br3wskee

Command prompts keep popping up. Puter running slower and slower. Cant open certain programs like Google chrome.

I dont know anything about hacks. Is there someway i can take whatever is "hacked" off my computer?

attached file FRST notepad.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-01-2015 Ran by User (2016-01-08 14:01:00) Running from C:\Users\User\Downloads Windows 10 Home (X64) (2015-12-16 09:49:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-162144670-2588058485-1568270811-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-162144670-2588058485-1568270811-503 - Limited - Disabled) Guest (S-1-5-21-162144670-2588058485-1568270811-501 - Limited - Disabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-162144670-2588058485-1568270811-1002 - Limited - Enabled) User (S-1-5-21-162144670-2588058485-1568270811-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{B7908254-D208-7C46-8201-7EBC1BFF8D12}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AnyMeeting (HKLM-x32\...\{4DF71428-E2A8-4FED-8D67-B37D706D008F}) (Version: 3.1.0 - AnyMeeting, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix) Forex Broker Inc MT4 Client Terminal (HKLM-x32\...\Forex Broker Inc MT4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.) FXCM Trading Station (HKLM-x32\...\FXCM Trading Station) (Version: 030615 - ) FXCM Trading Station (x32 Version: 030615 - FXCM) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden GoToMeeting 7.8.1.4190 (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\GoToMeeting) (Version: 7.8.1.4190 - CitrixOnline) Gpg4win (2.3.0) (HKLM-x32\...\GPG4Win) (Version: 2.3.0 - The Gpg4win Project) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation) LogMeIn (HKLM-x32\...\{A8E20B99-B1A2-4FC0-B38A-A255033D339A}) (Version: 4.1.5022 - LogMeIn, Inc.) LogMeIn Client (HKLM-x32\...\{D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB}) (Version: 1.3.1675 - LogMeIn, Inc.) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.) QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Screen Recorder Launcher (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\ScreenRecorderLauncher) (Version: 1.7 - ) Screencast-O-Matic v2.0 (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\Screencast-O-Matic v2.0) (Version: v2-1.8 - Screencast-O-Matic) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.) SteelSeries Engine 3.3.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.0 - SteelSeries ApS) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc) TP-LINK TL-WDN3800 Driver (HKLM-x32\...\{D2FAC054-7623-436B-9239-E4C8E752FA14}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Traders Way MetaTrader 4 (HKLM-x32\...\Traders Way MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.) VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-162144670-2588058485-1568270811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-162144670-2588058485-1568270811-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01EF5829-6A5C-448A-9C12-90EBB4A0E144} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.) Task: {02FBCEA2-51C6-4014-9763-465CA800CB0F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {0585FD3F-85F4-4500-95B4-66E559D84E77} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {05DBFB74-8577-4704-9C8B-CDD9E3B47083} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {0F46D3D7-6878-4830-BEE4-39371A58A16B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {122ACAB0-75B0-49D5-B14A-551FAC191197} - System32\Tasks\G2MUploadTask-S-1-5-21-162144670-2588058485-1568270811-1000 => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupload.exe [2016-01-05] (Citrix Online, a division of Citrix Systems, Inc.) Task: {16A504E1-C9A2-40B8-8FB9-5A9EA9C924F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {177151F7-D80F-4756-9E83-CFF87D8A86E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {19F77EA4-8E69-493D-B2B6-DD8058CA2E33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {1EE6D5C5-C4F3-4496-AE96-6A051CDB6851} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {266C130D-84D7-481D-A7A9-80A80E3455ED} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {2B637725-33DC-4EE4-B321-3564E93A05D2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated) Task: {2DE519D2-CD8F-40A9-906A-79A60375F435} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {2F9C9C25-DD28-4D5B-93BA-A3EE48CC02F1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {45AE8AA4-DCA6-4244-AD1F-8AE0D1F8DD39} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {50E99C6C-D31F-4D9F-AB6F-F7EA8D90DB93} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {51A00EF2-B082-4A8E-8254-E09CE7EFCF68} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {557522BF-21C8-43A4-AAE9-B8F683DF0020} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {5A64F481-3108-476D-9F77-36CD5948463D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5CDCDBB3-072F-4BB4-857F-AD08EE30DC29} - System32\Tasks\ASUS UEFI => C:\Program Files (x86)\ASUS\UEFI\ASUS UEFI.exe Task: {625A4CCD-F705-49F6-B744-B1093F7A59C4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {68DFB54E-075E-4007-9E84-E95EE74EBBA7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {699F82AD-F055-48CC-A89C-3A4E05990020} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {6E0214EB-A744-42E5-884A-7F798A6C56E3} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {71532917-6DCA-413C-95C0-5DB4838AF341} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {7300ADB3-B5AF-433D-8DDA-5EE477C8B72B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {76877072-F895-4EF2-B3BE-E3443C54E5EC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {769CDD80-D8DD-4E11-9A3C-44E1F306A27F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {7D769A54-F8D0-46AD-9845-DDFA2854A918} - System32\Tasks\G2MUpdateTask-S-1-5-21-162144670-2588058485-1568270811-1000 => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupdate.exe [2016-01-05] (Citrix Online, a division of Citrix Systems, Inc.) Task: {80C38757-4D4B-46E7-9A99-910FED232D78} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {84F98A9B-487F-4826-8BE8-A7643451C8A0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {85A9BEC5-6473-4FAE-A502-8F18A91D05C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {9829E736-A4A1-48A2-801F-DE66886A1613} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {9C2071DC-425D-4851-8C74-1E49BB21846D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {A1F2383F-255E-4813-B57E-739217518184} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {B5798F9F-C205-46A7-87FF-42F12305EE1A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {C0D4E163-6AF5-4268-9452-55A108B7565E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {C12B8B0D-238B-48ED-810B-C49BC21AE558} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C79C5080-0073-4CFD-B367-835DA0E0BDCA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {CA78FB6C-D8D7-45C1-A641-8D2F70FBFF64} - System32\Tasks\{FE2C1352-A693-4347-B931-40938ED56C7B} => pcalua.exe -a "C:\Users\User\Downloads\chromeinstall-8u25 (1).exe" -d C:\Users\User\Downloads Task: {CD09EB21-4522-4D0D-9224-89F89E427995} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {D57DBEFC-C7A3-4DF8-B707-F22D6661950E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {D700B2DF-38CE-4A65-BDFF-C8828765EF2E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D87C2B8B-25EA-4BF7-8839-2A1E4FCB6372} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {EDA26DAF-379B-4463-AA53-355BA2EEB76E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {F0ADD373-D6B7-4BDF-90C1-972FBAFC7BC4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {F792BAA6-074D-42D8-BCF8-979521F233BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {FA72A218-59E6-4981-A6C3-BDA582B9492F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-162144670-2588058485-1568270811-1000.job => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-162144670-2588058485-1568270811-1000.job => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupload.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-08-21 22:09 - 2015-08-21 22:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2015-08-21 22:09 - 2015-08-21 22:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-12-16 05:38 - 2015-12-16 05:38 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-16 05:38 - 2015-12-16 05:38 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-12-18 07:33 - 2015-12-06 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 07:33 - 2015-12-06 22:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2014-10-30 15:45 - 2014-10-30 15:45 - 17542656 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe 2015-12-17 04:14 - 2015-12-17 04:15 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-18 07:33 - 2015-12-06 21:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-18 07:33 - 2015-12-06 21:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-18 07:33 - 2015-12-06 21:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-18 07:33 - 2015-12-06 21:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-15 06:10 - 2015-12-15 06:11 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-12-15 06:10 - 2015-12-15 06:11 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-20 07:59 - 2015-11-20 08:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-11-06 17:12 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll 2015-12-16 15:19 - 2015-12-10 21:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 15:19 - 2015-12-10 21:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-12-17 04:14 - 2015-12-17 04:15 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-17 04:14 - 2015-12-17 04:15 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-12-24 12:24 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2015-04-12 09:08 - 00001028 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-162144670-2588058485-1568270811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\hack wallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: lfsvc => 3 HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk" HKLM\...\StartupApproved\Run: => "LogMeIn GUI" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\StartupFolder: => "AnyMeeting.lnk" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "Jing" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "Screencast-O-Matic Tray" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "GoToMeeting" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{2318E79C-6382-4168-B7FB-CA6017F29C14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{75D42E66-3311-44B9-B4FC-DECEE3D39C6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{71A1FAE0-565E-490C-8E32-5D137AB69FD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B1368E8D-E7D1-4F66-BF77-543C8FC8AB1C}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6986F691-AB7B-4693-AA39-9BFD40605FCE}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{26D32993-2A76-4A09-9A22-52E953289071}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1610BFB8-409A-423D-9203-4C9D065CB1A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E65561AC-2481-4E89-9C91-EECA21B82CEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{32DB10C1-F9DC-4156-89F0-540B0CBC3109}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2ECA3D8A-55B7-4E77-855A-AD4B3CE37FEF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C244891D-539B-4956-9C49-7A79C073BD4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A51EDABA-79D0-4A9C-BBFE-B2A12020AC8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{E4CCBA40-D03D-46B9-9869-EBC99BC29A9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4E6FF56F-1538-49A3-978E-2760BE2E9785}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5FA6E094-43F1-4D29-BBEC-9FF34F9E55C9}] => (Allow) LPort=5353 FirewallRules: [{E1F5D728-5DCA-4E41-8B7C-0D829D117719}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe FirewallRules: [{F897B794-7EFF-4669-8012-62B36EDB5EB4}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe FirewallRules: [{25A377FF-ECE7-4721-964E-6FB7D9E51DBF}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{EDEA64A4-C0DF-48B7-BD2A-495AFA8CC873}] => (Allow) LPort=9322 FirewallRules: [{67BD3C90-BAB1-445A-890C-28ED8475FD3B}] => (Allow) LPort=5353 ==================== Restore Points ========================= 05-01-2016 17:23:07 Windows Update ==================== Faulty Device Manager Devices ============= Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (01/08/2016 12:36:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: utorrentie.exe, version: 1.0.0.41372, time stamp: 0x564b8ce9 Faulting module name: Flash.ocx, version: 20.0.0.272, time stamp: 0x56870c97 Exception code: 0xc0000005 Fault offset: 0x00356e7b Faulting process id: 0x2198 Faulting application start time: 0xutorrentie.exe0 Faulting application path: utorrentie.exe1 Faulting module path: utorrentie.exe2 Report Id: utorrentie.exe3 Faulting package full name: utorrentie.exe4 Faulting package-relative application ID: utorrentie.exe5 Error: (01/07/2016 01:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6390 Error: (01/07/2016 01:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6390 Error: (01/07/2016 01:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/07/2016 01:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4765 Error: (01/07/2016 01:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4765 Error: (01/07/2016 01:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/07/2016 01:46:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3171 Error: (01/07/2016 01:46:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3171 Error: (01/07/2016 01:46:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (01/07/2016 11:54:39 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 11:54:39 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 10:24:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 Error: (01/07/2016 10:23:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_8ce24 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (01/07/2016 10:06:20 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 10:06:20 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 10:04:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 Error: (01/07/2016 10:04:16 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 9:50:03 AM on ‎1/‎7/‎2016 was unexpected. Error: (01/07/2016 10:04:04 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 32212256844621350451833504 Error: (01/07/2016 08:53:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. CodeIntegrity: =================================== Date: 2016-01-08 12:14:10.904 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.882 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.827 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.816 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.804 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.377 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.366 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.349 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.337 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD A10-6800K APU with Radeon HD Graphics Percentage of memory in use: 25% Total physical RAM: 16328.81 MB Available physical RAM: 12164.54 MB Total Virtual: 32712.81 MB Available Virtual: 27774.38 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:238.39 GB) NTFS Drive d: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1403.47 GB) NTFS Drive g: (B NASH) (Removable) (Total:7.45 GB) (Free:0.32 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D4CF3A72) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2305F4C0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 3 (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================

It wont let me run windows defender offline.

My malwayre bytes working again. Here is my log file. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 1/7/2016Scan Time: 10:10 AMLogfile: Administrator: Yes Version: 2.2.0.1024Malware Database: v2016.01.07.03Rootkit Database: v2016.01.05.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 10CPU: x64File System: NTFSUser: User Scan Type: Threat ScanResult: CompletedObjects Scanned: 469166Time Elapsed: 11 min, 31 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)

This is from FixExec. this is all it showed me. Now im going to try the windows defender. FixExec by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2016 BleepingComputer.comMore Information about FixExec can be found at this link: http://www.bleepingcomputer.com/download/windows/utilities/fixexec Program started at: 01/06/2016 02:51:11 PM in x64 mode.Windows Version: Windows 8 Checking for processes to terminate before fixing executable associations. * No processes found to kill. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Program finished at: 01/06/2016 02:51:32 PMExecution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

Windows 10 64bit. Yes i have access to a usb flash drive.

Thats not working either. I tried it twice. My computer is starting to malfunction.

rogue killer is not working either

My computer wont let me open up malwarebytes anti-malware. This is a personal computer.

Whenever i try to start my malwarebytes anti-malware and my gotomeeting software i get these error screens. mbam.exe and g2mui.exe. My computer has been starting slower and slower lately.

After i uninstalled Adobe flash player and went to the download link, it said that google already has the latest version but i dont see Adobe Flash on my list of programs anymore.

# AdwCleaner v2.002 - Logfile created 09/17/2012 at 11:15:46 # Updated 16/09/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : B-Nash - BR3WSKEE # Boot Mode : Normal # Running from : C:\Users\B-Nash\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\FreeCause Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\ProgramData\Partner Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\Users\B-Nash\AppData\Local\AVG Secure Search Folder Found : C:\Users\B-Nash\AppData\Local\Conduit Folder Found : C:\Users\B-Nash\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\B-Nash\AppData\LocalLow\Conduit Folder Found : C:\Users\B-Nash\AppData\Roaming\OpenCandy ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Compete Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\ShopToWin Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9} Key Found : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2} Key Found : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F} Key Found : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\dca-api.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1 Key Found : HKLM\SOFTWARE\Classes\dcabho.Dca Key Found : HKLM\SOFTWARE\Classes\dcabho.Dca.1 Key Found : HKLM\SOFTWARE\Classes\FCSB000062385.JSOptionsImpl Key Found : HKLM\SOFTWARE\Classes\FCSB000062385.JSOptionsImpl.1 Key Found : HKLM\SOFTWARE\Classes\FCSB000063451.JSOptionsImpl Key Found : HKLM\SOFTWARE\Classes\FCSB000063451.JSOptionsImpl.1 Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\FCSB000062385 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F2CF666-0EC7-418E-B86A-459AD43BCAB1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1 Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F2CF666-0EC7-418E-B86A-459AD43BCAB1} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : HKU\S-1-5-21-1876199669-471561695-2787328992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={899774C8-7090-4ACA-BA24-C7CC87A38491}&mid=e7c40c96410247d1911b1943ef769635-0aef54f47091cdecbfea0b242cafff63e9b6e487〈=en&ds=ins10&pr=sa&d=2012-02-04 01:13:19&v=9.0.0.23&sap=nt -\\ Google Chrome v21.0.1180.89 File : C:\Users\B-Nash\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.53] : icon_url = "hxxp://isearch.avg.com/favicon.ico", Found [l.56] : keyword = "isearch.avg.com", Found [l.59] : search_url = "hxxp://isearch.avg.com/search?cid={DCD6F596-E4AB-4EB7-BC9F-CD17FBE9489A}&mid=e7c40c96410247d1911b1943ef769635-0aef54f47091cdecbfea0b242cafff63e9b6e487〈=en&ds=AVG&pr=fr&d=2012-02-20 13:38:12&v=11.1.0.12&sap=dsp&q={searchTerms}", ************************* AdwCleaner[R1].txt - [10097 octets] - [17/09/2012 11:15:46] ########## EOF - C:\AdwCleaner[R1].txt - [10158 octets] ##########

Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2012 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 AVG PC Tuneup Wise Registry Cleaner 6.14 JavaFX 2.1.1 Java 6 Update 29 Java 7 Update 5 Java version out of Date! Adobe Flash Player 9 Flash Player out of Date! Adobe Reader X (10.1.4) Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log``````````````````````

Everything is fine except my internet (google). Sometimes the pages wont load. My downloads freeze up sometimes. When i try to watch videos on youtube the wont download. I ran my scanner and it didnt find any virus. My internet connection is fine.

. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by B-Nash at 10:30:20 on 2012-09-15 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2840 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Windows\System32\StikyNot.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=zx4300&r=17360910c100p0437y115k46l1r248 uInternet Settings,ProxyOverride = *.local BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll BHO: DepositFiles IE BHO: {9dfe2fe9-cf99-4adf-a28e-9b5adb8dc74f} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB: Deposit IE Toolbar: {6aa40521-14e7-4b1d-b1b4-98528c1388c9} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download with itransfer-platinum - C:\Program Files (x86)\ImTOO\iTransfer Platinum\upod_link.HTM IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL IE: {D5AD327A-A089-4F04-89FD-4EA9812B3913} - {D5AD327A-A089-4F04-89FD-4EA9812B3913} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 10.0.1.1 TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10} : DhcpNameServer = 10.0.1.1 TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10}\14E64627F696461405 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10}\3425F4353575146554D263333353 : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10}\E4544574541425 : DhcpNameServer = 192.168.0.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll BHO-X64: DepositFiles IE BHO: {9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL BHO-X64: DepositFiles.com BHO - No File BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO-X64: DCA BHO: {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll BHO-X64: DCA - No File BHO-X64: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll BHO-X64: MegaIEMn - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB-X64: Deposit IE Toolbar: {6AA40521-14E7-4B1D-B1B4-98528C1388C9} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 avgtp;avgtp;\??\C:\Windows\system32\drivers\avgtpx64.sys --> C:\Windows\system32\drivers\avgtpx64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 DigiNet;Digidesign Ethernet Support;C:\Windows\system32\DRIVERS\diginet.sys --> C:\Windows\system32\DRIVERS\diginet.sys [?] R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-2-14 76288] R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-12 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-12 676936] R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-4-12 243232] R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-8-30 722528] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2011-10-12 4433248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-26 135664] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-8 250056] S3 CATmobile;T-Mobile Con App Svc;"C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe" /n "CATmobile" --> C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe [?] S3 dalwdmservice;dal service;C:\Windows\system32\drivers\dalwdm.sys --> C:\Windows\system32\drivers\dalwdm.sys [?] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-26 135664] S3 MBX2DFU;MBX2DFU;C:\Windows\system32\DRIVERS\MBX2DFU.sys --> C:\Windows\system32\DRIVERS\MBX2DFU.sys [?] S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\Windows\system32\drivers\mbx2midk.sys --> C:\Windows\system32\drivers\mbx2midk.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\system32\drivers\CM10664.sys --> C:\Windows\system32\drivers\CM10664.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-09-14 14:52:21 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B36E0AD-49B1-4475-BC7C-7BC71AFE0091}\offreg.dll 2012-09-14 14:34:47 -------- d-sh--w- C:\$RECYCLE.BIN 2012-09-14 08:48:09 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B36E0AD-49B1-4475-BC7C-7BC71AFE0091}\mpengine.dll 2012-09-13 04:27:02 -------- d-----r- C:\Program Files (x86)\Skype 2012-09-12 06:32:23 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-09-12 06:32:23 41472 ----a-w- C:\Windows\System32\drivers\rndismpx.sys 2012-09-12 06:32:23 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2012-09-12 06:32:21 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-09-12 06:32:21 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-09-12 06:32:20 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-09-12 06:32:20 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-09-12 06:32:20 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-09-04 05:42:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant 2012-09-04 03:41:15 -------- d-----w- C:\Users\B-Nash\CS6 Design and Web Premium 2012-09-03 20:25:47 -------- d-----w- C:\Users\B-Nash\AppData\Local\CRE 2012-09-03 20:25:43 -------- d-----w- C:\Program Files (x86)\Conduit 2012-09-03 20:25:35 -------- d-----w- C:\Users\B-Nash\AppData\Local\Conduit 2012-09-02 19:44:39 -------- d-----w- C:\Users\B-Nash\AppData\Roaming\ImTOO 2012-09-02 19:43:28 -------- d-----w- C:\ProgramData\ImTOO 2012-09-02 19:43:28 -------- d-----w- C:\Program Files (x86)\ImTOO 2012-08-30 17:27:35 31080 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys . ==================== Find3M ==================== . 2012-09-07 22:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-14 20:17:15 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-14 20:17:15 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll 2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 10:33:14.07 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/26/2010 2:44:04 PM System Uptime: 9/14/2012 5:15:44 PM (17 hours ago) . Motherboard: Gateway | | ZX4300 Processor: AMD Athlon II X2 235e Processor | CPU 1 | 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 313.158 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP218: 8/31/2012 6:46:48 PM - Windows Update RP219: 9/4/2012 2:50:28 AM - Windows Update RP220: 9/7/2012 4:38:07 PM - Removed Comcast Desktop Software (v1.2.1) RP221: 9/7/2012 4:45:19 PM - Windows Update RP222: 9/11/2012 3:22:07 AM - Windows Update RP223: 9/12/2012 3:00:12 AM - Windows Update RP224: 9/12/2012 11:26:21 PM - Windows Update RP225: 9/14/2012 9:30:09 AM - Removed T-Mobile webConnect Manager . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acrobat.com Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Community Help Adobe Contribute CS3 Adobe Creative Suite 3 Master Collection Adobe Default Language CS3 Adobe Device Central CS3 Adobe Download Assistant Adobe Dreamweaver CS3 Adobe Encore CS3 Adobe Encore CS3 Codecs Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Fireworks CS3 Adobe Flash CS3 Adobe Flash Player 11 ActiveX Adobe Flash Player 9 Plugin Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS3 Adobe Premiere Pro CS3 Adobe Premiere Pro CS3 Functional Content Adobe Premiere Pro CS3 Third Party Content Adobe Reader X (10.1.4) Adobe Setup Adobe SING CS3 Adobe Soundbooth CS3 Adobe Soundbooth CS3 Codecs Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Version Cue CS3 Server Adobe Video Profiles Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 Advertising Center AHV content for Acrobat and Flash AMD DnD V1.0.19 Antares Auto-Tune Evo RTAS Apple Application Support Apple Software Update Ashampoo Burning Studio 11 v.11.0.2 ASIO4ALL AVG PC Tuneup AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 Bejeweled 2 Deluxe Best Buy Software Installer Blackhawk Striker 2 Bob the Builder Can-Do-Zoo Build-a-lot 2 Compatibility Pack for the 2007 Office system CyberLink PowerCinema CyberLink PowerCinema Movie CyberLink Touch Browser CyberLink YouCam D3DX10 DepositFiles FileManager 0.9.9.206 Digidesign Audio Drivers 8.0 Digidesign Pro Tools Creative Collection 8.0 Digidesign Pro Tools LE 8.0 DVD Flick 1.3.0.7 Escape Rosecliff Island ESET Online Scanner v3 Faerie Solitaire FATE - The Traitor Soul FL Studio 10 Free DigiRack Plug-Ins 8.0 Freemake Video Downloader Gateway Game Console Gateway Games Gateway InfoCentre Gateway Recovery Management Gateway Registration Gateway ScreenSaver Gateway Touch Suite Gateway Updater Google Chrome Google Earth Plug-in Google Update Helper Identity Card IL Download Manager ImagXpress ImgBurn ImTOO iTransfer Platinum Internet TV for Windows Media Center ITE Infrared Transceiver Java Auto Updater Java 6 Update 29 Java 7 Update 5 JavaFX 2.1.1 Jewel Quest Solitaire 3 Junk Mail filter update Malwarebytes Anti-Malware version 1.65.0.1400 Mega Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Touch Pack for Windows 7 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Microsoft XNA Framework Redistributable 3.0 Microsoft XNA Framework Redistributable 3.1 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Miro Monopoly MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - Lost in Los Angeles MyTomTom 3.1.0.530 Nero 9 Essentials Nero ControlCenter Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml PDF Settings Penguins! Plants vs. Zombies Polar Bowler Polar Golfer QuickTime RapidShare Manager 2 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Safari Scrabble Plus Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Shop To Win Shop to Win 8 SIW version 2011.10.29 Skype™ 5.10 The Price is Right THX TruStudio PC TouchSettings Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Virtual DJ Home - Atomix Productions Virtual DJ Pro Full - Atomix Productions Virtual Families Virtual Villagers - A New Home VirtualDJ Home FREE Visual Studio 2008 x64 Redistributables Visual Studio C++ 10.0 Runtime Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Center Add-in for Silverlight WinRAR archiver WinZip 15.5 Wise Registry Cleaner 6.14 Yahoo! Messenger Yahoo! Software Update Yahtzee YouCam Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 9/8/2012 11:46:26 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service. 9/14/2012 9:15:41 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 9/14/2012 9:09:55 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 9/14/2012 9:08:39 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 9/14/2012 8:52:43 AM, Error: Service Control Manager [7034] - The Freemake Improver service terminated unexpectedly. It has done this 1 time(s). 9/13/2012 3:38:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user Br3wskee\Guest SID (S-1-5-21-1876199669-471561695-2787328992-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================

Malwarebytes Anti-Malware (PRO) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.06.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 B-Nash :: BR3WSKEE [administrator] Protection: Disabled 7/6/2012 1:27:31 PM mbam-log-2012-07-06 (13-27-31).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 241478 Time elapsed: 3 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

13:17:39.0537 3532 Wdf01000 - ok 13:17:39.0568 3532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:17:39.0677 3532 WdiServiceHost - ok 13:17:39.0677 3532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:17:39.0709 3532 WdiSystemHost - ok 13:17:40.0192 3532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 13:17:40.0270 3532 WebClient - ok 13:17:41.0066 3532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 13:17:41.0159 3532 Wecsvc - ok 13:17:41.0222 3532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 13:17:41.0253 3532 wercplsupport - ok 13:17:41.0300 3532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 13:17:41.0331 3532 WerSvc - ok 13:17:41.0378 3532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:17:41.0409 3532 WfpLwf - ok 13:17:41.0440 3532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:17:41.0440 3532 WIMMount - ok 13:17:41.0487 3532 WinDefend - ok 13:17:41.0487 3532 WinHttpAutoProxySvc - ok 13:17:41.0565 3532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 13:17:41.0596 3532 Winmgmt - ok 13:17:42.0157 3532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 13:17:42.0263 3532 WinRM - ok 13:17:42.0513 3532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 13:17:42.0529 3532 WinUsb - ok 13:17:42.0653 3532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 13:17:42.0716 3532 Wlansvc - ok 13:17:43.0075 3532 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:17:43.0121 3532 wlidsvc - ok 13:17:43.0277 3532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 13:17:43.0293 3532 WmiAcpi - ok 13:17:43.0387 3532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 13:17:43.0418 3532 wmiApSrv - ok 13:17:43.0465 3532 WMPNetworkSvc - ok 13:17:43.0496 3532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 13:17:43.0511 3532 WPCSvc - ok 13:17:43.0558 3532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 13:17:43.0589 3532 WPDBusEnum - ok 13:17:43.0636 3532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:17:43.0652 3532 ws2ifsl - ok 13:17:43.0683 3532 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 13:17:43.0714 3532 wscsvc - ok 13:17:43.0714 3532 WSearch - ok 13:17:44.0073 3532 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 13:17:44.0198 3532 wuauserv - ok 13:17:44.0323 3532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 13:17:44.0385 3532 WudfPf - ok 13:17:44.0447 3532 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:17:44.0494 3532 WUDFRd - ok 13:17:44.0557 3532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 13:17:44.0588 3532 wudfsvc - ok 13:17:44.0650 3532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 13:17:44.0666 3532 WwanSvc - ok 13:17:44.0884 3532 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 13:17:44.0900 3532 YahooAUService - ok 13:17:44.0931 3532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 13:17:45.0227 3532 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 13:17:45.0227 3532 \Device\Harddisk0\DR0 - detected TDSS File System (1) 13:17:45.0227 3532 Boot (0x1200) (4ac6ac884e4e510142115c2c4ae60203) \Device\Harddisk0\DR0\Partition0 13:17:45.0227 3532 \Device\Harddisk0\DR0\Partition0 - ok 13:17:45.0243 3532 Boot (0x1200) (c82dac81d78fd4d7b804a2eb2a4220b6) \Device\Harddisk0\DR0\Partition1 13:17:45.0259 3532 \Device\Harddisk0\DR0\Partition1 - ok 13:17:45.0259 3532 ============================================================ 13:17:45.0259 3532 Scan finished 13:17:45.0259 3532 ============================================================ 13:17:45.0259 1164 Detected object count: 6 13:17:45.0259 1164 Actual detected object count: 6 13:18:09.0085 1164 CATmobile ( UnsignedFile.Multi.Generic ) - skipped by user 13:18:09.0085 1164 CATmobile ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:18:09.0085 1164 digiSPTIService ( UnsignedFile.Multi.Generic ) - skipped by user 13:18:09.0085 1164 digiSPTIService ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:18:09.0085 1164 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 13:18:09.0085 1164 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:18:09.0085 1164 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user 13:18:09.0085 1164 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:18:09.0085 1164 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - skipped by user 13:18:09.0085 1164 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:18:09.0085 1164 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 13:18:09.0085 1164 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 13:19:32.0794 0652 ============================================================ 13:19:32.0794 0652 Scan started 13:19:32.0794 0652 Mode: Manual; SigCheck; TDLFS; 13:19:32.0794 0652 ============================================================ 13:19:33.0418 0652 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 13:19:33.0449 0652 1394ohci - ok 13:19:33.0480 0652 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 13:19:33.0496 0652 ACPI - ok 13:19:33.0527 0652 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 13:19:33.0527 0652 AcpiPmi - ok 13:19:33.0621 0652 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe 13:19:33.0652 0652 Adobe Version Cue CS3 - ok 13:19:33.0777 0652 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:19:33.0808 0652 AdobeFlashPlayerUpdateSvc - ok 13:19:33.0855 0652 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 13:19:33.0870 0652 adp94xx - ok 13:19:33.0917 0652 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 13:19:33.0917 0652 adpahci - ok 13:19:33.0933 0652 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 13:19:33.0948 0652 adpu320 - ok 13:19:33.0980 0652 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 13:19:33.0995 0652 AeLookupSvc - ok 13:19:34.0073 0652 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 13:19:34.0104 0652 AFD - ok 13:19:34.0120 0652 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 13:19:34.0136 0652 agp440 - ok 13:19:34.0167 0652 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 13:19:34.0167 0652 ALG - ok 13:19:34.0182 0652 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 13:19:34.0198 0652 aliide - ok 13:19:34.0229 0652 AMD External Events Utility (8f6c0ff277dbfe5ebed24e3543da7bfa) C:\Windows\system32\atiesrxx.exe 13:19:34.0245 0652 AMD External Events Utility - ok 13:19:34.0245 0652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 13:19:34.0245 0652 amdide - ok 13:19:34.0260 0652 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 13:19:34.0276 0652 AmdK8 - ok 13:19:34.0760 0652 amdkmdag (9673319070166e26660eba4edf316fa2) C:\Windows\system32\DRIVERS\atipmdag.sys 13:19:34.0822 0652 amdkmdag - ok 13:19:34.0947 0652 amdkmdap (430d06d63952848e64cbbf23b5c1479e) C:\Windows\system32\DRIVERS\atikmpag.sys 13:19:34.0962 0652 amdkmdap - ok 13:19:34.0978 0652 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 13:19:34.0994 0652 AmdPPM - ok 13:19:35.0009 0652 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys 13:19:35.0025 0652 amdsata - ok 13:19:35.0056 0652 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 13:19:35.0056 0652 amdsbs - ok 13:19:35.0072 0652 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys 13:19:35.0087 0652 amdxata - ok 13:19:35.0118 0652 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 13:19:35.0150 0652 AppID - ok 13:19:35.0181 0652 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 13:19:35.0212 0652 AppIDSvc - ok 13:19:35.0243 0652 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 13:19:35.0274 0652 Appinfo - ok 13:19:35.0368 0652 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:19:35.0384 0652 Apple Mobile Device - ok 13:19:35.0399 0652 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 13:19:35.0415 0652 arc - ok 13:19:35.0540 0652 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 13:19:35.0571 0652 arcsas - ok 13:19:35.0602 0652 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:19:35.0649 0652 AsyncMac - ok 13:19:35.0680 0652 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 13:19:35.0680 0652 atapi - ok 13:19:35.0696 0652 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys 13:19:35.0696 0652 AtiPcie - ok 13:19:35.0774 0652 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:19:35.0805 0652 AudioEndpointBuilder - ok 13:19:35.0820 0652 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:19:35.0852 0652 AudioSrv - ok 13:19:36.0257 0652 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 13:19:36.0335 0652 AVGIDSAgent - ok 13:19:36.0444 0652 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 13:19:36.0460 0652 AVGIDSDriver - ok 13:19:36.0476 0652 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 13:19:36.0491 0652 AVGIDSFilter - ok 13:19:36.0522 0652 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 13:19:36.0538 0652 Avgldx64 - ok 13:19:36.0554 0652 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 13:19:36.0569 0652 Avgmfx64 - ok 13:19:36.0585 0652 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 13:19:36.0585 0652 Avgrkx64 - ok 13:19:36.0616 0652 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 13:19:36.0632 0652 Avgtdia - ok 13:19:36.0678 0652 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 13:19:36.0678 0652 avgwd - ok 13:19:36.0725 0652 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 13:19:36.0741 0652 AxInstSV - ok 13:19:36.0788 0652 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 13:19:36.0803 0652 b06bdrv - ok 13:19:36.0834 0652 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:19:36.0834 0652 b57nd60a - ok 13:19:36.0866 0652 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 13:19:36.0881 0652 BDESVC - ok 13:19:36.0897 0652 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:19:36.0912 0652 Beep - ok 13:19:36.0990 0652 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 13:19:37.0022 0652 BFE - ok 13:19:37.0100 0652 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 13:19:37.0131 0652 BITS - ok 13:19:37.0162 0652 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:19:37.0162 0652 blbdrive - ok 13:19:37.0256 0652 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 13:19:37.0271 0652 Bonjour Service - ok 13:19:37.0318 0652 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 13:19:37.0334 0652 bowser - ok 13:19:37.0349 0652 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:19:37.0380 0652 BrFiltLo - ok 13:19:37.0380 0652 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:19:37.0396 0652 BrFiltUp - ok 13:19:37.0412 0652 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 13:19:37.0443 0652 BridgeMP - ok 13:19:37.0474 0652 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 13:19:37.0505 0652 Browser - ok 13:19:37.0521 0652 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:19:37.0536 0652 Brserid - ok 13:19:37.0552 0652 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:19:37.0552 0652 BrSerWdm - ok 13:19:37.0568 0652 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:19:37.0583 0652 BrUsbMdm - ok 13:19:37.0583 0652 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:19:37.0599 0652 BrUsbSer - ok 13:19:37.0599 0652 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 13:19:37.0614 0652 BTHMODEM - ok 13:19:37.0646 0652 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 13:19:37.0661 0652 bthserv - ok 13:19:37.0677 0652 catchme - ok 13:19:37.0739 0652 CATmobile (a17eedc1b59232346753d5e9a652ce26) C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe 13:19:37.0755 0652 CATmobile ( UnsignedFile.Multi.Generic ) - warning 13:19:37.0755 0652 CATmobile - detected UnsignedFile.Multi.Generic (1) 13:19:37.0786 0652 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:19:37.0817 0652 cdfs - ok 13:19:37.0848 0652 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 13:19:37.0864 0652 cdrom - ok 13:19:37.0895 0652 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:19:37.0926 0652 CertPropSvc - ok 13:19:37.0926 0652 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 13:19:37.0942 0652 circlass - ok 13:19:37.0973 0652 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:19:37.0989 0652 CLFS - ok 13:19:38.0036 0652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:19:38.0051 0652 clr_optimization_v2.0.50727_32 - ok 13:19:38.0098 0652 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:19:38.0114 0652 clr_optimization_v2.0.50727_64 - ok 13:19:38.0192 0652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:19:38.0207 0652 clr_optimization_v4.0.30319_32 - ok 13:19:38.0270 0652 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:19:38.0285 0652 clr_optimization_v4.0.30319_64 - ok 13:19:38.0301 0652 clwvd (e13a438f9e51dd034730678e33b73290) C:\Windows\system32\DRIVERS\clwvd.sys 13:19:38.0316 0652 clwvd - ok 13:19:38.0316 0652 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:19:38.0332 0652 CmBatt - ok 13:19:38.0363 0652 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 13:19:38.0363 0652 cmdide - ok 13:19:38.0441 0652 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 13:19:38.0472 0652 CNG - ok 13:19:38.0488 0652 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 13:19:38.0504 0652 Compbatt - ok 13:19:38.0535 0652 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 13:19:38.0550 0652 CompositeBus - ok 13:19:38.0550 0652 COMSysApp - ok 13:19:38.0566 0652 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 13:19:38.0566 0652 crcdisk - ok 13:19:38.0613 0652 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 13:19:38.0613 0652 CryptSvc - ok 13:19:38.0660 0652 dalwdmservice (20b51198df64dd6ced07be75abc4df93) C:\Windows\system32\drivers\dalwdm.sys 13:19:38.0660 0652 dalwdmservice - ok 13:19:38.0722 0652 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:19:38.0753 0652 DcomLaunch - ok 13:19:38.0800 0652 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 13:19:38.0831 0652 defragsvc - ok 13:19:38.0862 0652 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 13:19:38.0894 0652 DfsC - ok 13:19:38.0940 0652 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 13:19:38.0972 0652 Dhcp - ok 13:19:38.0972 0652 DigiNet (faa97c2e28a2a7afbb156b78ff30f710) C:\Windows\system32\DRIVERS\diginet.sys 13:19:38.0987 0652 DigiNet - ok 13:19:39.0034 0652 DigiRefresh - ok 13:19:39.0112 0652 digiSPTIService (52e112e8b13522352db42b78ac9bab0c) C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe 13:19:39.0112 0652 digiSPTIService ( UnsignedFile.Multi.Generic ) - warning 13:19:39.0112 0652 digiSPTIService - detected UnsignedFile.Multi.Generic (1) 13:19:39.0128 0652 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:19:39.0174 0652 discache - ok 13:19:39.0206 0652 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 13:19:39.0206 0652 Disk - ok 13:19:39.0252 0652 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 13:19:39.0268 0652 Dnscache - ok 13:19:39.0299 0652 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 13:19:39.0330 0652 dot3svc - ok 13:19:39.0362 0652 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 13:19:39.0393 0652 DPS - ok 13:19:39.0408 0652 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:19:39.0408 0652 drmkaud - ok 13:19:39.0518 0652 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 13:19:39.0533 0652 DXGKrnl - ok 13:19:39.0549 0652 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 13:19:39.0580 0652 EapHost - ok 13:19:39.0798 0652 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 13:19:39.0830 0652 ebdrv - ok 13:19:39.0939 0652 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 13:19:39.0954 0652 EFS - ok 13:19:40.0048 0652 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 13:19:40.0064 0652 ehRecvr - ok 13:19:40.0095 0652 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 13:19:40.0095 0652 ehSched - ok 13:19:40.0173 0652 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 13:19:40.0188 0652 elxstor - ok 13:19:40.0235 0652 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 13:19:40.0235 0652 ErrDev - ok 13:19:40.0282 0652 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 13:19:40.0313 0652 EventSystem - ok 13:19:40.0360 0652 ewusbnet (d83eb7ade99d99a4cd6568ac1261d35e) C:\Windows\system32\DRIVERS\ewusbnet.sys 13:19:40.0360 0652 ewusbnet - ok 13:19:40.0407 0652 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 13:19:40.0407 0652 ew_hwusbdev - ok 13:19:40.0438 0652 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:19:40.0454 0652 exfat - ok 13:19:40.0485 0652 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:19:40.0516 0652 fastfat - ok 13:19:40.0625 0652 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 13:19:40.0641 0652 Fax - ok 13:19:40.0641 0652 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 13:19:40.0656 0652 fdc - ok 13:19:40.0672 0652 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 13:19:40.0703 0652 fdPHost - ok 13:19:40.0703 0652 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 13:19:40.0734 0652 FDResPub - ok 13:19:40.0750 0652 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:19:40.0766 0652 FileInfo - ok 13:19:40.0766 0652 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:19:40.0797 0652 Filetrace - ok 13:19:40.0922 0652 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 13:19:40.0953 0652 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 13:19:40.0953 0652 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 13:19:40.0968 0652 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 13:19:40.0984 0652 flpydisk - ok 13:19:41.0031 0652 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 13:19:41.0062 0652 FltMgr - ok 13:19:41.0171 0652 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 13:19:41.0202 0652 FontCache - ok 13:19:41.0265 0652 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:19:41.0280 0652 FontCache3.0.0.0 - ok 13:19:41.0374 0652 Freemake Improver (5b0348b8e06d0d2597ed0e86ff47cd88) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 13:19:41.0374 0652 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning 13:19:41.0374 0652 Freemake Improver - detected UnsignedFile.Multi.Generic (1) 13:19:41.0405 0652 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:19:41.0421 0652 FsDepends - ok 13:19:41.0452 0652 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 13:19:41.0468 0652 Fs_Rec - ok 13:19:41.0499 0652 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:19:41.0514 0652 fvevol - ok 13:19:41.0530 0652 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 13:19:41.0546 0652 gagp30kx - ok 13:19:41.0624 0652 GameConsoleService (6858c318e8daa40e747e6fb9b214e104) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe 13:19:41.0639 0652 GameConsoleService - ok 13:19:41.0686 0652 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:19:41.0702 0652 GEARAspiWDM - ok 13:19:41.0795 0652 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 13:19:41.0842 0652 gpsvc - ok 13:19:41.0982 0652 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe 13:19:42.0029 0652 Greg_Service - ok 13:19:42.0107 0652 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:19:42.0123 0652 gupdate - ok 13:19:42.0138 0652 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:19:42.0138 0652 gupdatem - ok 13:19:42.0232 0652 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:19:42.0263 0652 hcw85cir - ok 13:19:42.0310 0652 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 13:19:42.0326 0652 HdAudAddService - ok 13:19:42.0357 0652 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 13:19:42.0388 0652 HDAudBus - ok 13:19:42.0404 0652 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 13:19:42.0419 0652 HidBatt - ok 13:19:42.0450 0652 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 13:19:42.0466 0652 HidBth - ok 13:19:42.0513 0652 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 13:19:42.0528 0652 HidIr - ok 13:19:42.0622 0652 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 13:19:42.0653 0652 hidserv - ok 13:19:42.0747 0652 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 13:19:42.0762 0652 HidUsb - ok 13:19:42.0794 0652 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 13:19:42.0825 0652 hkmsvc - ok 13:19:42.0872 0652 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 13:19:42.0887 0652 HomeGroupListener - ok 13:19:42.0934 0652 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 13:19:42.0965 0652 HomeGroupProvider - ok 13:19:42.0996 0652 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 13:19:42.0996 0652 HpSAMD - ok 13:19:43.0152 0652 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 13:19:43.0199 0652 HTTP - ok 13:19:43.0199 0652 huawei_enumerator - ok 13:19:43.0277 0652 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys 13:19:43.0293 0652 hwdatacard - ok 13:19:43.0324 0652 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 13:19:43.0340 0652 hwpolicy - ok 13:19:43.0371 0652 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 13:19:43.0386 0652 i8042prt - ok 13:19:43.0418 0652 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 13:19:43.0433 0652 iaStorV - ok 13:19:43.0620 0652 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:19:43.0680 0652 idsvc - ok 13:19:43.0715 0652 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 13:19:43.0727 0652 iirsp - ok 13:19:43.0850 0652 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 13:19:43.0897 0652 IKEEXT - ok 13:19:43.0967 0652 int15.sys (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\System32\OEM\Factory\int15.sys 13:19:44.0062 0652 int15.sys - ok 13:19:44.0287 0652 IntcAzAudAddService (e80469090249f7d6d64be772cfa8c4c1) C:\Windows\system32\drivers\RTKVHD64.sys 13:19:44.0334 0652 IntcAzAudAddService - ok 13:19:44.0607 0652 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 13:19:44.0607 0652 intelide - ok 13:19:44.0669 0652 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:19:44.0685 0652 intelppm - ok 13:19:44.0700 0652 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 13:19:44.0731 0652 IPBusEnum - ok 13:19:44.0778 0652 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:19:44.0809 0652 IpFilterDriver - ok 13:19:44.0856 0652 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 13:19:44.0887 0652 iphlpsvc - ok 13:19:44.0919 0652 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 13:19:44.0934 0652 IPMIDRV - ok 13:19:44.0965 0652 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:19:44.0981 0652 IPNAT - ok 13:19:45.0153 0652 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 13:19:45.0184 0652 iPod Service - ok 13:19:45.0199 0652 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:19:45.0215 0652 IRENUM - ok 13:19:45.0231 0652 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 13:19:45.0246 0652 isapnp - ok 13:19:45.0293 0652 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 13:19:45.0309 0652 iScsiPrt - ok 13:19:45.0340 0652 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys 13:19:45.0340 0652 itecir - ok 13:19:45.0355 0652 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 13:19:45.0371 0652 kbdclass - ok 13:19:45.0371 0652 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 13:19:45.0387 0652 kbdhid - ok 13:19:45.0402 0652 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:19:45.0418 0652 KeyIso - ok 13:19:45.0433 0652 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 13:19:45.0449 0652 KSecDD - ok 13:19:45.0465 0652 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 13:19:45.0480 0652 KSecPkg - ok 13:19:45.0480 0652 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:19:45.0511 0652 ksthunk - ok 13:19:45.0558 0652 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 13:19:45.0589 0652 KtmRm - ok 13:19:45.0636 0652 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 13:19:45.0667 0652 LanmanServer - ok 13:19:45.0714 0652 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 13:19:45.0730 0652 LanmanWorkstation - ok 13:19:45.0761 0652 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:19:45.0778 0652 lltdio - ok 13:19:45.0824 0652 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 13:19:45.0856 0652 lltdsvc - ok 13:19:45.0856 0652 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 13:19:45.0887 0652 lmhosts - ok 13:19:45.0918 0652 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 13:19:45.0918 0652 LSI_FC - ok 13:19:45.0934 0652 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 13:19:45.0949 0652 LSI_SAS - ok 13:19:45.0949 0652 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:19:45.0965 0652 LSI_SAS2 - ok 13:19:45.0980 0652 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:19:45.0996 0652 LSI_SCSI - ok 13:19:46.0012 0652 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:19:46.0043 0652 luafv - ok 13:19:46.0074 0652 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 13:19:46.0090 0652 MBAMProtector - ok 13:19:46.0214 0652 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 13:19:46.0246 0652 MBAMService - ok 13:19:46.0261 0652 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys 13:19:46.0277 0652 MBfilt - ok 13:19:46.0308 0652 MBX2DFU (8246015402271e38e91d3aa49dbc5f5c) C:\Windows\system32\DRIVERS\MBX2DFU.sys 13:19:46.0308 0652 MBX2DFU - ok 13:19:46.0324 0652 MBX2MIDK (a8e67055e039356f81c29d25357f22f2) C:\Windows\system32\drivers\mbx2midk.sys 13:19:46.0339 0652 MBX2MIDK - ok 13:19:46.0370 0652 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 13:19:46.0386 0652 Mcx2Svc - ok 13:19:46.0402 0652 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 13:19:46.0402 0652 megasas - ok 13:19:46.0433 0652 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 13:19:46.0448 0652 MegaSR - ok 13:19:46.0495 0652 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 13:19:46.0511 0652 Microsoft Office Groove Audit Service - ok 13:19:46.0526 0652 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:19:46.0558 0652 MMCSS - ok 13:19:46.0573 0652 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:19:46.0604 0652 Modem - ok 13:19:46.0620 0652 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:19:46.0636 0652 monitor - ok 13:19:46.0667 0652 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 13:19:46.0682 0652 mouclass - ok 13:19:46.0682 0652 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:19:46.0698 0652 mouhid - ok 13:19:46.0745 0652 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 13:19:46.0745 0652 mountmgr - ok 13:19:46.0792 0652 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 13:19:46.0792 0652 mpio - ok 13:19:46.0823 0652 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:19:46.0854 0652 mpsdrv - ok 13:19:46.0932 0652 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 13:19:46.0963 0652 MpsSvc - ok 13:19:47.0010 0652 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 13:19:47.0026 0652 MRxDAV - ok 13:19:47.0057 0652 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:19:47.0072 0652 mrxsmb - ok 13:19:47.0119 0652 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:19:47.0119 0652 mrxsmb10 - ok 13:19:47.0182 0652 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:19:47.0197 0652 mrxsmb20 - ok 13:19:47.0244 0652 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 13:19:47.0244 0652 msahci - ok 13:19:47.0369 0652 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 13:19:47.0384 0652 msdsm - ok 13:19:47.0416 0652 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 13:19:47.0447 0652 MSDTC - ok 13:19:47.0462 0652 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:19:47.0494 0652 Msfs - ok 13:19:47.0509 0652 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:19:47.0540 0652 mshidkmdf - ok 13:19:47.0540 0652 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 13:19:47.0556 0652 msisadrv - ok 13:19:47.0587 0652 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 13:19:47.0618 0652 MSiSCSI - ok 13:19:47.0618 0652 msiserver - ok 13:19:47.0634 0652 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:19:47.0665 0652 MSKSSRV - ok 13:19:47.0681 0652 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:19:47.0696 0652 MSPCLOCK - ok 13:19:47.0712 0652 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:19:47.0743 0652 MSPQM - ok 13:19:47.0790 0652 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 13:19:47.0806 0652 MsRPC - ok 13:19:47.0837 0652 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 13:19:47.0837 0652 mssmbios - ok 13:19:47.0852 0652 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:19:47.0884 0652 MSTEE - ok 13:19:47.0884 0652 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 13:19:47.0899 0652 MTConfig - ok 13:19:47.0915 0652 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:19:47.0915 0652 Mup - ok 13:19:47.0993 0652 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 13:19:48.0024 0652 napagent - ok 13:19:48.0040 0652 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:19:48.0055 0652 NativeWifiP - ok 13:19:48.0133 0652 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 13:19:48.0149 0652 NDIS - ok 13:19:48.0164 0652 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:19:48.0196 0652 NdisCap - ok 13:19:48.0211 0652 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:19:48.0242 0652 NdisTapi - ok 13:19:48.0258 0652 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 13:19:48.0289 0652 Ndisuio - ok 13:19:48.0336 0652 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 13:19:48.0398 0652 NdisWan - ok 13:19:48.0430 0652 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 13:19:48.0461 0652 NDProxy - ok 13:19:48.0601 0652 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 13:19:48.0632 0652 Nero BackItUp Scheduler 4.0 - ok 13:19:48.0664 0652 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:19:48.0695 0652 NetBIOS - ok 13:19:48.0742 0652 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 13:19:48.0773 0652 NetBT - ok 13:19:48.0804 0652 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:19:48.0804 0652 Netlogon - ok 13:19:48.0851 0652 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 13:19:48.0882 0652 Netman - ok 13:19:48.0913 0652 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 13:19:48.0944 0652 netprofm - ok 13:19:49.0038 0652 netr28x (6b605adc90a1dd4a9bd94fc23ef52884) C:\Windows\system32\DRIVERS\netr28x.sys 13:19:49.0069 0652 netr28x - ok 13:19:49.0132 0652 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:19:49.0132 0652 NetTcpPortSharing - ok 13:19:49.0147 0652 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 13:19:49.0163 0652 nfrd960 - ok 13:19:49.0210 0652 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 13:19:49.0241 0652 NlaSvc - ok 13:19:49.0256 0652 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:19:49.0288 0652 Npfs - ok 13:19:49.0303 0652 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 13:19:49.0319 0652 nsi - ok 13:19:49.0334 0652 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:19:49.0366 0652 nsiproxy - ok 13:19:49.0506 0652 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 13:19:49.0537 0652 Ntfs - ok 13:19:49.0631 0652 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:19:49.0693 0652 Null - ok 13:19:49.0724 0652 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 13:19:49.0740 0652 nvraid - ok 13:19:49.0771 0652 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 13:19:49.0787 0652 nvstor - ok 13:19:49.0802 0652 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 13:19:49.0818 0652 nv_agp - ok 13:19:49.0912 0652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 13:19:49.0943 0652 odserv - ok 13:19:49.0974 0652 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 13:19:49.0990 0652 ohci1394 - ok 13:19:50.0036 0652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:19:50.0036 0652 ose - ok 13:19:50.0099 0652 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:19:50.0114 0652 p2pimsvc - ok 13:19:50.0146 0652 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 13:19:50.0161 0652 p2psvc - ok 13:19:50.0177 0652 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 13:19:50.0192 0652 Parport - ok 13:19:50.0224 0652 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 13:19:50.0239 0652 partmgr - ok 13:19:50.0255 0652 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 13:19:50.0270 0652 PcaSvc - ok 13:19:50.0286 0652 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 13:19:50.0302 0652 pci - ok 13:19:50.0317 0652 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 13:19:50.0317 0652 pciide - ok 13:19:50.0348 0652 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 13:19:50.0348 0652 pcmcia - ok 13:19:50.0380 0652 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS 13:19:50.0395 0652 PCTINDIS5X64 - ok 13:19:50.0411 0652 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:19:50.0426 0652 pcw - ok 13:19:50.0473 0652 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:19:50.0504 0652 PEAUTH - ok 13:19:50.0582 0652 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 13:19:50.0598 0652 PerfHost - ok 13:19:50.0754 0652 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 13:19:50.0816 0652 pla - ok 13:19:50.0879 0652 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 13:19:50.0879 0652 PlugPlay - ok 13:19:50.0894 0652 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 13:19:50.0910 0652 PNRPAutoReg - ok 13:19:50.0957 0652 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:19:50.0972 0652 PNRPsvc - ok 13:19:51.0004 0652 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 13:19:51.0035 0652 PolicyAgent - ok 13:19:51.0066 0652 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 13:19:51.0097 0652 Power - ok 13:19:51.0160 0652 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 13:19:51.0222 0652 PptpMiniport - ok 13:19:51.0238 0652 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 13:19:51.0253 0652 Processor - ok 13:19:51.0284 0652 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 13:19:51.0300 0652 ProfSvc - ok 13:19:51.0331 0652 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:19:51.0347 0652 ProtectedStorage - ok 13:19:51.0378 0652 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 13:19:51.0409 0652 Psched - ok 13:19:51.0534 0652 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 13:19:51.0581 0652 ql2300 - ok 13:19:51.0643 0652 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 13:19:51.0659 0652 ql40xx - ok 13:19:51.0690 0652 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 13:19:51.0690 0652 QWAVE - ok 13:19:51.0706 0652 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:19:51.0721 0652 QWAVEdrv - ok 13:19:51.0737 0652 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:19:51.0768 0652 RasAcd - ok 13:19:51.0799 0652 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:19:51.0815 0652 RasAgileVpn - ok 13:19:51.0830 0652 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 13:19:51.0862 0652 RasAuto - ok 13:19:51.0908 0652 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:19:51.0924 0652 Rasl2tp - ok 13:19:51.0986 0652 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 13:19:52.0018 0652 RasMan - ok 13:19:52.0033 0652 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:19:52.0064 0652 RasPppoe - ok 13:19:52.0080 0652 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:19:52.0111 0652 RasSstp - ok 13:19:52.0142 0652 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 13:19:52.0174 0652 rdbss - ok 13:19:52.0189 0652 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 13:19:52.0205 0652 rdpbus - ok 13:19:52.0205 0652 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:19:52.0236 0652 RDPCDD - ok 13:19:52.0252 0652 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:19:52.0283 0652 RDPENCDD - ok 13:19:52.0298 0652 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:19:52.0314 0652 RDPREFMP - ok 13:19:52.0517 0652 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 13:19:52.0548 0652 RDPWD - ok 13:19:52.0595 0652 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 13:19:52.0610 0652 rdyboost - ok 13:19:52.0642 0652 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 13:19:52.0673 0652 RemoteAccess - ok 13:19:52.0704 0652 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 13:19:52.0735 0652 RemoteRegistry - ok 13:19:52.0751 0652 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 13:19:52.0782 0652 RpcEptMapper - ok 13:19:52.0798 0652 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 13:19:52.0798 0652 RpcLocator - ok 13:19:52.0876 0652 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:19:52.0938 0652 RpcSs - ok 13:19:52.0954 0652 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:19:52.0985 0652 rspndr - ok 13:19:53.0016 0652 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\System32\Drivers\RtsUStor.sys 13:19:53.0032 0652 RSUSBSTOR - ok 13:19:53.0078 0652 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\Windows\system32\DRIVERS\Rt64win7.sys 13:19:53.0078 0652 RTL8167 - ok 13:19:53.0110 0652 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:19:53.0125 0652 SamSs - ok 13:19:53.0156 0652 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 13:19:53.0172 0652 sbp2port - ok 13:19:53.0188 0652 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 13:19:53.0219 0652 SCardSvr - ok 13:19:53.0250 0652 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 13:19:53.0281 0652 scfilter - ok 13:19:53.0406 0652 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 13:19:53.0453 0652 Schedule - ok 13:19:53.0484 0652 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:19:53.0515 0652 SCPolicySvc - ok 13:19:53.0562 0652 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 13:19:53.0593 0652 SDRSVC - ok 13:19:53.0624 0652 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:19:53.0656 0652 secdrv - ok 13:19:53.0687 0652 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 13:19:53.0718 0652 seclogon - ok 13:19:53.0749 0652 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 13:19:53.0780 0652 SENS - ok 13:19:53.0796 0652 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 13:19:53.0812 0652 SensrSvc - ok 13:19:53.0827 0652 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 13:19:53.0827 0652 Serenum - ok 13:19:53.0843 0652 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 13:19:53.0843 0652 Serial - ok 13:19:53.0858 0652 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 13:19:53.0874 0652 sermouse - ok 13:19:53.0921 0652 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 13:19:53.0936 0652 SessionEnv - ok 13:19:53.0968 0652 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:19:53.0983 0652 sffdisk - ok 13:19:53.0999 0652 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:19:54.0014 0652 sffp_mmc - ok 13:19:54.0030 0652 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 13:19:54.0030 0652 sffp_sd - ok 13:19:54.0046 0652 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 13:19:54.0046 0652 sfloppy - ok 13:19:54.0092 0652 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 13:19:54.0124 0652 SharedAccess - ok 13:19:54.0186 0652 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 13:19:54.0217 0652 ShellHWDetection - ok 13:19:54.0217 0652 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:19:54.0233 0652 SiSRaid2 - ok 13:19:54.0248 0652 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 13:19:54.0264 0652 SiSRaid4 - ok 13:19:54.0264 0652 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:19:54.0295 0652 Smb - ok 13:19:54.0326 0652 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 13:19:54.0326 0652 SNMPTRAP - ok 13:19:54.0342 0652 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:19:54.0358 0652 spldr - ok 13:19:54.0404 0652 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 13:19:54.0436 0652 Spooler - ok 13:19:54.0732 0652 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 13:19:54.0810 0652 sppsvc - ok 13:19:54.0888 0652 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 13:19:54.0935 0652 sppuinotify - ok 13:19:55.0028 0652 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 13:19:55.0044 0652 srv - ok 13:19:55.0075 0652 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 13:19:55.0091 0652 srv2 - ok 13:19:55.0122 0652 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 13:19:55.0138 0652 srvnet - ok 13:19:55.0153 0652 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 13:19:55.0184 0652 SSDPSRV - ok 13:19:55.0216 0652 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 13:19:55.0247 0652 SstpSvc - ok 13:19:55.0262 0652 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 13:19:55.0278 0652 stexstor - ok 13:19:55.0356 0652 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 13:19:55.0387 0652 stisvc - ok 13:19:55.0418 0652 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 13:19:55.0418 0652 swenum - ok 13:19:55.0465 0652 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 13:19:55.0496 0652 swprv - ok 13:19:55.0652 0652 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 13:19:55.0684 0652 SysMain - ok 13:19:55.0777 0652 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 13:19:55.0824 0652 TabletInputService - ok 13:19:55.0886 0652 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 13:19:55.0949 0652 TapiSrv - ok 13:19:55.0964 0652 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 13:19:55.0996 0652 TBS - ok 13:19:56.0183 0652 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 13:19:56.0214 0652 Tcpip - ok 13:19:56.0401 0652 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 13:19:56.0432 0652 TCPIP6 - ok 13:19:56.0510 0652 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 13:19:56.0526 0652 tcpipreg - ok 13:19:56.0557 0652 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:19:56.0573 0652 TDPIPE - ok 13:19:56.0604 0652 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 13:19:56.0604 0652 TDTCP - ok 13:19:56.0651 0652 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 13:19:56.0666 0652 tdx - ok 13:19:56.0698 0652 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 13:19:56.0713 0652 TermDD - ok 13:19:56.0776 0652 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 13:19:56.0807 0652 TermService - ok 13:19:56.0822 0652 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 13:19:56.0838 0652 Themes - ok 13:19:56.0869 0652 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:19:56.0885 0652 THREADORDER - ok 13:19:56.0978 0652 TMobileRcAppSvc (d44d1fd2a03351bab109e1fc14d08cfb) C:\Program Files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe 13:19:56.0978 0652 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - warning 13:19:56.0978 0652 TMobileRcAppSvc - detected UnsignedFile.Multi.Generic (1) 13:19:57.0025 0652 tmobile_mf691_dc_enum (265cd57b1c3700cdbc0b815791bc3b56) C:\Windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys 13:19:57.0041 0652 tmobile_mf691_dc_enum - ok 13:19:57.0088 0652 Tpkd (7cace8801848966b7541e664000e4ee4) C:\Windows\system32\drivers\Tpkd.sys 13:19:57.0103 0652 Tpkd - ok 13:19:57.0119 0652 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 13:19:57.0150 0652 TrkWks - ok 13:19:57.0212 0652 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 13:19:57.0259 0652 TrustedInstaller - ok 13:19:57.0306 0652 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:19:57.0322 0652 tssecsrv - ok 13:19:57.0353 0652 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 13:19:57.0368 0652 TsUsbFlt - ok 13:19:57.0415 0652 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 13:19:57.0431 0652 tunnel - ok 13:19:57.0462 0652 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 13:19:57.0478 0652 uagp35 - ok 13:19:57.0805 0652 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 13:19:57.0883 0652 udfs - ok 13:19:57.0914 0652 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 13:19:57.0914 0652 UI0Detect - ok 13:19:57.0961 0652 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 13:19:57.0961 0652 uliagpkx - ok 13:19:57.0992 0652 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 13:19:58.0008 0652 umbus - ok 13:19:58.0008 0652 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 13:19:58.0024 0652 UmPass - ok 13:19:58.0086 0652 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe 13:19:58.0086 0652 Updater Service - ok 13:19:58.0117 0652 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 13:19:58.0148 0652 upnphost - ok 13:19:58.0195 0652 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 13:19:58.0195 0652 USBAAPL64 - ok 13:19:58.0226 0652 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 13:19:58.0242 0652 usbaudio - ok 13:19:58.0273 0652 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 13:19:58.0273 0652 usbccgp - ok 13:19:58.0304 0652 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 13:19:58.0320 0652 usbcir - ok 13:19:58.0336 0652 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 13:19:58.0351 0652 usbehci - ok 13:19:58.0382 0652 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 13:19:58.0398 0652 usbhub - ok 13:19:58.0507 0652 USBMULCD (f9b3054339a71f16430f6585ebc8be96) C:\Windows\system32\drivers\CM10664.sys 13:19:58.0523 0652 USBMULCD - ok 13:19:58.0538 0652 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 13:19:58.0554 0652 usbohci - ok 13:19:58.0570 0652 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:19:58.0570 0652 usbprint - ok 13:19:58.0601 0652 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 13:19:58.0616 0652 usbscan - ok 13:19:58.0632 0652 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:19:58.0648 0652 USBSTOR - ok 13:19:58.0663 0652 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 13:19:58.0663 0652 usbuhci - ok 13:19:58.0694 0652 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 13:19:58.0710 0652 usbvideo - ok 13:19:58.0741 0652 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 13:19:58.0757 0652 usb_rndisx - ok 13:19:58.0772 0652 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 13:19:58.0804 0652 UxSms - ok 13:19:58.0835 0652 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:19:58.0850 0652 VaultSvc - ok 13:19:58.0866 0652 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 13:19:58.0866 0652 vdrvroot - ok 13:19:58.0928 0652 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 13:19:58.0960 0652 vds - ok 13:19:58.0975 0652 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:19:58.0991 0652 vga - ok 13:19:59.0006 0652 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:19:59.0038 0652 VgaSave - ok 13:19:59.0069 0652 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 13:19:59.0069 0652 vhdmp - ok 13:19:59.0100 0652 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 13:19:59.0116 0652 viaide - ok 13:19:59.0131 0652 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 13:19:59.0131 0652 volmgr - ok 13:19:59.0194 0652 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 13:19:59.0225 0652 volmgrx - ok 13:19:59.0256 0652 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 13:19:59.0272 0652 volsnap - ok 13:19:59.0287 0652 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 13:19:59.0303 0652 vsmraid - ok 13:19:59.0443 0652 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 13:19:59.0490 0652 VSS - ok 13:19:59.0677 0652 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe 13:19:59.0708 0652 vToolbarUpdater11.1.0 - ok 13:19:59.0802 0652 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 13:19:59.0802 0652 vwifibus - ok 13:19:59.0833 0652 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 13:19:59.0833 0652 vwififlt - ok 13:19:59.0880 0652 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 13:19:59.0911 0652 W32Time - ok 13:19:59.0927 0652 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 13:19:59.0927 0652 WacomPen - ok 13:19:59.0974 0652 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:20:00.0036 0652 WANARP - ok 13:20:00.0036 0652 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:20:00.0067 0652 Wanarpv6 - ok 13:20:00.0192 0652 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 13:20:00.0223 0652 WatAdminSvc - ok 13:20:00.0426 0652 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 13:20:00.0457 0652 wbengine - ok 13:20:00.0520 0652 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 13:20:00.0535 0652 WbioSrvc - ok 13:20:00.0598 0652 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 13:20:00.0629 0652 wcncsvc - ok 13:20:00.0644 0652 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 13:20:00.0644 0652 WcsPlugInService - ok 13:20:00.0676 0652 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 13:20:00.0691 0652 Wd - ok 13:20:00.0738 0652 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:20:00.0754 0652 Wdf01000 - ok 13:20:00.0769 0652 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:20:00.0785 0652 WdiServiceHost - ok 13:20:00.0800 0652 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:20:00.0816 0652 WdiSystemHost - ok 13:20:00.0863 0652 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 13:20:00.0878 0652 WebClient - ok 13:20:00.0910 0652 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 13:20:00.0941 0652 Wecsvc - ok 13:20:00.0956 0652 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 13:20:00.0972 0652 wercplsupport - ok 13:20:01.0003 0652 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 13:20:01.0034 0652 WerSvc - ok 13:20:01.0050 0652 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:20:01.0081 0652 WfpLwf - ok 13:20:01.0097 0652 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:20:01.0112 0652 WIMMount - ok 13:20:01.0144 0652 WinDefend - ok 13:20:01.0159 0652 WinHttpAutoProxySvc - ok 13:20:01.0222 0652 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 13:20:01.0268 0652 Winmgmt - ok 13:20:01.0440 0652 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 13:20:01.0487 0652 WinRM - ok 13:20:01.0596 0652 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 13:20:01.0627 0652 WinUsb - ok 13:20:01.0705 0652 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 13:20:01.0736 0652 Wlansvc - ok 13:20:01.0986 0652 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:20:02.0033 0652 wlidsvc - ok 13:20:02.0111 0652 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 13:20:02.0111 0652 WmiAcpi - ok 13:20:02.0189 0652 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 13:20:02.0189 0652 wmiApSrv - ok 13:20:02.0251 0652 WMPNetworkSvc - ok 13:20:02.0267 0652 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 13:20:02.0267 0652 WPCSvc - ok 13:20:02.0314 0652 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 13:20:02.0329 0652 WPDBusEnum - ok 13:20:02.0345 0652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:20:02.0376 0652 ws2ifsl - ok 13:20:02.0392 0652 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 13:20:02.0407 0652 wscsvc - ok 13:20:02.0423 0652 WSearch - ok 13:20:02.0594 0652 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 13:20:02.0641 0652 wuauserv - ok 13:20:02.0766 0652 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 13:20:02.0828 0652 WudfPf - ok 13:20:02.0844 0652 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:20:02.0875 0652 WUDFRd - ok 13:20:02.0906 0652 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 13:20:02.0938 0652 wudfsvc - ok 13:20:02.0969 0652 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 13:20:02.0984 0652 WwanSvc - ok 13:20:03.0140 0652 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 13:20:03.0156 0652 YahooAUService - ok 13:20:03.0203 0652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 13:20:03.0577 0652 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 13:20:03.0577 0652 \Device\Harddisk0\DR0 - detected TDSS File System (1) 13:20:03.0577 0652 Boot (0x1200) (4ac6ac884e4e510142115c2c4ae60203) \Device\Harddisk0\DR0\Partition0 13:20:03.0577 0652 \Device\Harddisk0\DR0\Partition0 - ok 13:20:03.0608 0652 Boot (0x1200) (c82dac81d78fd4d7b804a2eb2a4220b6) \Device\Harddisk0\DR0\Partition1 13:20:03.0608 0652 \Device\Harddisk0\DR0\Partition1 - ok 13:20:03.0608 0652 ============================================================ 13:20:03.0608 0652 Scan finished 13:20:03.0608 0652 ============================================================ 13:20:03.0624 2928 Detected object count: 6 13:20:03.0624 2928 Actual detected object count: 6 13:21:20.0586 2928 CATmobile ( UnsignedFile.Multi.Generic ) - skipped by user 13:21:20.0586 2928 CATmobile ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:21:20.0586 2928 digiSPTIService ( UnsignedFile.Multi.Generic ) - skipped by user 13:21:20.0586 2928 digiSPTIService ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:21:20.0586 2928 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 13:21:20.0586 2928 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:21:20.0602 2928 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user 13:21:20.0602 2928 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:21:20.0602 2928 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - skipped by user 13:21:20.0602 2928 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:21:20.0602 2928 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 13:21:20.0602 2928 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 13:21:49.0426 1284 Deinitialize success

13:16:22.0381 4028 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 13:16:22.0771 4028 ============================================================ 13:16:22.0771 4028 Current date / time: 2012/07/06 13:16:22.0771 13:16:22.0771 4028 SystemInfo: 13:16:22.0771 4028 13:16:22.0771 4028 OS Version: 6.1.7601 ServicePack: 1.0 13:16:22.0771 4028 Product type: Workstation 13:16:22.0771 4028 ComputerName: BR3WSKEE 13:16:22.0771 4028 UserName: B-Nash 13:16:22.0771 4028 Windows directory: C:\Windows 13:16:22.0771 4028 System windows directory: C:\Windows 13:16:22.0771 4028 Running under WOW64 13:16:22.0771 4028 Processor architecture: Intel x64 13:16:22.0771 4028 Number of processors: 2 13:16:22.0771 4028 Page size: 0x1000 13:16:22.0771 4028 Boot type: Normal boot 13:16:22.0771 4028 ============================================================ 13:16:24.0160 4028 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:16:24.0160 4028 ============================================================ 13:16:24.0160 4028 \Device\Harddisk0\DR0: 13:16:24.0160 4028 MBR partitions: 13:16:24.0160 4028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 13:16:24.0160 4028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25000 13:16:24.0160 4028 ============================================================ 13:16:24.0175 4028 C: <-> \Device\Harddisk0\DR0\Partition1 13:16:24.0175 4028 ============================================================ 13:16:24.0175 4028 Initialize success 13:16:24.0175 4028 ============================================================ 13:17:06.0158 3532 ============================================================ 13:17:06.0158 3532 Scan started 13:17:06.0158 3532 Mode: Manual; SigCheck; TDLFS; 13:17:06.0158 3532 ============================================================ 13:17:06.0688 3532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 13:17:06.0766 3532 1394ohci - ok 13:17:06.0797 3532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 13:17:06.0813 3532 ACPI - ok 13:17:06.0844 3532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 13:17:06.0860 3532 AcpiPmi - ok 13:17:06.0953 3532 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe 13:17:07.0000 3532 Adobe Version Cue CS3 - ok 13:17:07.0140 3532 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:17:07.0156 3532 AdobeFlashPlayerUpdateSvc - ok 13:17:07.0218 3532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 13:17:07.0234 3532 adp94xx - ok 13:17:07.0265 3532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 13:17:07.0281 3532 adpahci - ok 13:17:07.0296 3532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 13:17:07.0312 3532 adpu320 - ok 13:17:07.0328 3532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 13:17:07.0374 3532 AeLookupSvc - ok 13:17:07.0421 3532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 13:17:07.0468 3532 AFD - ok 13:17:07.0499 3532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 13:17:07.0530 3532 agp440 - ok 13:17:07.0562 3532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 13:17:07.0608 3532 ALG - ok 13:17:07.0640 3532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 13:17:07.0655 3532 aliide - ok 13:17:07.0686 3532 AMD External Events Utility (8f6c0ff277dbfe5ebed24e3543da7bfa) C:\Windows\system32\atiesrxx.exe 13:17:07.0702 3532 AMD External Events Utility - ok 13:17:07.0718 3532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 13:17:07.0718 3532 amdide - ok 13:17:07.0749 3532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 13:17:07.0780 3532 AmdK8 - ok 13:17:08.0201 3532 amdkmdag (9673319070166e26660eba4edf316fa2) C:\Windows\system32\DRIVERS\atipmdag.sys 13:17:08.0326 3532 amdkmdag - ok 13:17:08.0451 3532 amdkmdap (430d06d63952848e64cbbf23b5c1479e) C:\Windows\system32\DRIVERS\atikmpag.sys 13:17:08.0498 3532 amdkmdap - ok 13:17:08.0544 3532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 13:17:08.0560 3532 AmdPPM - ok 13:17:08.0591 3532 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys 13:17:08.0607 3532 amdsata - ok 13:17:08.0638 3532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 13:17:08.0654 3532 amdsbs - ok 13:17:08.0669 3532 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys 13:17:08.0669 3532 amdxata - ok 13:17:08.0716 3532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 13:17:08.0794 3532 AppID - ok 13:17:08.0856 3532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 13:17:08.0919 3532 AppIDSvc - ok 13:17:08.0950 3532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 13:17:09.0028 3532 Appinfo - ok 13:17:09.0122 3532 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:17:09.0153 3532 Apple Mobile Device - ok 13:17:09.0168 3532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 13:17:09.0184 3532 arc - ok 13:17:09.0200 3532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 13:17:09.0231 3532 arcsas - ok 13:17:09.0231 3532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:17:09.0278 3532 AsyncMac - ok 13:17:09.0309 3532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 13:17:09.0309 3532 atapi - ok 13:17:09.0324 3532 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys 13:17:09.0340 3532 AtiPcie - ok 13:17:09.0402 3532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:17:09.0449 3532 AudioEndpointBuilder - ok 13:17:09.0449 3532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:17:09.0480 3532 AudioSrv - ok 13:17:09.0870 3532 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 13:17:09.0948 3532 AVGIDSAgent - ok 13:17:10.0058 3532 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 13:17:10.0089 3532 AVGIDSDriver - ok 13:17:10.0120 3532 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 13:17:10.0136 3532 AVGIDSFilter - ok 13:17:10.0151 3532 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 13:17:10.0167 3532 Avgldx64 - ok 13:17:10.0182 3532 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 13:17:10.0198 3532 Avgmfx64 - ok 13:17:10.0214 3532 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 13:17:10.0214 3532 Avgrkx64 - ok 13:17:10.0245 3532 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 13:17:10.0260 3532 Avgtdia - ok 13:17:10.0338 3532 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 13:17:10.0354 3532 avgwd - ok 13:17:10.0401 3532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 13:17:10.0463 3532 AxInstSV - ok 13:17:10.0526 3532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 13:17:10.0588 3532 b06bdrv - ok 13:17:10.0651 3532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:17:10.0701 3532 b57nd60a - ok 13:17:10.0731 3532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 13:17:10.0797 3532 BDESVC - ok 13:17:10.0812 3532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:17:10.0845 3532 Beep - ok 13:17:10.0916 3532 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 13:17:10.0971 3532 BFE - ok 13:17:11.0042 3532 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 13:17:11.0097 3532 BITS - ok 13:17:11.0129 3532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:17:11.0166 3532 blbdrive - ok 13:17:11.0252 3532 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 13:17:11.0288 3532 Bonjour Service - ok 13:17:11.0324 3532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 13:17:11.0342 3532 bowser - ok 13:17:11.0357 3532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:17:11.0379 3532 BrFiltLo - ok 13:17:11.0398 3532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:17:11.0409 3532 BrFiltUp - ok 13:17:11.0439 3532 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 13:17:11.0468 3532 BridgeMP - ok 13:17:11.0499 3532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 13:17:11.0552 3532 Browser - ok 13:17:11.0582 3532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:17:11.0613 3532 Brserid - ok 13:17:11.0628 3532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:17:11.0660 3532 BrSerWdm - ok 13:17:11.0675 3532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:17:11.0738 3532 BrUsbMdm - ok 13:17:11.0738 3532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:17:11.0753 3532 BrUsbSer - ok 13:17:11.0753 3532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 13:17:11.0769 3532 BTHMODEM - ok 13:17:11.0816 3532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 13:17:11.0847 3532 bthserv - ok 13:17:11.0847 3532 catchme - ok 13:17:11.0925 3532 CATmobile (a17eedc1b59232346753d5e9a652ce26) C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe 13:17:11.0956 3532 CATmobile ( UnsignedFile.Multi.Generic ) - warning 13:17:11.0956 3532 CATmobile - detected UnsignedFile.Multi.Generic (1) 13:17:11.0987 3532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:17:12.0065 3532 cdfs - ok 13:17:12.0096 3532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 13:17:12.0128 3532 cdrom - ok 13:17:12.0159 3532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:17:12.0206 3532 CertPropSvc - ok 13:17:12.0221 3532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 13:17:12.0237 3532 circlass - ok 13:17:12.0330 3532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:17:12.0377 3532 CLFS - ok 13:17:12.0440 3532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:17:12.0455 3532 clr_optimization_v2.0.50727_32 - ok 13:17:12.0502 3532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:17:12.0533 3532 clr_optimization_v2.0.50727_64 - ok 13:17:12.0611 3532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:17:12.0642 3532 clr_optimization_v4.0.30319_32 - ok 13:17:12.0705 3532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:17:12.0736 3532 clr_optimization_v4.0.30319_64 - ok 13:17:12.0752 3532 clwvd (e13a438f9e51dd034730678e33b73290) C:\Windows\system32\DRIVERS\clwvd.sys 13:17:12.0767 3532 clwvd - ok 13:17:12.0783 3532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:17:12.0814 3532 CmBatt - ok 13:17:12.0830 3532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 13:17:12.0845 3532 cmdide - ok 13:17:12.0892 3532 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 13:17:12.0923 3532 CNG - ok 13:17:12.0923 3532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 13:17:12.0939 3532 Compbatt - ok 13:17:12.0970 3532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 13:17:13.0017 3532 CompositeBus - ok 13:17:13.0032 3532 COMSysApp - ok 13:17:13.0032 3532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 13:17:13.0048 3532 crcdisk - ok 13:17:13.0079 3532 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 13:17:13.0110 3532 CryptSvc - ok 13:17:13.0157 3532 dalwdmservice (20b51198df64dd6ced07be75abc4df93) C:\Windows\system32\drivers\dalwdm.sys 13:17:13.0188 3532 dalwdmservice - ok 13:17:13.0266 3532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:17:13.0360 3532 DcomLaunch - ok 13:17:13.0391 3532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 13:17:13.0454 3532 defragsvc - ok 13:17:13.0485 3532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 13:17:13.0547 3532 DfsC - ok 13:17:13.0610 3532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 13:17:13.0656 3532 Dhcp - ok 13:17:13.0672 3532 DigiNet (faa97c2e28a2a7afbb156b78ff30f710) C:\Windows\system32\DRIVERS\diginet.sys 13:17:13.0688 3532 DigiNet - ok 13:17:13.0734 3532 DigiRefresh - ok 13:17:13.0812 3532 digiSPTIService (52e112e8b13522352db42b78ac9bab0c) C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe 13:17:13.0844 3532 digiSPTIService ( UnsignedFile.Multi.Generic ) - warning 13:17:13.0844 3532 digiSPTIService - detected UnsignedFile.Multi.Generic (1) 13:17:13.0875 3532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:17:13.0968 3532 discache - ok 13:17:14.0000 3532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 13:17:14.0031 3532 Disk - ok 13:17:14.0078 3532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 13:17:14.0109 3532 Dnscache - ok 13:17:14.0171 3532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 13:17:14.0265 3532 dot3svc - ok 13:17:14.0296 3532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 13:17:14.0343 3532 DPS - ok 13:17:14.0358 3532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:17:14.0374 3532 drmkaud - ok 13:17:14.0499 3532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 13:17:14.0546 3532 DXGKrnl - ok 13:17:14.0577 3532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 13:17:14.0624 3532 EapHost - ok 13:17:14.0858 3532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 13:17:14.0936 3532 ebdrv - ok 13:17:15.0045 3532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 13:17:15.0092 3532 EFS - ok 13:17:15.0201 3532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 13:17:15.0294 3532 ehRecvr - ok 13:17:15.0326 3532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 13:17:15.0357 3532 ehSched - ok 13:17:15.0419 3532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 13:17:15.0450 3532 elxstor - ok 13:17:15.0497 3532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 13:17:15.0591 3532 ErrDev - ok 13:17:15.0669 3532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 13:17:15.0731 3532 EventSystem - ok 13:17:15.0762 3532 ewusbnet (d83eb7ade99d99a4cd6568ac1261d35e) C:\Windows\system32\DRIVERS\ewusbnet.sys 13:17:15.0794 3532 ewusbnet - ok 13:17:15.0825 3532 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 13:17:15.0872 3532 ew_hwusbdev - ok 13:17:15.0903 3532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:17:15.0965 3532 exfat - ok 13:17:15.0996 3532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:17:16.0028 3532 fastfat - ok 13:17:16.0121 3532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 13:17:16.0168 3532 Fax - ok 13:17:16.0184 3532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 13:17:16.0215 3532 fdc - ok 13:17:16.0230 3532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 13:17:16.0277 3532 fdPHost - ok 13:17:16.0293 3532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 13:17:16.0340 3532 FDResPub - ok 13:17:16.0355 3532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:17:16.0371 3532 FileInfo - ok 13:17:16.0371 3532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:17:16.0418 3532 Filetrace - ok 13:17:16.0558 3532 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 13:17:16.0574 3532 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 13:17:16.0574 3532 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 13:17:16.0620 3532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 13:17:16.0652 3532 flpydisk - ok 13:17:16.0698 3532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 13:17:16.0714 3532 FltMgr - ok 13:17:16.0808 3532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 13:17:16.0886 3532 FontCache - ok 13:17:16.0948 3532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:17:16.0964 3532 FontCache3.0.0.0 - ok 13:17:17.0042 3532 Freemake Improver (5b0348b8e06d0d2597ed0e86ff47cd88) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 13:17:17.0073 3532 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning 13:17:17.0073 3532 Freemake Improver - detected UnsignedFile.Multi.Generic (1) 13:17:17.0104 3532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:17:17.0135 3532 FsDepends - ok 13:17:17.0213 3532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 13:17:17.0244 3532 Fs_Rec - ok 13:17:17.0291 3532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:17:17.0322 3532 fvevol - ok 13:17:17.0338 3532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 13:17:17.0338 3532 gagp30kx - ok 13:17:17.0416 3532 GameConsoleService (6858c318e8daa40e747e6fb9b214e104) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe 13:17:17.0447 3532 GameConsoleService - ok 13:17:17.0478 3532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:17:17.0494 3532 GEARAspiWDM - ok 13:17:17.0572 3532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 13:17:17.0650 3532 gpsvc - ok 13:17:17.0790 3532 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe 13:17:17.0822 3532 Greg_Service - ok 13:17:17.0900 3532 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:17:17.0931 3532 gupdate - ok 13:17:17.0931 3532 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:17:17.0946 3532 gupdatem - ok 13:17:18.0040 3532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:17:18.0102 3532 hcw85cir - ok 13:17:18.0165 3532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 13:17:18.0227 3532 HdAudAddService - ok 13:17:18.0258 3532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 13:17:18.0290 3532 HDAudBus - ok 13:17:18.0305 3532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 13:17:18.0352 3532 HidBatt - ok 13:17:18.0368 3532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 13:17:18.0383 3532 HidBth - ok 13:17:18.0414 3532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 13:17:18.0414 3532 HidIr - ok 13:17:18.0430 3532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 13:17:18.0477 3532 hidserv - ok 13:17:18.0492 3532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 13:17:18.0492 3532 HidUsb - ok 13:17:18.0524 3532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 13:17:18.0555 3532 hkmsvc - ok 13:17:18.0602 3532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 13:17:18.0633 3532 HomeGroupListener - ok 13:17:18.0680 3532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 13:17:18.0726 3532 HomeGroupProvider - ok 13:17:18.0758 3532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 13:17:18.0773 3532 HpSAMD - ok 13:17:18.0851 3532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 13:17:18.0914 3532 HTTP - ok 13:17:18.0914 3532 huawei_enumerator - ok 13:17:18.0945 3532 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys 13:17:18.0992 3532 hwdatacard - ok 13:17:19.0023 3532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 13:17:19.0054 3532 hwpolicy - ok 13:17:19.0070 3532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 13:17:19.0085 3532 i8042prt - ok 13:17:19.0116 3532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 13:17:19.0148 3532 iaStorV - ok 13:17:19.0272 3532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:17:19.0335 3532 idsvc - ok 13:17:19.0350 3532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 13:17:19.0366 3532 iirsp - ok 13:17:19.0444 3532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 13:17:19.0491 3532 IKEEXT - ok 13:17:19.0538 3532 int15.sys (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\System32\OEM\Factory\int15.sys 13:17:19.0569 3532 int15.sys - ok 13:17:19.0725 3532 IntcAzAudAddService (e80469090249f7d6d64be772cfa8c4c1) C:\Windows\system32\drivers\RTKVHD64.sys 13:17:19.0772 3532 IntcAzAudAddService - ok 13:17:19.0881 3532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 13:17:19.0896 3532 intelide - ok 13:17:19.0912 3532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:17:19.0943 3532 intelppm - ok 13:17:19.0974 3532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 13:17:20.0021 3532 IPBusEnum - ok 13:17:20.0052 3532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:17:20.0084 3532 IpFilterDriver - ok 13:17:20.0146 3532 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 13:17:20.0193 3532 iphlpsvc - ok 13:17:20.0224 3532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 13:17:20.0255 3532 IPMIDRV - ok 13:17:20.0286 3532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:17:20.0349 3532 IPNAT - ok 13:17:20.0536 3532 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 13:17:20.0583 3532 iPod Service - ok 13:17:20.0598 3532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:17:20.0645 3532 IRENUM - ok 13:17:20.0676 3532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 13:17:20.0723 3532 isapnp - ok 13:17:20.0832 3532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 13:17:20.0864 3532 iScsiPrt - ok 13:17:20.0895 3532 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys 13:17:20.0910 3532 itecir - ok 13:17:20.0926 3532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 13:17:20.0942 3532 kbdclass - ok 13:17:20.0957 3532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 13:17:20.0973 3532 kbdhid - ok 13:17:20.0988 3532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:17:21.0004 3532 KeyIso - ok 13:17:21.0020 3532 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 13:17:21.0035 3532 KSecDD - ok 13:17:21.0051 3532 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 13:17:21.0051 3532 KSecPkg - ok 13:17:21.0066 3532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:17:21.0113 3532 ksthunk - ok 13:17:21.0144 3532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 13:17:21.0191 3532 KtmRm - ok 13:17:21.0238 3532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 13:17:21.0285 3532 LanmanServer - ok 13:17:21.0316 3532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 13:17:21.0363 3532 LanmanWorkstation - ok 13:17:21.0378 3532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:17:21.0425 3532 lltdio - ok 13:17:21.0472 3532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 13:17:21.0503 3532 lltdsvc - ok 13:17:21.0503 3532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 13:17:21.0534 3532 lmhosts - ok 13:17:21.0566 3532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 13:17:21.0581 3532 LSI_FC - ok 13:17:21.0581 3532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 13:17:21.0597 3532 LSI_SAS - ok 13:17:21.0612 3532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:17:21.0612 3532 LSI_SAS2 - ok 13:17:21.0628 3532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:17:21.0659 3532 LSI_SCSI - ok 13:17:21.0675 3532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:17:21.0768 3532 luafv - ok 13:17:21.0800 3532 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 13:17:21.0800 3532 MBAMProtector - ok 13:17:21.0924 3532 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 13:17:21.0971 3532 MBAMService - ok 13:17:21.0987 3532 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys 13:17:21.0987 3532 MBfilt - ok 13:17:22.0018 3532 MBX2DFU (8246015402271e38e91d3aa49dbc5f5c) C:\Windows\system32\DRIVERS\MBX2DFU.sys 13:17:22.0049 3532 MBX2DFU - ok 13:17:22.0065 3532 MBX2MIDK (a8e67055e039356f81c29d25357f22f2) C:\Windows\system32\drivers\mbx2midk.sys 13:17:22.0080 3532 MBX2MIDK - ok 13:17:22.0112 3532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 13:17:22.0158 3532 Mcx2Svc - ok 13:17:22.0190 3532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 13:17:22.0190 3532 megasas - ok 13:17:22.0236 3532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 13:17:22.0252 3532 MegaSR - ok 13:17:22.0314 3532 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 13:17:22.0330 3532 Microsoft Office Groove Audit Service - ok 13:17:22.0361 3532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:17:22.0424 3532 MMCSS - ok 13:17:22.0439 3532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:17:22.0470 3532 Modem - ok 13:17:22.0502 3532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:17:22.0533 3532 monitor - ok 13:17:22.0564 3532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 13:17:22.0580 3532 mouclass - ok 13:17:22.0595 3532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:17:22.0626 3532 mouhid - ok 13:17:22.0658 3532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 13:17:22.0658 3532 mountmgr - ok 13:17:22.0704 3532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 13:17:22.0751 3532 mpio - ok 13:17:22.0767 3532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:17:22.0814 3532 mpsdrv - ok 13:17:22.0892 3532 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 13:17:22.0938 3532 MpsSvc - ok 13:17:22.0970 3532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 13:17:23.0032 3532 MRxDAV - ok 13:17:23.0079 3532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:17:23.0126 3532 mrxsmb - ok 13:17:23.0172 3532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:17:23.0204 3532 mrxsmb10 - ok 13:17:23.0235 3532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:17:23.0266 3532 mrxsmb20 - ok 13:17:23.0297 3532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 13:17:23.0313 3532 msahci - ok 13:17:23.0344 3532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 13:17:23.0360 3532 msdsm - ok 13:17:23.0391 3532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 13:17:23.0438 3532 MSDTC - ok 13:17:23.0469 3532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:17:23.0500 3532 Msfs - ok 13:17:23.0500 3532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:17:23.0547 3532 mshidkmdf - ok 13:17:23.0562 3532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 13:17:23.0562 3532 msisadrv - ok 13:17:23.0594 3532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 13:17:23.0640 3532 MSiSCSI - ok 13:17:23.0640 3532 msiserver - ok 13:17:23.0656 3532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:17:23.0703 3532 MSKSSRV - ok 13:17:23.0718 3532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:17:23.0796 3532 MSPCLOCK - ok 13:17:23.0812 3532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:17:23.0859 3532 MSPQM - ok 13:17:23.0906 3532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 13:17:23.0921 3532 MsRPC - ok 13:17:23.0921 3532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 13:17:23.0937 3532 mssmbios - ok 13:17:23.0952 3532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:17:23.0984 3532 MSTEE - ok 13:17:23.0999 3532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 13:17:23.0999 3532 MTConfig - ok 13:17:24.0015 3532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:17:24.0030 3532 Mup - ok 13:17:24.0093 3532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 13:17:24.0171 3532 napagent - ok 13:17:24.0202 3532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:17:24.0264 3532 NativeWifiP - ok 13:17:24.0358 3532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 13:17:24.0389 3532 NDIS - ok 13:17:24.0405 3532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:17:24.0436 3532 NdisCap - ok 13:17:24.0452 3532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:17:24.0467 3532 NdisTapi - ok 13:17:24.0498 3532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 13:17:24.0530 3532 Ndisuio - ok 13:17:24.0576 3532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 13:17:24.0670 3532 NdisWan - ok 13:17:24.0701 3532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 13:17:24.0732 3532 NDProxy - ok 13:17:24.0873 3532 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 13:17:24.0920 3532 Nero BackItUp Scheduler 4.0 - ok 13:17:24.0935 3532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:17:24.0982 3532 NetBIOS - ok 13:17:25.0029 3532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 13:17:25.0091 3532 NetBT - ok 13:17:25.0122 3532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:17:25.0122 3532 Netlogon - ok 13:17:25.0169 3532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 13:17:25.0216 3532 Netman - ok 13:17:25.0263 3532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 13:17:25.0310 3532 netprofm - ok 13:17:25.0419 3532 netr28x (6b605adc90a1dd4a9bd94fc23ef52884) C:\Windows\system32\DRIVERS\netr28x.sys 13:17:25.0450 3532 netr28x - ok 13:17:25.0497 3532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:17:25.0528 3532 NetTcpPortSharing - ok 13:17:25.0559 3532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 13:17:25.0575 3532 nfrd960 - ok 13:17:25.0637 3532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 13:17:25.0684 3532 NlaSvc - ok 13:17:25.0700 3532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:17:25.0731 3532 Npfs - ok 13:17:25.0746 3532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 13:17:25.0793 3532 nsi - ok 13:17:25.0809 3532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:17:25.0840 3532 nsiproxy - ok 13:17:25.0965 3532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 13:17:26.0012 3532 Ntfs - ok 13:17:26.0090 3532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:17:26.0152 3532 Null - ok 13:17:26.0183 3532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 13:17:26.0230 3532 nvraid - ok 13:17:26.0246 3532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 13:17:26.0261 3532 nvstor - ok 13:17:26.0292 3532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 13:17:26.0324 3532 nv_agp - ok 13:17:26.0402 3532 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 13:17:26.0448 3532 odserv - ok 13:17:26.0464 3532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 13:17:26.0495 3532 ohci1394 - ok 13:17:26.0526 3532 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:17:26.0542 3532 ose - ok 13:17:26.0573 3532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:17:26.0604 3532 p2pimsvc - ok 13:17:26.0651 3532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 13:17:26.0667 3532 p2psvc - ok 13:17:26.0698 3532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 13:17:26.0714 3532 Parport - ok 13:17:26.0745 3532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 13:17:26.0760 3532 partmgr - ok 13:17:26.0776 3532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 13:17:26.0807 3532 PcaSvc - ok 13:17:26.0838 3532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 13:17:26.0854 3532 pci - ok 13:17:26.0870 3532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 13:17:26.0870 3532 pciide - ok 13:17:26.0901 3532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 13:17:26.0916 3532 pcmcia - ok 13:17:26.0948 3532 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS 13:17:26.0948 3532 PCTINDIS5X64 - ok 13:17:26.0979 3532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:17:26.0979 3532 pcw - ok 13:17:27.0026 3532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:17:27.0072 3532 PEAUTH - ok 13:17:27.0150 3532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 13:17:27.0182 3532 PerfHost - ok 13:17:27.0338 3532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 13:17:27.0478 3532 pla - ok 13:17:27.0509 3532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 13:17:27.0572 3532 PlugPlay - ok 13:17:27.0634 3532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 13:17:27.0665 3532 PNRPAutoReg - ok 13:17:27.0696 3532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:17:27.0728 3532 PNRPsvc - ok 13:17:27.0759 3532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 13:17:27.0806 3532 PolicyAgent - ok 13:17:27.0852 3532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 13:17:27.0884 3532 Power - ok 13:17:27.0962 3532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 13:17:28.0040 3532 PptpMiniport - ok 13:17:28.0071 3532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 13:17:28.0086 3532 Processor - ok 13:17:28.0133 3532 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 13:17:28.0164 3532 ProfSvc - ok 13:17:28.0180 3532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:17:28.0196 3532 ProtectedStorage - ok 13:17:28.0227 3532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 13:17:28.0305 3532 Psched - ok 13:17:28.0414 3532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 13:17:28.0445 3532 ql2300 - ok 13:17:28.0554 3532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 13:17:28.0570 3532 ql40xx - ok 13:17:28.0617 3532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 13:17:28.0648 3532 QWAVE - ok 13:17:28.0664 3532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:17:28.0679 3532 QWAVEdrv - ok 13:17:28.0695 3532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:17:28.0742 3532 RasAcd - ok 13:17:28.0773 3532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:17:28.0820 3532 RasAgileVpn - ok 13:17:28.0835 3532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 13:17:28.0913 3532 RasAuto - ok 13:17:28.0944 3532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:17:28.0991 3532 Rasl2tp - ok 13:17:29.0038 3532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 13:17:29.0085 3532 RasMan - ok 13:17:29.0085 3532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:17:29.0132 3532 RasPppoe - ok 13:17:29.0147 3532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:17:29.0194 3532 RasSstp - ok 13:17:29.0241 3532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 13:17:29.0288 3532 rdbss - ok 13:17:29.0303 3532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 13:17:29.0319 3532 rdpbus - ok 13:17:29.0334 3532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:17:29.0381 3532 RDPCDD - ok 13:17:29.0397 3532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:17:29.0444 3532 RDPENCDD - ok 13:17:29.0459 3532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:17:29.0490 3532 RDPREFMP - ok 13:17:29.0537 3532 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 13:17:29.0600 3532 RDPWD - ok 13:17:29.0631 3532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 13:17:29.0646 3532 rdyboost - ok 13:17:29.0678 3532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 13:17:29.0709 3532 RemoteAccess - ok 13:17:29.0740 3532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 13:17:29.0787 3532 RemoteRegistry - ok 13:17:29.0802 3532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 13:17:29.0834 3532 RpcEptMapper - ok 13:17:29.0865 3532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 13:17:29.0880 3532 RpcLocator - ok 13:17:29.0943 3532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:17:29.0990 3532 RpcSs - ok 13:17:30.0005 3532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:17:30.0114 3532 rspndr - ok 13:17:30.0146 3532 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\System32\Drivers\RtsUStor.sys 13:17:30.0177 3532 RSUSBSTOR - ok 13:17:30.0208 3532 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\Windows\system32\DRIVERS\Rt64win7.sys 13:17:30.0224 3532 RTL8167 - ok 13:17:30.0255 3532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:17:30.0255 3532 SamSs - ok 13:17:30.0286 3532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 13:17:30.0302 3532 sbp2port - ok 13:17:30.0333 3532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 13:17:30.0364 3532 SCardSvr - ok 13:17:30.0395 3532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 13:17:30.0426 3532 scfilter - ok 13:17:30.0520 3532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 13:17:30.0582 3532 Schedule - ok 13:17:30.0629 3532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:17:30.0645 3532 SCPolicySvc - ok 13:17:30.0692 3532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 13:17:30.0738 3532 SDRSVC - ok 13:17:30.0770 3532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:17:30.0832 3532 secdrv - ok 13:17:30.0894 3532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 13:17:31.0019 3532 seclogon - ok 13:17:31.0113 3532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 13:17:31.0175 3532 SENS - ok 13:17:31.0191 3532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 13:17:31.0222 3532 SensrSvc - ok 13:17:31.0238 3532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 13:17:31.0253 3532 Serenum - ok 13:17:31.0269 3532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 13:17:31.0269 3532 Serial - ok 13:17:31.0300 3532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 13:17:31.0316 3532 sermouse - ok 13:17:31.0347 3532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 13:17:31.0409 3532 SessionEnv - ok 13:17:31.0425 3532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:17:31.0456 3532 sffdisk - ok 13:17:31.0472 3532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:17:31.0503 3532 sffp_mmc - ok 13:17:31.0518 3532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 13:17:31.0565 3532 sffp_sd - ok 13:17:31.0565 3532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 13:17:31.0581 3532 sfloppy - ok 13:17:31.0659 3532 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 13:17:31.0721 3532 SharedAccess - ok 13:17:31.0768 3532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 13:17:31.0815 3532 ShellHWDetection - ok 13:17:31.0830 3532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:17:31.0830 3532 SiSRaid2 - ok 13:17:31.0846 3532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 13:17:31.0862 3532 SiSRaid4 - ok 13:17:31.0877 3532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:17:31.0908 3532 Smb - ok 13:17:31.0940 3532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 13:17:31.0955 3532 SNMPTRAP - ok 13:17:31.0971 3532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:17:31.0986 3532 spldr - ok 13:17:32.0018 3532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 13:17:32.0064 3532 Spooler - ok 13:17:32.0376 3532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 13:17:32.0470 3532 sppsvc - ok 13:17:32.0548 3532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 13:17:32.0626 3532 sppuinotify - ok 13:17:32.0704 3532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 13:17:32.0751 3532 srv - ok 13:17:32.0798 3532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 13:17:32.0844 3532 srv2 - ok 13:17:32.0876 3532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 13:17:32.0891 3532 srvnet - ok 13:17:32.0922 3532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 13:17:32.0985 3532 SSDPSRV - ok 13:17:33.0000 3532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 13:17:33.0032 3532 SstpSvc - ok 13:17:33.0047 3532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 13:17:33.0063 3532 stexstor - ok 13:17:33.0110 3532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 13:17:33.0156 3532 stisvc - ok 13:17:33.0172 3532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 13:17:33.0188 3532 swenum - ok 13:17:33.0219 3532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 13:17:33.0266 3532 swprv - ok 13:17:33.0406 3532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 13:17:33.0453 3532 SysMain - ok 13:17:33.0562 3532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 13:17:33.0640 3532 TabletInputService - ok 13:17:33.0702 3532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 13:17:33.0765 3532 TapiSrv - ok 13:17:33.0796 3532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 13:17:33.0827 3532 TBS - ok 13:17:34.0014 3532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 13:17:34.0061 3532 Tcpip - ok 13:17:34.0233 3532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 13:17:34.0264 3532 TCPIP6 - ok 13:17:34.0342 3532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 13:17:34.0404 3532 tcpipreg - ok 13:17:34.0451 3532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:17:34.0498 3532 TDPIPE - ok 13:17:34.0545 3532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 13:17:34.0576 3532 TDTCP - ok 13:17:34.0638 3532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 13:17:34.0701 3532 tdx - ok 13:17:34.0732 3532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 13:17:34.0748 3532 TermDD - ok 13:17:34.0794 3532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 13:17:34.0841 3532 TermService - ok 13:17:34.0872 3532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 13:17:34.0904 3532 Themes - ok 13:17:34.0919 3532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:17:34.0950 3532 THREADORDER - ok 13:17:35.0028 3532 TMobileRcAppSvc (d44d1fd2a03351bab109e1fc14d08cfb) C:\Program Files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe 13:17:35.0060 3532 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - warning 13:17:35.0060 3532 TMobileRcAppSvc - detected UnsignedFile.Multi.Generic (1) 13:17:35.0122 3532 tmobile_mf691_dc_enum (265cd57b1c3700cdbc0b815791bc3b56) C:\Windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys 13:17:35.0169 3532 tmobile_mf691_dc_enum - ok 13:17:35.0216 3532 Tpkd (7cace8801848966b7541e664000e4ee4) C:\Windows\system32\drivers\Tpkd.sys 13:17:35.0231 3532 Tpkd - ok 13:17:35.0247 3532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 13:17:35.0325 3532 TrkWks - ok 13:17:35.0387 3532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 13:17:35.0434 3532 TrustedInstaller - ok 13:17:35.0450 3532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:17:35.0496 3532 tssecsrv - ok 13:17:35.0528 3532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 13:17:35.0574 3532 TsUsbFlt - ok 13:17:35.0621 3532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 13:17:35.0684 3532 tunnel - ok 13:17:35.0715 3532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 13:17:35.0730 3532 uagp35 - ok 13:17:35.0777 3532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 13:17:35.0824 3532 udfs - ok 13:17:35.0855 3532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 13:17:35.0871 3532 UI0Detect - ok 13:17:35.0902 3532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 13:17:35.0902 3532 uliagpkx - ok 13:17:35.0933 3532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 13:17:35.0980 3532 umbus - ok 13:17:35.0996 3532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 13:17:36.0011 3532 UmPass - ok 13:17:36.0089 3532 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe 13:17:36.0120 3532 Updater Service - ok 13:17:36.0261 3532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 13:17:36.0354 3532 upnphost - ok 13:17:36.0386 3532 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 13:17:36.0448 3532 USBAAPL64 - ok 13:17:36.0479 3532 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 13:17:36.0557 3532 usbaudio - ok 13:17:36.0573 3532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 13:17:36.0604 3532 usbccgp - ok 13:17:36.0635 3532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 13:17:36.0651 3532 usbcir - ok 13:17:36.0651 3532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 13:17:36.0666 3532 usbehci - ok 13:17:36.0698 3532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 13:17:36.0729 3532 usbhub - ok 13:17:36.0838 3532 USBMULCD (f9b3054339a71f16430f6585ebc8be96) C:\Windows\system32\drivers\CM10664.sys 13:17:36.0900 3532 USBMULCD - ok 13:17:36.0916 3532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 13:17:36.0932 3532 usbohci - ok 13:17:36.0963 3532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:17:36.0978 3532 usbprint - ok 13:17:37.0010 3532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 13:17:37.0041 3532 usbscan - ok 13:17:37.0072 3532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:17:37.0103 3532 USBSTOR - ok 13:17:37.0119 3532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 13:17:37.0134 3532 usbuhci - ok 13:17:37.0166 3532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 13:17:37.0197 3532 usbvideo - ok 13:17:37.0228 3532 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 13:17:37.0228 3532 usb_rndisx - ok 13:17:37.0259 3532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 13:17:37.0290 3532 UxSms - ok 13:17:37.0322 3532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:17:37.0322 3532 VaultSvc - ok 13:17:37.0337 3532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 13:17:37.0353 3532 vdrvroot - ok 13:17:37.0400 3532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 13:17:37.0446 3532 vds - ok 13:17:37.0462 3532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:17:37.0478 3532 vga - ok 13:17:37.0493 3532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:17:37.0524 3532 VgaSave - ok 13:17:37.0556 3532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 13:17:37.0571 3532 vhdmp - ok 13:17:37.0618 3532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 13:17:37.0634 3532 viaide - ok 13:17:37.0665 3532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 13:17:37.0680 3532 volmgr - ok 13:17:37.0727 3532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 13:17:37.0758 3532 volmgrx - ok 13:17:37.0821 3532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 13:17:37.0837 3532 volsnap - ok 13:17:37.0868 3532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 13:17:37.0883 3532 vsmraid - ok 13:17:38.0039 3532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 13:17:38.0117 3532 VSS - ok 13:17:38.0320 3532 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe 13:17:38.0351 3532 vToolbarUpdater11.1.0 - ok 13:17:38.0445 3532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 13:17:38.0476 3532 vwifibus - ok 13:17:38.0492 3532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 13:17:38.0523 3532 vwififlt - ok 13:17:38.0570 3532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 13:17:38.0632 3532 W32Time - ok 13:17:38.0648 3532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 13:17:38.0663 3532 WacomPen - ok 13:17:38.0695 3532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:17:38.0726 3532 WANARP - ok 13:17:38.0741 3532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:17:38.0757 3532 Wanarpv6 - ok 13:17:38.0913 3532 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 13:17:38.0960 3532 WatAdminSvc - ok 13:17:39.0100 3532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 13:17:39.0194 3532 wbengine - ok 13:17:39.0272 3532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 13:17:39.0303 3532 WbioSrvc - ok 13:17:39.0365 3532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 13:17:39.0381 3532 wcncsvc - ok 13:17:39.0397 3532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 13:17:39.0412 3532 WcsPlugInService - ok 13:17:39.0459 3532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 13:17:39.0459 3532 Wd - ok 13:17:39.0521 3532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

What do i do next?

Malwarebytes Anti-Malware (PRO) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.05.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 B-Nash :: BR3WSKEE [administrator] Protection: Disabled 7/5/2012 11:39:52 AM mbam-log-2012-07-05 (11-39-52).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 240852 Time elapsed: 3 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK

Malwarebytes Anti-Malware (PRO) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.05.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 B-Nash :: BR3WSKEE [administrator] Protection: Disabled 7/5/2012 9:09:39 AM mbam-log-2012-07-05 (09-09-39).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 240914 Time elapsed: 2 minute(s), 41 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 3560 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end)

ComboFix 12-07-04.04 - B-Nash 07/04/2012 16:35:57.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2607 [GMT -5:00] Running from: c:\users\B-Nash\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\data c:\data\1htmia44_o\us_sres.data c:\data\default\us_sres.data c:\program files (x86)\Shop to Win 8\ShOPpingbho.dll c:\program files (x86)\Shop to Win c:\program files (x86)\Shop to Win\STWNotify.exe c:\program files (x86)\Shop to Win\STWSetup-FF.exe c:\program files (x86)\Shop to Win\STWSetup-IE.exe c:\program files (x86)\Shop to Win\unins000.dat c:\program files (x86)\Shop to Win\unins000.exe c:\windows\security\Database\tmp.edb c:\windows\svchost.exe c:\windows\system\fltr106.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-04 to 2012-07-04 ))))))))))))))))))))))))))))))) . . 2012-07-03 23:12 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-03 23:11 . 2012-05-18 02:02 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2012-07-03 23:11 . 2012-05-18 02:01 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll 2012-07-03 23:11 . 2012-05-17 22:38 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll 2012-07-03 23:11 . 2012-05-17 22:37 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll 2012-07-03 23:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-07-03 23:10 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-07-03 23:10 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-07-03 23:10 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-07-03 23:09 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-07-03 23:09 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-07-03 23:09 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-07-03 23:09 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-07-03 23:09 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-07-03 23:09 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 23:09 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-07-03 23:08 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-07-03 23:08 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-07-03 23:08 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-07-03 23:08 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-07-03 23:08 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-07-03 23:08 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-07-03 23:07 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-07-03 23:06 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-07-03 23:06 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-07-03 23:06 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-07-03 23:06 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-07-03 23:06 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-07-03 22:55 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-07-03 22:55 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-07-03 22:55 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-07-03 22:55 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-07-03 22:55 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-07-03 22:55 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-07-03 22:55 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-07-03 22:55 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-07-03 22:55 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-07-03 22:47 . 2012-07-03 22:47 -------- d-----w- c:\users\B-Nash\AppData\Local\AVG Secure Search 2012-07-03 04:11 . 2012-07-03 04:11 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE 2012-07-02 22:33 . 2012-07-02 22:33 -------- d-----w- c:\program files (x86)\Oracle 2012-07-02 22:32 . 2012-05-05 00:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-07-02 22:17 . 2012-07-02 22:17 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-07-02 20:35 . 2012-07-02 20:35 -------- d-----w- c:\users\Guest\AppData\Local\Diagnostics . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 00:01 . 2012-04-12 18:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-03 00:01 . 2011-05-16 19:37 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-18 08:12 . 2012-07-03 23:40 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{50791925-4902-425C-9D81-61FD455AAD2E}\mpengine.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-03 22:25 2068536 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-07-03 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Desktop Software"="c:\program files (x86)\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-11 624248] "DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2008-12-04 77824] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240] "YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2011-02-18 136488] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-03 1104440] "T-Mobile webConnect Manager"="c:\program files (x86)\T-Mobile\webConnect Manager\TMobileCM.exe" [2011-01-20 12800] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Best Buy Software Installer.lnk - c:\program files\Best Buy Software Installer\Best Buy Software Installer.exe [2010-2-15 1135560] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 135664] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 257224] R3 CATmobile;T-Mobile Con App Svc;c:\program files (x86)\T-Mobile\webConnect Manager\conappssvc.exe [2010-12-22 118784] R3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2008-12-04 162832] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-09-01 256000] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 135664] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x] R3 MBX2DFU;MBX2DFU;c:\windows\system32\DRIVERS\MBX2DFU.sys [2008-12-04 31120] R3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2008-12-04 32400] R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [2010-12-22 43032] R3 TMobileRcAppSvc;T-Mobile RcApp Svc;c:\program files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe [2010-12-22 114688] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [2009-09-30 1307648] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-28 1255736] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-13 202752] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2008-12-04 21520] S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-02-10 76288] S2 Greg_Service;GRegService;c:\program files (x86)\Gateway\Registration\GregHSRW.exe [2009-08-28 1150496] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [2010-01-28 243232] S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-07-03 935480] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216] S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2010-07-13 69736] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-03-29 925984] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-12-19 314400] S3 tmobile_mf691_dc_enum;tmobile_mf691_dc_enum;c:\windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys [2010-04-09 75776] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 00:01] . 2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 20:37] . 2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 20:37] . 2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1876199669-471561695-2787328992-1000Core.job - c:\users\B-Nash\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 20:36] . 2012-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1876199669-471561695-2787328992-1000UA.job - c:\users\B-Nash\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 20:36] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=zx4300&r=17360910c100p0437y115k46l1r248 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 10.0.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe Toolbar-Locked - (no file) WebBrowser-{6AA40521-14E7-4B1D-B1B4-98528C1388C9} - (no file) AddRemove-{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1 - c:\program files (x86)\Shop To Win\unins000.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de "{9D425283-D487-4337-BAB6-AB8354A81457}"=hex:51,66,7a,6c,4c,1d,38,12,ed,51,51, 99,b5,9a,59,06,c5,a0,e8,c3,51,f6,50,43 "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90, 43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87 "{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68, 55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3 "{2E924F4F-67F0-4BD8-9560-49F468E843D2}"=hex:51,66,7a,6c,4c,1d,38,12,21,4c,81, 2a,c2,29,b6,0e,ea,76,0a,b4,6d,b6,07,c6 "{6AA40521-14E7-4B1D-B1B4-98528C1388C9}"=hex:51,66,7a,6c,4c,1d,38,12,4f,06,b7, 6e,d5,5a,73,0e,ce,a2,db,12,89,4d,cc,dd "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{F3FEE66E-E034-436A-86E4-9690573BEE8A}"=hex:51,66,7a,6c,4c,1d,38,12,00,e5,ed, f7,06,ae,04,06,f9,f2,d5,d0,52,65,aa,9e "{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f, 03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02 "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{346FDE31-DFF9-418A-90C8-BA31DC9FF2EF}"=hex:51,66,7a,6c,4c,1d,38,12,5f,dd,7c, 30,cb,91,e4,04,ef,de,f9,71,d9,c1,b6,fb "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 "{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F}"=hex:51,66,7a,6c,4c,1d,38,12,87,2c,ed, 99,ab,81,b1,0f,dd,98,d8,1a,de,d3,83,5b "{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f, aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04 "{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}"=hex:51,66,7a,6c,4c,1d,38,12,92,9a,85, b0,57,58,7a,01,de,dd,87,e2,a1,ff,7a,f8 "{BF00E119-21A3-4FD1-B178-3B8537E75C92}"=hex:51,66,7a,6c,4c,1d,38,12,77,e2,13, bb,91,6f,bf,0a,ce,6e,78,c5,32,b9,18,86 "{CA2F8E90-0E43-46AD-89C0-7634A233ED00}"=hex:51,66,7a,6c,4c,1d,38,12,fe,8d,3c, ce,71,40,c3,03,f6,d6,35,74,a7,6d,a9,14 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DAC028C6-2A41-4730-B91F-DFBCB26C82B3}"=hex:51,66,7a,6c,4c,1d,38,12,a8,2b,d3, de,73,64,5e,02,c6,09,9c,fc,b7,32,c6,a7 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61, f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc "{182EC0BE-5110-49C8-A062-BEB1D02A220B}"=hex:51,66,7a,6c,4c,1d,38,12,d0,c3,3d, 1c,22,1f,a6,0c,df,74,fd,f1,d5,74,66,1f "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:e5,0e,a3,b2,ea,18,cd,01 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files (x86)\Internet Explorer\IELowutil.exe c:\\.\globalroot\systemroot\svchost.exe . ************************************************************************** . Completion time: 2012-07-04 17:28:06 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-04 22:27 . Pre-Run: 357,586,292,736 bytes free Post-Run: 357,051,260,928 bytes free . - - End Of File - - 00F30D1A69E44F421F28DCA5B8169BAC