techlessDad

Maniac, Everything appears to be very good; thanks to your assistance. Having read your initial links on hacking I understand that misc back-doors may have been installed. Having said that, are there additional standard patches that i should install to at least cover initial vulnerabilities? Thanks again. Glenn

OK, Java re-installed. I'll read the 32 vs 64 bit links articles. Thanks again.

Sorry for the delay, didn't realize how long ESET was going to take. Tried to run before work but had to quit after 1.5 hrs. on that partial run it did find some hits, mostly what appeared to be remnants of tdsskiller's quarantine. When I did a full run this morning, log below, nothing was found. I can not find the log from yesterday's partial run. On a side note, throughout this process I believe I've seen that I have some 32 bit programs and some 64 bit pograms. Should all be 64 to match the system or are some only available as 32? Does it matter? Thanks again. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=da8a240fff7e4b4c85f99bfa3ac0c6d1 # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-06 11:40:30 # local_time=2012-07-06 07:40:30 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=3588 16777214 85 67 1732400 9357795 0 0 # compatibility_mode=5893 16776574 66 85 31391424 93112329 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=171536 # found=23 # cleaned=23 # scan_time=5951 C:\Qoobox\Quarantine\C\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEIPlug.dll.vir Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEZSETP.dll.vir a variant of Win32/Toolbar.MyWebSearch.Q application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISb.dll.vir Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.25.52\mbr0000\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\TDSSKiller_Quarantine\04.07.2012_14.35.58\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Glenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\2e1f51db-29c2fae3 Java/Exploit.CVE-2011-3544.AV trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Glenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\fb33cdc-6cdd1626 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Glenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\655c97e4-1fe09c6a a variant of Java/TrojanDownloader.Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Ian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\5e74d856-2f2e189c multiple threats (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Ian\Downloads\minecraft setup.exe Win32/Soft32Downloader application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DG7RH8WW\agood[1].htm HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=da8a240fff7e4b4c85f99bfa3ac0c6d1 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-07-07 11:26:55 # local_time=2012-07-07 07:26:55 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=3588 16777214 85 67 1816495 9441890 0 0 # compatibility_mode=5893 16776574 66 85 31475519 93196424 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=242625 # found=0 # cleaned=0 # scan_time=7442

Combofix log... ComboFix 12-07-05.02 - Glenn 07/05/2012 5:31.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2322 [GMT -4:00] Running from: c:\users\Glenn\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\CouponAlert_2pEI c:\program files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEIPlug.dll c:\program files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEZSETP.dll c:\program files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISb.dll c:\users\Ian\Documents\~WRL0005.tmp . . ((((((((((((((((((((((((( Files Created from 2012-06-05 to 2012-07-05 ))))))))))))))))))))))))))))))) . . 2012-07-05 09:43 . 2012-07-05 09:43 -------- d-----w- c:\users\JoAnn\AppData\Local\temp 2012-07-05 09:43 . 2012-07-05 09:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-05 09:43 . 2012-07-05 09:43 -------- d-----w- c:\users\Ian\AppData\Local\temp 2012-07-04 18:28 . 2012-07-04 18:44 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-01 01:05 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-07-01 01:05 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-07-01 01:05 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-07-01 01:05 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-07-01 01:04 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-07-01 01:04 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-07-01 01:04 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-07-01 01:04 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-07-01 01:04 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-30 05:52 . 2012-06-30 05:52 -------- d-----w- c:\users\JoAnn\AppData\Roaming\RealNetworks 2012-06-27 10:33 . 2012-07-01 10:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-27 03:49 . 2012-06-27 03:49 -------- d-----w- c:\programdata\PC Optimizer Pro 2012-06-27 03:30 . 2012-06-27 03:30 -------- d-----w- c:\users\JoAnn\AppData\Local\visi_coupon 2012-06-27 03:29 . 2012-06-27 03:29 -------- d-----w- c:\users\JoAnn\AppData\Local\SavingsApp 2012-06-27 03:28 . 2012-06-27 03:28 -------- d-----w- c:\users\JoAnn\AppData\Roaming\Yahoo! 2012-06-14 21:24 . 2012-07-01 01:27 -------- d-----w- c:\program files (x86)\VitalSource Bookshelf 2012-06-14 16:19 . 2012-06-14 16:19 -------- d-----w- c:\program files\iTunes 2012-06-14 16:19 . 2012-06-14 16:19 -------- d-----w- c:\program files (x86)\iTunes 2012-06-14 16:19 . 2012-06-14 16:19 -------- d-----w- c:\program files\iPod 2012-06-14 16:16 . 2012-06-14 16:16 -------- d-----w- c:\program files\Bonjour 2012-06-14 16:16 . 2012-06-14 16:16 -------- d-----w- c:\program files (x86)\Bonjour 2012-06-13 21:16 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-04 10:21 . 2003-03-19 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-06-04 10:21 . 2003-02-21 12:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-05-27 12:06 . 2012-05-27 12:06 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-05-05 02:24 . 2012-04-01 21:21 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-05 02:24 . 2011-06-07 00:30 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 02:24 . 2012-04-14 04:14 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440] "IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2010-07-23 111640] "QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2011-05-16 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-06-04 296056] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944] . c:\users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Kuma_Tray.lnk - c:\users\Glenn\Documents\Kuma Games\kgsystray\Kuma_tray.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320] WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2119488] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-19 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-19 136176] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-12-08 329832] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [2011-07-26 451192] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [2012-03-29 1092728] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001_e4b\BHDrvx64.sys [2012-06-19 1161376] S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [2011-11-29 167048] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120704.001\IDSvia64.sys [2012-06-29 509088] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [2012-03-29 190072] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [2012-03-29 405624] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [2012-03-27 138232] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-07-23 2320920] S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536] S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-11 31088] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-12-08 158976] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-12-08 317440] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-29 565352] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-11-22 22:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 02:24] . 2012-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-19 18:30] . 2012-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-19 18:30] . 2012-07-01 c:\windows\Tasks\HPCeeScheduleFor2011-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-06-06 c:\windows\Tasks\HPCeeScheduleForIan.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-06-06 c:\windows\Tasks\HPCeeScheduleForJoAnn.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter] @="{D25B32FE-CB96-491A-98FF-AD59DA382D69}" [HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}] 2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter] @="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}" [HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}] 2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter] @="{B3C78E40-6B64-47C3-AE34-60B770881EB8}" [HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}] 2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter] @="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}" [HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}] 2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter] @="{855156F0-2A0F-11DE-8C30-0800200C9A66}" [HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}] 2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-29 167704] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-11-29 1424896] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://my.yahoo.com/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 24.229.54.212 216.144.187.199 24.229.54.220 DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} - hxxp://cabinetliquidators.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab . - - - - ORPHANS REMOVED - - - - . HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{BA00B7B1-0351-477A-B948-23E3EE5A73D4}"=hex:51,66,7a,6c,4c,1d,38,12,df,b4,13, be,63,4d,14,02,c6,5e,60,a3,eb,04,37,c0 "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a, 34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de "{3EF64538-8B54-4573-B48F-4D34B0238AB2}"=hex:51,66,7a,6c,4c,1d,38,12,56,46,e5, 3a,66,c5,1d,00,cb,99,0e,74,b5,7d,ce,a6 "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce, 9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3 "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:5f,bd,bb,a0,76,57,cd,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-05 06:00:54 ComboFix-quarantined-files.txt 2012-07-05 10:00 . Pre-Run: 413,243,056,128 bytes free Post-Run: 418,050,936,832 bytes free . - - End Of File - - A5A9B7AB549569AC41CAF9902F551C36 Thanks.

14:35:58.0302 4264 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 14:35:58.0817 4264 ============================================================ 14:35:58.0817 4264 Current date / time: 2012/07/04 14:35:58.0817 14:35:58.0817 4264 SystemInfo: 14:35:58.0817 4264 14:35:58.0817 4264 OS Version: 6.1.7601 ServicePack: 1.0 14:35:58.0817 4264 Product type: Workstation 14:35:58.0817 4264 ComputerName: 2011-HP 14:35:58.0817 4264 UserName: Glenn 14:35:58.0817 4264 Windows directory: C:\Windows 14:35:58.0817 4264 System windows directory: C:\Windows 14:35:58.0817 4264 Running under WOW64 14:35:58.0817 4264 Processor architecture: Intel x64 14:35:58.0817 4264 Number of processors: 4 14:35:58.0817 4264 Page size: 0x1000 14:35:58.0817 4264 Boot type: Normal boot 14:35:58.0817 4264 ============================================================ 14:35:59.0441 4264 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:35:59.0441 4264 ============================================================ 14:35:59.0441 4264 \Device\Harddisk0\DR0: 14:35:59.0441 4264 MBR partitions: 14:35:59.0441 4264 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 14:35:59.0441 4264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x385CF000 14:35:59.0441 4264 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38633000, BlocksNum 0x1D1F000 14:35:59.0441 4264 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830 14:35:59.0441 4264 ============================================================ 14:35:59.0472 4264 C: <-> \Device\Harddisk0\DR0\Partition1 14:35:59.0519 4264 D: <-> \Device\Harddisk0\DR0\Partition2 14:35:59.0519 4264 ============================================================ 14:35:59.0519 4264 Initialize success 14:35:59.0519 4264 ============================================================ 14:36:56.0974 4208 ============================================================ 14:36:56.0974 4208 Scan started 14:36:56.0974 4208 Mode: Manual; SigCheck; TDLFS; 14:36:56.0974 4208 ============================================================ 14:36:57.0535 4208 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 14:36:57.0676 4208 1394ohci - ok 14:36:57.0785 4208 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 14:36:57.0832 4208 ACPI - ok 14:36:57.0863 4208 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 14:36:58.0003 4208 AcpiPmi - ok 14:36:58.0237 4208 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:36:58.0269 4208 AdobeARMservice - ok 14:36:58.0440 4208 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 14:36:58.0487 4208 AdobeFlashPlayerUpdateSvc - ok 14:36:58.0581 4208 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 14:36:58.0627 4208 adp94xx - ok 14:36:58.0690 4208 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 14:36:58.0721 4208 adpahci - ok 14:36:58.0799 4208 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 14:36:58.0815 4208 adpu320 - ok 14:36:58.0861 4208 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:36:59.0095 4208 AeLookupSvc - ok 14:36:59.0189 4208 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 14:36:59.0283 4208 AFD - ok 14:36:59.0329 4208 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 14:36:59.0361 4208 agp440 - ok 14:36:59.0407 4208 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:36:59.0501 4208 ALG - ok 14:36:59.0563 4208 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 14:36:59.0610 4208 aliide - ok 14:36:59.0657 4208 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 14:36:59.0704 4208 amdide - ok 14:36:59.0751 4208 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 14:36:59.0813 4208 AmdK8 - ok 14:36:59.0844 4208 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 14:36:59.0922 4208 AmdPPM - ok 14:36:59.0969 4208 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 14:37:00.0016 4208 amdsata - ok 14:37:00.0063 4208 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 14:37:00.0078 4208 amdsbs - ok 14:37:00.0125 4208 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 14:37:00.0172 4208 amdxata - ok 14:37:00.0219 4208 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 14:37:00.0437 4208 AppID - ok 14:37:00.0468 4208 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:37:00.0562 4208 AppIDSvc - ok 14:37:00.0765 4208 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 14:37:00.0843 4208 Appinfo - ok 14:37:01.0030 4208 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:37:01.0061 4208 Apple Mobile Device - ok 14:37:01.0279 4208 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 14:37:01.0295 4208 arc - ok 14:37:01.0373 4208 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 14:37:01.0389 4208 arcsas - ok 14:37:01.0435 4208 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:37:01.0529 4208 AsyncMac - ok 14:37:01.0591 4208 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 14:37:01.0623 4208 atapi - ok 14:37:01.0716 4208 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:37:01.0825 4208 AudioEndpointBuilder - ok 14:37:01.0825 4208 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:37:01.0872 4208 AudioSrv - ok 14:37:01.0919 4208 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 14:37:02.0044 4208 AxInstSV - ok 14:37:02.0106 4208 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 14:37:02.0153 4208 b06bdrv - ok 14:37:02.0231 4208 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:37:02.0262 4208 b57nd60a - ok 14:37:02.0371 4208 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 14:37:02.0403 4208 BBSvc - ok 14:37:02.0855 4208 BCM43XX (461e574d7967e895640109a371a912a5) C:\Windows\system32\DRIVERS\bcmwl664.sys 14:37:02.0949 4208 BCM43XX - ok 14:37:03.0120 4208 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:37:03.0183 4208 BDESVC - ok 14:37:03.0245 4208 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:37:03.0323 4208 Beep - ok 14:37:03.0417 4208 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 14:37:03.0495 4208 BFE - ok 14:37:04.0041 4208 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001_e4b\BHDrvx64.sys 14:37:04.0087 4208 BHDrvx64 - ok 14:37:04.0275 4208 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 14:37:04.0368 4208 BITS - ok 14:37:04.0415 4208 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 14:37:04.0462 4208 blbdrive - ok 14:37:04.0618 4208 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 14:37:04.0633 4208 Bonjour Service - ok 14:37:04.0743 4208 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 14:37:04.0821 4208 bowser - ok 14:37:04.0867 4208 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:37:04.0945 4208 BrFiltLo - ok 14:37:04.0961 4208 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:37:05.0023 4208 BrFiltUp - ok 14:37:05.0070 4208 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 14:37:05.0148 4208 Browser - ok 14:37:05.0211 4208 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:37:05.0273 4208 Brserid - ok 14:37:05.0523 4208 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:37:05.0569 4208 BrSerWdm - ok 14:37:05.0601 4208 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:37:05.0647 4208 BrUsbMdm - ok 14:37:05.0694 4208 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:37:05.0725 4208 BrUsbSer - ok 14:37:05.0772 4208 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 14:37:05.0866 4208 BthEnum - ok 14:37:05.0897 4208 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 14:37:05.0928 4208 BTHMODEM - ok 14:37:05.0959 4208 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 14:37:06.0006 4208 BthPan - ok 14:37:06.0069 4208 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 14:37:06.0131 4208 BTHPORT - ok 14:37:06.0256 4208 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:37:06.0365 4208 bthserv - ok 14:37:06.0396 4208 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 14:37:06.0427 4208 BTHUSB - ok 14:37:06.0490 4208 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys 14:37:06.0552 4208 btwampfl - ok 14:37:06.0599 4208 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys 14:37:06.0615 4208 btwaudio - ok 14:37:06.0646 4208 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys 14:37:06.0661 4208 btwavdt - ok 14:37:06.0911 4208 btwdins (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 14:37:06.0958 4208 btwdins - ok 14:37:07.0005 4208 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys 14:37:07.0036 4208 btwl2cap - ok 14:37:07.0067 4208 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys 14:37:07.0098 4208 btwrchid - ok 14:37:07.0239 4208 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys 14:37:07.0270 4208 ccSet_NIS - ok 14:37:07.0317 4208 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:37:07.0395 4208 cdfs - ok 14:37:07.0457 4208 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 14:37:07.0504 4208 cdrom - ok 14:37:07.0551 4208 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:37:07.0644 4208 CertPropSvc - ok 14:37:07.0691 4208 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 14:37:07.0753 4208 circlass - ok 14:37:07.0863 4208 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:37:07.0909 4208 CLFS - ok 14:37:08.0299 4208 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:37:08.0315 4208 clr_optimization_v2.0.50727_32 - ok 14:37:08.0409 4208 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:37:08.0440 4208 clr_optimization_v2.0.50727_64 - ok 14:37:08.0549 4208 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:37:08.0674 4208 clr_optimization_v4.0.30319_32 - ok 14:37:08.0736 4208 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:37:08.0767 4208 clr_optimization_v4.0.30319_64 - ok 14:37:08.0814 4208 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 14:37:08.0845 4208 clwvd - ok 14:37:08.0892 4208 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 14:37:08.0923 4208 CmBatt - ok 14:37:08.0955 4208 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 14:37:08.0955 4208 cmdide - ok 14:37:09.0017 4208 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 14:37:09.0079 4208 CNG - ok 14:37:09.0126 4208 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 14:37:09.0157 4208 Compbatt - ok 14:37:09.0173 4208 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 14:37:09.0251 4208 CompositeBus - ok 14:37:09.0267 4208 COMSysApp - ok 14:37:09.0298 4208 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 14:37:09.0345 4208 crcdisk - ok 14:37:09.0423 4208 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 14:37:09.0485 4208 CryptSvc - ok 14:37:09.0547 4208 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:37:09.0641 4208 DcomLaunch - ok 14:37:09.0672 4208 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:37:09.0735 4208 defragsvc - ok 14:37:09.0781 4208 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 14:37:09.0859 4208 DfsC - ok 14:37:09.0922 4208 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 14:37:10.0000 4208 Dhcp - ok 14:37:10.0062 4208 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:37:10.0140 4208 discache - ok 14:37:10.0203 4208 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 14:37:10.0218 4208 Disk - ok 14:37:10.0265 4208 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 14:37:10.0327 4208 Dnscache - ok 14:37:10.0390 4208 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 14:37:10.0468 4208 dot3svc - ok 14:37:10.0499 4208 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 14:37:10.0546 4208 DPS - ok 14:37:10.0624 4208 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:37:10.0686 4208 drmkaud - ok 14:37:10.0780 4208 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 14:37:10.0811 4208 DXGKrnl - ok 14:37:10.0889 4208 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:37:10.0983 4208 EapHost - ok 14:37:11.0575 4208 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 14:37:11.0825 4208 ebdrv - ok 14:37:11.0950 4208 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 14:37:12.0012 4208 eeCtrl - ok 14:37:12.0121 4208 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 14:37:12.0199 4208 EFS - ok 14:37:12.0418 4208 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 14:37:12.0511 4208 ehRecvr - ok 14:37:12.0558 4208 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:37:12.0621 4208 ehSched - ok 14:37:12.0855 4208 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 14:37:12.0917 4208 elxstor - ok 14:37:13.0011 4208 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 14:37:13.0042 4208 EraserUtilRebootDrv - ok 14:37:13.0057 4208 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 14:37:13.0104 4208 ErrDev - ok 14:37:13.0182 4208 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:37:13.0245 4208 EventSystem - ok 14:37:13.0276 4208 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:37:13.0338 4208 exfat - ok 14:37:13.0369 4208 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:37:13.0510 4208 fastfat - ok 14:37:13.0603 4208 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 14:37:13.0697 4208 Fax - ok 14:37:13.0713 4208 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 14:37:13.0759 4208 fdc - ok 14:37:13.0806 4208 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:37:13.0853 4208 fdPHost - ok 14:37:13.0869 4208 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:37:13.0931 4208 FDResPub - ok 14:37:13.0962 4208 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:37:13.0978 4208 FileInfo - ok 14:37:13.0978 4208 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:37:14.0056 4208 Filetrace - ok 14:37:14.0087 4208 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 14:37:14.0103 4208 flpydisk - ok 14:37:14.0149 4208 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 14:37:14.0196 4208 FltMgr - ok 14:37:14.0508 4208 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 14:37:14.0571 4208 FontCache - ok 14:37:14.0695 4208 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:37:14.0711 4208 FontCache3.0.0.0 - ok 14:37:14.0742 4208 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:37:14.0773 4208 FsDepends - ok 14:37:14.0836 4208 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 14:37:14.0867 4208 fssfltr - ok 14:37:15.0070 4208 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 14:37:15.0163 4208 fsssvc - ok 14:37:15.0304 4208 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 14:37:15.0335 4208 Fs_Rec - ok 14:37:15.0413 4208 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:37:15.0429 4208 fvevol - ok 14:37:15.0475 4208 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:37:15.0507 4208 gagp30kx - ok 14:37:15.0616 4208 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 14:37:15.0647 4208 GameConsoleService - ok 14:37:15.0678 4208 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:37:15.0725 4208 GEARAspiWDM - ok 14:37:15.0834 4208 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 14:37:15.0943 4208 gpsvc - ok 14:37:16.0068 4208 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:37:16.0099 4208 gupdate - ok 14:37:16.0115 4208 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:37:16.0131 4208 gupdatem - ok 14:37:16.0209 4208 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 14:37:16.0240 4208 gusvc - ok 14:37:16.0255 4208 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:37:16.0318 4208 hcw85cir - ok 14:37:16.0396 4208 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 14:37:16.0458 4208 HdAudAddService - ok 14:37:16.0505 4208 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 14:37:16.0552 4208 HDAudBus - ok 14:37:16.0583 4208 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 14:37:16.0614 4208 HECIx64 - ok 14:37:16.0645 4208 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 14:37:16.0692 4208 HidBatt - ok 14:37:16.0708 4208 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 14:37:16.0739 4208 HidBth - ok 14:37:16.0770 4208 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 14:37:16.0817 4208 HidIr - ok 14:37:16.0848 4208 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:37:16.0926 4208 hidserv - ok 14:37:16.0989 4208 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 14:37:17.0020 4208 HidUsb - ok 14:37:17.0082 4208 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 14:37:17.0176 4208 hkmsvc - ok 14:37:17.0238 4208 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 14:37:17.0347 4208 HomeGroupListener - ok 14:37:17.0503 4208 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 14:37:17.0535 4208 HomeGroupProvider - ok 14:37:17.0815 4208 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 14:37:17.0831 4208 HP Support Assistant Service - ok 14:37:17.0956 4208 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 14:37:17.0987 4208 HP Wireless Assistant Service - ok 14:37:18.0049 4208 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 14:37:18.0112 4208 HPClientSvc - ok 14:37:18.0346 4208 hpqwmiex (e7c7829ba0395e48f8c8fe16b8832344) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 14:37:18.0361 4208 hpqwmiex - ok 14:37:18.0533 4208 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 14:37:18.0564 4208 HpSAMD - ok 14:37:18.0673 4208 HPWMISVC (2bec76bdcd1bc080210325e7b5094834) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 14:37:18.0689 4208 HPWMISVC - ok 14:37:18.0798 4208 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 14:37:18.0892 4208 HTTP - ok 14:37:18.0939 4208 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 14:37:18.0954 4208 hwpolicy - ok 14:37:19.0017 4208 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:37:19.0048 4208 i8042prt - ok 14:37:19.0126 4208 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys 14:37:19.0173 4208 iaStor - ok 14:37:19.0391 4208 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 14:37:19.0407 4208 IAStorDataMgrSvc - ok 14:37:19.0469 4208 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 14:37:19.0500 4208 iaStorV - ok 14:37:19.0656 4208 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:37:19.0750 4208 idsvc - ok 14:37:20.0046 4208 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120703.002\IDSvia64.sys 14:37:20.0077 4208 IDSVia64 - ok 14:37:21.0591 4208 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys 14:37:22.0059 4208 igfx - ok 14:37:22.0277 4208 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 14:37:22.0308 4208 iirsp - ok 14:37:22.0433 4208 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 14:37:22.0527 4208 IKEEXT - ok 14:37:22.0589 4208 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 14:37:22.0651 4208 Impcd - ok 14:37:22.0714 4208 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 14:37:22.0792 4208 IntcDAud - ok 14:37:22.0839 4208 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 14:37:22.0870 4208 intelide - ok 14:37:22.0917 4208 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 14:37:22.0963 4208 intelppm - ok 14:37:23.0010 4208 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:37:23.0104 4208 IPBusEnum - ok 14:37:23.0135 4208 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:37:23.0197 4208 IpFilterDriver - ok 14:37:23.0244 4208 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 14:37:23.0322 4208 iphlpsvc - ok 14:37:23.0353 4208 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 14:37:23.0369 4208 IPMIDRV - ok 14:37:23.0400 4208 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:37:23.0478 4208 IPNAT - ok 14:37:23.0650 4208 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 14:37:23.0712 4208 iPod Service - ok 14:37:23.0915 4208 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:37:23.0946 4208 IRENUM - ok 14:37:23.0977 4208 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 14:37:23.0993 4208 isapnp - ok 14:37:24.0040 4208 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 14:37:24.0055 4208 iScsiPrt - ok 14:37:24.0118 4208 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 14:37:24.0149 4208 kbdclass - ok 14:37:24.0196 4208 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 14:37:24.0243 4208 kbdhid - ok 14:37:24.0289 4208 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:37:24.0305 4208 KeyIso - ok 14:37:24.0336 4208 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 14:37:24.0383 4208 KSecDD - ok 14:37:24.0445 4208 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 14:37:24.0508 4208 KSecPkg - ok 14:37:24.0570 4208 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:37:24.0648 4208 ksthunk - ok 14:37:24.0695 4208 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:37:24.0789 4208 KtmRm - ok 14:37:24.0867 4208 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 14:37:24.0945 4208 LanmanServer - ok 14:37:25.0007 4208 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 14:37:25.0101 4208 LanmanWorkstation - ok 14:37:25.0179 4208 LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 14:37:25.0179 4208 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 14:37:25.0179 4208 LightScribeService - detected UnsignedFile.Multi.Generic (1) 14:37:25.0225 4208 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:37:25.0288 4208 lltdio - ok 14:37:25.0350 4208 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:37:25.0444 4208 lltdsvc - ok 14:37:25.0584 4208 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:37:25.0647 4208 lmhosts - ok 14:37:25.0771 4208 LMS (0405f4bcd1c7a7b309f620fe0b5de5e6) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 14:37:25.0834 4208 LMS - ok 14:37:25.0865 4208 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:37:25.0896 4208 LSI_FC - ok 14:37:25.0927 4208 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:37:25.0943 4208 LSI_SAS - ok 14:37:25.0974 4208 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:37:26.0021 4208 LSI_SAS2 - ok 14:37:26.0037 4208 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:37:26.0068 4208 LSI_SCSI - ok 14:37:26.0115 4208 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:37:26.0193 4208 luafv - ok 14:37:26.0302 4208 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 14:37:26.0317 4208 MBAMProtector - ok 14:37:26.0458 4208 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 14:37:26.0489 4208 MBAMService - ok 14:37:26.0536 4208 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 14:37:26.0567 4208 Mcx2Svc - ok 14:37:26.0598 4208 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 14:37:26.0629 4208 megasas - ok 14:37:26.0661 4208 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 14:37:26.0692 4208 MegaSR - ok 14:37:26.0754 4208 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:37:26.0832 4208 MMCSS - ok 14:37:26.0863 4208 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:37:26.0941 4208 Modem - ok 14:37:26.0973 4208 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:37:27.0004 4208 monitor - ok 14:37:27.0051 4208 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:37:27.0066 4208 mouclass - ok 14:37:27.0129 4208 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:37:27.0175 4208 mouhid - ok 14:37:27.0207 4208 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 14:37:27.0222 4208 mountmgr - ok 14:37:27.0253 4208 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 14:37:27.0285 4208 mpio - ok 14:37:27.0316 4208 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:37:27.0363 4208 mpsdrv - ok 14:37:27.0441 4208 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 14:37:27.0519 4208 MpsSvc - ok 14:37:27.0550 4208 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 14:37:27.0612 4208 MRxDAV - ok 14:37:27.0643 4208 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:37:27.0737 4208 mrxsmb - ok 14:37:27.0768 4208 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:37:27.0831 4208 mrxsmb10 - ok 14:37:27.0862 4208 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:37:27.0877 4208 mrxsmb20 - ok 14:37:27.0909 4208 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 14:37:27.0924 4208 msahci - ok 14:37:27.0955 4208 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 14:37:28.0002 4208 msdsm - ok 14:37:28.0033 4208 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:37:28.0080 4208 MSDTC - ok 14:37:28.0127 4208 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:37:28.0205 4208 Msfs - ok 14:37:28.0221 4208 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:37:28.0283 4208 mshidkmdf - ok 14:37:28.0299 4208 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 14:37:28.0330 4208 msisadrv - ok 14:37:28.0392 4208 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:37:28.0455 4208 MSiSCSI - ok 14:37:28.0470 4208 msiserver - ok 14:37:28.0501 4208 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:37:28.0548 4208 MSKSSRV - ok 14:37:28.0564 4208 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:37:28.0611 4208 MSPCLOCK - ok 14:37:28.0642 4208 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:37:28.0689 4208 MSPQM - ok 14:37:28.0767 4208 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 14:37:28.0798 4208 MsRPC - ok 14:37:28.0829 4208 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 14:37:28.0845 4208 mssmbios - ok 14:37:28.0876 4208 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:37:28.0969 4208 MSTEE - ok 14:37:29.0032 4208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 14:37:29.0047 4208 MTConfig - ok 14:37:29.0079 4208 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:37:29.0094 4208 Mup - ok 14:37:29.0235 4208 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 14:37:29.0328 4208 napagent - ok 14:37:29.0406 4208 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:37:29.0469 4208 NativeWifiP - ok 14:37:29.0703 4208 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120703.024\ENG64.SYS 14:37:29.0718 4208 NAVENG - ok 14:37:29.0874 4208 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120703.024\EX64.SYS 14:37:29.0937 4208 NAVEX15 - ok 14:37:30.0171 4208 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 14:37:30.0249 4208 NDIS - ok 14:37:30.0295 4208 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:37:30.0342 4208 NdisCap - ok 14:37:30.0373 4208 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:37:30.0405 4208 NdisTapi - ok 14:37:30.0483 4208 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 14:37:30.0561 4208 Ndisuio - ok 14:37:30.0639 4208 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 14:37:30.0732 4208 NdisWan - ok 14:37:31.0013 4208 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 14:37:31.0060 4208 NDProxy - ok 14:37:31.0107 4208 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:37:31.0169 4208 NetBIOS - ok 14:37:31.0216 4208 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 14:37:31.0263 4208 NetBT - ok 14:37:31.0294 4208 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:37:31.0309 4208 Netlogon - ok 14:37:31.0356 4208 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:37:31.0450 4208 Netman - ok 14:37:31.0512 4208 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:37:31.0606 4208 netprofm - ok 14:37:31.0684 4208 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:37:31.0715 4208 NetTcpPortSharing - ok 14:37:32.0557 4208 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 14:37:32.0854 4208 netw5v64 - ok 14:37:33.0010 4208 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 14:37:33.0025 4208 nfrd960 - ok 14:37:33.0244 4208 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe 14:37:33.0259 4208 NIS - ok 14:37:33.0306 4208 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 14:37:33.0400 4208 NlaSvc - ok 14:37:33.0431 4208 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:37:33.0462 4208 Npfs - ok 14:37:33.0493 4208 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:37:33.0587 4208 nsi - ok 14:37:33.0618 4208 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:37:33.0665 4208 nsiproxy - ok 14:37:33.0821 4208 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 14:37:33.0915 4208 Ntfs - ok 14:37:34.0024 4208 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:37:34.0133 4208 Null - ok 14:37:34.0289 4208 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 14:37:34.0305 4208 nvraid - ok 14:37:34.0352 4208 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 14:37:34.0414 4208 nvstor - ok 14:37:34.0461 4208 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 14:37:34.0492 4208 nv_agp - ok 14:37:34.0523 4208 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 14:37:34.0586 4208 ohci1394 - ok 14:37:34.0710 4208 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:37:34.0742 4208 ose - ok 14:37:35.0740 4208 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:37:35.0849 4208 osppsvc - ok 14:37:35.0974 4208 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:37:36.0036 4208 p2pimsvc - ok 14:37:36.0068 4208 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:37:36.0099 4208 p2psvc - ok 14:37:36.0146 4208 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 14:37:36.0208 4208 Parport - ok 14:37:36.0224 4208 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 14:37:36.0255 4208 partmgr - ok 14:37:36.0317 4208 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:37:36.0380 4208 PcaSvc - ok 14:37:36.0426 4208 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 14:37:36.0458 4208 pci - ok 14:37:36.0489 4208 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 14:37:36.0504 4208 pciide - ok 14:37:36.0536 4208 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 14:37:36.0582 4208 pcmcia - ok 14:37:36.0614 4208 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:37:36.0645 4208 pcw - ok 14:37:36.0692 4208 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:37:36.0770 4208 PEAUTH - ok 14:37:36.0848 4208 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:37:36.0894 4208 PerfHost - ok 14:37:37.0019 4208 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 14:37:37.0160 4208 pla - ok 14:37:37.0206 4208 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 14:37:37.0284 4208 PlugPlay - ok 14:37:37.0300 4208 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:37:37.0347 4208 PNRPAutoReg - ok 14:37:37.0378 4208 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:37:37.0425 4208 PNRPsvc - ok 14:37:37.0550 4208 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 14:37:37.0612 4208 PolicyAgent - ok 14:37:37.0643 4208 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:37:37.0706 4208 Power - ok 14:37:37.0799 4208 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 14:37:37.0877 4208 PptpMiniport - ok 14:37:37.0908 4208 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 14:37:37.0940 4208 Processor - ok 14:37:37.0971 4208 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 14:37:38.0033 4208 ProfSvc - ok 14:37:38.0064 4208 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:37:38.0080 4208 ProtectedStorage - ok 14:37:38.0127 4208 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 14:37:38.0189 4208 Psched - ok 14:37:38.0454 4208 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 14:37:38.0595 4208 ql2300 - ok 14:37:39.0016 4208 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 14:37:39.0047 4208 ql40xx - ok 14:37:39.0094 4208 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:37:39.0156 4208 QWAVE - ok 14:37:39.0250 4208 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:37:39.0281 4208 QWAVEdrv - ok 14:37:39.0297 4208 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:37:39.0375 4208 RasAcd - ok 14:37:39.0422 4208 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:37:39.0500 4208 RasAgileVpn - ok 14:37:39.0531 4208 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:37:39.0624 4208 RasAuto - ok 14:37:39.0671 4208 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:37:39.0796 4208 Rasl2tp - ok 14:37:39.0843 4208 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 14:37:39.0936 4208 RasMan - ok 14:37:39.0983 4208 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:37:40.0061 4208 RasPppoe - ok 14:37:40.0092 4208 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:37:40.0155 4208 RasSstp - ok 14:37:40.0217 4208 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 14:37:40.0295 4208 rdbss - ok 14:37:40.0342 4208 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 14:37:40.0389 4208 rdpbus - ok 14:37:40.0420 4208 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:37:40.0482 4208 RDPCDD - ok 14:37:40.0529 4208 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:37:40.0592 4208 RDPENCDD - ok 14:37:40.0623 4208 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:37:40.0654 4208 RDPREFMP - ok 14:37:40.0794 4208 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 14:37:40.0904 4208 RDPWD - ok 14:37:40.0966 4208 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 14:37:40.0997 4208 rdyboost - ok 14:37:41.0044 4208 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:37:41.0138 4208 RemoteAccess - ok 14:37:41.0169 4208 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:37:41.0231 4208 RemoteRegistry - ok 14:37:41.0247 4208 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 14:37:41.0278 4208 RFCOMM - ok 14:37:41.0372 4208 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 14:37:41.0403 4208 RoxioNow Service - ok 14:37:41.0434 4208 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:37:41.0512 4208 RpcEptMapper - ok 14:37:41.0559 4208 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:37:41.0606 4208 RpcLocator - ok 14:37:41.0715 4208 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:37:41.0777 4208 RpcSs - ok 14:37:41.0871 4208 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys 14:37:41.0902 4208 RSPCIESTOR - ok 14:37:41.0949 4208 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:37:42.0027 4208 rspndr - ok 14:37:42.0105 4208 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:37:42.0152 4208 RTL8167 - ok 14:37:42.0183 4208 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:37:42.0198 4208 SamSs - ok 14:37:42.0245 4208 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 14:37:42.0276 4208 sbp2port - ok 14:37:42.0292 4208 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:37:42.0354 4208 SCardSvr - ok 14:37:42.0386 4208 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 14:37:42.0479 4208 scfilter - ok 14:37:42.0651 4208 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 14:37:42.0776 4208 Schedule - ok 14:37:42.0854 4208 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:37:42.0932 4208 SCPolicySvc - ok 14:37:42.0978 4208 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 14:37:43.0041 4208 sdbus - ok 14:37:43.0088 4208 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 14:37:43.0150 4208 SDRSVC - ok 14:37:43.0290 4208 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 14:37:43.0322 4208 SeaPort - ok 14:37:43.0368 4208 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:37:43.0415 4208 secdrv - ok 14:37:43.0462 4208 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 14:37:43.0540 4208 seclogon - ok 14:37:43.0587 4208 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:37:43.0665 4208 SENS - ok 14:37:43.0727 4208 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:37:43.0743 4208 SensrSvc - ok 14:37:43.0774 4208 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 14:37:43.0821 4208 Serenum - ok 14:37:43.0852 4208 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 14:37:43.0899 4208 Serial - ok 14:37:43.0946 4208 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 14:37:43.0992 4208 sermouse - ok 14:37:44.0039 4208 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 14:37:44.0102 4208 SessionEnv - ok 14:37:44.0133 4208 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 14:37:44.0164 4208 sffdisk - ok 14:37:44.0180 4208 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 14:37:44.0258 4208 sffp_mmc - ok 14:37:44.0304 4208 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 14:37:44.0367 4208 sffp_sd - ok 14:37:44.0414 4208 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 14:37:44.0460 4208 sfloppy - ok 14:37:44.0507 4208 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:37:44.0570 4208 SharedAccess - ok 14:37:44.0663 4208 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 14:37:44.0741 4208 ShellHWDetection - ok 14:37:44.0788 4208 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:37:44.0804 4208 SiSRaid2 - ok 14:37:44.0850 4208 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 14:37:44.0882 4208 SiSRaid4 - ok 14:37:44.0928 4208 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:37:44.0991 4208 Smb - ok 14:37:45.0038 4208 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:37:45.0069 4208 SNMPTRAP - ok 14:37:45.0100 4208 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:37:45.0131 4208 spldr - ok 14:37:45.0225 4208 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 14:37:45.0334 4208 Spooler - ok 14:37:45.0755 4208 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 14:37:45.0974 4208 sppsvc - ok 14:37:46.0161 4208 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:37:46.0254 4208 sppuinotify - ok 14:37:46.0473 4208 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS 14:37:46.0535 4208 SRTSP - ok 14:37:46.0598 4208 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS 14:37:46.0629 4208 SRTSPX - ok 14:37:46.0707 4208 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 14:37:46.0800 4208 srv - ok 14:37:46.0878 4208 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 14:37:46.0941 4208 srv2 - ok 14:37:46.0988 4208 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 14:37:47.0034 4208 SrvHsfHDA - ok 14:37:47.0144 4208 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 14:37:47.0253 4208 SrvHsfV92 - ok 14:37:47.0643 4208 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 14:37:47.0705 4208 SrvHsfWinac - ok 14:37:47.0752 4208 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 14:37:47.0783 4208 srvnet - ok 14:37:47.0846 4208 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:37:47.0924 4208 SSDPSRV - ok 14:37:47.0955 4208 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:37:48.0002 4208 SstpSvc - ok 14:37:48.0111 4208 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe 14:37:48.0189 4208 STacSV - ok 14:37:48.0251 4208 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 14:37:48.0267 4208 stexstor - ok 14:37:48.0392 4208 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys 14:37:48.0454 4208 STHDA - ok 14:37:48.0548 4208 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 14:37:48.0610 4208 stisvc - ok 14:37:48.0657 4208 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 14:37:48.0672 4208 swenum - ok 14:37:48.0828 4208 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:37:48.0938 4208 swprv - ok 14:37:49.0078 4208 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS 14:37:49.0140 4208 SymDS - ok 14:37:49.0250 4208 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS 14:37:49.0328 4208 SymEFA - ok 14:37:49.0390 4208 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 14:37:49.0421 4208 SymEvent - ok 14:37:49.0499 4208 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS 14:37:49.0515 4208 SymIRON - ok 14:37:49.0593 4208 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS 14:37:49.0640 4208 SymNetS - ok 14:37:49.0764 4208 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys 14:37:49.0858 4208 SynTP - ok 14:37:50.0092 4208 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 14:37:50.0186 4208 SysMain - ok 14:37:50.0357 4208 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 14:37:50.0420 4208 TabletInputService - ok 14:37:50.0466 4208 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 14:37:50.0513 4208 TapiSrv - ok 14:37:50.0544 4208 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:37:50.0576 4208 TBS - ok 14:37:50.0966 4208 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 14:37:51.0090 4208 Tcpip - ok 14:37:51.0480 4208 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 14:37:51.0543 4208 TCPIP6 - ok 14:37:51.0714 4208 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 14:37:51.0792 4208 tcpipreg - ok 14:37:51.0824 4208 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:37:51.0886 4208 TDPIPE - ok 14:37:51.0917 4208 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 14:37:51.0964 4208 TDTCP - ok 14:37:52.0042 4208 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 14:37:52.0120 4208 tdx - ok 14:37:52.0136 4208 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 14:37:52.0198 4208 TermDD - ok 14:37:52.0307 4208 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 14:37:52.0401 4208 TermService - ok 14:37:52.0432 4208 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:37:52.0463 4208 Themes - ok 14:37:52.0510 4208 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:37:52.0572 4208 THREADORDER - ok 14:37:52.0619 4208 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:37:52.0697 4208 TrkWks - ok 14:37:52.0791 4208 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 14:37:52.0869 4208 TrustedInstaller - ok 14:37:52.0947 4208 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:37:53.0025 4208 tssecsrv - ok 14:37:53.0056 4208 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 14:37:53.0103 4208 TsUsbFlt - ok 14:37:53.0165 4208 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 14:37:53.0243 4208 tunnel - ok 14:37:53.0274 4208 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 14:37:53.0290 4208 uagp35 - ok 14:37:53.0368 4208 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 14:37:53.0493 4208 udfs - ok 14:37:53.0524 4208 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:37:53.0571 4208 UI0Detect - ok 14:37:53.0633 4208 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 14:37:53.0664 4208 uliagpkx - ok 14:37:53.0696 4208 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 14:37:53.0727 4208 umbus - ok 14:37:53.0774 4208 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 14:37:53.0836 4208 UmPass - ok 14:37:54.0351 4208 UNS (6f895ca96552069b3d3ef5b4f6e90d3e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 14:37:54.0476 4208 UNS - ok 14:37:54.0616 4208 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:37:54.0710 4208 upnphost - ok 14:37:54.0819 4208 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 14:37:54.0866 4208 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning 14:37:54.0866 4208 USBAAPL64 - detected UnsignedFile.Multi.Generic (1) 14:37:54.0897 4208 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 14:37:54.0959 4208 usbccgp - ok 14:37:54.0990 4208 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 14:37:55.0022 4208 usbcir - ok 14:37:55.0084 4208 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 14:37:55.0178 4208 usbehci - ok 14:37:55.0224 4208 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 14:37:55.0271 4208 usbhub - ok 14:37:55.0287 4208 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 14:37:55.0318 4208 usbohci - ok 14:37:55.0349 4208 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 14:37:55.0380 4208 usbprint - ok 14:37:55.0443 4208 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:37:55.0536 4208 USBSTOR - ok 14:37:55.0568 4208 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 14:37:55.0599 4208 usbuhci - ok 14:37:55.0661 4208 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 14:37:55.0692 4208 usbvideo - ok 14:37:55.0739 4208 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:37:55.0802 4208 UxSms - ok 14:37:55.0833 4208 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:37:55.0848 4208 VaultSvc - ok 14:37:55.0895 4208 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 14:37:55.0911 4208 vdrvroot - ok 14:37:55.0989 4208 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 14:37:56.0051 4208 vds - ok 14:37:56.0098 4208 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:37:56.0114 4208 vga - ok 14:37:56.0129 4208 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:37:56.0207 4208 VgaSave - ok 14:37:56.0254 4208 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 14:37:56.0285 4208 vhdmp - ok 14:37:56.0332 4208 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 14:37:56.0348 4208 viaide - ok 14:37:56.0379 4208 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 14:37:56.0394 4208 volmgr - ok 14:37:56.0441 4208 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 14:37:56.0472 4208 volmgrx - ok 14:37:56.0535 4208 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 14:37:56.0566 4208 volsnap - ok 14:37:56.0628 4208 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 14:37:56.0660 4208 vsmraid - ok 14:37:56.0769 4208 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 14:37:56.0862 4208 VSS - ok 14:37:56.0972 4208 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:37:57.0018 4208 vwifibus - ok 14:37:57.0050 4208 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:37:57.0081 4208 vwififlt - ok 14:37:57.0128 4208 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:37:57.0206 4208 W32Time - ok 14:37:57.0237 4208 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 14:37:57.0252 4208 WacomPen - ok 14:37:57.0299 4208 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:37:57.0393 4208 WANARP - ok 14:37:57.0408 4208 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:37:57.0440 4208 Wanarpv6 - ok 14:37:57.0564 4208 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:37:57.0642 4208 WatAdminSvc - ok 14:37:57.0752 4208 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 14:37:57.0876 4208 wbengine - ok 14:37:58.0017 4208 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:37:58.0048 4208 WbioSrvc - ok 14:37:58.0095 4208 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 14:37:58.0126 4208 wcncsvc - ok 14:37:58.0142 4208 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:37:58.0188 4208 WcsPlugInService - ok 14:37:58.0235 4208 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 14:37:58.0266 4208 Wd - ok 14:37:58.0298 4208 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 14:37:58.0360 4208 WDC_SAM - ok 14:37:58.0438 4208 WDDMService (334e5ed94d3faff3c44f4d36b1fe1c90) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 14:37:58.0454 4208 WDDMService ( UnsignedFile.Multi.Generic ) - warning 14:37:58.0454 4208 WDDMService - detected UnsignedFile.Multi.Generic (1) 14:37:58.0500 4208 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:37:58.0547 4208 Wdf01000 - ok 14:37:58.0578 4208 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:37:58.0656 4208 WdiServiceHost - ok 14:37:58.0656 4208 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:37:58.0672 4208 WdiSystemHost - ok 14:37:58.0750 4208 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 14:37:58.0766 4208 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning 14:37:58.0766 4208 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1) 14:37:58.0797 4208 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 14:37:58.0828 4208 WebClient - ok 14:37:58.0875 4208 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:37:58.0922 4208 Wecsvc - ok 14:37:58.0968 4208 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:37:59.0031 4208 wercplsupport - ok 14:37:59.0078 4208 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:37:59.0156 4208 WerSvc - ok 14:37:59.0249 4208 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:37:59.0327 4208 WfpLwf - ok 14:37:59.0374 4208 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:37:59.0405 4208 WIMMount - ok 14:37:59.0421 4208 WinDefend - ok 14:37:59.0421 4208 WinHttpAutoProxySvc - ok 14:37:59.0514 4208 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:37:59.0592 4208 Winmgmt - ok 14:38:00.0294 4208 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 14:38:00.0466 4208 WinRM - ok 14:38:00.0653 4208 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 14:38:00.0716 4208 WinUsb - ok 14:38:00.0794 4208 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:38:00.0856 4208 Wlansvc - ok 14:38:00.0934 4208 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 14:38:00.0965 4208 wlcrasvc - ok 14:38:01.0605 4208 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:38:01.0745 4208 wlidsvc - ok 14:38:01.0870 4208 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 14:38:01.0901 4208 WmiAcpi - ok 14:38:01.0979 4208 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:38:02.0026 4208 wmiApSrv - ok 14:38:02.0088 4208 WMPNetworkSvc - ok 14:38:02.0120 4208 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:38:02.0182 4208 WPCSvc - ok 14:38:02.0213 4208 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 14:38:02.0260 4208 WPDBusEnum - ok 14:38:02.0276 4208 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:38:02.0338 4208 ws2ifsl - ok 14:38:02.0385 4208 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 14:38:02.0416 4208 wscsvc - ok 14:38:02.0416 4208 WSearch - ok 14:38:03.0134 4208 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 14:38:03.0274 4208 wuauserv - ok 14:38:03.0602 4208 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 14:38:03.0680 4208 WudfPf - ok 14:38:03.0773 4208 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:38:03.0851 4208 WUDFRd - ok 14:38:03.0882 4208 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 14:38:03.0929 4208 wudfsvc - ok 14:38:03.0960 4208 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:38:04.0023 4208 WwanSvc - ok 14:38:04.0070 4208 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 14:38:04.0101 4208 yukonw7 - ok 14:38:04.0132 4208 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:38:05.0130 4208 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 14:38:05.0130 4208 \Device\Harddisk0\DR0 - detected TDSS File System (1) 14:38:05.0162 4208 Boot (0x1200) (9d477996087f350a629395635a6f689b) \Device\Harddisk0\DR0\Partition0 14:38:05.0162 4208 \Device\Harddisk0\DR0\Partition0 - ok 14:38:05.0208 4208 Boot (0x1200) (4baec38957c0939dcd1020ab92a4ad5c) \Device\Harddisk0\DR0\Partition1 14:38:05.0208 4208 \Device\Harddisk0\DR0\Partition1 - ok 14:38:05.0255 4208 Boot (0x1200) (dbe727ee447bc974e3803601ef60ff64) \Device\Harddisk0\DR0\Partition2 14:38:05.0255 4208 \Device\Harddisk0\DR0\Partition2 - ok 14:38:05.0302 4208 Boot (0x1200) (d76ab93ec2723fa1179ff3a5d47a5d10) \Device\Harddisk0\DR0\Partition3 14:38:05.0302 4208 \Device\Harddisk0\DR0\Partition3 - ok 14:38:05.0302 4208 ============================================================ 14:38:05.0302 4208 Scan finished 14:38:05.0302 4208 ============================================================ 14:38:05.0318 4260 Detected object count: 5 14:38:05.0318 4260 Actual detected object count: 5 14:44:11.0341 4260 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 14:44:11.0341 4260 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:44:11.0341 4260 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user 14:44:11.0341 4260 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:44:11.0357 4260 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user 14:44:11.0357 4260 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:44:11.0357 4260 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user 14:44:11.0357 4260 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:44:11.0731 4260 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 14:44:11.0731 4260 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 14:44:11.0731 4260 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 14:44:11.0747 4260 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 14:44:11.0762 4260 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 14:44:11.0778 4260 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 14:44:11.0778 4260 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 14:44:11.0778 4260 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 14:44:11.0793 4260 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 14:44:11.0793 4260 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 14:44:11.0793 4260 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 14:44:11.0793 4260 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 14:44:11.0793 4260 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 14:44:11.0809 4260 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 14:44:11.0809 4260 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 14:44:11.0809 4260 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine 14:44:33.0654 3176 Deinitialize success *************************************************************************************** Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Glenn :: 2011-HP [administrator] Protection: Enabled 7/4/2012 2:50:59 PM mbam-log-2012-07-04 (14-50-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | PUP | PUM Scan options disabled: Heuristics/Shuriken | P2P Objects scanned: 261119 Time elapsed: 6 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Thanks Maniac!! Here are two logs from tdss as I didn't expand the options on the first run. The MBAM log was run afterwards. The symptoms are gone and it appears clear. Having read your links I understand I am still vulnerable. Frankly a full reformat scares me and I don't have the appropriate disks so I fear it means repurchasing software I already have. The computer came from Staples so i guess I'll check on their policies to see if they can help. 14:25:51.0624 4332 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 14:25:52.0380 4332 ============================================================ 14:25:52.0380 4332 Current date / time: 2012/07/04 14:25:52.0380 14:25:52.0380 4332 SystemInfo: 14:25:52.0380 4332 14:25:52.0380 4332 OS Version: 6.1.7601 ServicePack: 1.0 14:25:52.0380 4332 Product type: Workstation 14:25:52.0380 4332 ComputerName: 2011-HP 14:25:52.0380 4332 UserName: Glenn 14:25:52.0380 4332 Windows directory: C:\Windows 14:25:52.0380 4332 System windows directory: C:\Windows 14:25:52.0380 4332 Running under WOW64 14:25:52.0380 4332 Processor architecture: Intel x64 14:25:52.0380 4332 Number of processors: 4 14:25:52.0380 4332 Page size: 0x1000 14:25:52.0380 4332 Boot type: Normal boot 14:25:52.0380 4332 ============================================================ 14:25:53.0374 4332 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:25:53.0380 4332 ============================================================ 14:25:53.0380 4332 \Device\Harddisk0\DR0: 14:25:53.0380 4332 MBR partitions: 14:25:53.0380 4332 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 14:25:53.0380 4332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x385CF000 14:25:53.0380 4332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38633000, BlocksNum 0x1D1F000 14:25:53.0380 4332 ============================================================ 14:25:53.0406 4332 C: <-> \Device\Harddisk0\DR0\Partition1 14:25:53.0549 4332 D: <-> \Device\Harddisk0\DR0\Partition2 14:25:53.0549 4332 ============================================================ 14:25:53.0549 4332 Initialize success 14:25:53.0549 4332 ============================================================ 14:26:11.0646 4948 ============================================================ 14:26:11.0646 4948 Scan started 14:26:11.0646 4948 Mode: Manual; 14:26:11.0646 4948 ============================================================ 14:26:14.0229 4948 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 14:26:14.0242 4948 1394ohci - ok 14:26:14.0334 4948 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 14:26:14.0358 4948 ACPI - ok 14:26:14.0422 4948 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 14:26:14.0450 4948 AcpiPmi - ok 14:26:14.0654 4948 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:26:14.0656 4948 AdobeARMservice - ok 14:26:14.0886 4948 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 14:26:14.0948 4948 AdobeFlashPlayerUpdateSvc - ok 14:26:15.0106 4948 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 14:26:15.0502 4948 adp94xx - ok 14:26:15.0552 4948 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 14:26:15.0573 4948 adpahci - ok 14:26:15.0639 4948 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 14:26:15.0642 4948 adpu320 - ok 14:26:15.0681 4948 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:26:15.0683 4948 AeLookupSvc - ok 14:26:15.0749 4948 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 14:26:15.0754 4948 AFD - ok 14:26:15.0797 4948 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 14:26:15.0799 4948 agp440 - ok 14:26:15.0839 4948 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:26:15.0841 4948 ALG - ok 14:26:15.0891 4948 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 14:26:15.0904 4948 aliide - ok 14:26:15.0933 4948 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 14:26:15.0934 4948 amdide - ok 14:26:15.0986 4948 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 14:26:16.0005 4948 AmdK8 - ok 14:26:16.0019 4948 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 14:26:16.0048 4948 AmdPPM - ok 14:26:16.0084 4948 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 14:26:16.0097 4948 amdsata - ok 14:26:16.0143 4948 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 14:26:16.0146 4948 amdsbs - ok 14:26:16.0165 4948 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 14:26:16.0181 4948 amdxata - ok 14:26:16.0220 4948 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 14:26:16.0233 4948 AppID - ok 14:26:16.0264 4948 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:26:16.0265 4948 AppIDSvc - ok 14:26:16.0334 4948 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 14:26:16.0350 4948 Appinfo - ok 14:26:16.0514 4948 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:26:16.0515 4948 Apple Mobile Device - ok 14:26:16.0577 4948 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 14:26:16.0580 4948 arc - ok 14:26:16.0621 4948 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 14:26:16.0623 4948 arcsas - ok 14:26:16.0663 4948 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:26:16.0678 4948 AsyncMac - ok 14:26:16.0734 4948 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 14:26:16.0736 4948 atapi - ok 14:26:16.0843 4948 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:26:16.0854 4948 AudioEndpointBuilder - ok 14:26:16.0863 4948 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:26:16.0867 4948 AudioSrv - ok 14:26:16.0935 4948 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 14:26:16.0938 4948 AxInstSV - ok 14:26:17.0016 4948 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 14:26:17.0022 4948 b06bdrv - ok 14:26:17.0203 4948 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:26:17.0227 4948 b57nd60a - ok 14:26:17.0365 4948 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 14:26:17.0383 4948 BBSvc - ok 14:26:17.0989 4948 BCM43XX (461e574d7967e895640109a371a912a5) C:\Windows\system32\DRIVERS\bcmwl664.sys 14:26:18.0103 4948 BCM43XX - ok 14:26:18.0272 4948 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:26:18.0275 4948 BDESVC - ok 14:26:18.0368 4948 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:26:18.0370 4948 Beep - ok 14:26:18.0452 4948 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 14:26:18.0467 4948 BFE - ok 14:26:19.0114 4948 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001_e4b\BHDrvx64.sys 14:26:19.0223 4948 BHDrvx64 - ok 14:26:19.0418 4948 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 14:26:19.0446 4948 BITS - ok 14:26:19.0599 4948 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 14:26:19.0601 4948 blbdrive - ok 14:26:19.0740 4948 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 14:26:20.0007 4948 Bonjour Service - ok 14:26:20.0185 4948 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 14:26:20.0199 4948 bowser - ok 14:26:20.0264 4948 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:26:20.0291 4948 BrFiltLo - ok 14:26:20.0309 4948 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:26:20.0318 4948 BrFiltUp - ok 14:26:20.0343 4948 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 14:26:20.0345 4948 Browser - ok 14:26:20.0382 4948 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:26:20.0386 4948 Brserid - ok 14:26:20.0409 4948 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:26:20.0411 4948 BrSerWdm - ok 14:26:20.0433 4948 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:26:20.0435 4948 BrUsbMdm - ok 14:26:20.0447 4948 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:26:20.0449 4948 BrUsbSer - ok 14:26:20.0528 4948 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 14:26:20.0560 4948 BthEnum - ok 14:26:20.0702 4948 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 14:26:20.0704 4948 BTHMODEM - ok 14:26:20.0743 4948 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 14:26:20.0766 4948 BthPan - ok 14:26:20.0849 4948 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 14:26:20.0869 4948 BTHPORT - ok 14:26:20.0923 4948 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:26:20.0938 4948 bthserv - ok 14:26:20.0995 4948 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 14:26:20.0997 4948 BTHUSB - ok 14:26:21.0076 4948 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys 14:26:21.0094 4948 btwampfl - ok 14:26:21.0116 4948 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys 14:26:21.0126 4948 btwaudio - ok 14:26:21.0173 4948 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys 14:26:21.0183 4948 btwavdt - ok 14:26:21.0325 4948 btwdins (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 14:26:21.0364 4948 btwdins - ok 14:26:21.0411 4948 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys 14:26:21.0425 4948 btwl2cap - ok 14:26:21.0454 4948 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys 14:26:21.0468 4948 btwrchid - ok 14:26:21.0630 4948 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys 14:26:21.0694 4948 ccSet_NIS - ok 14:26:21.0745 4948 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:26:21.0747 4948 cdfs - ok 14:26:21.0804 4948 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 14:26:21.0817 4948 cdrom - ok 14:26:21.0900 4948 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:26:21.0910 4948 CertPropSvc - ok 14:26:21.0947 4948 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 14:26:21.0965 4948 circlass - ok 14:26:22.0025 4948 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:26:22.0042 4948 CLFS - ok 14:26:22.0124 4948 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:26:22.0126 4948 clr_optimization_v2.0.50727_32 - ok 14:26:22.0188 4948 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:26:22.0191 4948 clr_optimization_v2.0.50727_64 - ok 14:26:22.0298 4948 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:26:22.0396 4948 clr_optimization_v4.0.30319_32 - ok 14:26:22.0451 4948 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:26:22.0454 4948 clr_optimization_v4.0.30319_64 - ok 14:26:22.0499 4948 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 14:26:22.0512 4948 clwvd - ok 14:26:22.0569 4948 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 14:26:22.0590 4948 CmBatt - ok 14:26:22.0638 4948 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 14:26:22.0640 4948 cmdide - ok 14:26:22.0706 4948 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 14:26:22.0760 4948 CNG - ok 14:26:22.0820 4948 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 14:26:22.0822 4948 Compbatt - ok 14:26:22.0881 4948 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 14:26:22.0910 4948 CompositeBus - ok 14:26:22.0953 4948 COMSysApp - ok 14:26:23.0008 4948 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 14:26:23.0038 4948 crcdisk - ok 14:26:23.0187 4948 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 14:26:23.0189 4948 CryptSvc - ok 14:26:23.0266 4948 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:26:23.0272 4948 DcomLaunch - ok 14:26:23.0347 4948 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:26:23.0352 4948 defragsvc - ok 14:26:23.0408 4948 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 14:26:23.0409 4948 DfsC - ok 14:26:23.0528 4948 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 14:26:23.0532 4948 Dhcp - ok 14:26:23.0563 4948 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:26:23.0566 4948 discache - ok 14:26:23.0721 4948 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 14:26:23.0739 4948 Disk - ok 14:26:23.0788 4948 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 14:26:23.0790 4948 Dnscache - ok 14:26:23.0848 4948 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 14:26:23.0851 4948 dot3svc - ok 14:26:23.0890 4948 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 14:26:23.0892 4948 DPS - ok 14:26:23.0949 4948 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:26:23.0951 4948 drmkaud - ok 14:26:24.0095 4948 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 14:26:24.0124 4948 DXGKrnl - ok 14:26:24.0547 4948 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:26:24.0549 4948 EapHost - ok 14:26:25.0053 4948 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 14:26:25.0200 4948 ebdrv - ok 14:26:25.0379 4948 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 14:26:25.0427 4948 eeCtrl - ok 14:26:25.0556 4948 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 14:26:25.0558 4948 EFS - ok 14:26:25.0679 4948 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 14:26:25.0687 4948 ehRecvr - ok 14:26:25.0731 4948 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:26:25.0742 4948 ehSched - ok 14:26:25.0864 4948 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 14:26:25.0871 4948 elxstor - ok 14:26:26.0102 4948 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 14:26:26.0105 4948 EraserUtilRebootDrv - ok 14:26:26.0152 4948 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 14:26:26.0160 4948 ErrDev - ok 14:26:26.0257 4948 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:26:26.0260 4948 EventSystem - ok 14:26:26.0295 4948 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:26:26.0297 4948 exfat - ok 14:26:26.0327 4948 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:26:26.0332 4948 fastfat - ok 14:26:26.0415 4948 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 14:26:26.0422 4948 Fax - ok 14:26:26.0440 4948 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 14:26:26.0442 4948 fdc - ok 14:26:26.0477 4948 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:26:26.0477 4948 fdPHost - ok 14:26:26.0535 4948 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:26:26.0537 4948 FDResPub - ok 14:26:26.0582 4948 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:26:26.0585 4948 FileInfo - ok 14:26:26.0662 4948 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:26:26.0675 4948 Filetrace - ok 14:26:26.0737 4948 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 14:26:26.0737 4948 flpydisk - ok 14:26:26.0817 4948 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 14:26:26.0822 4948 FltMgr - ok 14:26:27.0028 4948 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 14:26:27.0071 4948 FontCache - ok 14:26:27.0246 4948 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:26:27.0248 4948 FontCache3.0.0.0 - ok 14:26:27.0314 4948 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:26:27.0329 4948 FsDepends - ok 14:26:27.0420 4948 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 14:26:27.0435 4948 fssfltr - ok 14:26:27.0685 4948 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 14:26:27.0755 4948 fsssvc - ok 14:26:27.0908 4948 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 14:26:27.0910 4948 Fs_Rec - ok 14:26:27.0966 4948 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:26:27.0968 4948 fvevol - ok 14:26:28.0016 4948 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:26:28.0018 4948 gagp30kx - ok 14:26:28.0153 4948 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 14:26:28.0175 4948 GameConsoleService - ok 14:26:28.0204 4948 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:26:28.0218 4948 GEARAspiWDM - ok 14:26:28.0397 4948 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 14:26:28.0424 4948 gpsvc - ok 14:26:28.0525 4948 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:26:28.0527 4948 gupdate - ok 14:26:28.0575 4948 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:26:28.0577 4948 gupdatem - ok 14:26:28.0743 4948 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 14:26:28.0746 4948 gusvc - ok 14:26:28.0768 4948 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:26:28.0785 4948 hcw85cir - ok 14:26:28.0845 4948 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 14:26:28.0861 4948 HdAudAddService - ok 14:26:28.0904 4948 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 14:26:28.0905 4948 HDAudBus - ok 14:26:28.0951 4948 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 14:26:28.0969 4948 HECIx64 - ok 14:26:29.0004 4948 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 14:26:29.0005 4948 HidBatt - ok 14:26:29.0032 4948 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 14:26:29.0034 4948 HidBth - ok 14:26:29.0063 4948 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 14:26:29.0065 4948 HidIr - ok 14:26:29.0091 4948 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:26:29.0092 4948 hidserv - ok 14:26:29.0160 4948 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 14:26:29.0181 4948 HidUsb - ok 14:26:29.0210 4948 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 14:26:29.0212 4948 hkmsvc - ok 14:26:29.0253 4948 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 14:26:29.0255 4948 HomeGroupListener - ok 14:26:29.0303 4948 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 14:26:29.0305 4948 HomeGroupProvider - ok 14:26:29.0463 4948 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 14:26:29.0464 4948 HP Support Assistant Service - ok 14:26:29.0628 4948 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 14:26:29.0630 4948 HP Wireless Assistant Service - ok 14:26:29.0737 4948 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 14:26:29.0740 4948 HPClientSvc - ok 14:26:29.0932 4948 hpqwmiex (e7c7829ba0395e48f8c8fe16b8832344) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 14:26:29.0975 4948 hpqwmiex - ok 14:26:30.0139 4948 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 14:26:30.0157 4948 HpSAMD - ok 14:26:30.0275 4948 HPWMISVC (2bec76bdcd1bc080210325e7b5094834) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 14:26:30.0277 4948 HPWMISVC - ok 14:26:30.0381 4948 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 14:26:30.0416 4948 HTTP - ok 14:26:30.0468 4948 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 14:26:30.0469 4948 hwpolicy - ok 14:26:30.0543 4948 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:26:30.0738 4948 i8042prt - ok 14:26:30.0841 4948 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys 14:26:30.0844 4948 iaStor - ok 14:26:31.0003 4948 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 14:26:31.0004 4948 IAStorDataMgrSvc - ok 14:26:31.0068 4948 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 14:26:31.0076 4948 iaStorV - ok 14:26:31.0328 4948 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:26:31.0403 4948 idsvc - ok 14:26:31.0858 4948 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120703.002\IDSvia64.sys 14:26:31.0864 4948 IDSVia64 - ok 14:26:33.0297 4948 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys 14:26:33.0617 4948 igfx - ok 14:26:33.0760 4948 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 14:26:33.0762 4948 iirsp - ok 14:26:33.0822 4948 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 14:26:33.0829 4948 IKEEXT - ok 14:26:33.0900 4948 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 14:26:33.0903 4948 Impcd - ok 14:26:33.0971 4948 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 14:26:33.0993 4948 IntcDAud - ok 14:26:34.0015 4948 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 14:26:34.0017 4948 intelide - ok 14:26:34.0044 4948 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 14:26:34.0046 4948 intelppm - ok 14:26:34.0080 4948 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:26:34.0093 4948 IPBusEnum - ok 14:26:34.0136 4948 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:26:34.0138 4948 IpFilterDriver - ok 14:26:34.0184 4948 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 14:26:34.0190 4948 iphlpsvc - ok 14:26:34.0219 4948 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 14:26:34.0221 4948 IPMIDRV - ok 14:26:34.0260 4948 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:26:34.0280 4948 IPNAT - ok 14:26:34.0405 4948 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 14:26:34.0414 4948 iPod Service - ok 14:26:34.0454 4948 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:26:34.0455 4948 IRENUM - ok 14:26:34.0509 4948 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 14:26:34.0510 4948 isapnp - ok 14:26:34.0581 4948 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 14:26:34.0614 4948 iScsiPrt - ok 14:26:34.0672 4948 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 14:26:34.0673 4948 kbdclass - ok 14:26:34.0777 4948 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 14:26:34.0791 4948 kbdhid - ok 14:26:34.0847 4948 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:26:34.0849 4948 KeyIso - ok 14:26:34.0876 4948 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 14:26:34.0893 4948 KSecDD - ok 14:26:34.0919 4948 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 14:26:34.0948 4948 KSecPkg - ok 14:26:34.0997 4948 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:26:35.0002 4948 ksthunk - ok 14:26:35.0070 4948 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:26:35.0075 4948 KtmRm - ok 14:26:35.0263 4948 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 14:26:35.0266 4948 LanmanServer - ok 14:26:35.0354 4948 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 14:26:35.0356 4948 LanmanWorkstation - ok 14:26:35.0483 4948 LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 14:26:35.0485 4948 LightScribeService - ok 14:26:35.0544 4948 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:26:35.0546 4948 lltdio - ok 14:26:35.0601 4948 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:26:35.0621 4948 lltdsvc - ok 14:26:35.0637 4948 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:26:35.0638 4948 lmhosts - ok 14:26:35.0774 4948 LMS (0405f4bcd1c7a7b309f620fe0b5de5e6) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 14:26:35.0791 4948 LMS - ok 14:26:35.0919 4948 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:26:35.0922 4948 LSI_FC - ok 14:26:36.0109 4948 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:26:36.0142 4948 LSI_SAS - ok 14:26:36.0177 4948 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:26:36.0179 4948 LSI_SAS2 - ok 14:26:36.0273 4948 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:26:36.0338 4948 LSI_SCSI - ok 14:26:36.0399 4948 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:26:36.0401 4948 luafv - ok 14:26:36.0530 4948 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 14:26:36.0531 4948 MBAMProtector - ok 14:26:36.0786 4948 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 14:26:36.0829 4948 MBAMService - ok 14:26:36.0869 4948 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 14:26:36.0878 4948 Mcx2Svc - ok 14:26:36.0914 4948 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 14:26:36.0916 4948 megasas - ok 14:26:36.0963 4948 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 14:26:36.0967 4948 MegaSR - ok 14:26:37.0029 4948 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:26:37.0030 4948 MMCSS - ok 14:26:37.0070 4948 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:26:37.0072 4948 Modem - ok 14:26:37.0108 4948 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:26:37.0109 4948 monitor - ok 14:26:37.0158 4948 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:26:37.0159 4948 mouclass - ok 14:26:37.0199 4948 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:26:37.0217 4948 mouhid - ok 14:26:37.0255 4948 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 14:26:37.0257 4948 mountmgr - ok 14:26:37.0323 4948 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 14:26:37.0326 4948 mpio - ok 14:26:37.0350 4948 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:26:37.0352 4948 mpsdrv - ok 14:26:37.0446 4948 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 14:26:37.0471 4948 MpsSvc - ok 14:26:37.0516 4948 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 14:26:37.0540 4948 MRxDAV - ok 14:26:37.0866 4948 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:26:37.0902 4948 mrxsmb - ok 14:26:37.0935 4948 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:26:37.0966 4948 mrxsmb10 - ok 14:26:38.0002 4948 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:26:38.0004 4948 mrxsmb20 - ok 14:26:38.0037 4948 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 14:26:38.0039 4948 msahci - ok 14:26:38.0077 4948 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 14:26:38.0094 4948 msdsm - ok 14:26:38.0133 4948 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:26:38.0148 4948 MSDTC - ok 14:26:38.0199 4948 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:26:38.0218 4948 Msfs - ok 14:26:38.0234 4948 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:26:38.0235 4948 mshidkmdf - ok 14:26:38.0259 4948 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 14:26:38.0274 4948 msisadrv - ok 14:26:38.0310 4948 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:26:38.0325 4948 MSiSCSI - ok 14:26:38.0335 4948 msiserver - ok 14:26:38.0388 4948 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:26:38.0389 4948 MSKSSRV - ok 14:26:38.0410 4948 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:26:38.0411 4948 MSPCLOCK - ok 14:26:38.0447 4948 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:26:38.0448 4948 MSPQM - ok 14:26:38.0500 4948 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 14:26:38.0505 4948 MsRPC - ok 14:26:38.0555 4948 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 14:26:38.0555 4948 mssmbios - ok 14:26:38.0616 4948 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:26:38.0628 4948 MSTEE - ok 14:26:38.0647 4948 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 14:26:38.0657 4948 MTConfig - ok 14:26:38.0701 4948 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:26:38.0723 4948 Mup - ok 14:26:38.0814 4948 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 14:26:38.0833 4948 napagent - ok 14:26:38.0896 4948 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:26:38.0901 4948 NativeWifiP - ok 14:26:39.0154 4948 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120703.024\ENG64.SYS 14:26:39.0156 4948 NAVENG - ok 14:26:39.0410 4948 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120703.024\EX64.SYS 14:26:39.0480 4948 NAVEX15 - ok 14:26:39.0776 4948 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 14:26:39.0858 4948 NDIS - ok 14:26:39.0912 4948 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:26:39.0914 4948 NdisCap - ok 14:26:39.0953 4948 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:26:39.0954 4948 NdisTapi - ok 14:26:40.0036 4948 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 14:26:40.0038 4948 Ndisuio - ok 14:26:40.0112 4948 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 14:26:40.0116 4948 NdisWan - ok 14:26:40.0149 4948 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 14:26:40.0151 4948 NDProxy - ok 14:26:40.0196 4948 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:26:40.0198 4948 NetBIOS - ok 14:26:40.0249 4948 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 14:26:40.0252 4948 NetBT - ok 14:26:40.0280 4948 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:26:40.0282 4948 Netlogon - ok 14:26:40.0354 4948 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:26:40.0358 4948 Netman - ok 14:26:40.0395 4948 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:26:40.0411 4948 netprofm - ok 14:26:40.0485 4948 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:26:40.0500 4948 NetTcpPortSharing - ok 14:26:41.0289 4948 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 14:26:41.0451 4948 netw5v64 - ok 14:26:41.0724 4948 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 14:26:41.0726 4948 nfrd960 - ok 14:26:41.0872 4948 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe 14:26:41.0874 4948 NIS - ok 14:26:41.0951 4948 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 14:26:41.0955 4948 NlaSvc - ok 14:26:41.0984 4948 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:26:41.0986 4948 Npfs - ok 14:26:42.0034 4948 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:26:42.0035 4948 nsi - ok 14:26:42.0105 4948 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:26:42.0106 4948 nsiproxy - ok 14:26:42.0270 4948 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 14:26:42.0345 4948 Ntfs - ok 14:26:42.0515 4948 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:26:42.0526 4948 Null - ok 14:26:42.0563 4948 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 14:26:42.0573 4948 nvraid - ok 14:26:42.0641 4948 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 14:26:42.0682 4948 nvstor - ok 14:26:42.0755 4948 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 14:26:42.0776 4948 nv_agp - ok 14:26:42.0805 4948 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 14:26:42.0821 4948 ohci1394 - ok 14:26:42.0903 4948 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:26:42.0927 4948 ose - ok 14:26:43.0549 4948 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:26:43.0705 4948 osppsvc - ok 14:26:43.0888 4948 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:26:43.0891 4948 p2pimsvc - ok 14:26:43.0957 4948 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:26:43.0962 4948 p2psvc - ok 14:26:44.0015 4948 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 14:26:44.0038 4948 Parport - ok 14:26:44.0083 4948 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 14:26:44.0101 4948 partmgr - ok 14:26:44.0138 4948 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:26:44.0141 4948 PcaSvc - ok 14:26:44.0195 4948 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 14:26:44.0198 4948 pci - ok 14:26:44.0228 4948 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 14:26:44.0230 4948 pciide - ok 14:26:44.0361 4948 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 14:26:44.0424 4948 pcmcia - ok 14:26:44.0465 4948 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:26:44.0482 4948 pcw - ok 14:26:44.0852 4948 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:26:44.0867 4948 PEAUTH - ok 14:26:44.0988 4948 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:26:44.0990 4948 PerfHost - ok 14:26:45.0140 4948 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 14:26:45.0187 4948 pla - ok 14:26:45.0243 4948 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 14:26:45.0247 4948 PlugPlay - ok 14:26:45.0284 4948 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:26:45.0287 4948 PNRPAutoReg - ok 14:26:45.0342 4948 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:26:45.0345 4948 PNRPsvc - ok 14:26:45.0412 4948 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 14:26:45.0417 4948 PolicyAgent - ok 14:26:45.0469 4948 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:26:45.0472 4948 Power - ok 14:26:45.0547 4948 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 14:26:45.0549 4948 PptpMiniport - ok 14:26:45.0603 4948 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 14:26:45.0604 4948 Processor - ok 14:26:45.0666 4948 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 14:26:45.0668 4948 ProfSvc - ok 14:26:45.0714 4948 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:26:45.0715 4948 ProtectedStorage - ok 14:26:45.0762 4948 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 14:26:45.0767 4948 Psched - ok 14:26:45.0954 4948 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 14:26:46.0005 4948 ql2300 - ok 14:26:46.0173 4948 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 14:26:46.0176 4948 ql40xx - ok 14:26:46.0207 4948 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:26:46.0226 4948 QWAVE - ok 14:26:46.0266 4948 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:26:46.0268 4948 QWAVEdrv - ok 14:26:46.0282 4948 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:26:46.0284 4948 RasAcd - ok 14:26:46.0325 4948 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:26:46.0343 4948 RasAgileVpn - ok 14:26:46.0389 4948 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:26:46.0392 4948 RasAuto - ok 14:26:46.0459 4948 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:26:46.0461 4948 Rasl2tp - ok 14:26:46.0509 4948 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 14:26:46.0514 4948 RasMan - ok 14:26:46.0799 4948 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:26:46.0802 4948 RasPppoe - ok 14:26:46.0838 4948 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:26:46.0840 4948 RasSstp - ok 14:26:46.0879 4948 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 14:26:46.0883 4948 rdbss - ok 14:26:46.0916 4948 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 14:26:46.0917 4948 rdpbus - ok 14:26:46.0936 4948 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:26:46.0936 4948 RDPCDD - ok 14:26:46.0966 4948 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:26:46.0967 4948 RDPENCDD - ok 14:26:46.0995 4948 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:26:46.0995 4948 RDPREFMP - ok 14:26:47.0058 4948 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 14:26:47.0087 4948 RDPWD - ok 14:26:47.0152 4948 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 14:26:47.0155 4948 rdyboost - ok 14:26:47.0183 4948 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:26:47.0202 4948 RemoteAccess - ok 14:26:47.0233 4948 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:26:47.0250 4948 RemoteRegistry - ok 14:26:47.0308 4948 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 14:26:47.0310 4948 RFCOMM - ok 14:26:47.0486 4948 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 14:26:47.0498 4948 RoxioNow Service - ok 14:26:47.0550 4948 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:26:47.0552 4948 RpcEptMapper - ok 14:26:47.0590 4948 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:26:47.0592 4948 RpcLocator - ok 14:26:47.0667 4948 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:26:47.0671 4948 RpcSs - ok 14:26:47.0768 4948 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys 14:26:47.0789 4948 RSPCIESTOR - ok 14:26:47.0831 4948 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:26:47.0833 4948 rspndr - ok 14:26:47.0906 4948 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:26:47.0928 4948 RTL8167 - ok 14:26:47.0958 4948 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:26:47.0959 4948 SamSs - ok 14:26:48.0007 4948 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 14:26:48.0009 4948 sbp2port - ok 14:26:48.0041 4948 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:26:48.0044 4948 SCardSvr - ok 14:26:48.0085 4948 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 14:26:48.0134 4948 scfilter - ok 14:26:48.0254 4948 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 14:26:48.0265 4948 Schedule - ok 14:26:48.0301 4948 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:26:48.0302 4948 SCPolicySvc - ok 14:26:48.0360 4948 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 14:26:48.0374 4948 sdbus - ok 14:26:48.0404 4948 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 14:26:48.0408 4948 SDRSVC - ok 14:26:48.0541 4948 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 14:26:48.0544 4948 SeaPort - ok 14:26:48.0574 4948 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:26:48.0575 4948 secdrv - ok 14:26:48.0602 4948 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 14:26:48.0642 4948 seclogon - ok 14:26:48.0696 4948 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:26:48.0698 4948 SENS - ok 14:26:48.0742 4948 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:26:48.0745 4948 SensrSvc - ok 14:26:48.0779 4948 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 14:26:48.0781 4948 Serenum - ok 14:26:48.0816 4948 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 14:26:48.0819 4948 Serial - ok 14:26:48.0867 4948 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 14:26:48.0877 4948 sermouse - ok 14:26:48.0936 4948 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 14:26:48.0938 4948 SessionEnv - ok 14:26:48.0976 4948 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 14:26:48.0978 4948 sffdisk - ok 14:26:49.0001 4948 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 14:26:49.0017 4948 sffp_mmc - ok 14:26:49.0032 4948 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 14:26:49.0058 4948 sffp_sd - ok 14:26:49.0092 4948 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 14:26:49.0093 4948 sfloppy - ok 14:26:49.0208 4948 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:26:49.0226 4948 SharedAccess - ok 14:26:49.0296 4948 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 14:26:49.0300 4948 ShellHWDetection - ok 14:26:49.0359 4948 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:26:49.0360 4948 SiSRaid2 - ok 14:26:49.0404 4948 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 14:26:49.0407 4948 SiSRaid4 - ok 14:26:49.0432 4948 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:26:49.0434 4948 Smb - ok 14:26:49.0471 4948 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:26:49.0474 4948 SNMPTRAP - ok 14:26:49.0496 4948 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:26:49.0497 4948 spldr - ok 14:26:49.0592 4948 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 14:26:49.0619 4948 Spooler - ok 14:26:50.0053 4948 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 14:26:50.0139 4948 sppsvc - ok 14:26:50.0318 4948 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:26:50.0320 4948 sppuinotify - ok 14:26:50.0490 4948 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS 14:26:50.0510 4948 SRTSP - ok 14:26:50.0561 4948 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS 14:26:50.0571 4948 SRTSPX - ok 14:26:50.0641 4948 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 14:26:50.0660 4948 srv - ok 14:26:50.0706 4948 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 14:26:50.0710 4948 srv2 - ok 14:26:50.0771 4948 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 14:26:50.0803 4948 SrvHsfHDA - ok 14:26:51.0021 4948 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 14:26:51.0086 4948 SrvHsfV92 - ok 14:26:51.0276 4948 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 14:26:51.0283 4948 SrvHsfWinac - ok 14:26:51.0378 4948 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 14:26:51.0380 4948 srvnet - ok 14:26:51.0445 4948 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:26:51.0448 4948 SSDPSRV - ok 14:26:51.0462 4948 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:26:51.0464 4948 SstpSvc - ok 14:26:51.0744 4948 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe 14:26:51.0747 4948 STacSV - ok 14:26:51.0771 4948 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 14:26:51.0773 4948 stexstor - ok 14:26:51.0910 4948 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys 14:26:51.0931 4948 STHDA - ok 14:26:51.0990 4948 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 14:26:51.0997 4948 stisvc - ok 14:26:52.0033 4948 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 14:26:52.0034 4948 swenum - ok 14:26:52.0103 4948 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:26:52.0118 4948 swprv - ok 14:26:52.0289 4948 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS 14:26:52.0322 4948 SymDS - ok 14:26:52.0616 4948 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS 14:26:52.0660 4948 SymEFA - ok 14:26:53.0024 4948 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 14:26:53.0065 4948 SymEvent - ok 14:26:53.0160 4948 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS 14:26:53.0175 4948 SymIRON - ok 14:26:53.0488 4948 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS 14:26:53.0543 4948 SymNetS - ok 14:26:54.0032 4948 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys 14:26:54.0116 4948 SynTP - ok 14:26:54.0366 4948 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 14:26:54.0383 4948 SysMain - ok 14:26:54.0770 4948 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 14:26:54.0772 4948 TabletInputService - ok 14:26:54.0958 4948 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 14:26:54.0963 4948 TapiSrv - ok 14:26:55.0017 4948 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:26:55.0041 4948 TBS - ok 14:26:55.0607 4948 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 14:26:55.0697 4948 Tcpip - ok 14:26:56.0084 4948 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 14:26:56.0094 4948 TCPIP6 - ok 14:26:56.0207 4948 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 14:26:56.0220 4948 tcpipreg - ok 14:26:56.0281 4948 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:26:56.0301 4948 TDPIPE - ok 14:26:56.0328 4948 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 14:26:56.0353 4948 TDTCP - ok 14:26:56.0402 4948 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 14:26:56.0404 4948 tdx - ok 14:26:56.0432 4948 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 14:26:56.0452 4948 TermDD - ok 14:26:56.0580 4948 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 14:26:56.0636 4948 TermService - ok 14:26:56.0683 4948 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:26:56.0685 4948 Themes - ok 14:26:56.0717 4948 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:26:56.0719 4948 THREADORDER - ok 14:26:56.0776 4948 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:26:56.0778 4948 TrkWks - ok 14:26:56.0878 4948 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 14:26:56.0880 4948 TrustedInstaller - ok 14:26:56.0925 4948 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:26:56.0927 4948 tssecsrv - ok 14:26:56.0980 4948 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 14:26:56.0998 4948 TsUsbFlt - ok 14:26:57.0064 4948 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 14:26:57.0066 4948 tunnel - ok 14:26:57.0097 4948 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 14:26:57.0101 4948 uagp35 - ok 14:26:57.0275 4948 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 14:26:57.0303 4948 udfs - ok 14:26:57.0341 4948 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:26:57.0360 4948 UI0Detect - ok 14:26:57.0420 4948 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 14:26:57.0422 4948 uliagpkx - ok 14:26:57.0488 4948 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 14:26:57.0490 4948 umbus - ok 14:26:57.0522 4948 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 14:26:57.0541 4948 UmPass - ok 14:26:57.0930 4948 UNS (6f895ca96552069b3d3ef5b4f6e90d3e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 14:26:57.0988 4948 UNS - ok 14:26:58.0112 4948 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:26:58.0118 4948 upnphost - ok 14:26:58.0212 4948 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 14:26:58.0215 4948 USBAAPL64 - ok 14:26:58.0260 4948 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 14:26:58.0262 4948 usbccgp - ok 14:26:58.0318 4948 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 14:26:58.0344 4948 usbcir - ok 14:26:58.0391 4948 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 14:26:58.0403 4948 usbehci - ok 14:26:58.0458 4948 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 14:26:58.0462 4948 usbhub - ok 14:26:58.0512 4948 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 14:26:58.0513 4948 usbohci - ok 14:26:58.0537 4948 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 14:26:58.0538 4948 usbprint - ok 14:26:58.0588 4948 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:26:58.0883 4948 USBSTOR - ok 14:26:58.0929 4948 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 14:26:58.0930 4948 usbuhci - ok 14:26:59.0002 4948 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 14:26:59.0005 4948 usbvideo - ok 14:26:59.0032 4948 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:26:59.0034 4948 UxSms - ok 14:26:59.0081 4948 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:26:59.0082 4948 VaultSvc - ok 14:26:59.0133 4948 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 14:26:59.0135 4948 vdrvroot - ok 14:26:59.0254 4948 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 14:26:59.0261 4948 vds - ok 14:26:59.0314 4948 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:26:59.0315 4948 vga - ok 14:26:59.0340 4948 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:26:59.0341 4948 VgaSave - ok 14:26:59.0383 4948 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 14:26:59.0394 4948 vhdmp - ok 14:26:59.0447 4948 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 14:26:59.0448 4948 viaide - ok 14:26:59.0476 4948 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 14:26:59.0478 4948 volmgr - ok 14:26:59.0520 4948 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 14:26:59.0524 4948 volmgrx - ok 14:26:59.0723 4948 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 14:26:59.0727 4948 volsnap - ok 14:26:59.0803 4948 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 14:26:59.0806 4948 vsmraid - ok 14:26:59.0964 4948 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 14:27:00.0001 4948 VSS - ok 14:27:00.0136 4948 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:27:00.0137 4948 vwifibus - ok 14:27:00.0201 4948 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:27:00.0203 4948 vwififlt - ok 14:27:00.0257 4948 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:27:00.0261 4948 W32Time - ok 14:27:00.0305 4948 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 14:27:00.0307 4948 WacomPen - ok 14:27:00.0362 4948 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:27:00.0378 4948 WANARP - ok 14:27:00.0395 4948 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:27:00.0396 4948 Wanarpv6 - ok 14:27:00.0528 4948 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:27:00.0570 4948 WatAdminSvc - ok 14:27:00.0780 4948 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 14:27:00.0824 4948 wbengine - ok 14:27:00.0982 4948 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:27:00.0990 4948 WbioSrvc - ok 14:27:01.0089 4948 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 14:27:01.0098 4948 wcncsvc - ok 14:27:01.0123 4948 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:27:01.0125 4948 WcsPlugInService - ok 14:27:01.0176 4948 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 14:27:01.0178 4948 Wd - ok 14:27:01.0235 4948 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 14:27:01.0236 4948 WDC_SAM - ok 14:27:01.0344 4948 WDDMService (334e5ed94d3faff3c44f4d36b1fe1c90) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 14:27:01.0346 4948 WDDMService - ok 14:27:01.0541 4948 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:27:01.0574 4948 Wdf01000 - ok 14:27:01.0608 4948 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:27:01.0610 4948 WdiServiceHost - ok 14:27:01.0618 4948 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:27:01.0619 4948 WdiSystemHost - ok 14:27:01.0723 4948 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 14:27:01.0724 4948 WDSmartWareBackgroundService - ok 14:27:01.0780 4948 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 14:27:01.0785 4948 WebClient - ok 14:27:01.0828 4948 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:27:01.0832 4948 Wecsvc - ok 14:27:01.0861 4948 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:27:01.0862 4948 wercplsupport - ok 14:27:01.0886 4948 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:27:01.0889 4948 WerSvc - ok 14:27:01.0961 4948 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:27:01.0962 4948 WfpLwf - ok 14:27:01.0983 4948 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:27:01.0985 4948 WIMMount - ok 14:27:02.0017 4948 WinDefend - ok 14:27:02.0027 4948 WinHttpAutoProxySvc - ok 14:27:02.0123 4948 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:27:02.0126 4948 Winmgmt - ok 14:27:02.0351 4948 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 14:27:02.0438 4948 WinRM - ok 14:27:02.0642 4948 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 14:27:02.0644 4948 WinUsb - ok 14:27:02.0722 4948 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:27:02.0731 4948 Wlansvc - ok 14:27:02.0865 4948 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 14:27:02.0887 4948 wlcrasvc - ok 14:27:03.0268 4948 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:27:03.0340 4948 wlidsvc - ok 14:27:03.0487 4948 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 14:27:03.0488 4948 WmiAcpi - ok 14:27:03.0592 4948 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:27:03.0596 4948 wmiApSrv - ok 14:27:03.0664 4948 WMPNetworkSvc - ok 14:27:03.0708 4948 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:27:03.0710 4948 WPCSvc - ok 14:27:03.0746 4948 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 14:27:03.0749 4948 WPDBusEnum - ok 14:27:03.0779 4948 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:27:03.0780 4948 ws2ifsl - ok 14:27:03.0811 4948 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 14:27:03.0813 4948 wscsvc - ok 14:27:03.0820 4948 WSearch - ok 14:27:04.0043 4948 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 14:27:04.0099 4948 wuauserv - ok 14:27:04.0221 4948 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 14:27:04.0223 4948 WudfPf - ok 14:27:04.0375 4948 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:27:04.0378 4948 WUDFRd - ok 14:27:04.0416 4948 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 14:27:04.0418 4948 wudfsvc - ok 14:27:04.0458 4948 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:27:04.0509 4948 WwanSvc - ok 14:27:04.0688 4948 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 14:27:04.0693 4948 yukonw7 - ok 14:27:04.0725 4948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:27:04.0760 4948 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 14:27:04.0760 4948 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 14:27:04.0807 4948 Boot (0x1200) (9d477996087f350a629395635a6f689b) \Device\Harddisk0\DR0\Partition0 14:27:04.0808 4948 \Device\Harddisk0\DR0\Partition0 - ok 14:27:04.0824 4948 Boot (0x1200) (4baec38957c0939dcd1020ab92a4ad5c) \Device\Harddisk0\DR0\Partition1 14:27:04.0826 4948 \Device\Harddisk0\DR0\Partition1 - ok 14:27:04.0860 4948 Boot (0x1200) (dbe727ee447bc974e3803601ef60ff64) \Device\Harddisk0\DR0\Partition2 14:27:04.0861 4948 \Device\Harddisk0\DR0\Partition2 - ok 14:27:04.0864 4948 ============================================================ 14:27:04.0864 4948 Scan finished 14:27:04.0864 4948 ============================================================ 14:27:04.0876 4688 Detected object count: 1 14:27:04.0876 4688 Actual detected object count: 1 14:28:32.0281 4688 \Device\Harddisk0\DR0\# - copied to quarantine 14:28:32.0281 4688 \Device\Harddisk0\DR0 - copied to quarantine 14:28:32.0618 4688 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 14:28:32.0620 4688 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 14:28:32.0790 4688 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 14:28:32.0929 4688 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 14:28:32.0939 4688 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 14:28:33.0021 4688 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 14:28:33.0024 4688 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 14:28:33.0026 4688 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 14:28:33.0029 4688 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 14:28:33.0077 4688 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 14:28:33.0080 4688 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 14:28:33.0083 4688 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 14:28:33.0085 4688 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 14:28:33.0087 4688 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 14:28:33.0097 4688 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 14:28:33.0134 4688 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 14:28:33.0170 4688 \Device\Harddisk0\DR0 - ok 14:28:34.0214 4688 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 14:29:02.0525 4388 Deinitialize success Second scan to follow.

MB is successfully blocking outgoing actions to either IP; 78.41.203.119 or 206.161.121.3 by svchost.exe When I run the qickscan it appears to find the infected file to be deleted upon restart. However I restart, run quick scan again and it is still there. Here are relevant logs per sim posts; many thanks for your assistance. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.04.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Glenn :: 2011-HP [administrator] Protection: Enabled 7/4/2012 10:53:30 AM mbam-log-2012-07-04 (11-01-18).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | PUP | PUM Scan options disabled: Heuristics/Shuriken | P2P Objects scanned: 260512 Time elapsed: 7 minute(s), 17 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 4276 -> No action taken. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> No action taken. (end) . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Glenn at 10:25:03 on 2012-07-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1717 [GMT -4:00] . AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\igfxtray.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet -netsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://my.yahoo.com/ uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} - hxxp://cabinetliquidators.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 24.229.54.212 216.144.187.199 24.229.54.220 TCP: Interfaces\{2420E24E-DE2A-4B25-B6FE-81F24CE4E131}\4786562696E6E6 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2420E24E-DE2A-4B25-B6FE-81F24CE4E131}\E46474D2642756560275946494 : DhcpNameServer = 156.154.119.11 156.154.129.11 TCP: Interfaces\{DA7C49CF-E2D2-42BC-8AE1-4952A3BD8033} : DhcpNameServer = 24.229.54.212 216.144.187.199 24.229.54.220 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll BHO-X64: Norton Identity Protection - No File BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL BHO-X64: Norton Vulnerability Protection - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001_e4b\BHDrvx64.sys [2012-6-19 1161376] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120703.002\IDSviA64.sys [2012-7-4 509088] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-25 13592] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-1 654408] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe [2012-5-17 138232] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-1-25 2320920] R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-31 138912] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-19 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 257696] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560] S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-19 136176] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-01 12:46:47 20480 ------w- C:\Windows\svchost.exe 2012-07-01 01:05:07 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-07-01 01:04:52 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-07-01 01:04:41 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-07-01 01:04:41 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-28 10:35:11 -------- d-----w- C:\ComboFix 2012-06-27 10:33:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-27 03:49:36 -------- d-----w- C:\ProgramData\PC Optimizer Pro 2012-06-14 21:24:47 -------- d-----w- C:\Program Files (x86)\VitalSource Bookshelf 2012-06-14 16:19:17 -------- d-----w- C:\Program Files\iTunes 2012-06-14 16:19:17 -------- d-----w- C:\Program Files\iPod 2012-06-14 16:19:17 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-14 16:16:49 -------- d-----w- C:\Program Files\Bonjour 2012-06-14 16:16:49 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-06-13 21:16:31 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe . ==================== Find3M ==================== . 2012-06-04 10:21:41 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-06-04 10:21:41 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-05 02:24:29 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 02:24:29 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-05 02:24:12 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll . ============= FINISH: 10:27:19.65 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 5/15/2011 3:46:46 AM System Uptime: 7/4/2012 10:12:19 AM (0 hours ago) . Motherboard: Hewlett-Packard | | 166A Processor: Intel® Core i3 CPU M 380 @ 2.53GHz | CPU | 911/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 387.169 GiB free. D: is FIXED (NTFS) - 15 GiB total, 1.819 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP134: 6/30/2012 7:25:18 PM - Installed Microsoft Fix it 50195 RP135: 6/30/2012 8:13:55 PM - Installed VitalSource Bookshelf. RP136: 6/30/2012 8:35:06 PM - Restore Operation RP137: 6/30/2012 9:04:05 PM - Windows Update RP138: 6/30/2012 9:19:33 PM - Installed VitalSource Bookshelf. RP139: 6/30/2012 9:27:23 PM - Installed VitalSource Bookshelf. RP140: 7/3/2012 12:21:02 PM - HPSF Applying updates RP141: 7/3/2012 12:23:16 PM - Removed HP Power Manager RP142: 7/3/2012 12:23:52 PM - Installed HP Power Manager RP143: 7/3/2012 12:26:52 PM - Removed HP Quick Launch RP144: 7/3/2012 12:27:30 PM - Installed HP Quick Launch RP146: 7/4/2012 9:38:08 AM - Removed service pack backup files . ==== Installed Programs ====================== . Adobe AIR Adobe Reader X (10.1.3) Adobe Shockwave Player 11.5 Agatha Christie - Peril at End House Apple Application Support Apple Software Update Bejeweled 2 Deluxe Bing Bar Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Build-a-lot 2 Cake Mania CDA Copper in Architecture Design Handbook Chuzzle Deluxe CyberLink DVD Suite CyberLink YouCam D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diner Dash 2 Restaurant Rescue Dora's World Adventure Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 Farm Frenzy FATE Final Drive Nitro Google Earth Google Toolbar for Internet Explorer Google Update Helper Heroes of Hellas 2 - Olympia Hewlett-Packard ACLM.NET v1.1.2.0 HP CloudDrive HP Customer Experience Enhancements HP Documentation HP Game Console HP Games HP MovieStore HP On Screen Display HP Power Manager HP Quick Launch HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Image Plugin Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 29 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.61.0.1400 Mesh Runtime Messenger Companion Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - The London Caper Norton Internet Security Penguins! PERRLA PictureMover Plants vs. Zombies PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Power2Go QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek Ethernet Controller Driver Realtek PCIE Card Reader RealUpgrade 1.1 Recovery Manager RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition SMPlayer 0.6.9 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Virtual Families Virtual Villagers 4 - The Tree of Life VitalSource Bookshelf VLC media player 1.1.11 Wheel of Fortune 2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 7/4/2012 10:09:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 7/3/2012 12:27:43 PM, Error: Service Control Manager [7030] - The HPWMISVC service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/3/2012 10:44:43 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 7/1/2012 8:34:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service. 7/1/2012 6:06:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 7/1/2012 11:55:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800031d66ea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070112-41309-01. 6/30/2012 9:09:11 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 6/30/2012 9:00:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 6/30/2012 8:59:41 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 6/30/2012 6:50:11 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800031be6ea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 063012-31168-01. 6/30/2012 6:46:23 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 6/30/2012 6:44:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 6/28/2012 6:43:19 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000317c6ea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 062812-30716-01. 6/28/2012 6:38:04 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 6/28/2012 6:13:30 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800031c26ea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 062812-25396-01. . ==== End Of File ===========================