BANCROFT162
-
Posts
33 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by BANCROFT162
-
Well, I think that I am pretty safe now. Once in awhile the screen switches to desktop while I am working on something. like an email or letter etc. ... very strange. all I have to do is touch the mouse and it comes back... but it's annoying... You have been wonderful to help me out of this problem. I can't thank you enough.
-
Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.15.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Pat :: PATS-LATITUDE [administrator] 7/15/2012 11:59:29 AM mbam-log-2012-07-15 (11-59-29).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 237686 Time elapsed: 3 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Pat\Downloads\7zip_installer_1650.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully. (end)
-
Open Event failed to perform desired action. error code 2 can't copy it
-
I'm confused. what about the trojan things? I have not done any removing of that stuff. my computer still flashes once in awhile to the desktop. that's very annoying. didn't used to do that. also, I keep getting an error message about the malwarebytes program I'll wait for your reply
-
Status: Detected (events: 4) 7/11/2012 3:53:22 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High 7/11/2012 4:02:23 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\AppData\Local\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High 7/11/2012 4:20:05 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High 7/11/2012 6:44:29 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\Local Settings\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High
-
Status: Detected (events: 3) 7/11/2012 3:53:22 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High 7/11/2012 4:02:23 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\AppData\Local\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High 7/11/2012 4:20:05 PM Detected Trojan program Trojan.HTML.Redirector.am C:\Documents and Settings\Pat\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3HQWR9M\nvlauty[1].htm High
-
object: C:\Documents and Settings\Pat\AppDa...\nvlauty[1].htm trojan program: Trojan.HTML.Rediretor.am delete skip I cannot copy it...
-
running again
-
won't allow me to copy anything.... the virus removal tool alarm says trojan program: Trojan.HTML>Redirector.am Choices are delete and skip I have not done anything yet
-
Well, when I use the link in your message for F-Secure, I choose the online scan and I get a box with link for download. Everytime I click it, my computer locks up after it opens Java. Therefore have not run it.
-
I will try it again tonight then. maybe that will help. full online scan, right?
-
ok, I think I didn't do this one right. I went to the site and ran the free scan and it just keeps running forever. I did it once last night and once tonight. same result. both times I left it run for hours. I'm having some funny issues with the desktop flashing in when I'm working on something. I have to reclick in order to get back sometimes, others it just goes away by itself.
-
done. so am I FREE again????
-
I can't get http://www.eset.com/onlinescan/ to run... I get a blank page
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:56:48 AM, on 7/5/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Windows\Samsung\PanelMgr\SSMMgr.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe C:\Users\Pat\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Pat\Desktop\HijackThis (1).exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.17.1.1:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (file missing) O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun O4 - HKLM\..\Run: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MyFunCards_5m Browser Plugin Loader] C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbrmon.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user') O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files (x86)\Digital Line Detect\DLG.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=928 O18 - Protocol: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - (no file) O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyFunCardsService (MyFunCards_5mService) - COMPANYVERS_NAME - C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing) O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\SysWOW64\srvany.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: NTRU TSS v1.2.1.36 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18557 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:55:24 AM, on 7/5/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Windows\Samsung\PanelMgr\SSMMgr.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Users\Pat\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Pat\Desktop\HijackThis (1).exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.17.1.1:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (file missing) O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun O4 - HKLM\..\Run: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MyFunCards_5m Browser Plugin Loader] C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbrmon.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user') O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files (x86)\Digital Line Detect\DLG.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=928 O18 - Protocol: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - (no file) O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyFunCardsService (MyFunCards_5mService) - COMPANYVERS_NAME - C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing) O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\SysWOW64\srvany.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: NTRU TSS v1.2.1.36 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18455 bytes
-
Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.05.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Pat :: PATS-LATITUDE [administrator] Protection: Disabled 7/5/2012 11:43:59 AM mbam-log-2012-07-05 (11-43-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 236040 Time elapsed: 2 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
It seems to be doing ok. running a little bit slow yet. the only thing I lost now was my settings for desktop and taskbar. I can fix that though. Can't tell you how much I appreciate your help with this. what should I run as a protective measure? I also have a network. should I run something on the other computers? especially the server?
-
ComboFix 12-07-02.01 - Pat 07/03/2012 16:44:21.3.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3993.2100 [GMT -5:00] Running from: f:\repair files\ComboFix.exe Command switches used :: c:\users\Pat\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Pat\AppData\Local\assembly\tmp . . ((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 ))))))))))))))))))))))))))))))) . . 2012-07-03 21:48 . 2012-07-03 21:48 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp 2012-07-03 21:48 . 2012-07-03 21:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-03 20:36 . 2012-07-03 20:36 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-02 15:05 . 2012-07-02 21:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-02 15:05 . 2012-07-02 20:08 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\users\Pat\AppData\Roaming\Malwarebytes 2012-06-30 19:08 . 2012-07-01 14:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\programdata\Malwarebytes 2012-06-29 00:33 . 2012-06-29 00:33 -------- d-----w- c:\program files (x86)\Dell Digital Delivery 2012-06-22 23:25 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 23:25 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 23:25 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 23:25 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 23:25 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-22 23:25 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 23:25 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 23:25 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 23:25 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-13 03:30 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 03:30 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 03:30 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 03:30 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 03:30 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-13 03:30 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-13 03:30 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-13 03:29 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 03:29 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 03:29 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-13 03:29 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-13 03:29 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 03:29 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 03:29 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 03:29 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-13 03:29 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-13 03:29 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-14 17:20 . 2012-04-11 11:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-14 17:20 . 2011-11-03 12:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-21 15:16 . 2011-12-21 00:35 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-05-21 15:16 . 2011-12-21 00:35 34688 ----a-w- c:\windows\system32\LMIport.dll 2012-05-21 15:16 . 2011-12-21 00:35 80768 ----a-w- c:\windows\system32\LMIinit.dll 2012-05-04 19:42 . 2012-04-14 15:42 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-07-03_13.41.32 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 04:54 . 2012-07-03 20:42 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-07-03 11:43 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-07-03 11:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-07-03 20:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-03 11:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-03 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-07-03 20:42 61230 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-03 20:42 41210 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-12-20 19:28 . 2012-07-03 11:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-12-20 19:28 . 2012-07-03 20:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-12-20 19:28 . 2012-07-03 20:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-12-20 19:28 . 2012-07-03 11:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-03 11:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-03 20:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-12-20 19:33 . 2012-07-03 20:42 9072 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3340855346-1305387913-2722154820-1001_UserData.bin + 2012-07-03 20:40 . 2012-07-03 20:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-03 11:40 . 2012-07-03 11:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-03 11:40 . 2012-07-03 11:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-03 20:40 . 2012-07-03 20:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 02:36 . 2012-07-03 11:44 675968 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-07-03 20:45 675968 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-07-03 20:45 126282 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-07-03 11:44 126282 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2012-07-03 01:08 372120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-03 20:39 372120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-12-20 19:30 . 2012-07-03 20:39 21732304 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3340855346-1305387913-2722154820-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208] . [HKEY_CLASSES_ROOT\clsid\{9234f5e0-56cc-4f0b-aae4-0d4bd5032180}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}] 2012-02-01 07:41 1134208 ----a-w- c:\progra~2\CRAWLE~1\Crawler.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{C4D78C72-08DB-4A3F-9175-B265157283F3}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208] . [HKEY_CLASSES_ROOT\clsid\{c4d78c72-08db-4a3f-9175-b265157283f3}] [HKEY_CLASSES_ROOT\Crawler.Toolbar] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-08-10 1865808] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2011-04-15 536576] "Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-06-15 1532760] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "MyFunCards_5m Browser Plugin Loader"="c:\progra~2\MYFUNC~2\bar\1.bin\5mbrmon.exe" [2012-05-06 30096] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264] . c:\users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928] Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2011-11-3 50688] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336] QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-22 984936] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-06-13 5161080] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe [2003-04-19 8192] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-03 33736] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448] R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2011-12-01 26856] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600] S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe [2010-05-10 2683712] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648] S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 158720] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056] S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 2279320] S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-08-10 32336] S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-21 375176] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928] S2 MyFunCards_5mService;MyFunCardsService;c:\progra~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [2012-05-06 42528] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-04 11576] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-03 2656280] S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 1600000] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 27760] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072] S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-11-03 349736] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-11-03 39464] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-29 52584] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984] S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - ASWMBR *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 17:20] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}" [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}] 2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}" [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}] 2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 611192] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 416024] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-15 6492672] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704] "DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 7077272] "TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 257392] "DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyServer = 172.17.1.1:8080 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3 Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - c:\progra~2\CRAWLE~1\Crawler.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-03 16:50:53 ComboFix-quarantined-files.txt 2012-07-03 21:50 ComboFix2.txt 2012-07-03 14:03 . Pre-Run: 245,863,346,176 bytes free Post-Run: 245,813,989,376 bytes free . - - End Of File - - 3D2D3FE8640E06821351BA7128773EA6
-
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-03 15:51:57 ----------------------------- 15:51:57.516 OS Version: Windows x64 6.1.7601 Service Pack 1 15:51:57.516 Number of processors: 4 586 0x2A07 15:51:57.516 ComputerName: PATS-LATITUDE UserName: Pat 15:51:58.576 Initialize success 15:53:01.818 AVAST engine defs: 12070301 15:53:48.384 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 15:53:48.400 Disk 0 Vendor: TOSHIBA_ MH00 Size: 305245MB BusType: 3 15:53:48.415 Disk 0 MBR read successfully 15:53:48.415 Disk 0 MBR scan 15:53:48.431 Disk 0 Windows VISTA default MBR code 15:53:48.431 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63 15:53:48.431 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 16540 MB offset 81920 15:53:48.462 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 288655 MB offset 33955840 15:53:48.493 Disk 0 scanning C:\Windows\system32\drivers 15:53:57.916 Service scanning 15:54:27.384 Modules scanning 15:54:27.384 Disk 0 trace - called modules: 15:54:27.447 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStor.sys hal.dll 15:54:27.961 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800630b060] 15:54:27.961 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80061aa930] 15:54:27.977 5 stdcfltn.sys[fffff88001b85d12] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80050b4050] 15:54:29.880 AVAST engine scan C:\Windows 15:54:33.156 AVAST engine scan C:\Windows\system32 15:57:32.260 AVAST engine scan C:\Windows\system32\drivers 15:57:45.458 AVAST engine scan C:\Users\Pat 16:00:13.970 Disk 0 MBR has been saved successfully to "C:\Users\Pat\Desktop\MBR.dat" 16:00:13.970 The log file has been saved successfully to "C:\Users\Pat\Desktop\aswMBR.txt"
-
Following just appeared Malwareabytes Anti-Malware (error message) Open event: failed to perform desired action. Error code 2
-
SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:35:27.0215 7500 SSDPSRV - ok 15:35:27.0250 7500 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys 15:35:27.0251 7500 SSPORT - ok 15:35:27.0275 7500 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:35:27.0280 7500 SstpSvc - ok 15:35:27.0370 7500 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe 15:35:27.0371 7500 STacSV - ok 15:35:27.0416 7500 stdcfltn (e4ea2412fb1b8aee33667a9cc6d456a4) C:\Windows\system32\DRIVERS\stdcfltn.sys 15:35:27.0417 7500 stdcfltn - ok 15:35:27.0446 7500 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:35:27.0448 7500 stexstor - ok 15:35:27.0508 7500 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys 15:35:27.0519 7500 STHDA - ok 15:35:27.0556 7500 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 15:35:27.0558 7500 StillCam - ok 15:35:27.0612 7500 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 15:35:27.0619 7500 stisvc - ok 15:35:27.0705 7500 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 15:35:27.0707 7500 stllssvr - ok 15:35:27.0741 7500 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 15:35:27.0743 7500 StorSvc - ok 15:35:27.0790 7500 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 15:35:27.0793 7500 storvsc - ok 15:35:27.0825 7500 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 15:35:27.0826 7500 swenum - ok 15:35:27.0863 7500 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:35:27.0870 7500 swprv - ok 15:35:27.0881 7500 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys 15:35:27.0882 7500 SynthVid - ok 15:35:27.0953 7500 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 15:35:27.0971 7500 SysMain - ok 15:35:28.0038 7500 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 15:35:28.0041 7500 TabletInputService - ok 15:35:28.0066 7500 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 15:35:28.0072 7500 TapiSrv - ok 15:35:28.0098 7500 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:35:28.0099 7500 TBS - ok 15:35:28.0197 7500 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 15:35:28.0215 7500 Tcpip - ok 15:35:28.0351 7500 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 15:35:28.0362 7500 TCPIP6 - ok 15:35:28.0414 7500 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:35:28.0415 7500 tcpipreg - ok 15:35:28.0550 7500 tcsd_win32.exe (3d52b206d9f6f3ecfdb5d676614e47b6) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe 15:35:28.0566 7500 tcsd_win32.exe - ok 15:35:28.0831 7500 TdmService (e2f626e4a23e12de31d8820ff143a456) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe 15:35:28.0846 7500 TdmService - ok 15:35:28.0940 7500 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:35:28.0940 7500 TDPIPE - ok 15:35:28.0971 7500 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 15:35:28.0971 7500 TDTCP - ok 15:35:29.0018 7500 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:35:29.0018 7500 tdx - ok 15:35:29.0049 7500 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 15:35:29.0049 7500 TermDD - ok 15:35:29.0127 7500 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 15:35:29.0158 7500 TermService - ok 15:35:29.0190 7500 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:35:29.0205 7500 Themes - ok 15:35:29.0221 7500 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:35:29.0221 7500 THREADORDER - ok 15:35:29.0283 7500 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:35:29.0283 7500 TrkWks - ok 15:35:29.0346 7500 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 15:35:29.0346 7500 TrustedInstaller - ok 15:35:29.0392 7500 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:35:29.0392 7500 tssecsrv - ok 15:35:29.0424 7500 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:35:29.0424 7500 TsUsbFlt - ok 15:35:29.0439 7500 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 15:35:29.0439 7500 TsUsbGD - ok 15:35:29.0486 7500 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:35:29.0486 7500 tunnel - ok 15:35:29.0502 7500 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:35:29.0502 7500 uagp35 - ok 15:35:29.0533 7500 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:35:29.0533 7500 udfs - ok 15:35:29.0564 7500 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:35:29.0564 7500 UI0Detect - ok 15:35:29.0595 7500 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:35:29.0595 7500 uliagpkx - ok 15:35:29.0642 7500 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 15:35:29.0642 7500 umbus - ok 15:35:29.0658 7500 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:35:29.0658 7500 UmPass - ok 15:35:29.0704 7500 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 15:35:29.0720 7500 UmRdpService - ok 15:35:29.0892 7500 UNS (f7a1f83f28b125aa3737bc06eabb0cd5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 15:35:29.0907 7500 UNS - ok 15:35:30.0016 7500 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:35:30.0016 7500 upnphost - ok 15:35:30.0079 7500 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 15:35:30.0079 7500 usbccgp - ok 15:35:30.0126 7500 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:35:30.0126 7500 usbcir - ok 15:35:30.0157 7500 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:35:30.0157 7500 usbehci - ok 15:35:30.0204 7500 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys 15:35:30.0219 7500 usbhub - ok 15:35:30.0250 7500 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:35:30.0250 7500 usbohci - ok 15:35:30.0282 7500 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:35:30.0282 7500 usbprint - ok 15:35:30.0328 7500 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:35:30.0328 7500 usbscan - ok 15:35:30.0344 7500 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:35:30.0360 7500 USBSTOR - ok 15:35:30.0360 7500 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:35:30.0360 7500 usbuhci - ok 15:35:30.0391 7500 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:35:30.0406 7500 UxSms - ok 15:35:30.0438 7500 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:35:30.0438 7500 VaultSvc - ok 15:35:30.0484 7500 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:35:30.0484 7500 vdrvroot - ok 15:35:30.0531 7500 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 15:35:30.0547 7500 vds - ok 15:35:30.0562 7500 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:35:30.0562 7500 vga - ok 15:35:30.0578 7500 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:35:30.0578 7500 VgaSave - ok 15:35:30.0609 7500 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:35:30.0609 7500 vhdmp - ok 15:35:30.0625 7500 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:35:30.0625 7500 viaide - ok 15:35:30.0640 7500 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 15:35:30.0640 7500 VMBusHID - ok 15:35:30.0672 7500 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:35:30.0672 7500 volmgr - ok 15:35:30.0703 7500 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:35:30.0718 7500 volmgrx - ok 15:35:30.0750 7500 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:35:30.0765 7500 volsnap - ok 15:35:30.0828 7500 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys 15:35:30.0828 7500 vpcbus - ok 15:35:30.0859 7500 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys 15:35:30.0874 7500 vpcnfltr - ok 15:35:30.0906 7500 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys 15:35:30.0906 7500 vpcusb - ok 15:35:30.0937 7500 vpcvmm (30d4243726a15a14f5c5e45898d14394) C:\Windows\system32\drivers\vpcvmm.sys 15:35:30.0937 7500 vpcvmm - ok 15:35:30.0984 7500 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:35:30.0984 7500 vsmraid - ok 15:35:31.0093 7500 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 15:35:31.0108 7500 VSS - ok 15:35:31.0327 7500 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:35:31.0327 7500 vwifibus - ok 15:35:31.0358 7500 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:35:31.0374 7500 vwififlt - ok 15:35:31.0405 7500 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:35:31.0405 7500 vwifimp - ok 15:35:31.0530 7500 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:35:31.0545 7500 W32Time - ok 15:35:31.0592 7500 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:35:31.0592 7500 WacomPen - ok 15:35:31.0639 7500 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:35:31.0639 7500 WANARP - ok 15:35:31.0654 7500 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:35:31.0654 7500 Wanarpv6 - ok 15:35:31.0748 7500 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 15:35:31.0779 7500 WatAdminSvc - ok 15:35:32.0154 7500 Wave Authentication Manager Service (e45bce01f15eeb240fe9db83b9d86be3) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe 15:35:32.0169 7500 Wave Authentication Manager Service - ok 15:35:32.0310 7500 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 15:35:32.0341 7500 wbengine - ok 15:35:32.0403 7500 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:35:32.0403 7500 WbioSrvc - ok 15:35:32.0434 7500 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 15:35:32.0434 7500 wcncsvc - ok 15:35:32.0450 7500 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:35:32.0450 7500 WcsPlugInService - ok 15:35:32.0497 7500 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:35:32.0497 7500 Wd - ok 15:35:32.0544 7500 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:35:32.0559 7500 Wdf01000 - ok 15:35:32.0590 7500 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:35:32.0590 7500 WdiServiceHost - ok 15:35:32.0590 7500 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:35:32.0590 7500 WdiSystemHost - ok 15:35:32.0622 7500 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 15:35:32.0622 7500 WebClient - ok 15:35:32.0653 7500 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:35:32.0653 7500 Wecsvc - ok 15:35:32.0668 7500 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:35:32.0668 7500 wercplsupport - ok 15:35:32.0715 7500 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:35:32.0715 7500 WerSvc - ok 15:35:32.0778 7500 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:35:32.0778 7500 WfpLwf - ok 15:35:32.0793 7500 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:35:32.0793 7500 WIMMount - ok 15:35:32.0840 7500 WinDefend - ok 15:35:32.0856 7500 WinHttpAutoProxySvc - ok 15:35:32.0934 7500 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:35:32.0934 7500 Winmgmt - ok 15:35:33.0058 7500 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 15:35:33.0074 7500 WinRM - ok 15:35:33.0339 7500 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:35:33.0355 7500 Wlansvc - ok 15:35:33.0448 7500 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:35:33.0448 7500 wlcrasvc - ok 15:35:33.0620 7500 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:35:33.0636 7500 wlidsvc - ok 15:35:33.0698 7500 wltrysvc (55dbb16fdc57808615323389241fdc99) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 15:35:33.0698 7500 wltrysvc - ok 15:35:33.0823 7500 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 15:35:33.0823 7500 WmiAcpi - ok 15:35:33.0901 7500 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:35:33.0901 7500 wmiApSrv - ok 15:35:33.0932 7500 WMPNetworkSvc - ok 15:35:33.0963 7500 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:35:33.0979 7500 WPCSvc - ok 15:35:33.0994 7500 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 15:35:34.0010 7500 WPDBusEnum - ok 15:35:34.0026 7500 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:35:34.0026 7500 ws2ifsl - ok 15:35:34.0041 7500 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 15:35:34.0041 7500 wscsvc - ok 15:35:34.0088 7500 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 15:35:34.0088 7500 WSDPrintDevice - ok 15:35:34.0088 7500 WSearch - ok 15:35:34.0244 7500 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 15:35:34.0275 7500 wuauserv - ok 15:35:34.0384 7500 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:35:34.0384 7500 WudfPf - ok 15:35:34.0431 7500 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:35:34.0431 7500 WUDFRd - ok 15:35:34.0462 7500 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 15:35:34.0462 7500 wudfsvc - ok 15:35:34.0494 7500 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:35:34.0494 7500 WwanSvc - ok 15:35:34.0556 7500 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 15:35:34.0587 7500 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected 15:35:34.0587 7500 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0) 15:35:34.0603 7500 MBR (0x1B8) (fcb1fc5713d6b7dbf460028a65fdc118) \Device\Harddisk2\DR4 15:35:41.0248 7500 \Device\Harddisk2\DR4 - ok 15:35:41.0264 7500 Boot (0x1200) (ded67a679aaf8f9efe7f94c1ca28ab62) \Device\Harddisk0\DR0\Partition0 15:35:41.0264 7500 \Device\Harddisk0\DR0\Partition0 - ok 15:35:41.0280 7500 Boot (0x1200) (959ff6459805ff1b6911e5a1f73751b3) \Device\Harddisk0\DR0\Partition1 15:35:41.0280 7500 \Device\Harddisk0\DR0\Partition1 - ok 15:35:41.0280 7500 ============================================================ 15:35:41.0280 7500 Scan finished 15:35:41.0280 7500 ============================================================ 15:35:41.0295 5208 Detected object count: 1 15:35:41.0311 5208 Actual detected object count: 1 15:36:13.0525 5208 \Device\Harddisk0\DR0\# - copied to quarantine 15:36:13.0525 5208 \Device\Harddisk0\DR0 - copied to quarantine 15:36:13.0587 5208 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine 15:36:13.0587 5208 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine 15:36:13.0587 5208 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine 15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine 15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine 15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine 15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine 15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine 15:36:13.0650 5208 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine 15:36:13.0650 5208 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 15:36:13.0650 5208 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine 15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine 15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine 15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine 15:36:13.0696 5208 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine 15:36:13.0696 5208 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine 15:36:13.0728 5208 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine 15:36:13.0743 5208 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine 15:36:13.0790 5208 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine 15:36:13.0806 5208 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine 15:36:13.0962 5208 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine 15:36:13.0962 5208 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Quarantine 15:37:05.0863 6988 ============================================================ 15:37:05.0863 6988 Scan started 15:37:05.0863 6988 Mode: Manual; 15:37:05.0863 6988 ============================================================ 15:37:06.0331 6988 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys 15:37:06.0331 6988 1394ohci - ok 15:37:06.0362 6988 Acceler (1575a815c27789061f34b4f55ae0b5c3) C:\Windows\system32\DRIVERS\accelern.sys 15:37:06.0362 6988 Acceler - ok 15:37:06.0393 6988 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:37:06.0393 6988 ACPI - ok 15:37:06.0409 6988 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:37:06.0409 6988 AcpiPmi - ok 15:37:06.0487 6988 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 15:37:06.0503 6988 AdobeARMservice - ok 15:37:06.0596 6988 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:37:06.0596 6988 AdobeFlashPlayerUpdateSvc - ok 15:37:06.0643 6988 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:37:06.0659 6988 adp94xx - ok 15:37:06.0690 6988 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:37:06.0690 6988 adpahci - ok 15:37:06.0705 6988 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:37:06.0705 6988 adpu320 - ok 15:37:06.0737 6988 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:37:06.0737 6988 AeLookupSvc - ok 15:37:06.0799 6988 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 15:37:06.0799 6988 AESTFilters - ok 15:37:06.0846 6988 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 15:37:06.0861 6988 AFD - ok 15:37:06.0877 6988 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:37:06.0877 6988 agp440 - ok 15:37:06.0908 6988 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:37:06.0908 6988 ALG - ok 15:37:06.0908 6988 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:37:06.0908 6988 aliide - ok 15:37:06.0924 6988 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:37:06.0924 6988 amdide - ok 15:37:06.0939 6988 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:37:06.0939 6988 AmdK8 - ok 15:37:06.0939 6988 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:37:06.0939 6988 AmdPPM - ok 15:37:06.0955 6988 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:37:06.0955 6988 amdsata - ok 15:37:06.0986 6988 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:37:07.0002 6988 amdsbs - ok 15:37:07.0017 6988 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:37:07.0017 6988 amdxata - ok 15:37:07.0064 6988 ApfiltrService (6d4cb1f46a0ac05326f834fd6b822479) C:\Windows\system32\DRIVERS\Apfiltr.sys 15:37:07.0064 6988 ApfiltrService - ok 15:37:07.0080 6988 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:37:07.0080 6988 AppID - ok 15:37:07.0111 6988 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:37:07.0111 6988 AppIDSvc - ok 15:37:07.0142 6988 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 15:37:07.0142 6988 Appinfo - ok 15:37:07.0173 6988 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 15:37:07.0173 6988 AppMgmt - ok 15:37:07.0189 6988 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:37:07.0189 6988 arc - ok 15:37:07.0205 6988 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:37:07.0205 6988 arcsas - ok 15:37:07.0283 6988 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:37:07.0283 6988 aspnet_state - ok 15:37:07.0298 6988 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:37:07.0298 6988 AsyncMac - ok 15:37:07.0329 6988 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:37:07.0329 6988 atapi - ok 15:37:07.0501 6988 ATService (e604f606d37b153b32bddececb024f81) C:\Program Files\Fingerprint Sensor\ATService.exe 15:37:07.0517 6988 ATService - ok 15:37:07.0626 6988 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:37:07.0626 6988 AudioEndpointBuilder - ok 15:37:07.0641 6988 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:37:07.0657 6988 AudioSrv - ok 15:37:07.0922 6988 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 15:37:07.0953 6988 AVGIDSAgent - ok 15:37:08.0063 6988 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys 15:37:08.0063 6988 AVGIDSDriver - ok 15:37:08.0094 6988 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys 15:37:08.0094 6988 AVGIDSFilter - ok 15:37:08.0125 6988 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys 15:37:08.0125 6988 AVGIDSHA - ok 15:37:08.0156 6988 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys 15:37:08.0156 6988 Avgldx64 - ok 15:37:08.0172 6988 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys 15:37:08.0172 6988 Avgmfx64 - ok 15:37:08.0187 6988 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys 15:37:08.0187 6988 Avgrkx64 - ok 15:37:08.0219 6988 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys 15:37:08.0219 6988 Avgtdia - ok 15:37:08.0297 6988 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 15:37:08.0312 6988 avgwd - ok 15:37:08.0343 6988 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 15:37:08.0343 6988 AxInstSV - ok 15:37:08.0390 6988 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:37:08.0406 6988 b06bdrv - ok 15:37:08.0453 6988 b57nd60a (00e4fd35ce3e817f19d6bc2b6f97fd90) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:37:08.0453 6988 b57nd60a - ok 15:37:08.0499 6988 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 15:37:08.0515 6988 BBSvc - ok 15:37:08.0531 6988 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 15:37:08.0531 6988 BBUpdate - ok 15:37:08.0562 6988 BCM42RLY (c3d8920a5aaf10a72cedb57d3339280a) C:\Windows\system32\drivers\BCM42RLY.sys 15:37:08.0577 6988 BCM42RLY - ok 15:37:08.0765 6988 BCM43XX (d20ee58c13ff343b90550861ebcd9ddd) C:\Windows\system32\DRIVERS\bcmwl664.sys 15:37:08.0796 6988 BCM43XX - ok 15:37:08.0889 6988 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:37:08.0889 6988 BDESVC - ok 15:37:08.0921 6988 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:37:08.0921 6988 Beep - ok 15:37:08.0967 6988 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 15:37:08.0983 6988 BFE - ok 15:37:09.0045 6988 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 15:37:09.0061 6988 BITS - ok 15:37:09.0092 6988 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:37:09.0092 6988 blbdrive - ok 15:37:09.0123 6988 Blfp (228086f7ed08e8f1f8622e8f0ded7b6e) C:\Windows\system32\DRIVERS\basp.sys 15:37:09.0123 6988 Blfp - ok 15:37:09.0155 6988 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:37:09.0155 6988 bowser - ok 15:37:09.0201 6988 BrcmMgmtAgent (96afb6d33247fe90421a5b2e76f4ed59) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe 15:37:09.0217 6988 BrcmMgmtAgent - ok 15:37:09.0233 6988 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:37:09.0233 6988 BrFiltLo - ok 15:37:09.0248 6988 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:37:09.0248 6988 BrFiltUp - ok 15:37:09.0264 6988 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 15:37:09.0264 6988 BridgeMP - ok 15:37:09.0295 6988 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 15:37:09.0295 6988 Browser - ok 15:37:09.0326 6988 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:37:09.0326 6988 Brserid - ok 15:37:09.0342 6988 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:37:09.0342 6988 BrSerWdm - ok 15:37:09.0342 6988 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:37:09.0342 6988 BrUsbMdm - ok 15:37:09.0342 6988 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:37:09.0357 6988 BrUsbSer - ok 15:37:09.0373 6988 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 15:37:09.0373 6988 BthEnum - ok 15:37:09.0404 6988 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:37:09.0404 6988 BTHMODEM - ok 15:37:09.0435 6988 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:37:09.0435 6988 BthPan - ok 15:37:09.0482 6988 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 15:37:09.0482 6988 BTHPORT - ok 15:37:09.0498 6988 BTHprint (fbebe2a6469efb281ea143530a553f38) C:\Windows\system32\DRIVERS\bthprint.sys 15:37:09.0498 6988 BTHprint - ok 15:37:09.0529 6988 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:37:09.0529 6988 bthserv - ok 15:37:09.0529 6988 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 15:37:09.0529 6988 BTHUSB - ok 15:37:09.0576 6988 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys 15:37:09.0576 6988 BTWAMPFL - ok 15:37:09.0591 6988 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys 15:37:09.0591 6988 btwaudio - ok 15:37:09.0623 6988 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys 15:37:09.0623 6988 btwavdt - ok 15:37:09.0716 6988 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 15:37:09.0732 6988 btwdins - ok 15:37:09.0747 6988 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys 15:37:09.0747 6988 btwl2cap - ok 15:37:09.0779 6988 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys 15:37:09.0779 6988 btwrchid - ok 15:37:09.0919 6988 catchme - ok 15:37:09.0950 6988 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:37:09.0950 6988 cdfs - ok 15:37:09.0981 6988 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 15:37:09.0981 6988 cdrom - ok 15:37:10.0013 6988 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:37:10.0028 6988 CertPropSvc - ok 15:37:10.0044 6988 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:37:10.0044 6988 circlass - ok 15:37:10.0075 6988 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:37:10.0091 6988 CLFS - ok 15:37:10.0169 6988 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:37:10.0169 6988 clr_optimization_v2.0.50727_32 - ok 15:37:10.0231 6988 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:37:10.0231 6988 clr_optimization_v2.0.50727_64 - ok 15:37:10.0278 6988 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:37:10.0293 6988 clr_optimization_v4.0.30319_32 - ok 15:37:10.0325 6988 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:37:10.0340 6988 clr_optimization_v4.0.30319_64 - ok 15:37:10.0356 6988 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:37:10.0356 6988 CmBatt - ok 15:37:10.0371 6988 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:37:10.0371 6988 cmdide - ok 15:37:10.0434 6988 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 15:37:10.0434 6988 CNG - ok 15:37:10.0449 6988 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:37:10.0449 6988 Compbatt - ok 15:37:10.0465 6988 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 15:37:10.0465 6988 CompositeBus - ok 15:37:10.0465 6988 COMSysApp - ok 15:37:10.0481 6988 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:37:10.0481 6988 crcdisk - ok 15:37:10.0512 6988 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 15:37:10.0512 6988 CryptSvc - ok 15:37:10.0559 6988 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 15:37:10.0559 6988 CSC - ok 15:37:10.0605 6988 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 15:37:10.0605 6988 CscService - ok 15:37:10.0637 6988 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 15:37:10.0637 6988 dc3d - ok 15:37:10.0683 6988 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:37:10.0699 6988 DcomLaunch - ok 15:37:10.0730 6988 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:37:10.0730 6988 defragsvc - ok 15:37:10.0793 6988 DellDigitalDelivery (18b5c959cbe24d4d4c2381efb87611de) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 15:37:10.0808 6988 DellDigitalDelivery - ok 15:37:10.0980 6988 DFEPService (b85201f1aae97cd58fde0db18120f924) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe 15:37:10.0995 6988 DFEPService - ok 15:37:11.0089 6988 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:37:11.0089 6988 DfsC - ok 15:37:11.0120 6988 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys 15:37:11.0120 6988 DgiVecp - ok 15:37:11.0167 6988 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 15:37:11.0183 6988 Dhcp - ok 15:37:11.0183 6988 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:37:11.0198 6988 discache - ok 15:37:11.0214 6988 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:37:11.0214 6988 Disk - ok 15:37:11.0245 6988 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys 15:37:11.0245 6988 dmvsc - ok 15:37:11.0292 6988 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 15:37:11.0292 6988 Dnscache - ok 15:37:11.0323 6988 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 15:37:11.0323 6988 dot3svc - ok 15:37:11.0354 6988 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 15:37:11.0354 6988 Dot4 - ok 15:37:11.0370 6988 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 15:37:11.0370 6988 Dot4Print - ok 15:37:11.0401 6988 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 15:37:11.0401 6988 dot4usb - ok 15:37:11.0432 6988 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 15:37:11.0448 6988 DPS - ok 15:37:11.0479 6988 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:37:11.0479 6988 drmkaud - ok 15:37:11.0541 6988 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:37:11.0557 6988 DXGKrnl - ok 15:37:11.0604 6988 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe 15:37:11.0604 6988 DymoPnpService - ok 15:37:11.0619 6988 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:37:11.0635 6988 EapHost - ok 15:37:11.0791 6988 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:37:11.0807 6988 ebdrv - ok 15:37:11.0885 6988 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 15:37:11.0885 6988 EFS - ok 15:37:11.0963 6988 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 15:37:11.0978 6988 ehRecvr - ok 15:37:11.0994 6988 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:37:11.0994 6988 ehSched - ok 15:37:12.0056 6988 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:37:12.0056 6988 elxstor - ok 15:37:12.0072 6988 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:37:12.0072 6988 ErrDev - ok 15:37:12.0119 6988 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:37:12.0134 6988 EventSystem - ok 15:37:12.0150 6988 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:37:12.0150 6988 exfat - ok 15:37:12.0181 6988 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:37:12.0181 6988 fastfat - ok 15:37:12.0228 6988 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 15:37:12.0243 6988 Fax - ok 15:37:12.0259 6988 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:37:12.0259 6988 fdc - ok 15:37:12.0275 6988 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:37:12.0275 6988 fdPHost - ok 15:37:12.0290 6988 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:37:12.0290 6988 FDResPub - ok 15:37:12.0321 6988 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:37:12.0321 6988 FileInfo - ok 15:37:12.0337 6988 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:37:12.0337 6988 Filetrace - ok 15:37:12.0353 6988 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:37:12.0353 6988 flpydisk - ok 15:37:12.0384 6988 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:37:12.0384 6988 FltMgr - ok 15:37:12.0462 6988 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 15:37:12.0477 6988 FontCache - ok 15:37:12.0555 6988 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:37:12.0555 6988 FontCache3.0.0.0 - ok 15:37:12.0602 6988 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:37:12.0602 6988 FsDepends - ok 15:37:12.0633 6988 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 15:37:12.0633 6988 Fs_Rec - ok 15:37:12.0649 6988 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:37:12.0665 6988 fvevol - ok 15:37:12.0680 6988 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:37:12.0680 6988 gagp30kx - ok 15:37:12.0743 6988 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 15:37:12.0758 6988 gpsvc - ok 15:37:12.0867 6988 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:37:12.0867 6988 gupdate - ok 15:37:12.0867 6988 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:37:12.0883 6988 gupdatem - ok 15:37:12.0899 6988 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 15:37:12.0914 6988 gusvc - ok 15:37:12.0930 6988 HBtnKey (0e485f2c759f155170da9f35354034e9) C:\Windows\system32\drivers\HBtnKey.sys 15:37:12.0930 6988 HBtnKey - ok 15:37:12.0961 6988 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:37:12.0961 6988 hcw85cir - ok 15:37:12.0992 6988 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:37:12.0992 6988 HDAudBus - ok 15:37:13.0008 6988 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:37:13.0008 6988 HidBatt - ok 15:37:13.0039 6988 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 15:37:13.0039 6988 HidBth - ok 15:37:13.0055 6988 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:37:13.0055 6988 HidIr - ok 15:37:13.0086 6988 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 15:37:13.0086 6988 hidserv - ok 15:37:13.0101 6988 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:37:13.0101 6988 HidUsb - ok 15:37:13.0117 6988 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 15:37:13.0117 6988 hkmsvc - ok 15:37:13.0148 6988 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 15:37:13.0148 6988 HomeGroupListener - ok 15:37:13.0195 6988 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 15:37:13.0195 6988 HomeGroupProvider - ok 15:37:13.0242 6988 HP LaserJet Service (53dca61931847e35c950504bfb7559c6) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe 15:37:13.0242 6988 HP LaserJet Service - ok 15:37:13.0304 6988 hpqcxs08 (08457d8f8149757c70cea59c71ec5d27) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 15:37:13.0304 6988 hpqcxs08 - ok 15:37:13.0335 6988 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 15:37:13.0335 6988 hpqddsvc - ok 15:37:13.0367 6988 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:37:13.0367 6988 HpSAMD - ok 15:37:13.0445 6988 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 15:37:13.0460 6988 HPSLPSVC - ok 15:37:13.0491 6988 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 15:37:13.0491 6988 HTCAND64 - ok 15:37:13.0507 6988 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 15:37:13.0507 6988 htcnprot - ok 15:37:13.0554 6988 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:37:13.0569 6988 HTTP - ok 15:37:13.0569 6988 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:37:13.0569 6988 hwpolicy - ok 15:37:13.0601 6988 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 15:37:13.0601 6988 i8042prt - ok 15:37:13.0647 6988 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 15:37:13.0663 6988 iaStor - ok 15:37:13.0694 6988 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:37:13.0694 6988 iaStorV - ok 15:37:13.0819 6988 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:37:13.0819 6988 idsvc - ok 15:37:14.0318 6988 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys 15:37:14.0381 6988 igfx - ok 15:37:14.0505 6988 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:37:14.0505 6988 iirsp - ok 15:37:14.0568 6988 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 15:37:14.0583 6988 IKEEXT - ok 15:37:14.0630 6988 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys 15:37:14.0630 6988 Impcd - ok 15:37:14.0661 6988 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 15:37:14.0677 6988 IntcDAud - ok 15:37:14.0708 6988 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:37:14.0708 6988 intelide - ok 15:37:14.0739 6988 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:37:14.0739 6988 intelppm - ok 15:37:14.0771 6988 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:37:14.0786 6988 IPBusEnum - ok 15:37:14.0802 6988 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:37:14.0802 6988 IpFilterDriver - ok 15:37:14.0849 6988 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 15:37:14.0864 6988 iphlpsvc - ok 15:37:14.0880 6988 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:37:14.0880 6988 IPMIDRV - ok 15:37:14.0880 6988 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:37:14.0880 6988 IPNAT - ok 15:37:14.0895 6988 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:37:14.0895 6988 IRENUM - ok 15:37:14.0911 6988 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:37:14.0911 6988 isapnp - ok 15:37:14.0927 6988 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:37:14.0942 6988 iScsiPrt - ok 15:37:15.0005 6988 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 15:37:15.0005 6988 jhi_service - ok 15:37:15.0036 6988 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:37:15.0036 6988 kbdclass - ok 15:37:15.0067 6988 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:37:15.0067 6988 kbdhid - ok 15:37:15.0083 6988 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:37:15.0083 6988 KeyIso - ok 15:37:15.0129 6988 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 15:37:15.0129 6988 KSecDD - ok 15:37:15.0161 6988 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 15:37:15.0161 6988 KSecPkg - ok 15:37:15.0161 6988 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:37:15.0161 6988 ksthunk - ok 15:37:15.0207 6988 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:37:15.0207 6988 KtmRm - ok 15:37:15.0239 6988 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 15:37:15.0239 6988 LanmanServer - ok 15:37:15.0270 6988 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 15:37:15.0285 6988 LanmanWorkstation - ok 15:37:15.0285 6988 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:37:15.0285 6988 lltdio - ok 15:37:15.0348 6988 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:37:15.0348 6988 lltdsvc - ok 15:37:15.0363 6988 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:37:15.0363 6988 lmhosts - ok 15:37:15.0441 6988 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe 15:37:15.0441 6988 LMIGuardianSvc - ok 15:37:15.0457 6988 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 15:37:15.0457 6988 LMIInfo - ok 15:37:15.0488 6988 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe 15:37:15.0488 6988 LMIMaint - ok 15:37:15.0504 6988 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 15:37:15.0504 6988 lmimirr - ok 15:37:15.0504 6988 LMIRfsClientNP - ok 15:37:15.0519 6988 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 15:37:15.0519 6988 LMIRfsDriver - ok 15:37:15.0566 6988 LMS (5f5899711df18a02162b6d518c17b0d7) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 15:37:15.0566 6988 LMS - ok 15:37:15.0613 6988 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe 15:37:15.0629 6988 LogMeIn - ok 15:37:15.0660 6988 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:37:15.0660 6988 LSI_FC - ok 15:37:15.0691 6988 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:37:15.0691 6988 LSI_SAS - ok 15:37:15.0691 6988 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:37:15.0707 6988 LSI_SAS2 - ok 15:37:15.0722 6988 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:37:15.0722 6988 LSI_SCSI - ok 15:37:15.0738 6988 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:37:15.0738 6988 luafv - ok 15:37:15.0738 6988 MBAMProtector - ok 15:37:15.0800 6988 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 15:37:15.0800 6988 MBAMService - ok 15:37:15.0847 6988 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 15:37:15.0847 6988 Mcx2Svc - ok 15:37:15.0847 6988 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:37:15.0847 6988 megasas - ok 15:37:15.0878 6988 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:37:15.0878 6988 MegaSR - ok 15:37:15.0909 6988 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 15:37:15.0909 6988 MEIx64 - ok 15:37:15.0941 6988 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:37:15.0941 6988 MMCSS - ok 15:37:15.0956 6988 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:37:15.0956 6988 Modem - ok 15:37:15.0972 6988 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:37:15.0972 6988 monitor - ok 15:37:15.0987 6988 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:37:15.0987 6988 mouclass - ok 15:37:16.0003 6988 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:37:16.0019 6988 mouhid - ok 15:37:16.0034 6988 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:37:16.0034 6988 mountmgr - ok 15:37:16.0050 6988 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:37:16.0050 6988 mpio - ok 15:37:16.0065 6988 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:37:16.0065 6988 mpsdrv - ok 15:37:16.0112 6988 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 15:37:16.0128 6988 MpsSvc - ok 15:37:16.0159 6988 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:37:16.0159 6988 MRxDAV - ok 15:37:16.0190 6988 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:37:16.0190 6988 mrxsmb - ok 15:37:16.0221 6988 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:37:16.0237 6988 mrxsmb10 - ok 15:37:16.0253 6988 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:37:16.0253 6988 mrxsmb20 - ok 15:37:16.0284 6988 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:37:16.0284 6988 msahci - ok 15:37:16.0315 6988 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:37:16.0315 6988 msdsm - ok 15:37:16.0362 6988 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:37:16.0362 6988 MSDTC - ok 15:37:16.0393 6988 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:37:16.0393 6988 Msfs - ok 15:37:16.0409 6988 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:37:16.0409 6988 mshidkmdf - ok 15:37:16.0424 6988 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:37:16.0424 6988 msisadrv - ok 15:37:16.0455 6988 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:37:16.0471 6988 MSiSCSI - ok 15:37:16.0471 6988 msiserver - ok 15:37:16.0471 6988 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:37:16.0471 6988 MSKSSRV - ok 15:37:16.0487 6988 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:37:16.0487 6988 MSPCLOCK - ok 15:37:16.0487 6988 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:37:16.0487 6988 MSPQM - ok 15:37:16.0518 6988 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:37:16.0518 6988 MsRPC - ok 15:37:16.0533 6988 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 15:37:16.0533 6988 mssmbios - ok 15:37:16.0565 6988 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:37:16.0565 6988 MSTEE - ok 15:37:16.0565 6988 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:37:16.0565 6988 MTConfig - ok 15:37:16.0580 6988 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:37:16.0580 6988 Mup - ok 15:37:16.0643 6988 MyFunCards_5mService (72f8c1568a56c7059cb1074a7e529dc6) C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe 15:37:16.0643 6988 MyFunCards_5mService - ok 15:37:16.0705 6988 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 15:37:16.0705 6988 napagent - ok 15:37:16.0736 6988 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:37:16.0736 6988 NativeWifiP - ok 15:37:16.0814 6988 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 15:37:16.0830 6988 NDIS - ok 15:37:16.0845 6988 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:37:16.0845 6988 NdisCap - ok 15:37:16.0861 6988 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:37:16.0861 6988 NdisTapi - ok 15:37:16.0877 6988 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:37:16.0877 6988 Ndisuio - ok 15:37:16.0908 6988 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:37:16.0908 6988 NdisWan - ok 15:37:16.0923 6988 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:37:16.0923 6988 NDProxy - ok 15:37:16.0955 6988 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll 15:37:16.0955 6988 Net Driver HPZ12 - ok 15:37:16.0955 6988 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:37:16.0970 6988 NetBIOS - ok 15:37:16.0986 6988 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:37:16.0986 6988 NetBT - ok 15:37:17.0017 6988 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:37:17.0017 6988 Netlogon - ok 15:37:17.0048 6988 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:37:17.0064 6988 Netman - ok 15:37:17.0157 6988 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:37:17.0157 6988 NetMsmqActivator - ok 15:37:17.0173 6988 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:37:17.0173 6988 NetPipeActivator - ok 15:37:17.0204 6988 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:37:17.0204 6988 netprofm - ok 15:37:17.0204 6988 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:37:17.0220 6988 NetTcpActivator - ok 15:37:17.0220 6988 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:37:17.0220 6988 NetTcpPortSharing - ok 15:37:17.0282 6988 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys 15:37:17.0282 6988 netvsc - ok 15:37:17.0313 6988 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:37:17.0313 6988 nfrd960 - ok 15:37:17.0360 6988 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 15:37:17.0360 6988 NlaSvc - ok 15:37:17.0376 6988 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:37:17.0376 6988 Npfs - ok 15:37:17.0391 6988 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:37:17.0391 6988 nsi - ok 15:37:17.0391 6988 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:37:17.0391 6988 nsiproxy - ok 15:37:17.0501 6988 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:37:17.0516 6988 Ntfs - ok 15:37:17.0610 6988 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:37:17.0610 6988 Null - ok 15:37:17.0625 6988 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:37:17.0641 6988 nvraid - ok 15:37:17.0672 6988 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:37:17.0672 6988 nvstor - ok 15:37:17.0703 6988 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:37:17.0703 6988 nv_agp - ok 15:37:17.0735 6988 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe 15:37:17.0735 6988 O2FLASH - ok 15:37:17.0750 6988 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\drivers\O2MDFw7x64.sys 15:37:17.0750 6988 O2MDFRDR - ok 15:37:17.0781 6988 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\DRIVERS\O2MDRw7x64.sys 15:37:17.0781 6988 O2MDRRDR - ok 15:37:17.0844 6988 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe 15:37:17.0844 6988 O2SDIOAssist - ok 15:37:17.0875 6988 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys 15:37:17.0875 6988 O2SDJRDR - ok 15:37:17.0906 6988 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:37:17.0906 6988 ohci1394 - ok 15:37:17.0969 6988 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:37:17.0969 6988 ose - ok 15:37:18.0249 6988 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:37:18.0281 6988 osppsvc - ok 15:37:18.0374 6988 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:37:18.0390 6988 p2pimsvc - ok 15:37:18.0421 6988 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:37:18.0437 6988 p2psvc - ok 15:37:18.0483 6988 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:37:18.0483 6988 Parport - ok 15:37:18.0499 6988 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 15:37:18.0515 6988 partmgr - ok 15:37:18.0593 6988 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 15:37:18.0593 6988 PassThru Service - ok 15:37:18.0624 6988 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys 15:37:18.0624 6988 PBADRV - ok 15:37:18.0671 6988 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:37:18.0671 6988 PcaSvc - ok 15:37:18.0702 6988 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:37:18.0702 6988 pci - ok 15:37:18.0733 6988 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:37:18.0733 6988 pciide - ok 15:37:18.0764 6988 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:37:18.0780 6988 pcmcia - ok 15:37:18.0795 6988 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:37:18.0795 6988 pcw - ok 15:37:18.0842 6988 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:37:18.0842 6988 PEAUTH - ok 15:37:18.0936 6988 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 15:37:18.0967 6988 PeerDistSvc - ok 15:37:19.0029 6988 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:37:19.0029 6988 PerfHost - ok 15:37:19.0201 6988 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 15:37:19.0217 6988 pla - ok 15:37:19.0263 6988 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 15:37:19.0263 6988 PlugPlay - ok 15:37:19.0295 6988 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll 15:37:19.0295 6988 Pml Driver HPZ12 - ok 15:37:19.0310 6988 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:37:19.0310 6988 PNRPAutoReg - ok 15:37:19.0341 6988 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:37:19.0341 6988 PNRPsvc - ok 15:37:19.0404 6988 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 15:37:19.0404 6988 Point64 - ok 15:37:19.0466 6988 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 15:37:19.0466 6988 PolicyAgent - ok 15:37:19.0513 6988 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:37:19.0513 6988 Power - ok 15:37:19.0544 6988 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:37:19.0544 6988 PptpMiniport - ok 15:37:19.0575 6988 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:37:19.0575 6988 Processor - ok 15:37:19.0607 6988 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 15:37:19.0622 6988 ProfSvc - ok 15:37:19.0638 6988 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:37:19.0653 6988 ProtectedStorage - ok 15:37:19.0669 6988 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:37:19.0669 6988 Psched - ok 15:37:19.0700 6988 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:37:19.0700 6988 PxHlpa64 - ok 15:37:19.0794 6988 QBCFMonitorService (e69cfdbcf71b95ab663d67280d763999) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 15:37:19.0794 6988 QBCFMonitorService - ok 15:37:19.0841 6988 QBFCService (2241eaf40e472c471cb80cf6b97cca11) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 15:37:19.0841 6988 QBFCService - ok 15:37:19.0934 6988 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:37:19.0965 6988 ql2300 - ok 15:37:20.0043 6988 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:37:20.0059 6988 ql40xx - ok 15:37:20.0090 6988 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:37:20.0106 6988 QWAVE - ok 15:37:20.0121 6988 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:37:20.0121 6988 QWAVEdrv - ok 15:37:20.0121 6988 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:37:20.0121 6988 RasAcd - ok 15:37:20.0153 6988 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:37:20.0153 6988 RasAgileVpn - ok 15:37:20.0168 6988 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:37:20.0184 6988 RasAuto - ok 15:37:20.0215 6988 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:37:20.0231 6988 Rasl2tp - ok 15:37:20.0262 6988 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 15:37:20.0262 6988 RasMan - ok 15:37:20.0277 6988 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:37:20.0277 6988 RasPppoe - ok 15:37:20.0293 6988 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:37:20.0293 6988 RasSstp - ok 15:37:20.0324 6988 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:37:20.0324 6988 rdbss - ok 15:37:20.0340 6988 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:37:20.0340 6988 rdpbus - ok 15:37:20.0355 6988 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:37:20.0355 6988 RDPCDD - ok 15:37:20.0402 6988 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 15:37:20.0402 6988 RDPDR - ok 15:37:20.0418 6988 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:37:20.0418 6988 RDPENCDD - ok 15:37:20.0433 6988 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:37:20.0433 6988 RDPREFMP - ok 15:37:20.0480 6988 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 15:37:20.0480 6988 RDPWD - ok 15:37:20.0511 6988 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:37:20.0511 6988 rdyboost - ok 15:37:20.0558 6988 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:37:20.0558 6988 RemoteAccess - ok 15:37:20.0574 6988 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:37:20.0589 6988 RemoteRegistry - ok 15:37:20.0621 6988 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:37:20.0621 6988 RFCOMM - ok 15:37:20.0792 6988 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 15:37:20.0808 6988 RoxMediaDB12OEM - ok 15:37:20.0839 6988 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 15:37:20.0839 6988 RoxWatch12 - ok 15:37:20.0933 6988 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:37:20.0933 6988 RpcEptMapper - ok 15:37:20.0964 6988 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:37:20.0964 6988 RpcLocator - ok 15:37:21.0011 6988 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:37:21.0011 6988 RpcSs - ok 15:37:21.0042 6988 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:37:21.0042 6988 rspndr - ok 15:37:21.0073 6988 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 15:37:21.0073 6988 s3cap - ok 15:37:21.0104 6988 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:37:21.0104 6988 SamSs - ok 15:37:21.0135 6988 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:37:21.0135 6988 sbp2port - ok 15:37:21.0245 6988 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 15:37:21.0260 6988 SBSDWSCService - ok 15:37:21.0291 6988 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:37:21.0307 6988 SCardSvr - ok 15:37:21.0369 6988 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:37:21.0369 6988 scfilter - ok 15:37:21.0432 6988 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 15:37:21.0447 6988 Schedule - ok 15:37:21.0463 6988 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:37:21.0463 6988 SCPolicySvc - ok 15:37:21.0494 6988 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 15:37:21.0494 6988 SDRSVC - ok 15:37:21.0510 6988 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:37:21.0510 6988 secdrv - ok 15:37:21.0541 6988 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 15:37:21.0541 6988 seclogon - ok 15:37:21.0744 6988 SecureStorageService (8365191d0fe7df5972b889821adbe62b) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe 15:37:21.0759 6988 SecureStorageService - ok 15:37:21.0837 6988 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 15:37:21.0837 6988 SENS - ok 15:37:21.0869 6988 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:37:21.0869 6988 SensrSvc - ok 15:37:21.0900 6988 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:37:21.0900 6988 Serenum - ok 15:37:21.0900 6988 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:37:21.0915 6988 Serial - ok 15:37:21.0915 6988 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:37:21.0915 6988 sermouse - ok 15:37:21.0947 6988 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 15:37:21.0947 6988 SessionEnv - ok 15:37:21.0947 6988 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:37:21.0947 6988 sffdisk - ok 15:37:21.0962 6988 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:37:21.0962 6988 sffp_mmc - ok 15:37:21.0962 6988 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:37:21.0962 6988 sffp_sd - ok 15:37:21.0962 6988 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:37:21.0962 6988 sfloppy - ok 15:37:22.0009 6988 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 15:37:22.0025 6988 SharedAccess - ok 15:37:22.0056 6988 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 15:37:22.0056 6988 ShellHWDetection - ok 15:37:22.0056 6988 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:37:22.0056 6988 SiSRaid2 - ok 15:37:22.0071 6988 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:37:22.0071 6988 SiSRaid4 - ok 15:37:22.0103 6988 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys 15:37:22.0103 6988 SIUSBXP - ok 15:37:22.0134 6988 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:37:22.0134 6988 Smb - ok 15:37:22.0165 6988 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:37:22.0165 6988 SNMPTRAP - ok 15:37:22.0181 6988 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:37:22.0181 6988 spldr - ok 15:37:22.0227 6988 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 15:37:22.0227 6988 Spooler - ok 15:37:22.0415 6988 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 15:37:22.0430 6988 sppsvc - ok 15:37:22.0524 6988 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:37:22.0524 6988 sppuinotify - ok 15:37:22.0586 6988 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:37:22.0602 6988 srv - ok 15:37:22.0633 6988 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:37:22.0633 6988 srv2 - ok 15:37:22.0649 6988 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:37:22.0664 6988 srvnet - ok 15:37:22.0680 6988 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:37:22.0695 6988 SSDPSRV - ok 15:37:22.0711 6988 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys 15:37:22.0711 6988 SSPORT - ok 15:37:22.0742 6988 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:37:22.0758 6988 SstpSvc - ok 15:37:22.0851 6988 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe 15:37:22.0851 6988 STacSV - ok 15:37:22.0883 6988 stdcfltn (e4ea2412fb1b8aee33667a9cc6d456a4) C:\Windows\system32\DRIVERS\stdcfltn.sys 15:37:22.0883 6988 stdcfltn - ok 15:37:22.0914 6988 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:37:22.0914 6988 stexstor - ok 15:37:22.0945 6988 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys 15:37:22.0945 6988 STHDA - ok 15:37:22.0976 6988 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 15:37:22.0976 6988 StillCam - ok 15:37:23.0023 6988 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 15:37:23.0039 6988 stisvc - ok 15:37:23.0101 6988 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 15:37:23.0101 6988 stllssvr - ok 15:37:23.0132 6988 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 15:37:23.0132 6988 StorSvc - ok 15:37:23.0163 6988 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 15:37:23.0163 6988 storvsc - ok 15:37:23.0195 6988 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 15:37:23.0195 6988 swenum - ok 15:37:23.0257 6988 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:37:23.0273 6988 swprv - ok 15:37:23.0288 6988 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys 15:37:23.0288 6988 SynthVid - ok 15:37:23.0382 6988 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 15:37:23.0397 6988 SysMain - ok 15:37:23.0475 6988 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 15:37:23.0491 6988 TabletInputService - ok 15:37:23.0507 6988 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 15:37:23.0522 6988 TapiSrv - ok 15:37:23.0553 6988 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:37:23.0553 6988 TBS - ok 15:37:23.0678 6988 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 15:37:23.0678 6988 Tcpip - ok 15:37:23.0834 6988 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 15:37:23.0850 6988 TCPIP6 - ok 15:37:23.0912 6988 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:37:23.0912 6988 tcpipreg - ok 15:37:24.0068 6988 tcsd_win32.exe (3d52b206d9f6f3ecfdb5d676614e47b6) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe 15:37:24.0068 6988 tcsd_win32.exe - ok 15:37:24.0443 6988 TdmService (e2f626e4a23e12de31d8820ff143a456) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe 15:37:24.0458 6988 TdmService - ok 15:37:24.0536 6988 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:37:24.0536 6988 TDPIPE - ok 15:37:24.0567 6988 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 15:37:24.0567 6988 TDTCP - ok 15:37:24.0583 6988 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:37:24.0583 6988 tdx - ok 15:37:24.0599 6988 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 15:37:24.0599 6988 TermDD - ok 15:37:24.0645 6988 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 15:37:24.0661 6988 TermService - ok 15:37:24.0661 6988 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:37:24.0661 6988 Themes - ok 15:37:24.0692 6988 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:37:24.0692 6988 THREADORDER - ok 15:37:24.0708 6988 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:37:24.0723 6988 TrkWks - ok 15:37:24.0786 6988 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 15:37:24.0801 6988 TrustedInstaller - ok 15:37:24.0848 6988 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:37:24.0848 6988 tssecsrv - ok 15:37:24.0864 6988 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:37:24.0864 6988 TsUsbFlt - ok 15:37:24.0879 6988 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 15:37:24.0879 6988 TsUsbGD - ok 15:37:24.0895 6988 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:37:24.0895 6988 tunnel - ok 15:37:24.0911 6988 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:37:24.0911 6988 uagp35 - ok 15:37:24.0942 6988 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:37:24.0942 6988 udfs - ok 15:37:24.0973 6988 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:37:24.0973 6988 UI0Detect - ok 15:37:24.0989 6988 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:37:25.0004 6988 uliagpkx - ok 15:37:25.0020 6988 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 15:37:25.0020 6988 umbus - ok 15:37:25.0035 6988 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:37:25.0035 6988 UmPass - ok 15:37:25.0082 6988 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 15:37:25.0082 6988 UmRdpService - ok 15:37:25.0285 6988 UNS (f7a1f83f28b125aa3737bc06eabb0cd5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 15:37:25.0301 6988 UNS - ok 15:37:25.0394 6988 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:37:25.0410 6988 upnphost - ok 15:37:25.0457 6988 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 15:37:25.0457 6988 usbccgp - ok 15:37:25.0488 6988 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:37:25.0503 6988 usbcir - ok 15:37:25.0519 6988 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:37:25.0519 6988 usbehci - ok 15:37:25.0566 6988 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys 15:37:25.0581 6988 usbhub - ok 15:37:25.0613 6988 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:37:25.0613 6988 usbohci - ok 15:37:25.0644 6988 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:37:25.0644 6988 usbprint - ok 15:37:25.0659 6988 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:37:25.0659 6988 usbscan - ok 15:37:25.0691 6988 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:37:25.0691 6988 USBSTOR - ok 15:37:25.0706 6988 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:37:25.0706 6988 usbuhci - ok 15:37:25.0737 6988 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:37:25.0737 6988 UxSms - ok 15:37:25.0753 6988 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:37:25.0753 6988 VaultSvc - ok 15:37:25.0784 6988 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:37:25.0784 6988 vdrvroot - ok 15:37:25.0815 6988 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 15:37:25.0815 6988 vds - ok 15:37:25.0831 6988 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:37:25.0831 6988 vga - ok 15:37:25.0847 6988 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:37:25.0847 6988 VgaSave - ok 15:37:25.0862 6988 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:37:25.0862 6988 vhdmp - ok 15:37:25.0893 6988 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:37:25.0893 6988 viaide - ok 15:37:25.0909 6988 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 15:37:25.0909 6988 VMBusHID - ok 15:37:25.0940 6988 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:37:25.0940 6988 volmgr - ok 15:37:25.0971 6988 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:37:25.0971 6988 volmgrx - ok 15:37:26.0003 6988 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:37:26.0003 6988 volsnap - ok 15:37:26.0049 6988 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys 15:37:26.0049 6988 vpcbus - ok 15:37:26.0081 6988 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys 15:37:26.0081 6988 vpcnfltr - ok 15:37:26.0112 6988 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys 15:37:26.0112 6988 vpcusb - ok 15:37:26.0159 6988 vpcvmm (30d4243726a15a14f5c5e45898d14394) C:\Windows\system32\drivers\vpcvmm.sys 15:37:26.0159 6988 vpcvmm - ok 15:37:26.0190 6988 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:37:26.0190 6988 vsmraid - ok 15:37:26.0283 6988 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 15:37:26.0283 6988 VSS - ok 15:37:26.0393 6988 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:37:26.0408 6988 vwifibus - ok 15:37:26.0408 6988 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:37:26.0408 6988 vwififlt - ok 15:37:26.0439 6988 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:37:26.0439 6988 vwifimp - ok 15:37:26.0471 6988 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:37:26.0486 6988 W32Time - ok 15:37:26.0502 6988 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:37:26.0502 6988 WacomPen - ok 15:37:26.0517 6988 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:37:26.0533 6988 WANARP - ok 15:37:26.0533 6988 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:37:26.0533 6988 Wanarpv6 - ok 15:37:26.0611 6988 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 15:37:26.0642 6988 WatAdminSvc - ok 15:37:26.0798 6988 Wave Authentication Manager Service (e45bce01f15eeb240fe9db83b9d86be3) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe 15:37:26.0829 6988 Wave Authentication Manager Service - ok 15:37:26.0970 6988 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 15:37:27.0001 6988 wbengine - ok 15:37:27.0048 6988 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:37:27.0063 6988 WbioSrvc - ok 15:37:27.0095 6988 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 15:37:27.0095 6988 wcncsvc - ok 15:37:27.0126 6988 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:37:27.0126 6988 WcsPlugInService - ok 15:37:27.0188 6988 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:37:27.0188 6988 Wd - ok 15:37:27.0235 6988 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:37:27.0251 6988 Wdf01000 - ok 15:37:27.0282 6988 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:37:27.0282 6988 WdiServiceHost - ok 15:37:27.0282 6988 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:37:27.0282 6988 WdiSystemHost - ok 15:37:27.0297 6988 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 15:37:27.0313 6988 WebClient - ok 15:37:27.0344 6988 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:37:27.0344 6988 Wecsvc - ok 15:37:27.0360 6988 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:37:27.0360 6988 wercplsupport - ok 15:37:27.0375 6988 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:37:27.0375 6988 WerSvc - ok 15:37:27.0422 6988 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:37:27.0422 6988 WfpLwf - ok 15:37:27.0453 6988 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:37:27.0453 6988 WIMMount - ok 15:37:27.0485 6988 WinDefend - ok 15:37:27.0500 6988 WinHttpAutoProxySvc - ok 15:37:27.0578 6988 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:37:27.0578 6988 Winmgmt - ok 15:37:27.0703 6988 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 15:37:27.0734 6988 WinRM - ok 15:37:27.0875 6988 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:37:27.0890 6988 Wlansvc - ok 15:37:27.0953 6988 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:37:27.0953 6988 wlcrasvc - ok 15:37:28.0077 6988 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:37:28.0093 6988 wlidsvc - ok 15:37:28.0140 6988 wltrysvc (55dbb16fdc57808615323389241fdc99) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 15:37:28.0155 6988 wltrysvc - ok 15:37:28.0249 6988 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 15:37:28.0249 6988 WmiAcpi - ok 15:37:28.0327 6988 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:37:28.0327 6988 wmiApSrv - ok 15:37:28.0358 6988 WMPNetworkSvc - ok 15:37:28.0389 6988 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:37:28.0389 6988 WPCSvc - ok 15:37:28.0405 6988 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 15:37:28.0405 6988 WPDBusEnum - ok 15:37:28.0421 6988 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:37:28.0421 6988 ws2ifsl - ok 15:37:28.0436 6988 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 15:37:28.0436 6988 wscsvc - ok 15:37:28.0467 6988 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 15:37:28.0467 6988 WSDPrintDevice - ok 15:37:28.0467 6988 WSearch - ok 15:37:28.0608 6988 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 15:37:28.0623 6988 wuauserv - ok 15:37:28.0733 6988 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:37:28.0748 6988 WudfPf - ok 15:37:28.0764 6988 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:37:28.0764 6988 WUDFRd - ok 15:37:28.0795 6988 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 15:37:28.0795 6988 wudfsvc - ok 15:37:28.0826 6988 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:37:28.0842 6988 WwanSvc - ok 15:37:28.0873 6988 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 15:37:28.0904 6988 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected 15:37:28.0904 6988 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0) 15:37:28.0904 6988 MBR (0x1B8) (fcb1fc5713d6b7dbf460028a65fdc118) \Device\Harddisk2\DR4 15:37:35.0799 6988 \Device\Harddisk2\DR4 - ok 15:37:35.0831 6988 Boot (0x1200) (ded67a679aaf8f9efe7f94c1ca28ab62) \Device\Harddisk0\DR0\Partition0 15:37:35.0846 6988 \Device\Harddisk0\DR0\Partition0 - ok 15:37:35.0862 6988 Boot (0x1200) (959ff6459805ff1b6911e5a1f73751b3) \Device\Harddisk0\DR0\Partition1 15:37:35.0862 6988 \Device\Harddisk0\DR0\Partition1 - ok 15:37:35.0862 6988 ============================================================ 15:37:35.0862 6988 Scan finished 15:37:35.0862 6988 ============================================================ 15:37:35.0877 4052 Detected object count: 1 15:37:35.0877 4052 Actual detected object count: 1 15:38:20.0759 4052 \Device\Harddisk0\DR0\# - copied to quarantine 15:38:20.0759 4052 \Device\Harddisk0\DR0 - copied to quarantine 15:38:20.0821 4052 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine 15:38:20.0821 4052 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine 15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine 15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine 15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine 15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine 15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine 15:38:20.0852 4052 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine 15:38:20.0883 4052 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine 15:38:20.0883 4052 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine 15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine 15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine 15:38:20.0915 4052 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine 15:38:20.0930 4052 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine 15:38:20.0930 4052 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine 15:38:20.0961 4052 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine 15:38:21.0008 4052 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine 15:38:21.0024 4052 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine 15:38:21.0039 4052 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine 15:38:21.0258 4052 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine 15:38:21.0351 4052 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot 15:38:21.0429 4052 \Device\Harddisk0\DR0 - ok 15:38:21.0663 4052 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure 15:38:27.0623 3668 Deinitialize success
-
15:34:54.0136 5684 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 15:34:56.0180 5684 ============================================================ 15:34:56.0180 5684 Current date / time: 2012/07/03 15:34:56.0180 15:34:56.0180 5684 SystemInfo: 15:34:56.0180 5684 15:34:56.0180 5684 OS Version: 6.1.7601 ServicePack: 1.0 15:34:56.0180 5684 Product type: Workstation 15:34:56.0180 5684 ComputerName: PATS-LATITUDE 15:34:56.0180 5684 UserName: Pat 15:34:56.0180 5684 Windows directory: C:\Windows 15:34:56.0180 5684 System windows directory: C:\Windows 15:34:56.0180 5684 Running under WOW64 15:34:56.0180 5684 Processor architecture: Intel x64 15:34:56.0180 5684 Number of processors: 4 15:34:56.0180 5684 Page size: 0x1000 15:34:56.0180 5684 Boot type: Normal boot 15:34:56.0180 5684 ============================================================ 15:34:57.0147 5684 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:34:57.0163 5684 Drive \Device\Harddisk2\DR4 - Size: 0x1F000000 (0.48 Gb), SectorSize: 0x200, Cylinders: 0x3F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:34:57.0178 5684 ============================================================ 15:34:57.0178 5684 \Device\Harddisk0\DR0: 15:34:57.0178 5684 MBR partitions: 15:34:57.0178 5684 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x204E000 15:34:57.0178 5684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2062000, BlocksNum 0x233C7AB0 15:34:57.0178 5684 \Device\Harddisk2\DR4: 15:34:57.0178 5684 MBR partitions: 15:34:57.0178 5684 ============================================================ 15:34:57.0210 5684 C: <-> \Device\Harddisk0\DR0\Partition1 15:34:57.0210 5684 ============================================================ 15:34:57.0210 5684 Initialize success 15:34:57.0210 5684 ============================================================ 15:35:02.0607 7500 ============================================================ 15:35:02.0607 7500 Scan started 15:35:02.0607 7500 Mode: Manual; 15:35:02.0607 7500 ============================================================ 15:35:06.0492 7500 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys 15:35:06.0492 7500 1394ohci - ok 15:35:06.0554 7500 Acceler (1575a815c27789061f34b4f55ae0b5c3) C:\Windows\system32\DRIVERS\accelern.sys 15:35:06.0554 7500 Acceler - ok 15:35:06.0601 7500 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:35:06.0601 7500 ACPI - ok 15:35:06.0648 7500 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:35:06.0648 7500 AcpiPmi - ok 15:35:06.0772 7500 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 15:35:06.0772 7500 AdobeARMservice - ok 15:35:06.0897 7500 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:35:06.0913 7500 AdobeFlashPlayerUpdateSvc - ok 15:35:06.0975 7500 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:35:06.0975 7500 adp94xx - ok 15:35:07.0022 7500 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:35:07.0038 7500 adpahci - ok 15:35:07.0053 7500 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:35:07.0053 7500 adpu320 - ok 15:35:07.0084 7500 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:35:07.0084 7500 AeLookupSvc - ok 15:35:07.0194 7500 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 15:35:07.0194 7500 AESTFilters - ok 15:35:07.0272 7500 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 15:35:07.0287 7500 AFD - ok 15:35:07.0334 7500 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:35:07.0334 7500 agp440 - ok 15:35:07.0365 7500 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:35:07.0365 7500 ALG - ok 15:35:07.0396 7500 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:35:07.0396 7500 aliide - ok 15:35:07.0412 7500 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:35:07.0412 7500 amdide - ok 15:35:07.0428 7500 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:35:07.0428 7500 AmdK8 - ok 15:35:07.0428 7500 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:35:07.0428 7500 AmdPPM - ok 15:35:07.0459 7500 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:35:07.0459 7500 amdsata - ok 15:35:07.0459 7500 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:35:07.0474 7500 amdsbs - ok 15:35:07.0490 7500 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:35:07.0490 7500 amdxata - ok 15:35:07.0552 7500 ApfiltrService (6d4cb1f46a0ac05326f834fd6b822479) C:\Windows\system32\DRIVERS\Apfiltr.sys 15:35:07.0552 7500 ApfiltrService - ok 15:35:07.0599 7500 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:35:07.0615 7500 AppID - ok 15:35:07.0630 7500 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:35:07.0630 7500 AppIDSvc - ok 15:35:07.0646 7500 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 15:35:07.0662 7500 Appinfo - ok 15:35:07.0724 7500 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 15:35:07.0724 7500 AppMgmt - ok 15:35:07.0755 7500 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:35:07.0755 7500 arc - ok 15:35:07.0771 7500 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:35:07.0771 7500 arcsas - ok 15:35:07.0880 7500 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:35:07.0880 7500 aspnet_state - ok 15:35:07.0896 7500 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:35:07.0896 7500 AsyncMac - ok 15:35:07.0927 7500 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:35:07.0927 7500 atapi - ok 15:35:08.0114 7500 ATService (e604f606d37b153b32bddececb024f81) C:\Program Files\Fingerprint Sensor\ATService.exe 15:35:08.0130 7500 ATService - ok 15:35:08.0254 7500 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:35:08.0270 7500 AudioEndpointBuilder - ok 15:35:08.0286 7500 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:35:08.0286 7500 AudioSrv - ok 15:35:08.0582 7500 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 15:35:08.0613 7500 AVGIDSAgent - ok 15:35:08.0722 7500 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys 15:35:08.0722 7500 AVGIDSDriver - ok 15:35:08.0754 7500 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys 15:35:08.0754 7500 AVGIDSFilter - ok 15:35:08.0800 7500 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys 15:35:08.0816 7500 AVGIDSHA - ok 15:35:08.0847 7500 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys 15:35:08.0863 7500 Avgldx64 - ok 15:35:08.0878 7500 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys 15:35:08.0878 7500 Avgmfx64 - ok 15:35:08.0925 7500 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys 15:35:08.0925 7500 Avgrkx64 - ok 15:35:08.0956 7500 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys 15:35:08.0972 7500 Avgtdia - ok 15:35:09.0050 7500 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 15:35:09.0050 7500 avgwd - ok 15:35:09.0097 7500 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 15:35:09.0112 7500 AxInstSV - ok 15:35:09.0190 7500 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:35:09.0206 7500 b06bdrv - ok 15:35:09.0268 7500 b57nd60a (00e4fd35ce3e817f19d6bc2b6f97fd90) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:35:09.0268 7500 b57nd60a - ok 15:35:09.0331 7500 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 15:35:09.0346 7500 BBSvc - ok 15:35:09.0378 7500 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 15:35:09.0378 7500 BBUpdate - ok 15:35:09.0409 7500 BCM42RLY (c3d8920a5aaf10a72cedb57d3339280a) C:\Windows\system32\drivers\BCM42RLY.sys 15:35:09.0424 7500 BCM42RLY - ok 15:35:09.0658 7500 BCM43XX (d20ee58c13ff343b90550861ebcd9ddd) C:\Windows\system32\DRIVERS\bcmwl664.sys 15:35:09.0705 7500 BCM43XX - ok 15:35:09.0814 7500 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:35:09.0814 7500 BDESVC - ok 15:35:09.0877 7500 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:35:09.0877 7500 Beep - ok 15:35:09.0939 7500 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 15:35:09.0955 7500 BFE - ok 15:35:10.0017 7500 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 15:35:10.0033 7500 BITS - ok 15:35:10.0095 7500 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:35:10.0095 7500 blbdrive - ok 15:35:10.0142 7500 Blfp (228086f7ed08e8f1f8622e8f0ded7b6e) C:\Windows\system32\DRIVERS\basp.sys 15:35:10.0142 7500 Blfp - ok 15:35:10.0173 7500 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:35:10.0173 7500 bowser - ok 15:35:10.0236 7500 BrcmMgmtAgent (96afb6d33247fe90421a5b2e76f4ed59) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe 15:35:10.0236 7500 BrcmMgmtAgent - ok 15:35:10.0282 7500 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:35:10.0282 7500 BrFiltLo - ok 15:35:10.0282 7500 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:35:10.0282 7500 BrFiltUp - ok 15:35:10.0314 7500 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 15:35:10.0314 7500 BridgeMP - ok 15:35:10.0360 7500 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 15:35:10.0360 7500 Browser - ok 15:35:10.0376 7500 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:35:10.0392 7500 Brserid - ok 15:35:10.0407 7500 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:35:10.0407 7500 BrSerWdm - ok 15:35:10.0423 7500 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:35:10.0423 7500 BrUsbMdm - ok 15:35:10.0423 7500 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:35:10.0423 7500 BrUsbSer - ok 15:35:10.0470 7500 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 15:35:10.0470 7500 BthEnum - ok 15:35:10.0485 7500 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:35:10.0485 7500 BTHMODEM - ok 15:35:10.0532 7500 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:35:10.0532 7500 BthPan - ok 15:35:10.0579 7500 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 15:35:10.0579 7500 BTHPORT - ok 15:35:10.0610 7500 BTHprint (fbebe2a6469efb281ea143530a553f38) C:\Windows\system32\DRIVERS\bthprint.sys 15:35:10.0610 7500 BTHprint - ok 15:35:10.0672 7500 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:35:10.0672 7500 bthserv - ok 15:35:10.0704 7500 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 15:35:10.0704 7500 BTHUSB - ok 15:35:10.0782 7500 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys 15:35:10.0797 7500 BTWAMPFL - ok 15:35:10.0828 7500 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys 15:35:10.0828 7500 btwaudio - ok 15:35:10.0891 7500 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys 15:35:10.0891 7500 btwavdt - ok 15:35:11.0000 7500 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 15:35:11.0016 7500 btwdins - ok 15:35:11.0062 7500 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys 15:35:11.0062 7500 btwl2cap - ok 15:35:11.0094 7500 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys 15:35:11.0094 7500 btwrchid - ok 15:35:11.0265 7500 catchme - ok 15:35:11.0312 7500 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:35:11.0312 7500 cdfs - ok 15:35:11.0359 7500 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 15:35:11.0359 7500 cdrom - ok 15:35:11.0421 7500 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:35:11.0421 7500 CertPropSvc - ok 15:35:11.0437 7500 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:35:11.0437 7500 circlass - ok 15:35:11.0468 7500 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:35:11.0484 7500 CLFS - ok 15:35:11.0562 7500 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:35:11.0562 7500 clr_optimization_v2.0.50727_32 - ok 15:35:11.0624 7500 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:35:11.0624 7500 clr_optimization_v2.0.50727_64 - ok 15:35:11.0686 7500 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:35:11.0686 7500 clr_optimization_v4.0.30319_32 - ok 15:35:11.0718 7500 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:35:11.0733 7500 clr_optimization_v4.0.30319_64 - ok 15:35:11.0780 7500 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:35:11.0780 7500 CmBatt - ok 15:35:11.0796 7500 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:35:11.0796 7500 cmdide - ok 15:35:11.0858 7500 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 15:35:11.0874 7500 CNG - ok 15:35:11.0905 7500 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:35:11.0905 7500 Compbatt - ok 15:35:11.0936 7500 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 15:35:11.0936 7500 CompositeBus - ok 15:35:11.0952 7500 COMSysApp - ok 15:35:11.0967 7500 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:35:11.0967 7500 crcdisk - ok 15:35:12.0030 7500 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 15:35:12.0030 7500 CryptSvc - ok 15:35:12.0076 7500 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 15:35:12.0092 7500 CSC - ok 15:35:12.0139 7500 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 15:35:12.0154 7500 CscService - ok 15:35:12.0201 7500 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 15:35:12.0201 7500 dc3d - ok 15:35:12.0279 7500 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:35:12.0295 7500 DcomLaunch - ok 15:35:12.0357 7500 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:35:12.0357 7500 defragsvc - ok 15:35:12.0451 7500 DellDigitalDelivery (18b5c959cbe24d4d4c2381efb87611de) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 15:35:12.0451 7500 DellDigitalDelivery - ok 15:35:12.0638 7500 DFEPService (b85201f1aae97cd58fde0db18120f924) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe 15:35:12.0654 7500 DFEPService - ok 15:35:12.0763 7500 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:35:12.0763 7500 DfsC - ok 15:35:12.0810 7500 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys 15:35:12.0810 7500 DgiVecp - ok 15:35:12.0856 7500 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 15:35:12.0872 7500 Dhcp - ok 15:35:12.0903 7500 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:35:12.0903 7500 discache - ok 15:35:12.0950 7500 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:35:12.0966 7500 Disk - ok 15:35:12.0997 7500 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys 15:35:12.0997 7500 dmvsc - ok 15:35:13.0044 7500 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 15:35:13.0044 7500 Dnscache - ok 15:35:13.0090 7500 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 15:35:13.0090 7500 dot3svc - ok 15:35:13.0168 7500 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 15:35:13.0184 7500 Dot4 - ok 15:35:13.0215 7500 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 15:35:13.0215 7500 Dot4Print - ok 15:35:13.0262 7500 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 15:35:13.0262 7500 dot4usb - ok 15:35:13.0309 7500 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 15:35:13.0309 7500 DPS - ok 15:35:13.0356 7500 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:35:13.0356 7500 drmkaud - ok 15:35:13.0434 7500 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:35:13.0449 7500 DXGKrnl - ok 15:35:13.0496 7500 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe 15:35:13.0496 7500 DymoPnpService - ok 15:35:13.0543 7500 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:35:13.0543 7500 EapHost - ok 15:35:13.0714 7500 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:35:13.0746 7500 ebdrv - ok 15:35:13.0855 7500 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 15:35:13.0855 7500 EFS - ok 15:35:13.0933 7500 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 15:35:13.0948 7500 ehRecvr - ok 15:35:13.0980 7500 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:35:13.0980 7500 ehSched - ok 15:35:14.0058 7500 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:35:14.0058 7500 elxstor - ok 15:35:14.0073 7500 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:35:14.0073 7500 ErrDev - ok 15:35:14.0136 7500 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:35:14.0136 7500 EventSystem - ok 15:35:14.0182 7500 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:35:14.0198 7500 exfat - ok 15:35:14.0214 7500 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:35:14.0229 7500 fastfat - ok 15:35:14.0292 7500 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 15:35:14.0307 7500 Fax - ok 15:35:14.0338 7500 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:35:14.0338 7500 fdc - ok 15:35:14.0354 7500 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:35:14.0354 7500 fdPHost - ok 15:35:14.0385 7500 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:35:14.0385 7500 FDResPub - ok 15:35:14.0448 7500 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:35:14.0448 7500 FileInfo - ok 15:35:14.0448 7500 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:35:14.0448 7500 Filetrace - ok 15:35:14.0494 7500 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:35:14.0494 7500 flpydisk - ok 15:35:14.0510 7500 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:35:14.0526 7500 FltMgr - ok 15:35:14.0604 7500 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 15:35:14.0619 7500 FontCache - ok 15:35:14.0697 7500 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:35:14.0697 7500 FontCache3.0.0.0 - ok 15:35:14.0744 7500 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:35:14.0744 7500 FsDepends - ok 15:35:14.0775 7500 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 15:35:14.0791 7500 Fs_Rec - ok 15:35:14.0838 7500 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:35:14.0838 7500 fvevol - ok 15:35:14.0884 7500 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:35:14.0884 7500 gagp30kx - ok 15:35:14.0947 7500 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 15:35:14.0962 7500 gpsvc - ok 15:35:15.0087 7500 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:35:15.0087 7500 gupdate - ok 15:35:15.0103 7500 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:35:15.0103 7500 gupdatem - ok 15:35:15.0150 7500 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 15:35:15.0165 7500 gusvc - ok 15:35:15.0196 7500 HBtnKey (0e485f2c759f155170da9f35354034e9) C:\Windows\system32\drivers\HBtnKey.sys 15:35:15.0212 7500 HBtnKey - ok 15:35:15.0228 7500 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:35:15.0228 7500 hcw85cir - ok 15:35:15.0274 7500 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:35:15.0274 7500 HDAudBus - ok 15:35:15.0290 7500 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:35:15.0306 7500 HidBatt - ok 15:35:15.0321 7500 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 15:35:15.0321 7500 HidBth - ok 15:35:15.0368 7500 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:35:15.0368 7500 HidIr - ok 15:35:15.0399 7500 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 15:35:15.0399 7500 hidserv - ok 15:35:15.0446 7500 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:35:15.0446 7500 HidUsb - ok 15:35:15.0493 7500 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 15:35:15.0493 7500 hkmsvc - ok 15:35:15.0524 7500 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 15:35:15.0524 7500 HomeGroupListener - ok 15:35:15.0555 7500 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 15:35:15.0555 7500 HomeGroupProvider - ok 15:35:15.0633 7500 HP LaserJet Service (53dca61931847e35c950504bfb7559c6) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe 15:35:15.0633 7500 HP LaserJet Service - ok 15:35:15.0711 7500 hpqcxs08 (08457d8f8149757c70cea59c71ec5d27) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 15:35:15.0727 7500 hpqcxs08 - ok 15:35:15.0742 7500 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 15:35:15.0758 7500 hpqddsvc - ok 15:35:15.0805 7500 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:35:15.0805 7500 HpSAMD - ok 15:35:15.0914 7500 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 15:35:15.0930 7500 HPSLPSVC - ok 15:35:15.0945 7500 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 15:35:15.0945 7500 HTCAND64 - ok 15:35:15.0992 7500 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 15:35:15.0992 7500 htcnprot - ok 15:35:16.0070 7500 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:35:16.0070 7500 HTTP - ok 15:35:16.0101 7500 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:35:16.0101 7500 hwpolicy - ok 15:35:16.0164 7500 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 15:35:16.0164 7500 i8042prt - ok 15:35:16.0210 7500 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 15:35:16.0226 7500 iaStor - ok 15:35:16.0273 7500 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:35:16.0288 7500 iaStorV - ok 15:35:16.0398 7500 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:35:16.0413 7500 idsvc - ok 15:35:16.0928 7500 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys 15:35:17.0115 7500 igfx - ok 15:35:17.0240 7500 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:35:17.0240 7500 iirsp - ok 15:35:17.0318 7500 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 15:35:17.0334 7500 IKEEXT - ok 15:35:17.0380 7500 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys 15:35:17.0380 7500 Impcd - ok 15:35:17.0443 7500 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 15:35:17.0443 7500 IntcDAud - ok 15:35:17.0490 7500 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:35:17.0490 7500 intelide - ok 15:35:17.0521 7500 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:35:17.0521 7500 intelppm - ok 15:35:17.0568 7500 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:35:17.0583 7500 IPBusEnum - ok 15:35:17.0614 7500 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:35:17.0614 7500 IpFilterDriver - ok 15:35:17.0661 7500 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 15:35:17.0677 7500 iphlpsvc - ok 15:35:17.0692 7500 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:35:17.0692 7500 IPMIDRV - ok 15:35:17.0692 7500 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:35:17.0708 7500 IPNAT - ok 15:35:17.0739 7500 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:35:17.0739 7500 IRENUM - ok 15:35:17.0755 7500 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:35:17.0755 7500 isapnp - ok 15:35:17.0786 7500 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:35:17.0802 7500 iScsiPrt - ok 15:35:17.0864 7500 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 15:35:17.0864 7500 jhi_service - ok 15:35:17.0911 7500 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:35:17.0911 7500 kbdclass - ok 15:35:17.0942 7500 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:35:17.0942 7500 kbdhid - ok 15:35:17.0989 7500 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:35:17.0989 7500 KeyIso - ok 15:35:18.0004 7500 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 15:35:18.0004 7500 KSecDD - ok 15:35:18.0036 7500 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 15:35:18.0036 7500 KSecPkg - ok 15:35:18.0051 7500 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:35:18.0051 7500 ksthunk - ok 15:35:18.0098 7500 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:35:18.0114 7500 KtmRm - ok 15:35:18.0160 7500 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 15:35:18.0176 7500 LanmanServer - ok 15:35:18.0223 7500 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 15:35:18.0223 7500 LanmanWorkstation - ok 15:35:18.0254 7500 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:35:18.0270 7500 lltdio - ok 15:35:18.0316 7500 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:35:18.0316 7500 lltdsvc - ok 15:35:18.0348 7500 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:35:18.0363 7500 lmhosts - ok 15:35:18.0472 7500 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe 15:35:18.0472 7500 LMIGuardianSvc - ok 15:35:18.0519 7500 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 15:35:18.0519 7500 LMIInfo - ok 15:35:18.0566 7500 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe 15:35:18.0566 7500 LMIMaint - ok 15:35:18.0597 7500 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 15:35:18.0597 7500 lmimirr - ok 15:35:18.0597 7500 LMIRfsClientNP - ok 15:35:18.0628 7500 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 15:35:18.0628 7500 LMIRfsDriver - ok 15:35:18.0691 7500 LMS (5f5899711df18a02162b6d518c17b0d7) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 15:35:18.0691 7500 LMS - ok 15:35:18.0738 7500 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe 15:35:18.0738 7500 LogMeIn - ok 15:35:18.0784 7500 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:35:18.0800 7500 LSI_FC - ok 15:35:18.0816 7500 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:35:18.0816 7500 LSI_SAS - ok 15:35:18.0816 7500 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:35:18.0831 7500 LSI_SAS2 - ok 15:35:18.0831 7500 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:35:18.0831 7500 LSI_SCSI - ok 15:35:18.0847 7500 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:35:18.0847 7500 luafv - ok 15:35:18.0878 7500 MBAMProtector - ok 15:35:18.0956 7500 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 15:35:18.0956 7500 MBAMService - ok 15:35:19.0003 7500 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 15:35:19.0003 7500 Mcx2Svc - ok 15:35:19.0018 7500 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:35:19.0018 7500 megasas - ok 15:35:19.0050 7500 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:35:19.0065 7500 MegaSR - ok 15:35:19.0128 7500 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 15:35:19.0128 7500 MEIx64 - ok 15:35:19.0174 7500 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:35:19.0190 7500 MMCSS - ok 15:35:19.0190 7500 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:35:19.0190 7500 Modem - ok 15:35:19.0237 7500 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:35:19.0237 7500 monitor - ok 15:35:19.0284 7500 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:35:19.0284 7500 mouclass - ok 15:35:19.0330 7500 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:35:19.0330 7500 mouhid - ok 15:35:19.0393 7500 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:35:19.0393 7500 mountmgr - ok 15:35:19.0408 7500 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:35:19.0408 7500 mpio - ok 15:35:19.0424 7500 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:35:19.0424 7500 mpsdrv - ok 15:35:19.0486 7500 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 15:35:19.0502 7500 MpsSvc - ok 15:35:19.0518 7500 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:35:19.0518 7500 MRxDAV - ok 15:35:19.0549 7500 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:35:19.0564 7500 mrxsmb - ok 15:35:19.0596 7500 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:35:19.0596 7500 mrxsmb10 - ok 15:35:19.0611 7500 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:35:19.0627 7500 mrxsmb20 - ok 15:35:19.0642 7500 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:35:19.0642 7500 msahci - ok 15:35:19.0689 7500 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:35:19.0689 7500 msdsm - ok 15:35:19.0720 7500 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:35:19.0736 7500 MSDTC - ok 15:35:19.0783 7500 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:35:19.0783 7500 Msfs - ok 15:35:19.0814 7500 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:35:19.0814 7500 mshidkmdf - ok 15:35:19.0830 7500 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:35:19.0830 7500 msisadrv - ok 15:35:19.0861 7500 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:35:19.0861 7500 MSiSCSI - ok 15:35:19.0876 7500 msiserver - ok 15:35:19.0908 7500 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:35:19.0908 7500 MSKSSRV - ok 15:35:19.0923 7500 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:35:19.0923 7500 MSPCLOCK - ok 15:35:19.0923 7500 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:35:19.0923 7500 MSPQM - ok 15:35:19.0954 7500 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:35:19.0954 7500 MsRPC - ok 15:35:19.0970 7500 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 15:35:19.0970 7500 mssmbios - ok 15:35:19.0970 7500 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:35:19.0970 7500 MSTEE - ok 15:35:19.0986 7500 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:35:19.0986 7500 MTConfig - ok 15:35:20.0001 7500 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:35:20.0001 7500 Mup - ok 15:35:20.0079 7500 MyFunCards_5mService (72f8c1568a56c7059cb1074a7e529dc6) C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe 15:35:20.0079 7500 MyFunCards_5mService - ok 15:35:20.0142 7500 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 15:35:20.0157 7500 napagent - ok 15:35:20.0220 7500 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:35:20.0235 7500 NativeWifiP - ok 15:35:20.0329 7500 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 15:35:20.0344 7500 NDIS - ok 15:35:20.0360 7500 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:35:20.0360 7500 NdisCap - ok 15:35:20.0391 7500 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:35:20.0391 7500 NdisTapi - ok 15:35:20.0407 7500 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:35:20.0407 7500 Ndisuio - ok 15:35:20.0438 7500 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:35:20.0438 7500 NdisWan - ok 15:35:20.0469 7500 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:35:20.0469 7500 NDProxy - ok 15:35:20.0516 7500 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll 15:35:20.0532 7500 Net Driver HPZ12 - ok 15:35:20.0547 7500 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:35:20.0547 7500 NetBIOS - ok 15:35:20.0578 7500 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:35:20.0578 7500 NetBT - ok 15:35:20.0610 7500 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:35:20.0610 7500 Netlogon - ok 15:35:20.0656 7500 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:35:20.0672 7500 Netman - ok 15:35:20.0781 7500 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:35:20.0781 7500 NetMsmqActivator - ok 15:35:20.0797 7500 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:35:20.0797 7500 NetPipeActivator - ok 15:35:20.0828 7500 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:35:20.0828 7500 netprofm - ok 15:35:20.0844 7500 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:35:20.0844 7500 NetTcpActivator - ok 15:35:20.0859 7500 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:35:20.0859 7500 NetTcpPortSharing - ok 15:35:20.0922 7500 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys 15:35:20.0922 7500 netvsc - ok 15:35:20.0953 7500 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:35:20.0953 7500 nfrd960 - ok 15:35:21.0015 7500 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 15:35:21.0031 7500 NlaSvc - ok 15:35:21.0046 7500 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:35:21.0046 7500 Npfs - ok 15:35:21.0046 7500 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:35:21.0062 7500 nsi - ok 15:35:21.0062 7500 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:35:21.0062 7500 nsiproxy - ok 15:35:21.0249 7500 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:35:21.0280 7500 Ntfs - ok 15:35:21.0390 7500 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:35:21.0390 7500 Null - ok 15:35:21.0436 7500 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:35:21.0436 7500 nvraid - ok 15:35:21.0452 7500 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:35:21.0468 7500 nvstor - ok 15:35:21.0499 7500 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:35:21.0499 7500 nv_agp - ok 15:35:21.0530 7500 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe 15:35:21.0546 7500 O2FLASH - ok 15:35:21.0577 7500 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\drivers\O2MDFw7x64.sys 15:35:21.0577 7500 O2MDFRDR - ok 15:35:21.0608 7500 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\DRIVERS\O2MDRw7x64.sys 15:35:21.0608 7500 O2MDRRDR - ok 15:35:21.0686 7500 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe 15:35:21.0686 7500 O2SDIOAssist - ok 15:35:21.0717 7500 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys 15:35:21.0717 7500 O2SDJRDR - ok 15:35:21.0748 7500 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:35:21.0748 7500 ohci1394 - ok 15:35:21.0826 7500 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:35:21.0826 7500 ose - ok 15:35:22.0138 7500 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:35:22.0170 7500 osppsvc - ok 15:35:22.0263 7500 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:35:22.0279 7500 p2pimsvc - ok 15:35:22.0310 7500 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:35:22.0326 7500 p2psvc - ok 15:35:22.0388 7500 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:35:22.0388 7500 Parport - ok 15:35:22.0419 7500 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 15:35:22.0419 7500 partmgr - ok 15:35:22.0513 7500 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 15:35:22.0513 7500 PassThru Service - ok 15:35:22.0560 7500 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys 15:35:22.0560 7500 PBADRV - ok 15:35:22.0591 7500 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:35:22.0606 7500 PcaSvc - ok 15:35:22.0638 7500 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:35:22.0638 7500 pci - ok 15:35:22.0653 7500 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:35:22.0653 7500 pciide - ok 15:35:22.0700 7500 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:35:22.0700 7500 pcmcia - ok 15:35:22.0731 7500 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:35:22.0731 7500 pcw - ok 15:35:22.0762 7500 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:35:22.0778 7500 PEAUTH - ok 15:35:22.0872 7500 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 15:35:22.0887 7500 PeerDistSvc - ok 15:35:22.0965 7500 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:35:22.0965 7500 PerfHost - ok 15:35:23.0137 7500 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 15:35:23.0168 7500 pla - ok 15:35:23.0230 7500 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 15:35:23.0230 7500 PlugPlay - ok 15:35:23.0277 7500 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll 15:35:23.0293 7500 Pml Driver HPZ12 - ok 15:35:23.0308 7500 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:35:23.0308 7500 PNRPAutoReg - ok 15:35:23.0324 7500 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:35:23.0340 7500 PNRPsvc - ok 15:35:23.0386 7500 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 15:35:23.0402 7500 Point64 - ok 15:35:23.0449 7500 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 15:35:23.0464 7500 PolicyAgent - ok 15:35:23.0496 7500 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:35:23.0511 7500 Power - ok 15:35:23.0558 7500 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:35:23.0558 7500 PptpMiniport - ok 15:35:23.0589 7500 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:35:23.0589 7500 Processor - ok 15:35:23.0620 7500 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 15:35:23.0620 7500 ProfSvc - ok 15:35:23.0652 7500 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:35:23.0652 7500 ProtectedStorage - ok 15:35:23.0698 7500 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:35:23.0698 7500 Psched - ok 15:35:23.0745 7500 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:35:23.0745 7500 PxHlpa64 - ok 15:35:23.0854 7500 QBCFMonitorService (e69cfdbcf71b95ab663d67280d763999) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 15:35:23.0854 7500 QBCFMonitorService - ok 15:35:23.0901 7500 QBFCService (2241eaf40e472c471cb80cf6b97cca11) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 15:35:23.0901 7500 QBFCService - ok 15:35:24.0010 7500 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:35:24.0026 7500 ql2300 - ok 15:35:24.0120 7500 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:35:24.0120 7500 ql40xx - ok 15:35:24.0151 7500 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:35:24.0151 7500 QWAVE - ok 15:35:24.0166 7500 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:35:24.0166 7500 QWAVEdrv - ok 15:35:24.0182 7500 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:35:24.0182 7500 RasAcd - ok 15:35:24.0213 7500 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:35:24.0213 7500 RasAgileVpn - ok 15:35:24.0229 7500 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:35:24.0229 7500 RasAuto - ok 15:35:24.0260 7500 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:35:24.0260 7500 Rasl2tp - ok 15:35:24.0291 7500 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 15:35:24.0291 7500 RasMan - ok 15:35:24.0307 7500 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:35:24.0322 7500 RasPppoe - ok 15:35:24.0354 7500 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:35:24.0354 7500 RasSstp - ok 15:35:24.0369 7500 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:35:24.0369 7500 rdbss - ok 15:35:24.0385 7500 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:35:24.0385 7500 rdpbus - ok 15:35:24.0416 7500 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:35:24.0416 7500 RDPCDD - ok 15:35:24.0447 7500 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 15:35:24.0447 7500 RDPDR - ok 15:35:24.0478 7500 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:35:24.0478 7500 RDPENCDD - ok 15:35:24.0494 7500 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:35:24.0494 7500 RDPREFMP - ok 15:35:24.0525 7500 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 15:35:24.0525 7500 RDPWD - ok 15:35:24.0556 7500 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:35:24.0556 7500 rdyboost - ok 15:35:24.0588 7500 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:35:24.0588 7500 RemoteAccess - ok 15:35:24.0619 7500 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:35:24.0619 7500 RemoteRegistry - ok 15:35:24.0667 7500 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:35:24.0669 7500 RFCOMM - ok 15:35:24.0825 7500 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 15:35:24.0842 7500 RoxMediaDB12OEM - ok 15:35:24.0875 7500 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 15:35:24.0879 7500 RoxWatch12 - ok 15:35:24.0971 7500 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:35:24.0976 7500 RpcEptMapper - ok 15:35:25.0004 7500 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:35:25.0007 7500 RpcLocator - ok 15:35:25.0038 7500 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:35:25.0042 7500 RpcSs - ok 15:35:25.0081 7500 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:35:25.0084 7500 rspndr - ok 15:35:25.0122 7500 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 15:35:25.0123 7500 s3cap - ok 15:35:25.0148 7500 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:35:25.0149 7500 SamSs - ok 15:35:25.0175 7500 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:35:25.0178 7500 sbp2port - ok 15:35:25.0336 7500 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 15:35:25.0350 7500 SBSDWSCService - ok 15:35:25.0386 7500 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:35:25.0390 7500 SCardSvr - ok 15:35:25.0440 7500 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:35:25.0441 7500 scfilter - ok 15:35:25.0494 7500 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 15:35:25.0506 7500 Schedule - ok 15:35:25.0535 7500 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:35:25.0536 7500 SCPolicySvc - ok 15:35:25.0557 7500 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 15:35:25.0560 7500 SDRSVC - ok 15:35:25.0594 7500 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:35:25.0595 7500 secdrv - ok 15:35:25.0620 7500 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 15:35:25.0622 7500 seclogon - ok 15:35:25.0904 7500 SecureStorageService (8365191d0fe7df5972b889821adbe62b) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe 15:35:25.0923 7500 SecureStorageService - ok 15:35:26.0009 7500 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 15:35:26.0014 7500 SENS - ok 15:35:26.0033 7500 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:35:26.0036 7500 SensrSvc - ok 15:35:26.0098 7500 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:35:26.0099 7500 Serenum - ok 15:35:26.0108 7500 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:35:26.0110 7500 Serial - ok 15:35:26.0128 7500 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:35:26.0129 7500 sermouse - ok 15:35:26.0162 7500 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 15:35:26.0165 7500 SessionEnv - ok 15:35:26.0172 7500 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:35:26.0173 7500 sffdisk - ok 15:35:26.0183 7500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:35:26.0184 7500 sffp_mmc - ok 15:35:26.0191 7500 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:35:26.0192 7500 sffp_sd - ok 15:35:26.0204 7500 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:35:26.0204 7500 sfloppy - ok 15:35:26.0265 7500 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 15:35:26.0270 7500 SharedAccess - ok 15:35:26.0314 7500 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 15:35:26.0324 7500 ShellHWDetection - ok 15:35:26.0361 7500 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:35:26.0362 7500 SiSRaid2 - ok 15:35:26.0381 7500 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:35:26.0384 7500 SiSRaid4 - ok 15:35:26.0528 7500 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys 15:35:26.0550 7500 SIUSBXP - ok 15:35:26.0636 7500 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:35:26.0639 7500 Smb - ok 15:35:26.0680 7500 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:35:26.0681 7500 SNMPTRAP - ok 15:35:26.0688 7500 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:35:26.0689 7500 spldr - ok 15:35:26.0736 7500 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 15:35:26.0748 7500 Spooler - ok 15:35:26.0886 7500 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 15:35:26.0920 7500 sppsvc - ok 15:35:26.0995 7500 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:35:26.0997 7500 sppuinotify - ok 15:35:27.0060 7500 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:35:27.0072 7500 srv - ok 15:35:27.0107 7500 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:35:27.0111 7500 srv2 - ok 15:35:27.0137 7500 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:35:27.0141 7500 srvnet - ok 15:35:27.0208 7500
-
ComboFix 12-07-02.01 - Pat 07/03/2012 8:08.2.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3993.1728 [GMT -5:00] Running from: f:\repair files\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Pat\AppData\Local\assembly\tmp . ---- Previous Run ------- . C:\prefs.js c:\programdata\DfRgCzbHFHU7xB c:\programdata\DfRgCzbHFHU7xB.exe c:\users\Pat\AppData\Local\assembly\tmp\1PELRII2\__AssemblyInfo__.ini c:\users\Pat\AppData\Local\assembly\tmp\1PELRII2\DYMO.DLS.DLL c:\users\Pat\g2mdlhlpx.exe c:\windows\SysWow64\instsrv.exe . . ((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 ))))))))))))))))))))))))))))))) . . 2012-07-03 13:39 . 2012-07-03 13:39 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp 2012-07-03 13:39 . 2012-07-03 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-02 15:05 . 2012-07-02 21:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-02 15:05 . 2012-07-02 20:08 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\users\Pat\AppData\Roaming\Malwarebytes 2012-06-30 19:08 . 2012-07-01 14:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\programdata\Malwarebytes 2012-06-29 00:33 . 2012-06-29 00:33 -------- d-----w- c:\program files (x86)\Dell Digital Delivery 2012-06-22 23:25 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 23:25 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 23:25 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 23:25 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 23:25 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-22 23:25 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 23:25 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 23:25 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 23:25 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-13 03:30 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 03:30 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 03:30 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 03:30 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 03:30 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-13 03:30 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-13 03:30 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-13 03:29 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 03:29 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 03:29 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-13 03:29 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-13 03:29 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 03:29 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 03:29 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 03:29 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-13 03:29 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-13 03:29 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-14 17:20 . 2012-04-11 11:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-14 17:20 . 2011-11-03 12:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-21 15:16 . 2011-12-21 00:35 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-05-21 15:16 . 2011-12-21 00:35 34688 ----a-w- c:\windows\system32\LMIport.dll 2012-05-21 15:16 . 2011-12-21 00:35 80768 ----a-w- c:\windows\system32\LMIinit.dll 2012-05-04 19:42 . 2012-04-14 15:42 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208] . [HKEY_CLASSES_ROOT\clsid\{9234f5e0-56cc-4f0b-aae4-0d4bd5032180}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}] 2012-02-01 07:41 1134208 ----a-w- c:\progra~2\CRAWLE~1\Crawler.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{C4D78C72-08DB-4A3F-9175-B265157283F3}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208] . [HKEY_CLASSES_ROOT\clsid\{c4d78c72-08db-4a3f-9175-b265157283f3}] [HKEY_CLASSES_ROOT\Crawler.Toolbar] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-08-10 1865808] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2011-04-15 536576] "Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-06-15 1532760] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "MyFunCards_5m Browser Plugin Loader"="c:\progra~2\MYFUNC~2\bar\1.bin\5mbrmon.exe" [2012-05-06 30096] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264] . c:\users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928] Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2011-11-3 50688] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336] QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-22 984936] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-06-13 5161080] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe [2003-04-19 8192] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-03 33736] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448] R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2011-12-01 26856] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600] S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe [2010-05-10 2683712] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648] S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 158720] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056] S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 2279320] S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-08-10 32336] S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-21 375176] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928] S2 MyFunCards_5mService;MyFunCardsService;c:\progra~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [2012-05-06 42528] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-04 11576] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-03 2656280] S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 1600000] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 27760] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072] S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-11-03 349736] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-11-03 39464] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-29 52584] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984] S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 17:20] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}" [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}] 2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}" [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}] 2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 611192] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 416024] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-15 6492672] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704] "DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 7077272] "TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 257392] "DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyServer = 172.17.1.1:8080 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3 Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - c:\progra~2\CRAWLE~1\Crawler.dll . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{f4c28532-b9d0-4950-a2df-e83f9929242b} - c:\program files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-DLSService - c:\program files (x86)\DYMO\DYMO Label Software\DLSService.exe Toolbar-Locked - (no file) WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file) HKLM-Run-combofix - c:\combofix\CF8411.3XE AddRemove-FITBIT&10C4&84C4 - c:\program files (x86)\Fitbit\Base Station\DriverUninstaller.exe USBXpress\FITBIT&10C4&84C4 . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-03 09:02:51 ComboFix-quarantined-files.txt 2012-07-03 14:02 . Pre-Run: 244,803,928,064 bytes free Post-Run: 246,053,842,944 bytes free . - - End Of File - - 92D0B62297E004EECD974D0838EFA070
-
re-ran combo fix... will send report