datdarncomputer

09:21:42.0947 1368 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 09:21:42.0995 1368 ============================================================ 09:21:42.0997 1368 Current date / time: 2012/07/07 09:21:42.0995 09:21:42.0997 1368 SystemInfo: 09:21:42.0997 1368 09:21:42.0997 1368 OS Version: 6.1.7601 ServicePack: 1.0 09:21:42.0997 1368 Product type: Workstation 09:21:42.0997 1368 ComputerName: IQ-K12-LAPTOP 09:21:42.0997 1368 UserName: Parent 09:21:42.0997 1368 Windows directory: C:\Windows 09:21:42.0997 1368 System windows directory: C:\Windows 09:21:42.0997 1368 Processor architecture: Intel x86 09:21:42.0997 1368 Number of processors: 2 09:21:42.0997 1368 Page size: 0x1000 09:21:42.0997 1368 Boot type: Normal boot 09:21:42.0997 1368 ============================================================ 09:21:43.0750 1368 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:21:43.0757 1368 ============================================================ 09:21:43.0757 1368 \Device\Harddisk0\DR0: 09:21:43.0757 1368 MBR partitions: 09:21:43.0757 1368 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x400000 09:21:43.0757 1368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x400800, BlocksNum 0x2502DAB0 09:21:43.0757 1368 ============================================================ 09:21:43.0787 1368 C: <-> \Device\Harddisk0\DR0\Partition1 09:21:43.0787 1368 ============================================================ 09:21:43.0787 1368 Initialize success 09:21:43.0787 1368 ============================================================ 09:22:14.0573 3912 ============================================================ 09:22:14.0573 3912 Scan started 09:22:14.0573 3912 Mode: Manual; SigCheck; TDLFS; 09:22:14.0573 3912 ============================================================ 09:22:15.0133 3912 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 09:22:15.0420 3912 1394ohci - ok 09:22:15.0488 3912 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 09:22:15.0523 3912 ACPI - ok 09:22:15.0570 3912 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 09:22:15.0633 3912 AcpiPmi - ok 09:22:15.0713 3912 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 09:22:15.0743 3912 AdobeFlashPlayerUpdateSvc - ok 09:22:15.0830 3912 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys 09:22:15.0875 3912 adp94xx - ok 09:22:15.0915 3912 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys 09:22:15.0950 3912 adpahci - ok 09:22:15.0983 3912 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys 09:22:16.0013 3912 adpu320 - ok 09:22:16.0043 3912 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 09:22:16.0130 3912 AeLookupSvc - ok 09:22:16.0203 3912 AERTFilters (a6ce73469591554279da63be715dbc93) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe 09:22:16.0233 3912 AERTFilters - ok 09:22:16.0268 3912 afcmx86 (4054b5195755b08b212a68538f24d54c) C:\Windows\system32\drivers\afcmx86.sys 09:22:16.0338 3912 afcmx86 - ok 09:22:16.0410 3912 AFD (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys 09:22:16.0498 3912 AFD - ok 09:22:16.0548 3912 AgereModemAudio (48091a2374a69f473273c44951195452) C:\Program Files\LSI SoftModem\agrsmsvc.exe 09:22:16.0575 3912 AgereModemAudio - ok 09:22:16.0715 3912 AgereSoftModem (c6fa08a8cca9001f3197525b07331715) C:\Windows\system32\DRIVERS\AGRSM.sys 09:22:16.0868 3912 AgereSoftModem - ok 09:22:16.0903 3912 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 09:22:16.0930 3912 agp440 - ok 09:22:16.0990 3912 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys 09:22:17.0018 3912 aic78xx - ok 09:22:17.0070 3912 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 09:22:17.0125 3912 ALG - ok 09:22:17.0170 3912 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 09:22:17.0205 3912 aliide - ok 09:22:17.0243 3912 AMD External Events Utility (547d4c6b23ca9703d7b803d6c969a9e2) C:\Windows\system32\atiesrxx.exe 09:22:17.0305 3912 AMD External Events Utility - ok 09:22:17.0355 3912 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 09:22:17.0383 3912 amdagp - ok 09:22:17.0425 3912 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 09:22:17.0450 3912 amdide - ok 09:22:17.0488 3912 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys 09:22:17.0545 3912 AmdK8 - ok 09:22:18.0025 3912 amdkmdag (15fbc2bf6029d19e97d765547bf87aa4) C:\Windows\system32\DRIVERS\atikmdag.sys 09:22:18.0320 3912 amdkmdag - ok 09:22:18.0485 3912 amdkmdap (46df722b208d17dedb50c1a4821d91d2) C:\Windows\system32\DRIVERS\atikmpag.sys 09:22:18.0553 3912 amdkmdap - ok 09:22:18.0610 3912 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 09:22:18.0663 3912 AmdPPM - ok 09:22:18.0718 3912 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 09:22:18.0745 3912 amdsata - ok 09:22:18.0783 3912 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys 09:22:18.0815 3912 amdsbs - ok 09:22:18.0833 3912 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 09:22:18.0858 3912 amdxata - ok 09:22:18.0890 3912 amd_sata (00889d0e9a2a65b7e4454b2238d41ac7) C:\Windows\system32\drivers\amd_sata.sys 09:22:18.0918 3912 amd_sata - ok 09:22:18.0938 3912 amd_xata (b289c50849907738c9460fb093f28f7f) C:\Windows\system32\drivers\amd_xata.sys 09:22:18.0963 3912 amd_xata - ok 09:22:19.0013 3912 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 09:22:19.0090 3912 AppID - ok 09:22:19.0138 3912 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 09:22:19.0210 3912 AppIDSvc - ok 09:22:19.0223 3912 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 09:22:19.0303 3912 Appinfo - ok 09:22:19.0343 3912 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys 09:22:19.0370 3912 arc - ok 09:22:19.0393 3912 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys 09:22:19.0420 3912 arcsas - ok 09:22:19.0540 3912 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 09:22:19.0573 3912 aspnet_state - ok 09:22:19.0623 3912 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\Windows\system32\drivers\aswFsBlk.sys 09:22:19.0650 3912 aswFsBlk - ok 09:22:19.0678 3912 aswMonFlt (a48d8015af2a0d8b4937613ffbfd28de) C:\Windows\system32\drivers\aswMonFlt.sys 09:22:19.0708 3912 aswMonFlt - ok 09:22:19.0740 3912 aswRdr (4a951beba9e49410cde478b6f6abb252) C:\Windows\System32\Drivers\aswrdr2.sys 09:22:19.0768 3912 aswRdr - ok 09:22:19.0860 3912 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\Windows\system32\drivers\aswSnx.sys 09:22:19.0908 3912 aswSnx - ok 09:22:19.0960 3912 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\Windows\system32\drivers\aswSP.sys 09:22:19.0998 3912 aswSP - ok 09:22:20.0020 3912 aswTdi (7109a9aa551f37cd168c02368465957e) C:\Windows\system32\drivers\aswTdi.sys 09:22:20.0048 3912 aswTdi - ok 09:22:20.0093 3912 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 09:22:20.0170 3912 AsyncMac - ok 09:22:20.0235 3912 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 09:22:20.0260 3912 atapi - ok 09:22:20.0318 3912 AtiHDAudioService (95b1e9804ca10d096c0383f7c6684950) C:\Windows\system32\drivers\AtihdW73.sys 09:22:20.0345 3912 AtiHDAudioService - ok 09:22:20.0920 3912 atikmdag (15fbc2bf6029d19e97d765547bf87aa4) C:\Windows\system32\DRIVERS\atikmdag.sys 09:22:21.0103 3912 atikmdag - ok 09:22:21.0275 3912 AtiPcie (4ffe74e33bd9170950116f0ca46eac89) C:\Windows\system32\drivers\AtiPcie.sys 09:22:21.0300 3912 AtiPcie - ok 09:22:21.0378 3912 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 09:22:21.0450 3912 AudioEndpointBuilder - ok 09:22:21.0463 3912 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 09:22:21.0535 3912 Audiosrv - ok 09:22:21.0668 3912 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 09:22:21.0695 3912 avast! Antivirus - ok 09:22:21.0750 3912 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 09:22:21.0803 3912 AxInstSV - ok 09:22:21.0868 3912 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys 09:22:21.0938 3912 b06bdrv - ok 09:22:22.0005 3912 b57nd60x (6f41a4c5745bb99f89406f57164f099e) C:\Windows\system32\DRIVERS\b57nd60x.sys 09:22:22.0040 3912 b57nd60x - ok 09:22:22.0090 3912 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 09:22:22.0148 3912 BDESVC - ok 09:22:22.0173 3912 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 09:22:22.0265 3912 Beep - ok 09:22:22.0340 3912 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 09:22:22.0518 3912 BITS - ok 09:22:22.0570 3912 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\drivers\blbdrive.sys 09:22:22.0628 3912 blbdrive - ok 09:22:22.0673 3912 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 09:22:22.0708 3912 bowser - ok 09:22:22.0723 3912 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys 09:22:22.0775 3912 BrFiltLo - ok 09:22:22.0810 3912 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys 09:22:22.0870 3912 BrFiltUp - ok 09:22:22.0925 3912 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 09:22:23.0005 3912 Browser - ok 09:22:23.0055 3912 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 09:22:23.0110 3912 Brserid - ok 09:22:23.0150 3912 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 09:22:23.0210 3912 BrSerWdm - ok 09:22:23.0233 3912 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 09:22:23.0285 3912 BrUsbMdm - ok 09:22:23.0303 3912 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 09:22:23.0360 3912 BrUsbSer - ok 09:22:23.0383 3912 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys 09:22:23.0435 3912 BTHMODEM - ok 09:22:23.0498 3912 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 09:22:23.0578 3912 bthserv - ok 09:22:23.0628 3912 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 09:22:23.0715 3912 cdfs - ok 09:22:23.0765 3912 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 09:22:23.0825 3912 cdrom - ok 09:22:23.0878 3912 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 09:22:23.0958 3912 CertPropSvc - ok 09:22:23.0998 3912 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys 09:22:24.0050 3912 circlass - ok 09:22:24.0118 3912 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 09:22:24.0155 3912 CLFS - ok 09:22:24.0270 3912 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:22:24.0298 3912 clr_optimization_v2.0.50727_32 - ok 09:22:24.0375 3912 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:22:24.0403 3912 clr_optimization_v4.0.30319_32 - ok 09:22:24.0440 3912 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 09:22:24.0488 3912 CmBatt - ok 09:22:24.0518 3912 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 09:22:24.0543 3912 cmdide - ok 09:22:24.0598 3912 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 09:22:24.0648 3912 CNG - ok 09:22:24.0690 3912 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 09:22:24.0715 3912 Compbatt - ok 09:22:24.0770 3912 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 09:22:24.0820 3912 CompositeBus - ok 09:22:24.0838 3912 COMSysApp - ok 09:22:24.0870 3912 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys 09:22:24.0895 3912 crcdisk - ok 09:22:24.0938 3912 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 09:22:25.0020 3912 CryptSvc - ok 09:22:25.0083 3912 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 09:22:25.0185 3912 DcomLaunch - ok 09:22:25.0223 3912 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 09:22:25.0313 3912 defragsvc - ok 09:22:25.0390 3912 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 09:22:25.0475 3912 Dhcp - ok 09:22:25.0510 3912 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 09:22:25.0595 3912 discache - ok 09:22:25.0653 3912 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys 09:22:25.0678 3912 Disk - ok 09:22:25.0718 3912 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 09:22:25.0773 3912 Dnscache - ok 09:22:25.0825 3912 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 09:22:25.0918 3912 dot3svc - ok 09:22:25.0940 3912 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 09:22:26.0028 3912 DPS - ok 09:22:26.0085 3912 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 09:22:26.0138 3912 drmkaud - ok 09:22:26.0203 3912 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 09:22:26.0253 3912 DXGKrnl - ok 09:22:26.0275 3912 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 09:22:26.0368 3912 EapHost - ok 09:22:26.0640 3912 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys 09:22:26.0850 3912 ebdrv - ok 09:22:26.0963 3912 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe 09:22:27.0023 3912 EFS - ok 09:22:27.0128 3912 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys 09:22:27.0170 3912 elxstor - ok 09:22:27.0198 3912 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 09:22:27.0245 3912 ErrDev - ok 09:22:27.0308 3912 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 09:22:27.0403 3912 EventSystem - ok 09:22:27.0455 3912 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 09:22:27.0528 3912 exfat - ok 09:22:27.0543 3912 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 09:22:27.0630 3912 fastfat - ok 09:22:27.0680 3912 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys 09:22:27.0735 3912 fdc - ok 09:22:27.0768 3912 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 09:22:27.0855 3912 fdPHost - ok 09:22:27.0865 3912 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 09:22:27.0935 3912 FDResPub - ok 09:22:27.0973 3912 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 09:22:27.0998 3912 FileInfo - ok 09:22:28.0018 3912 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 09:22:28.0098 3912 Filetrace - ok 09:22:28.0140 3912 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys 09:22:28.0200 3912 flpydisk - ok 09:22:28.0245 3912 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 09:22:28.0278 3912 FltMgr - ok 09:22:28.0353 3912 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 09:22:28.0423 3912 FontCache - ok 09:22:28.0498 3912 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:22:28.0523 3912 FontCache3.0.0.0 - ok 09:22:28.0550 3912 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 09:22:28.0578 3912 FsDepends - ok 09:22:28.0605 3912 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 09:22:28.0630 3912 Fs_Rec - ok 09:22:28.0680 3912 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 09:22:28.0720 3912 fvevol - ok 09:22:28.0770 3912 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys 09:22:28.0798 3912 gagp30kx - ok 09:22:28.0858 3912 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 09:22:28.0955 3912 gpsvc - ok 09:22:29.0065 3912 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 09:22:29.0100 3912 gusvc - ok 09:22:29.0123 3912 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 09:22:29.0158 3912 hcw85cir - ok 09:22:29.0225 3912 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 09:22:29.0280 3912 HdAudAddService - ok 09:22:29.0343 3912 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 09:22:29.0400 3912 HDAudBus - ok 09:22:29.0440 3912 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys 09:22:29.0490 3912 HidBatt - ok 09:22:29.0523 3912 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys 09:22:29.0565 3912 HidBth - ok 09:22:29.0605 3912 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys 09:22:29.0665 3912 HidIr - ok 09:22:29.0708 3912 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 09:22:29.0798 3912 hidserv - ok 09:22:29.0835 3912 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 09:22:29.0890 3912 HidUsb - ok 09:22:29.0923 3912 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 09:22:29.0993 3912 hkmsvc - ok 09:22:30.0025 3912 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 09:22:30.0085 3912 HomeGroupListener - ok 09:22:30.0138 3912 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 09:22:30.0208 3912 HomeGroupProvider - ok 09:22:30.0253 3912 HP Health Check Service - ok 09:22:30.0295 3912 hpqwmiex - ok 09:22:30.0350 3912 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 09:22:30.0378 3912 HpSAMD - ok 09:22:30.0460 3912 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 09:22:30.0535 3912 HTTP - ok 09:22:30.0563 3912 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 09:22:30.0590 3912 hwpolicy - ok 09:22:30.0643 3912 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 09:22:30.0691 3912 i8042prt - ok 09:22:30.0756 3912 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 09:22:30.0793 3912 iaStorV - ok 09:22:30.0923 3912 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:22:31.0046 3912 idsvc - ok 09:22:31.0403 3912 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys 09:22:31.0668 3912 igfx - ok 09:22:31.0813 3912 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys 09:22:31.0843 3912 iirsp - ok 09:22:31.0923 3912 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 09:22:32.0078 3912 IKEEXT - ok 09:22:32.0383 3912 IntcAzAudAddService (1963b62f7fe2e99e719c7f2d18fc7c64) C:\Windows\system32\drivers\RTKVHDA.sys 09:22:32.0518 3912 IntcAzAudAddService - ok 09:22:32.0678 3912 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 09:22:32.0713 3912 intelide - ok 09:22:32.0751 3912 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\drivers\intelppm.sys 09:22:32.0803 3912 intelppm - ok 09:22:32.0836 3912 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 09:22:32.0908 3912 IPBusEnum - ok 09:22:32.0943 3912 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:22:33.0021 3912 IpFilterDriver - ok 09:22:33.0061 3912 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 09:22:33.0098 3912 IPMIDRV - ok 09:22:33.0116 3912 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 09:22:33.0206 3912 IPNAT - ok 09:22:33.0253 3912 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 09:22:33.0296 3912 IRENUM - ok 09:22:33.0333 3912 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 09:22:33.0361 3912 isapnp - ok 09:22:33.0406 3912 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 09:22:33.0438 3912 iScsiPrt - ok 09:22:33.0521 3912 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 09:22:33.0543 3912 IviRegMgr - ok 09:22:33.0611 3912 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 09:22:33.0638 3912 kbdclass - ok 09:22:33.0666 3912 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 09:22:33.0723 3912 kbdhid - ok 09:22:33.0761 3912 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 09:22:33.0803 3912 KeyIso - ok 09:22:33.0841 3912 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 09:22:33.0868 3912 KSecDD - ok 09:22:33.0886 3912 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 09:22:33.0916 3912 KSecPkg - ok 09:22:33.0956 3912 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 09:22:34.0051 3912 KtmRm - ok 09:22:34.0118 3912 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 09:22:34.0213 3912 LanmanServer - ok 09:22:34.0246 3912 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 09:22:34.0323 3912 LanmanWorkstation - ok 09:22:34.0358 3912 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 09:22:34.0446 3912 lltdio - ok 09:22:34.0508 3912 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 09:22:34.0586 3912 lltdsvc - ok 09:22:34.0621 3912 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 09:22:34.0703 3912 lmhosts - ok 09:22:34.0756 3912 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys 09:22:34.0786 3912 LSI_FC - ok 09:22:34.0811 3912 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys 09:22:34.0838 3912 LSI_SAS - ok 09:22:34.0858 3912 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys 09:22:34.0886 3912 LSI_SAS2 - ok 09:22:34.0911 3912 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys 09:22:34.0938 3912 LSI_SCSI - ok 09:22:34.0978 3912 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 09:22:35.0063 3912 luafv - ok 09:22:35.0106 3912 lxdv_device - ok 09:22:35.0231 3912 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 09:22:35.0271 3912 MDM - ok 09:22:35.0303 3912 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys 09:22:35.0328 3912 megasas - ok 09:22:35.0378 3912 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys 09:22:35.0413 3912 MegaSR - ok 09:22:35.0466 3912 MfeAVFK (32bcd2aec12cee766b2488731a78127c) C:\Windows\system32\drivers\MfeAVFK.sys 09:22:35.0493 3912 MfeAVFK - ok 09:22:35.0521 3912 MfeBOPK (963abf1a4d3a19206f7b059e5a1a190b) C:\Windows\system32\drivers\MfeBOPK.sys 09:22:35.0548 3912 MfeBOPK - ok 09:22:35.0593 3912 mfehidk (586a07b1fa933c340d990419d6894d7a) C:\Windows\system32\drivers\mfehidk.sys 09:22:35.0626 3912 mfehidk - ok 09:22:35.0651 3912 MfeRKDK (820d6aa3f7f0cfa8a1fa8f63d3f1df04) C:\Windows\system32\drivers\MfeRKDK.sys 09:22:35.0678 3912 MfeRKDK - ok 09:22:35.0713 3912 mfetdik (3812e49fa67a3f604895f0d0c2e1ef90) C:\Windows\system32\drivers\mfetdik.sys 09:22:35.0741 3912 mfetdik - ok 09:22:35.0781 3912 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 09:22:35.0863 3912 MMCSS - ok 09:22:35.0913 3912 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 09:22:35.0988 3912 Modem - ok 09:22:36.0031 3912 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 09:22:36.0091 3912 monitor - ok 09:22:36.0156 3912 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 09:22:36.0181 3912 mouclass - ok 09:22:36.0213 3912 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 09:22:36.0271 3912 mouhid - ok 09:22:36.0316 3912 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 09:22:36.0343 3912 mountmgr - ok 09:22:36.0383 3912 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 09:22:36.0413 3912 mpio - ok 09:22:36.0433 3912 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 09:22:36.0518 3912 mpsdrv - ok 09:22:36.0548 3912 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 09:22:36.0593 3912 MRxDAV - ok 09:22:36.0676 3912 mrxsmb (ed3d3419b064f28d812995ed8cadc541) C:\Windows\system32\DRIVERS\mrxsmb.sys 09:22:36.0718 3912 mrxsmb - ok 09:22:36.0758 3912 mrxsmb10 (dc914446049169a964e27fd8888ffaee) C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:22:36.0821 3912 mrxsmb10 - ok 09:22:36.0846 3912 mrxsmb20 (e7d90388d14fae057c166c1801e0bf94) C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:22:36.0883 3912 mrxsmb20 - ok 09:22:36.0906 3912 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 09:22:36.0933 3912 msahci - ok 09:22:36.0968 3912 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 09:22:37.0001 3912 msdsm - ok 09:22:37.0043 3912 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 09:22:37.0101 3912 MSDTC - ok 09:22:37.0151 3912 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 09:22:37.0218 3912 Msfs - ok 09:22:37.0233 3912 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 09:22:37.0303 3912 mshidkmdf - ok 09:22:37.0341 3912 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 09:22:37.0366 3912 msisadrv - ok 09:22:37.0418 3912 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 09:22:37.0498 3912 MSiSCSI - ok 09:22:37.0508 3912 msiserver - ok 09:22:37.0561 3912 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 09:22:37.0638 3912 MSKSSRV - ok 09:22:37.0676 3912 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 09:22:37.0753 3912 MSPCLOCK - ok 09:22:37.0778 3912 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 09:22:37.0861 3912 MSPQM - ok 09:22:37.0896 3912 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 09:22:37.0928 3912 MsRPC - ok 09:22:37.0976 3912 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 09:22:38.0001 3912 mssmbios - ok 09:22:38.0018 3912 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 09:22:38.0091 3912 MSTEE - ok 09:22:38.0116 3912 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys 09:22:38.0171 3912 MTConfig - ok 09:22:38.0211 3912 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 09:22:38.0238 3912 Mup - ok 09:22:38.0291 3912 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 09:22:38.0383 3912 napagent - ok 09:22:38.0456 3912 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 09:22:38.0506 3912 NativeWifiP - ok 09:22:38.0566 3912 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 09:22:38.0616 3912 NDIS - ok 09:22:38.0648 3912 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 09:22:38.0733 3912 NdisCap - ok 09:22:38.0761 3912 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 09:22:38.0843 3912 NdisTapi - ok 09:22:38.0871 3912 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 09:22:38.0951 3912 Ndisuio - ok 09:22:38.0991 3912 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 09:22:39.0081 3912 NdisWan - ok 09:22:39.0093 3912 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 09:22:39.0166 3912 NDProxy - ok 09:22:39.0191 3912 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 09:22:39.0278 3912 NetBIOS - ok 09:22:39.0301 3912 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 09:22:39.0368 3912 NetBT - ok 09:22:39.0406 3912 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 09:22:39.0446 3912 Netlogon - ok 09:22:39.0501 3912 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 09:22:39.0581 3912 Netman - ok 09:22:39.0691 3912 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:22:39.0738 3912 NetMsmqActivator - ok 09:22:39.0746 3912 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:22:39.0776 3912 NetPipeActivator - ok 09:22:39.0828 3912 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 09:22:39.0923 3912 netprofm - ok 09:22:40.0011 3912 netr28 (08981d4d90e09102fc9b2883efaaa805) C:\Windows\system32\DRIVERS\netr28.sys 09:22:40.0146 3912 netr28 - ok 09:22:40.0153 3912 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:22:40.0183 3912 NetTcpActivator - ok 09:22:40.0193 3912 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:22:40.0221 3912 NetTcpPortSharing - ok 09:22:40.0263 3912 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys 09:22:40.0291 3912 nfrd960 - ok 09:22:40.0346 3912 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 09:22:40.0433 3912 NlaSvc - ok 09:22:40.0473 3912 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 09:22:40.0558 3912 Npfs - ok 09:22:40.0588 3912 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 09:22:40.0663 3912 nsi - ok 09:22:40.0688 3912 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 09:22:40.0771 3912 nsiproxy - ok 09:22:40.0891 3912 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 09:22:41.0043 3912 Ntfs - ok 09:22:41.0073 3912 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 09:22:41.0158 3912 Null - ok 09:22:41.0208 3912 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 09:22:41.0238 3912 nvraid - ok 09:22:41.0266 3912 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 09:22:41.0296 3912 nvstor - ok 09:22:41.0336 3912 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 09:22:41.0366 3912 nv_agp - ok 09:22:41.0381 3912 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 09:22:41.0436 3912 ohci1394 - ok 09:22:41.0511 3912 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:22:41.0541 3912 ose - ok 09:22:41.0601 3912 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 09:22:41.0671 3912 p2pimsvc - ok 09:22:41.0726 3912 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 09:22:41.0783 3912 p2psvc - ok 09:22:41.0828 3912 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys 09:22:41.0868 3912 Parport - ok 09:22:41.0911 3912 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 09:22:41.0941 3912 partmgr - ok 09:22:41.0966 3912 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys 09:22:42.0021 3912 Parvdm - ok 09:22:42.0066 3912 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 09:22:42.0118 3912 PcaSvc - ok 09:22:42.0171 3912 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 09:22:42.0201 3912 pci - ok 09:22:42.0228 3912 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 09:22:42.0256 3912 pciide - ok 09:22:42.0301 3912 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys 09:22:42.0333 3912 pcmcia - ok 09:22:42.0366 3912 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 09:22:42.0393 3912 pcw - ok 09:22:42.0468 3912 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 09:22:42.0643 3912 PEAUTH - ok 09:22:42.0831 3912 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 09:22:43.0023 3912 pla - ok 09:22:43.0181 3912 PlugPlay (92dc6e68d2c856c5c2f21ae9e22112b8) C:\Windows\system32\umpnpmgr.dll 09:22:43.0281 3912 PlugPlay - ok 09:22:43.0316 3912 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 09:22:43.0373 3912 PNRPAutoReg - ok 09:22:43.0401 3912 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 09:22:43.0448 3912 PNRPsvc - ok 09:22:43.0501 3912 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 09:22:43.0591 3912 PolicyAgent - ok 09:22:43.0638 3912 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 09:22:43.0713 3912 Power - ok 09:22:43.0801 3912 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 09:22:43.0883 3912 PptpMiniport - ok 09:22:43.0916 3912 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys 09:22:43.0963 3912 Processor - ok 09:22:44.0013 3912 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 09:22:44.0088 3912 ProfSvc - ok 09:22:44.0128 3912 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 09:22:44.0168 3912 ProtectedStorage - ok 09:22:44.0226 3912 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 09:22:44.0318 3912 Psched - ok 09:22:44.0391 3912 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 09:22:44.0418 3912 PSI_SVC_2 - ok 09:22:44.0531 3912 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys 09:22:44.0683 3912 ql2300 - ok 09:22:44.0841 3912 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys 09:22:44.0871 3912 ql40xx - ok 09:22:44.0923 3912 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 09:22:44.0998 3912 QWAVE - ok 09:22:45.0043 3912 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 09:22:45.0083 3912 QWAVEdrv - ok 09:22:45.0106 3912 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 09:22:45.0186 3912 RasAcd - ok 09:22:45.0236 3912 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 09:22:45.0318 3912 RasAgileVpn - ok 09:22:45.0361 3912 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 09:22:45.0456 3912 RasAuto - ok 09:22:45.0503 3912 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 09:22:45.0588 3912 Rasl2tp - ok 09:22:45.0628 3912 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 09:22:45.0728 3912 RasMan - ok 09:22:45.0766 3912 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 09:22:45.0851 3912 RasPppoe - ok 09:22:45.0881 3912 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 09:22:45.0963 3912 RasSstp - ok 09:22:45.0991 3912 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 09:22:46.0071 3912 rdbss - ok 09:22:46.0111 3912 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys 09:22:46.0171 3912 rdpbus - ok 09:22:46.0206 3912 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 09:22:46.0281 3912 RDPCDD - ok 09:22:46.0331 3912 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 09:22:46.0413 3912 RDPENCDD - ok 09:22:46.0446 3912 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 09:22:46.0523 3912 RDPREFMP - ok 09:22:46.0556 3912 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 09:22:46.0631 3912 RDPWD - ok 09:22:46.0681 3912 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 09:22:46.0713 3912 rdyboost - ok 09:22:46.0753 3912 regi (24d3b49dab660a8b8afa40240e735e24) C:\Windows\system32\drivers\regi.sys 09:22:46.0781 3912 regi - ok 09:22:46.0831 3912 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 09:22:46.0903 3912 RemoteAccess - ok 09:22:46.0936 3912 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 09:22:47.0013 3912 RemoteRegistry - ok 09:22:47.0028 3912 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 09:22:47.0118 3912 RpcEptMapper - ok 09:22:47.0156 3912 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 09:22:47.0213 3912 RpcLocator - ok 09:22:47.0268 3912 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 09:22:47.0348 3912 RpcSs - ok 09:22:47.0401 3912 RSPCIESTOR (4ada96cdedca3ca8dd70f51575f6a7af) C:\Windows\system32\DRIVERS\RtsPStor.sys 09:22:47.0436 3912 RSPCIESTOR - ok 09:22:47.0476 3912 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 09:22:47.0563 3912 rspndr - ok 09:22:47.0656 3912 RTL8167 (fb3ca58c5447432b8e10c0df3d4d2a1b) C:\Windows\system32\DRIVERS\Rt86win7.sys 09:22:47.0691 3912 RTL8167 - ok 09:22:47.0788 3912 RTL8192Ce (0f67de40033768be99d93e24e519e766) C:\Windows\system32\DRIVERS\rtl8192Ce.sys 09:22:47.0846 3912 RTL8192Ce - ok 09:22:47.0873 3912 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 09:22:47.0913 3912 SamSs - ok 09:22:47.0958 3912 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 09:22:47.0986 3912 sbp2port - ok 09:22:48.0021 3912 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 09:22:48.0116 3912 SCardSvr - ok 09:22:48.0153 3912 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 09:22:48.0228 3912 scfilter - ok 09:22:48.0303 3912 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 09:22:48.0408 3912 Schedule - ok 09:22:48.0458 3912 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 09:22:48.0521 3912 SCPolicySvc - ok 09:22:48.0561 3912 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 09:22:48.0623 3912 SDRSVC - ok 09:22:48.0666 3912 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 09:22:48.0753 3912 secdrv - ok 09:22:48.0788 3912 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 09:22:48.0903 3912 seclogon - ok 09:22:48.0936 3912 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 09:22:49.0021 3912 SENS - ok 09:22:49.0048 3912 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 09:22:49.0106 3912 SensrSvc - ok 09:22:49.0158 3912 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys 09:22:49.0196 3912 Serenum - ok 09:22:49.0231 3912 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys 09:22:49.0283 3912 Serial - ok 09:22:49.0323 3912 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys 09:22:49.0358 3912 sermouse - ok 09:22:49.0416 3912 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 09:22:49.0506 3912 SessionEnv - ok 09:22:49.0546 3912 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 09:22:49.0601 3912 sffdisk - ok 09:22:49.0621 3912 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 09:22:49.0658 3912 sffp_mmc - ok 09:22:49.0668 3912 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 09:22:49.0738 3912 sffp_sd - ok 09:22:49.0786 3912 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys 09:22:49.0841 3912 sfloppy - ok 09:22:49.0888 3912 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 09:22:49.0986 3912 ShellHWDetection - ok 09:22:50.0036 3912 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 09:22:50.0063 3912 sisagp - ok 09:22:50.0098 3912 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys 09:22:50.0126 3912 SiSRaid2 - ok 09:22:50.0173 3912 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys 09:22:50.0203 3912 SiSRaid4 - ok 09:22:50.0276 3912 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe 09:22:50.0313 3912 SkypeUpdate - ok 09:22:50.0366 3912 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 09:22:50.0436 3912 Smb - ok 09:22:50.0483 3912 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 09:22:50.0543 3912 SNMPTRAP - ok 09:22:50.0573 3912 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 09:22:50.0603 3912 spldr - ok 09:22:50.0648 3912 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 09:22:50.0728 3912 Spooler - ok 09:22:50.0983 3912 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 09:22:51.0138 3912 sppsvc - ok 09:22:51.0256 3912 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 09:22:51.0351 3912 sppuinotify - ok 09:22:51.0426 3912 srv (4e636465a8653ba3bf29f929aa578e6f) C:\Windows\system32\DRIVERS\srv.sys 09:22:51.0476 3912 srv - ok 09:22:51.0521 3912 srv2 (4e4e17a3865f650ee8c67726872d9431) C:\Windows\system32\DRIVERS\srv2.sys 09:22:51.0656 3912 srv2 - ok 09:22:51.0693 3912 srvnet (1346dff5be932939997d373d61a35626) C:\Windows\system32\DRIVERS\srvnet.sys 09:22:51.0746 3912 srvnet - ok 09:22:51.0791 3912 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 09:22:51.0871 3912 SSDPSRV - ok 09:22:51.0888 3912 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 09:22:51.0986 3912 SstpSvc - ok 09:22:52.0018 3912 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys 09:22:52.0046 3912 stexstor - ok 09:22:52.0108 3912 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 09:22:52.0193 3912 StiSvc - ok 09:22:52.0228 3912 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 09:22:52.0256 3912 swenum - ok 09:22:52.0303 3912 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 09:22:52.0406 3912 swprv - ok 09:22:52.0506 3912 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 09:22:52.0586 3912 SysMain - ok 09:22:52.0603 3912 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 09:22:52.0671 3912 TabletInputService - ok 09:22:52.0731 3912 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 09:22:52.0836 3912 TapiSrv - ok 09:22:52.0878 3912 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 09:22:52.0956 3912 TBS - ok 09:22:53.0096 3912 Tcpip (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys 09:22:53.0163 3912 Tcpip - ok 09:22:53.0193 3912 TCPIP6 (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys 09:22:53.0261 3912 TCPIP6 - ok 09:22:53.0281 3912 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 09:22:53.0358 3912 tcpipreg - ok 09:22:53.0391 3912 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 09:22:53.0426 3912 TDPIPE - ok 09:22:53.0438 3912 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 09:22:53.0513 3912 TDTCP - ok 09:22:53.0543 3912 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 09:22:53.0623 3912 tdx - ok 09:22:53.0666 3912 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 09:22:53.0693 3912 TermDD - ok 09:22:53.0758 3912 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 09:22:53.0846 3912 TermService - ok 09:22:53.0866 3912 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 09:22:53.0938 3912 Themes - ok 09:22:53.0983 3912 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 09:22:54.0056 3912 THREADORDER - ok 09:22:54.0091 3912 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys 09:22:54.0138 3912 TPM - ok 09:22:54.0181 3912 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 09:22:54.0276 3912 TrkWks - ok 09:22:54.0341 3912 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 09:22:54.0418 3912 TrustedInstaller - ok 09:22:54.0461 3912 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 09:22:54.0541 3912 tssecsrv - ok 09:22:54.0553 3912 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 09:22:54.0593 3912 TsUsbFlt - ok 09:22:54.0633 3912 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys 09:22:54.0691 3912 TsUsbGD - ok 09:22:54.0751 3912 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 09:22:54.0831 3912 tunnel - ok 09:22:54.0868 3912 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys 09:22:54.0898 3912 uagp35 - ok 09:22:54.0936 3912 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 09:22:55.0016 3912 udfs - ok 09:22:55.0068 3912 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 09:22:55.0131 3912 UI0Detect - ok 09:22:55.0181 3912 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 09:22:55.0208 3912 uliagpkx - ok 09:22:55.0253 3912 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 09:22:55.0306 3912 umbus - ok 09:22:55.0343 3912 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys 09:22:55.0391 3912 UmPass - ok 09:22:55.0443 3912 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 09:22:55.0541 3912 upnphost - ok 09:22:55.0578 3912 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 09:22:55.0613 3912 usbccgp - ok 09:22:55.0648 3912 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 09:22:55.0691 3912 usbcir - ok 09:22:55.0721 3912 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 09:22:55.0753 3912 usbehci - ok 09:22:55.0791 3912 usbfilter (56e89c8e05a987a49ffa595428fb9767) C:\Windows\system32\drivers\usbfilter.sys 09:22:55.0821 3912 usbfilter - ok 09:22:55.0883 3912 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 09:22:55.0926 3912 usbhub - ok 09:22:55.0951 3912 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 09:22:56.0001 3912 usbohci - ok 09:22:56.0033 3912 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 09:22:56.0073 3912 usbprint - ok 09:22:56.0111 3912 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 09:22:56.0168 3912 usbscan - ok 09:22:56.0193 3912 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:22:56.0231 3912 USBSTOR - ok 09:22:56.0263 3912 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 09:22:56.0298 3912 usbuhci - ok 09:22:56.0346 3912 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys 09:22:56.0406 3912 usbvideo - ok 09:22:56.0451 3912 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 09:22:56.0526 3912 UxSms - ok 09:22:56.0551 3912 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 09:22:56.0593 3912 VaultSvc - ok 09:22:56.0646 3912 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 09:22:56.0671 3912 vdrvroot - ok 09:22:56.0793 3912 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 09:22:56.0953 3912 vds - ok 09:22:57.0001 3912 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 09:22:57.0046 3912 vga - ok 09:22:57.0088 3912 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 09:22:57.0153 3912 VgaSave - ok 09:22:57.0196 3912 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 09:22:57.0228 3912 vhdmp - ok 09:22:57.0261 3912 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 09:22:57.0291 3912 viaagp - ok 09:22:57.0318 3912 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys 09:22:57.0356 3912 ViaC7 - ok 09:22:57.0373 3912 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 09:22:57.0401 3912 viaide - ok 09:22:57.0443 3912 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 09:22:57.0471 3912 volmgr - ok 09:22:57.0528 3912 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 09:22:57.0566 3912 volmgrx - ok 09:22:57.0613 3912 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 09:22:57.0658 3912 volsnap - ok 09:22:57.0716 3912 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys 09:22:57.0746 3912 vsmraid - ok 09:22:57.0843 3912 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 09:22:57.0978 3912 VSS - ok 09:22:58.0023 3912 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 09:22:58.0071 3912 vwifibus - ok 09:22:58.0106 3912 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 09:22:58.0153 3912 vwififlt - ok 09:22:58.0208 3912 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 09:22:58.0311 3912 W32Time - ok 09:22:58.0356 3912 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys 09:22:58.0401 3912 WacomPen - ok 09:22:58.0451 3912 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:22:58.0533 3912 WANARP - ok 09:22:58.0546 3912 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:22:58.0613 3912 Wanarpv6 - ok 09:22:58.0743 3912 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 09:22:58.0906 3912 WatAdminSvc - ok 09:22:59.0051 3912 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 09:22:59.0198 3912 wbengine - ok 09:22:59.0236 3912 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 09:22:59.0311 3912 WbioSrvc - ok 09:22:59.0373 3912 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 09:22:59.0453 3912 wcncsvc - ok 09:22:59.0466 3912 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 09:22:59.0516 3912 WcsPlugInService - ok 09:22:59.0573 3912 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys 09:22:59.0601 3912 Wd - ok 09:22:59.0656 3912 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 09:22:59.0698 3912 Wdf01000 - ok 09:22:59.0728 3912 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 09:22:59.0801 3912 WdiServiceHost - ok 09:22:59.0811 3912 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 09:22:59.0863 3912 WdiSystemHost - ok 09:22:59.0901 3912 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 09:22:59.0973 3912 WebClient - ok 09:23:00.0001 3912 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 09:23:00.0143 3912 Wecsvc - ok 09:23:00.0173 3912 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 09:23:00.0248 3912 wercplsupport - ok 09:23:00.0286 3912 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 09:23:00.0366 3912 WerSvc - ok 09:23:00.0401 3912 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 09:23:00.0466 3912 WfpLwf - ok 09:23:00.0491 3912 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 09:23:00.0518 3912 WIMMount - ok 09:23:00.0541 3912 WinHttpAutoProxySvc - ok 09:23:00.0623 3912 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 09:23:00.0701 3912 Winmgmt - ok 09:23:00.0813 3912 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 09:23:01.0011 3912 WinRM - ok 09:23:01.0126 3912 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 09:23:01.0213 3912 Wlansvc - ok 09:23:01.0273 3912 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 09:23:01.0316 3912 WmiAcpi - ok 09:23:01.0388 3912 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 09:23:01.0441 3912 wmiApSrv - ok 09:23:01.0488 3912 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 09:23:01.0553 3912 WPCSvc - ok 09:23:01.0588 3912 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 09:23:01.0648 3912 WPDBusEnum - ok 09:23:01.0696 3912 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 09:23:01.0776 3912 ws2ifsl - ok 09:23:01.0798 3912 WSearch - ok 09:23:01.0968 3912 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 09:23:02.0128 3912 wuauserv - ok 09:23:02.0261 3912 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 09:23:02.0346 3912 WudfPf - ok 09:23:02.0391 3912 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 09:23:02.0478 3912 WUDFRd - ok 09:23:02.0526 3912 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 09:23:02.0613 3912 wudfsvc - ok 09:23:02.0646 3912 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 09:23:02.0723 3912 WwanSvc - ok 09:23:02.0798 3912 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 09:23:02.0831 3912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 09:23:02.0831 3912 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 09:23:03.0729 3912 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 09:23:03.0729 3912 \Device\Harddisk0\DR0 - detected TDSS File System (1) 09:23:03.0764 3912 Boot (0x1200) (4a781feae4554f1adbc740518dab9e09) \Device\Harddisk0\DR0\Partition0 09:23:03.0766 3912 \Device\Harddisk0\DR0\Partition0 - ok 09:23:03.0784 3912 Boot (0x1200) (e8078b026380379c86c6b564005c6795) \Device\Harddisk0\DR0\Partition1 09:23:03.0786 3912 \Device\Harddisk0\DR0\Partition1 - ok 09:23:03.0786 3912 ============================================================ 09:23:03.0786 3912 Scan finished 09:23:03.0786 3912 ============================================================ 09:23:03.0816 2804 Detected object count: 2 09:23:03.0816 2804 Actual detected object count: 2 09:23:21.0131 2804 \Device\Harddisk0\DR0\# - copied to quarantine 09:23:21.0131 2804 \Device\Harddisk0\DR0 - copied to quarantine 09:23:21.0186 2804 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 09:23:21.0206 2804 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 09:23:21.0236 2804 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 09:23:21.0276 2804 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 09:23:25.0729 2804 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 09:23:25.0811 2804 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 09:23:25.0816 2804 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 09:23:25.0824 2804 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 09:23:25.0831 2804 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 09:23:25.0894 2804 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 09:23:25.0974 2804 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 09:23:25.0981 2804 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 09:23:26.0016 2804 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 09:23:26.0044 2804 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 09:23:26.0076 2804 \Device\Harddisk0\DR0 - ok 09:23:26.0088 2804 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 09:23:26.0089 2804 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 09:23:26.0090 2804 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 09:24:16.0894 2312 Deinitialize success DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_20 Run by Parent at 9:46:49 on 2012-07-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3579.2872 [GMT -5:00] . AV: McAfee® Total Protection™ Service *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee® Total Protection™ Service *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\lxdvcoms.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Skype\Updater\Updater.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Lexmark X5400 Series\lxdvmon.exe C:\Program Files\Lexmark X5400 Series\lxdvamon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://getstarted.k12.com/ uDefault_Page_URL = hxxp://getstarted.k12.com/ mStart Page = hxxp://getstarted.k12.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtkNGUI.exe -s mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe" mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe" mRun: [Lexmark X5400 Series Fax Server] "c:\program files\lexmark x5400 series\fm3032.exe" /s mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui StartupFolder: c:\users\parent\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office11\REFIEBAR.DLL LSP: mswsock.dll Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: mcafee.com\* Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{404D8727-3964-4734-9AC8-3C6AC5F79635} : DhcpNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\parent\appdata\roaming\mozilla\firefox\profiles\59kkoegy.default\ FF - prefs.js: browser.startup.homepage - hxxp://getstarted.k12.com/ FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\avast software\avast\webrep\FF . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-7-18 66176] R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-7-18 31872] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-7-6 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-7-6 353688] R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-5-18 214664] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2011-7-18 87968] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-7-2 176128] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-7-6 21256] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-7-6 57656] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-7-6 44808] R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2010-11-16 13880] R2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-5-3 158856] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-7-18 6789632] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-7-18 236032] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-7-18 101392] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2011-7-18 251496] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-7-18 348776] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\drivers\rtl8192Ce.sys [2011-8-16 982632] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-7-18 35968] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-5 257224] S3 afcmx86;afcmx86;c:\windows\system32\drivers\afcmx86.sys [2011-7-18 25144] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-5-31 260648] S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-7 40776] S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\mfeavfk.sys [2012-5-18 79816] S3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\mfebopk.sys [2012-5-18 35272] S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\mferkdk.sys [2012-5-18 34248] S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-5-19 599040] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-10 1343400] . =============== Created Last 30 ================ . 2012-07-07 14:26:00 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-07-07 14:23:19 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-07 14:21:15 306 ----a-w- c:\windows\myClean.bat 2012-07-06 15:32:27 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-07-06 15:32:26 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-06 15:32:24 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-06 15:30:13 41224 ----a-w- c:\windows\avastSS.scr 2012-07-06 15:29:33 -------- d-----w- c:\programdata\AVAST Software 2012-07-06 15:29:33 -------- d-----w- c:\program files\AVAST Software 2012-07-06 00:33:45 -------- d-----w- c:\users\parent\appdata\roaming\Malwarebytes 2012-07-05 23:59:40 -------- d-----w- c:\users\parent\appdata\local\Macromedia 2012-07-05 23:58:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-05 23:58:35 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-05 23:55:07 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-06-24 19:14:42 -------- d-----w- c:\users\parent\appdata\local\Apple Computer . ==================== Find3M ==================== . . ============= FINISH: 9:50:22.57 =============== Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.07.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 Parent :: IQ-K12-LAPTOP [administrator] 7/7/2012 9:27:04 AM mbam-log-2012-07-07 (09-27-04).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 201040 Time elapsed: 10 minute(s), 27 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Note: I wasn't sure if you needed me to include the 'Attach' log from DDS, so I didn't. Also, I didn't turn up anything when I ran a quick scan on Malwarebytes; is this a problem? Thanks for your help.

I'm getting repeated (blocked) pop-up attempts from xHttp://newgenerationp.com/s/1042/68/... and xHttp://oldschool.zzzz.x. I already did a boot-time scan with Avast, and a scan via Malwarebytes turned up nothing. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_20 Run by Parent at 17:24:31 on 2012-07-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3579.2449 [GMT -5:00] . AV: McAfee® Total Protection™ Service *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee® Total Protection™ Service *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe C:\Windows\system32\lxdvcoms.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Lexmark X5400 Series\lxdvmon.exe C:\Program Files\Lexmark X5400 Series\lxdvamon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wbengine.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\vds.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe \\?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://getstarted.k12.com/ uDefault_Page_URL = hxxp://getstarted.k12.com/ mStart Page = hxxp://getstarted.k12.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\managed virusscan\vscan\ScriptSn.20120517153930.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtkNGUI.exe -s mRun: [MVS Splash] "c:\program files\mcafee\managed virusscan\desktopui\XTray.exe" /LOGON mRun: [McAfee Managed Services Tray] c:\program files\mcafee\managed virusscan\desktopui\XTray.Exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe" mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe" mRun: [Lexmark X5400 Series Fax Server] "c:\program files\lexmark x5400 series\fm3032.exe" /s mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui StartupFolder: c:\users\parent\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office11\REFIEBAR.DLL LSP: mswsock.dll Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: mcafee.com\* Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{404D8727-3964-4734-9AC8-3C6AC5F79635} : DhcpNameServer = 192.168.0.1 Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - c:\program files\mcafee\managed virusscan\agent\MyRmProt5.0.0.811.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\parent\appdata\roaming\mozilla\firefox\profiles\59kkoegy.default\ FF - prefs.js: browser.startup.homepage - hxxp://getstarted.k12.com/ FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\avast software\avast\webrep\FF . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-7-18 66176] R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-7-18 31872] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-7-6 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-7-6 353688] R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-5-18 214664] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2011-7-18 87968] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-7-2 176128] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-7-6 21256] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-7-6 57656] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-7-6 44808] R2 EngineServer;EngineServer;c:\program files\mcafee\managed virusscan\vscan\EngineServer.exe [2012-5-18 14144] R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?] R2 McShield;McShield;c:\progra~1\mcafee\manage~1\vscan\McShield.exe [2012-5-18 144704] R2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\mcafee\managed virusscan\agent\myAgtSvc.exe [2012-5-18 282824] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2010-11-16 13880] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-7-18 6789632] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-7-18 236032] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-7-18 101392] R3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\mfeavfk.sys [2012-5-18 79816] R3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\mfebopk.sys [2012-5-18 35272] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2011-7-18 251496] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-7-18 348776] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\drivers\rtl8192Ce.sys [2011-8-16 982632] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-7-18 35968] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-5-3 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-5 257224] S3 afcmx86;afcmx86;c:\windows\system32\drivers\afcmx86.sys [2011-7-18 25144] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-5-31 260648] S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\mferkdk.sys [2012-5-18 34248] S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-5-19 599040] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-10 1343400] . =============== Created Last 30 ================ . 2012-07-06 15:32:27 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-07-06 15:32:26 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-06 15:32:24 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-06 15:30:13 41224 ----a-w- c:\windows\avastSS.scr 2012-07-06 15:29:33 -------- d-----w- c:\programdata\AVAST Software 2012-07-06 15:29:33 -------- d-----w- c:\program files\AVAST Software 2012-07-06 00:33:45 -------- d-----w- c:\users\parent\appdata\roaming\Malwarebytes 2012-07-05 23:59:40 -------- d-----w- c:\users\parent\appdata\local\Macromedia 2012-07-05 23:58:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-05 23:58:35 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-05 23:55:07 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-06-24 19:14:42 -------- d-----w- c:\users\parent\appdata\local\Apple Computer . ==================== Find3M ==================== . . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 6.1.7601 Disk: TOSHIBA_ rev.GS00 -> Harddisk0\DR0 -> . device: opened successfully user: MBR read successfully . Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys amd_xata.sys >>UNKNOWN [0x86F2D4B1]<< c:\windows\system32\drivers\amd_xata.sys Advanced Micro Devices Stor Filter Driver _asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x86f3493c]; MOV EAX, [0x86f34ab0]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; } 1 ntkrnlpa!IofCallDriver[0x82E8D52F] -> \Device\Harddisk0\DR0[0x86A7AA38] 3 CLASSPNP[0x8C98659E] -> ntkrnlpa!IofCallDriver[0x82E8D52F] -> [0x86A38020] 5 amd_xata[0x837308DF] -> ntkrnlpa!IofCallDriver[0x82E8D52F] -> \0000005c[0x868DA718] \Driver\amd_sata[0x86E04D28] -> IRP_MJ_CREATE -> 0x86F2D4B1 kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; } detected disk devices: \Device\0000005c -> \??\SCSI#Disk&Ven_TOSHIBA&Prod_MK3276GSX#4&c8df9c2&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found detected hooks: user & kernel MBR OK Warning: possible TDL3 rootkit infection ! . ============= FINISH: 17:27:40.93 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 5/18/2012 12:19:53 AM System Uptime: 7/6/2012 5:05:11 PM (0 hours ago) . Motherboard: Hewlett-Packard | | 3577 Processor: AMD E-300 APU with Radeon HD Graphics | Socket FT1 | 1300/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 296 GiB total, 263.582 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP31: 5/18/2012 2:05:12 PM - Windows Modules Installer RP32: 5/28/2012 12:55:54 PM - Scheduled Checkpoint RP33: 6/3/2012 8:23:45 PM - Windows Modules Installer RP39: 7/6/2012 10:28:58 AM - avast! Free Antivirus Setup . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X Adobe Shockwave Player 11.5 ALT Access Apple Application Support Apple Software Update Audacity avast! Free Antivirus Compatibility Pack for the 2007 Office system Corel WinDVD Defraggler (remove only) Graph 4.3 GTK+ 2.10.11 runtime environment HP Customer Experience Enhancements HP Vision Hardware Diagnostics Java 2 Runtime Environment, SE v1.4.2_07 Java Auto Updater Java 6 Update 20 Lexmark X5400 Series LSI PCI-SV92EX Soft Modem Malwarebytes Anti-Malware version 1.61.0.1400 McAfee Virus and Spyware Protection Service Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Express Edition - ENU Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Mozilla Firefox (3.5.3) OpenOffice.org 3.2 Opera 11.64 Password Corral v4.0 Picasa 3 QuickTime RealPlayer Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Skype™ 5.9 The GIMP 2.2.15 Update for Microsoft .NET Framework 4 Client Profile (KB2473228) VC Runtimes MSI Visual C++ 8.0 x86 Runtime Setup Package VLC media player 1.0.5 WebDwarf V2 . ==== Event Viewer Messages From Past Week ======== . 7/6/2012 5:22:58 PM, Error: Disk [11] - The driver detected a controller error on \...\DR3. 7/6/2012 5:16:41 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 7/6/2012 5:16:41 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 7/6/2012 5:10:45 PM, Error: Service Control Manager [7034] - The McShield service terminated unexpectedly. It has done this 1 time(s). 7/6/2012 5:08:32 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The system cannot find the file specified. 7/6/2012 10:42:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 7/6/2012 1:31:12 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 7/5/2012 8:49:52 PM, Error: Disk [11] - The driver detected a controller error on \...\DR1. 7/5/2012 8:31:19 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/5/2012 7:59:48 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The pipe has been ended. 7/5/2012 6:36:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. . ==== End Of File ===========================