest updates, to find nothing at all in the computer. Then I installed Malwarebytes, a program I have used in the past, however no results were sent back. Now, I'm considering installing HijackThis and see if I can find anything. But of course I don't trust making any changes unless someone reviews my logs.
Please Help,
Brian
WhiteSmoke Toolbar Removal
in Resolved Malware Removal Logs
Posted
The Computer? Everything seems to be going great, all traces that lurked on Firefox are now gone, can't find anything related to WhiteSmoke. Safe to say it's all good now?