Jump to content

MelloYello

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. MrC, thank you so much for your help. I cannot imagine what I'd have done without your very thorough and easily understandable instructions. All the best!
  2. Seems to be running great. Here's the log from updated MWB. ---------------------------------------------------------- Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.10.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Nick :: ANTONINUS [administrator] 8/9/2012 10:03:38 PM mbam-log-2012-08-09 (22-03-38).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 219842 Time elapsed: 5 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  3. Hi MrC: Here's the ComboFix log: -------------------------------------------------------------------- ComboFix 12-08-09.01 - Nick 08/09/2012 21:22:51.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4010.2572 [GMT -4:00] Running from: c:\users\Nick\Desktop\ComboFix.exe AV: Trend Micro Client/Server Security Agent Antivirus *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} FW: Trend Micro Personal Firewall *Disabled* {50C2E989-60CF-0845-AFD3-290B7D301E79} SP: Trend Micro Client/Server Security Agent Anti-spyware *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\programdata\PCDr\5907\Downloads\116e5d12-0d05-4993-954c-85b013aaf3cb.dll c:\programdata\PCDr\5907\Downloads\140239b3-d59a-46fa-b856-17682a46cb44.dll c:\programdata\PCDr\5907\Downloads\a2192d8a-3d73-4ff7-be9b-02134f41db63.dll c:\programdata\PCDr\5907\Downloads\f0fc9c9c-10ba-435b-8365-dadb523644ff.dll c:\programdata\Roaming c:\windows\svchost.exe . . ((((((((((((((((((((((((( Files Created from 2012-07-10 to 2012-08-10 ))))))))))))))))))))))))))))))) . . 2012-08-10 01:27 . 2012-08-10 01:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-10 01:27 . 2012-08-10 01:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-10 00:10 . 2012-08-10 01:13 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-09 15:19 . 2012-08-09 15:19 -------- d-----w- c:\users\Nick\AppData\Roaming\Malwarebytes 2012-08-09 15:19 . 2012-08-09 15:19 -------- d-----w- c:\programdata\Malwarebytes 2012-08-09 15:19 . 2012-08-09 15:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-09 15:19 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-01 19:12 . 2012-08-01 19:12 -------- d-----w- c:\program files (x86)\EA GAMES 2012-07-12 07:06 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 10:06 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-12 07:03 . 2011-08-28 13:45 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-05 18:31 . 2012-06-05 18:18 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-05 18:31 . 2011-09-03 06:48 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-05 18:31 . 2012-06-05 18:31 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-06-04 15:23 . 2012-06-04 15:23 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-06-04 15:23 . 2011-07-04 22:03 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-06-02 22:19 . 2012-06-22 00:46 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-22 00:46 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-22 00:46 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-22 00:46 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-22 00:46 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-22 00:46 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-22 00:46 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-22 00:45 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:15 . 2012-06-22 00:45 36864 ----a-w- c:\windows\system32\wuapp.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "7 Taskbar Tweaker"="c:\users\Nick\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" [2011-08-20 131584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "OfficeScanNT Monitor"="c:\program files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" [2012-01-09 1712656] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 TmFilter;Trend Micro Filter;c:\program files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [2011-07-12 342288] R2 TmPreFilter;Trend Micro PreFilter;c:\program files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys [2011-07-12 42768] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 257696] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-04-26 34200] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-10 129976] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528] R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;c:\program files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe [2012-06-26 918064] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-27 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-04-22 25960] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-22 378472] S2 svcGenericHost;Trend Micro Client/Server Security Agent;c:\program files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [2012-02-08 50704] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-10-07 3137840] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-09-29 27760] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-12-14 274432] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-12-14 59904] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-04-26 25496] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-22 8505856] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 54864042 *Deregistered* - 54864042 . Contents of the 'Scheduled Tasks' folder . 2012-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 18:31] . 2012-08-09 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . 2012-08-09 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-10-01 727664] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-11 4500640] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.ca/advanced_search mLocal Page = c:\windows\SysWOW64\blank.htm IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187 FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\p6swhzft.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/advanced_search FF - prefs.js: network.proxy.http - corp-apps-proxy FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-MediaGet2 - c:\users\Nick\AppData\Local\MediaGet2\mediaget.exe Wow6432Node-HKCU-Run-AdobeBridge - (no file) Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3950330392-3544514729-2435179646-1002\Software\SecuROM\License information*] "datasecu"=hex:95,19,1e,15,11,bb,57,88,00,7f,07,b6,73,42,6e,68,96,d7,fc,09,76, ba,2e,bc,ac,2e,88,c8,f3,26,24,92,9d,ba,1e,f8,a0,b3,3a,cd,1e,25,27,2b,2e,60,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-09 21:30:28 ComboFix-quarantined-files.txt 2012-08-10 01:30 . Pre-Run: 187,839,758,336 bytes free Post-Run: 188,062,347,264 bytes free . - - End Of File - - 16290881D61B15642B39D5A62718365B
  4. Hi MrC: Here's the TDSSKiller log report. And that annoying warning hasn't popped up yet, so I am cautiously optimistic that we are clean? ---------------------------------------------------------- 20:07:30.0736 1808 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 20:07:30.0970 1808 ============================================================ 20:07:30.0970 1808 Current date / time: 2012/08/09 20:07:30.0970 20:07:30.0970 1808 SystemInfo: 20:07:30.0970 1808 20:07:30.0970 1808 OS Version: 6.1.7601 ServicePack: 1.0 20:07:30.0970 1808 Product type: Workstation 20:07:30.0970 1808 ComputerName: ANTONINUS 20:07:30.0970 1808 UserName: Nick 20:07:30.0970 1808 Windows directory: C:\Windows 20:07:30.0970 1808 System windows directory: C:\Windows 20:07:30.0970 1808 Running under WOW64 20:07:30.0970 1808 Processor architecture: Intel x64 20:07:30.0970 1808 Number of processors: 4 20:07:30.0970 1808 Page size: 0x1000 20:07:30.0970 1808 Boot type: Normal boot 20:07:30.0970 1808 ============================================================ 20:07:31.0672 1808 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:07:31.0672 1808 ============================================================ 20:07:31.0672 1808 \Device\Harddisk0\DR0: 20:07:31.0672 1808 MBR partitions: 20:07:31.0672 1808 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x2AC6000 20:07:31.0672 1808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF9000, BlocksNum 0x229352B0 20:07:31.0672 1808 ============================================================ 20:07:31.0719 1808 C: <-> \Device\Harddisk0\DR0\Partition1 20:07:31.0719 1808 ============================================================ 20:07:31.0719 1808 Initialize success 20:07:31.0719 1808 ============================================================ 20:08:07.0864 1516 ============================================================ 20:08:07.0864 1516 Scan started 20:08:07.0864 1516 Mode: Manual; SigCheck; TDLFS; 20:08:07.0864 1516 ============================================================ 20:08:10.0516 1516 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 20:08:10.0766 1516 1394ohci - ok 20:08:10.0906 1516 Acceler (aedb94a49236f5ff060c90e09e70281f) C:\Windows\system32\DRIVERS\Accelern.sys 20:08:11.0327 1516 Acceler - ok 20:08:11.0436 1516 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 20:08:11.0514 1516 ACPI - ok 20:08:11.0546 1516 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 20:08:11.0717 1516 AcpiPmi - ok 20:08:11.0904 1516 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:08:11.0920 1516 AdobeARMservice - ok 20:08:12.0107 1516 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:08:12.0123 1516 AdobeFlashPlayerUpdateSvc - ok 20:08:12.0216 1516 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 20:08:12.0372 1516 adp94xx - ok 20:08:12.0419 1516 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 20:08:12.0482 1516 adpahci - ok 20:08:12.0513 1516 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 20:08:12.0528 1516 adpu320 - ok 20:08:12.0560 1516 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:08:12.0716 1516 AeLookupSvc - ok 20:08:12.0794 1516 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 20:08:12.0825 1516 AERTFilters - ok 20:08:12.0965 1516 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 20:08:13.0043 1516 AFD - ok 20:08:13.0121 1516 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 20:08:13.0152 1516 agp440 - ok 20:08:13.0184 1516 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:08:13.0246 1516 ALG - ok 20:08:13.0277 1516 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 20:08:13.0293 1516 aliide - ok 20:08:13.0293 1516 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 20:08:13.0308 1516 amdide - ok 20:08:13.0324 1516 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 20:08:13.0355 1516 AmdK8 - ok 20:08:13.0371 1516 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 20:08:13.0418 1516 AmdPPM - ok 20:08:13.0464 1516 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 20:08:13.0527 1516 amdsata - ok 20:08:13.0558 1516 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 20:08:13.0605 1516 amdsbs - ok 20:08:13.0620 1516 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 20:08:13.0667 1516 amdxata - ok 20:08:13.0745 1516 ApfiltrService (6690e42ced5d067233abad42da141213) C:\Windows\system32\DRIVERS\Apfiltr.sys 20:08:13.0808 1516 ApfiltrService - ok 20:08:13.0839 1516 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 20:08:14.0088 1516 AppID - ok 20:08:14.0120 1516 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:08:14.0213 1516 AppIDSvc - ok 20:08:14.0244 1516 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 20:08:14.0291 1516 Appinfo - ok 20:08:14.0369 1516 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 20:08:14.0478 1516 AppMgmt - ok 20:08:14.0510 1516 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 20:08:14.0525 1516 arc - ok 20:08:14.0556 1516 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 20:08:14.0603 1516 arcsas - ok 20:08:14.0759 1516 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:08:14.0806 1516 aspnet_state - ok 20:08:14.0853 1516 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:08:14.0946 1516 AsyncMac - ok 20:08:15.0040 1516 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 20:08:15.0071 1516 atapi - ok 20:08:15.0149 1516 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:08:15.0258 1516 AudioEndpointBuilder - ok 20:08:15.0274 1516 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:08:15.0305 1516 AudioSrv - ok 20:08:15.0383 1516 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 20:08:15.0570 1516 AxInstSV - ok 20:08:15.0680 1516 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 20:08:15.0820 1516 b06bdrv - ok 20:08:15.0914 1516 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:08:16.0007 1516 b57nd60a - ok 20:08:16.0070 1516 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:08:16.0179 1516 BDESVC - ok 20:08:16.0226 1516 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:08:16.0335 1516 Beep - ok 20:08:16.0428 1516 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 20:08:16.0522 1516 BFE - ok 20:08:16.0616 1516 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 20:08:16.0725 1516 BITS - ok 20:08:16.0803 1516 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:08:16.0850 1516 blbdrive - ok 20:08:17.0021 1516 Bluetooth Device Monitor (c620c59d46f43beecc556f65e801312b) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 20:08:17.0068 1516 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning 20:08:17.0068 1516 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1) 20:08:17.0177 1516 Bluetooth Media Service (5e5edcceea4fa3fdf3a907ac204b5828) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 20:08:17.0240 1516 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning 20:08:17.0240 1516 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1) 20:08:17.0349 1516 Bluetooth OBEX Service (826e65c945738cbd64f89eae4406687f) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 20:08:17.0474 1516 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning 20:08:17.0474 1516 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1) 20:08:17.0598 1516 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 20:08:17.0708 1516 bowser - ok 20:08:17.0770 1516 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 20:08:17.0848 1516 BrFiltLo - ok 20:08:17.0848 1516 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 20:08:17.0864 1516 BrFiltUp - ok 20:08:17.0910 1516 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 20:08:18.0020 1516 Browser - ok 20:08:18.0160 1516 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:08:18.0254 1516 Brserid - ok 20:08:18.0269 1516 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:08:18.0316 1516 BrSerWdm - ok 20:08:18.0316 1516 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:08:18.0394 1516 BrUsbMdm - ok 20:08:18.0410 1516 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:08:18.0425 1516 BrUsbSer - ok 20:08:18.0488 1516 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 20:08:18.0628 1516 BthEnum - ok 20:08:18.0690 1516 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:08:18.0784 1516 BTHMODEM - ok 20:08:18.0878 1516 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 20:08:18.0924 1516 BthPan - ok 20:08:18.0971 1516 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 20:08:19.0143 1516 BTHPORT - ok 20:08:19.0236 1516 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:08:19.0314 1516 bthserv - ok 20:08:19.0361 1516 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 20:08:19.0439 1516 BTHUSB - ok 20:08:19.0486 1516 btmaux (962bd3689e2c85f0ba97f3d7e7ba540b) C:\Windows\system32\DRIVERS\btmaux.sys 20:08:19.0533 1516 btmaux - ok 20:08:19.0595 1516 btmhsf (ec1220b647f0d995da5cad4153454779) C:\Windows\system32\DRIVERS\btmhsf.sys 20:08:19.0736 1516 btmhsf - ok 20:08:19.0767 1516 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:08:19.0829 1516 cdfs - ok 20:08:19.0876 1516 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 20:08:19.0954 1516 cdrom - ok 20:08:20.0001 1516 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:08:20.0110 1516 CertPropSvc - ok 20:08:20.0141 1516 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 20:08:20.0157 1516 circlass - ok 20:08:20.0219 1516 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:08:20.0266 1516 CLFS - ok 20:08:20.0344 1516 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:08:20.0422 1516 clr_optimization_v2.0.50727_32 - ok 20:08:20.0453 1516 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:08:20.0500 1516 clr_optimization_v2.0.50727_64 - ok 20:08:20.0578 1516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:08:20.0625 1516 clr_optimization_v4.0.30319_32 - ok 20:08:20.0703 1516 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:08:20.0718 1516 clr_optimization_v4.0.30319_64 - ok 20:08:20.0781 1516 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:08:20.0859 1516 CmBatt - ok 20:08:20.0906 1516 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 20:08:20.0952 1516 cmdide - ok 20:08:21.0030 1516 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 20:08:21.0093 1516 CNG - ok 20:08:21.0140 1516 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:08:21.0186 1516 Compbatt - ok 20:08:21.0249 1516 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:08:21.0296 1516 CompositeBus - ok 20:08:21.0311 1516 COMSysApp - ok 20:08:21.0342 1516 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 20:08:21.0374 1516 crcdisk - ok 20:08:21.0420 1516 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 20:08:21.0483 1516 CryptSvc - ok 20:08:21.0545 1516 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 20:08:21.0670 1516 CSC - ok 20:08:21.0717 1516 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 20:08:21.0779 1516 CscService - ok 20:08:21.0842 1516 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys 20:08:21.0935 1516 CtClsFlt - ok 20:08:21.0998 1516 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:08:22.0091 1516 DcomLaunch - ok 20:08:22.0138 1516 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:08:22.0278 1516 defragsvc - ok 20:08:22.0310 1516 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 20:08:22.0403 1516 DfsC - ok 20:08:22.0497 1516 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 20:08:22.0590 1516 Dhcp - ok 20:08:22.0622 1516 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:08:22.0700 1516 discache - ok 20:08:22.0746 1516 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 20:08:22.0809 1516 Disk - ok 20:08:22.0840 1516 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys 20:08:22.0949 1516 dmvsc - ok 20:08:22.0980 1516 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 20:08:23.0090 1516 Dnscache - ok 20:08:23.0121 1516 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 20:08:23.0261 1516 dot3svc - ok 20:08:23.0386 1516 DpHost (c43618154fc0c8480f53b04ba7a2f371) C:\Program Files\DigitalPersona\Bin\DpHostW.exe 20:08:23.0417 1516 DpHost - ok 20:08:23.0448 1516 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 20:08:23.0511 1516 DPS - ok 20:08:23.0573 1516 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:08:23.0636 1516 drmkaud - ok 20:08:23.0682 1516 dsNcAdpt (3eef0b3489edbf725564e17c77cabafd) C:\Windows\system32\DRIVERS\dsNcAdpt.sys 20:08:23.0760 1516 dsNcAdpt - ok 20:08:23.0885 1516 dsNcService (1467fb71face93569fd681a922005aad) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe 20:08:23.0948 1516 dsNcService - ok 20:08:24.0026 1516 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 20:08:24.0088 1516 DXGKrnl - ok 20:08:24.0119 1516 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:08:24.0166 1516 EapHost - ok 20:08:24.0384 1516 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 20:08:24.0587 1516 ebdrv - ok 20:08:24.0728 1516 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 20:08:24.0821 1516 EFS - ok 20:08:24.0915 1516 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 20:08:25.0071 1516 ehRecvr - ok 20:08:25.0086 1516 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:08:25.0164 1516 ehSched - ok 20:08:25.0258 1516 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 20:08:25.0352 1516 elxstor - ok 20:08:25.0352 1516 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 20:08:25.0398 1516 ErrDev - ok 20:08:25.0508 1516 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:08:25.0632 1516 EventSystem - ok 20:08:25.0804 1516 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:08:25.0882 1516 EvtEng - ok 20:08:26.0054 1516 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:08:26.0147 1516 exfat - ok 20:08:26.0194 1516 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:08:26.0334 1516 fastfat - ok 20:08:26.0428 1516 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 20:08:26.0553 1516 Fax - ok 20:08:26.0584 1516 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 20:08:26.0646 1516 fdc - ok 20:08:26.0724 1516 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:08:26.0756 1516 fdPHost - ok 20:08:26.0787 1516 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:08:26.0865 1516 FDResPub - ok 20:08:26.0927 1516 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:08:26.0974 1516 FileInfo - ok 20:08:26.0990 1516 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:08:27.0021 1516 Filetrace - ok 20:08:27.0130 1516 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 20:08:27.0270 1516 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 20:08:27.0270 1516 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 20:08:27.0317 1516 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 20:08:27.0348 1516 flpydisk - ok 20:08:27.0380 1516 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 20:08:27.0442 1516 FltMgr - ok 20:08:27.0520 1516 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 20:08:27.0676 1516 FontCache - ok 20:08:27.0738 1516 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:08:27.0770 1516 FontCache3.0.0.0 - ok 20:08:27.0801 1516 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:08:27.0832 1516 FsDepends - ok 20:08:27.0863 1516 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 20:08:27.0894 1516 Fs_Rec - ok 20:08:27.0957 1516 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:08:27.0988 1516 fvevol - ok 20:08:28.0035 1516 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 20:08:28.0097 1516 gagp30kx - ok 20:08:28.0160 1516 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 20:08:28.0238 1516 gpsvc - ok 20:08:28.0253 1516 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:08:28.0331 1516 hcw85cir - ok 20:08:28.0394 1516 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:08:28.0456 1516 HDAudBus - ok 20:08:28.0456 1516 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 20:08:28.0503 1516 HidBatt - ok 20:08:28.0550 1516 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:08:28.0659 1516 HidBth - ok 20:08:28.0706 1516 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 20:08:28.0752 1516 HidIr - ok 20:08:28.0784 1516 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 20:08:28.0846 1516 hidserv - ok 20:08:28.0893 1516 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 20:08:28.0940 1516 HidUsb - ok 20:08:28.0955 1516 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 20:08:29.0064 1516 hkmsvc - ok 20:08:29.0111 1516 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 20:08:29.0158 1516 HomeGroupListener - ok 20:08:29.0189 1516 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 20:08:29.0236 1516 HomeGroupProvider - ok 20:08:29.0267 1516 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 20:08:29.0314 1516 HpSAMD - ok 20:08:29.0423 1516 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 20:08:29.0532 1516 HTTP - ok 20:08:29.0548 1516 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 20:08:29.0564 1516 hwpolicy - ok 20:08:29.0626 1516 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:08:29.0657 1516 i8042prt - ok 20:08:29.0751 1516 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys 20:08:29.0782 1516 iaStor - ok 20:08:29.0876 1516 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 20:08:29.0985 1516 iaStorV - ok 20:08:30.0032 1516 iBtFltCoex (e44f0b4dc753c14930b8dc48bb7a1644) C:\Windows\system32\DRIVERS\iBtFltCoex.sys 20:08:30.0094 1516 iBtFltCoex - ok 20:08:30.0234 1516 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 20:08:30.0297 1516 IDriverT ( UnsignedFile.Multi.Generic ) - warning 20:08:30.0297 1516 IDriverT - detected UnsignedFile.Multi.Generic (1) 20:08:30.0422 1516 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:08:30.0515 1516 idsvc - ok 20:08:31.0248 1516 igfx (a47d902f5c0c43dcf5ee2cae02bf39a8) C:\Windows\system32\DRIVERS\igdkmd64.sys 20:08:31.0685 1516 igfx - ok 20:08:31.0826 1516 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 20:08:31.0872 1516 iirsp - ok 20:08:31.0950 1516 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 20:08:32.0013 1516 IKEEXT - ok 20:08:32.0075 1516 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys 20:08:32.0169 1516 Impcd - ok 20:08:32.0247 1516 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys 20:08:32.0278 1516 intaud_WaveExtensible - ok 20:08:32.0450 1516 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys 20:08:32.0512 1516 IntcAzAudAddService - ok 20:08:32.0637 1516 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 20:08:32.0684 1516 intelide - ok 20:08:32.0730 1516 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:08:32.0762 1516 intelppm - ok 20:08:32.0808 1516 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:08:32.0918 1516 IPBusEnum - ok 20:08:32.0949 1516 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:08:32.0996 1516 IpFilterDriver - ok 20:08:33.0074 1516 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 20:08:33.0167 1516 iphlpsvc - ok 20:08:33.0183 1516 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 20:08:33.0261 1516 IPMIDRV - ok 20:08:33.0276 1516 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:08:33.0308 1516 IPNAT - ok 20:08:33.0339 1516 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:08:33.0354 1516 IRENUM - ok 20:08:33.0370 1516 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 20:08:33.0386 1516 isapnp - ok 20:08:33.0432 1516 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 20:08:33.0495 1516 iScsiPrt - ok 20:08:33.0573 1516 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys 20:08:33.0604 1516 iwdbus - ok 20:08:33.0620 1516 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:08:33.0635 1516 kbdclass - ok 20:08:33.0666 1516 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 20:08:33.0713 1516 kbdhid - ok 20:08:33.0744 1516 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:08:33.0776 1516 KeyIso - ok 20:08:33.0822 1516 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 20:08:33.0869 1516 KSecDD - ok 20:08:33.0885 1516 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 20:08:33.0947 1516 KSecPkg - ok 20:08:33.0963 1516 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:08:34.0010 1516 ksthunk - ok 20:08:34.0072 1516 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:08:34.0212 1516 KtmRm - ok 20:08:34.0275 1516 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 20:08:34.0368 1516 LanmanServer - ok 20:08:34.0431 1516 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 20:08:34.0524 1516 LanmanWorkstation - ok 20:08:34.0587 1516 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:08:34.0665 1516 lltdio - ok 20:08:34.0712 1516 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:08:34.0774 1516 lltdsvc - ok 20:08:34.0821 1516 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:08:34.0899 1516 lmhosts - ok 20:08:34.0992 1516 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 20:08:35.0024 1516 LMS - ok 20:08:35.0070 1516 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 20:08:35.0117 1516 LSI_FC - ok 20:08:35.0148 1516 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 20:08:35.0180 1516 LSI_SAS - ok 20:08:35.0195 1516 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 20:08:35.0211 1516 LSI_SAS2 - ok 20:08:35.0226 1516 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 20:08:35.0242 1516 LSI_SCSI - ok 20:08:35.0258 1516 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:08:35.0304 1516 luafv - ok 20:08:35.0351 1516 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 20:08:35.0414 1516 Mcx2Svc - ok 20:08:35.0414 1516 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 20:08:35.0429 1516 megasas - ok 20:08:35.0460 1516 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 20:08:35.0523 1516 MegaSR - ok 20:08:35.0601 1516 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 20:08:35.0632 1516 MEIx64 - ok 20:08:35.0679 1516 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:08:35.0741 1516 MMCSS - ok 20:08:35.0788 1516 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:08:35.0850 1516 Modem - ok 20:08:35.0897 1516 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:08:35.0944 1516 monitor - ok 20:08:35.0975 1516 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:08:36.0006 1516 mouclass - ok 20:08:36.0053 1516 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:08:36.0131 1516 mouhid - ok 20:08:36.0162 1516 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 20:08:36.0194 1516 mountmgr - ok 20:08:36.0256 1516 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:08:36.0318 1516 MozillaMaintenance - ok 20:08:36.0350 1516 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 20:08:36.0412 1516 mpio - ok 20:08:36.0443 1516 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:08:36.0490 1516 mpsdrv - ok 20:08:36.0568 1516 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 20:08:36.0708 1516 MpsSvc - ok 20:08:36.0740 1516 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 20:08:36.0818 1516 MRxDAV - ok 20:08:36.0864 1516 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:08:36.0989 1516 mrxsmb - ok 20:08:37.0020 1516 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:08:37.0098 1516 mrxsmb10 - ok 20:08:37.0114 1516 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:08:37.0208 1516 mrxsmb20 - ok 20:08:37.0223 1516 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 20:08:37.0239 1516 msahci - ok 20:08:37.0286 1516 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 20:08:37.0317 1516 msdsm - ok 20:08:37.0364 1516 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:08:37.0442 1516 MSDTC - ok 20:08:37.0488 1516 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:08:37.0566 1516 Msfs - ok 20:08:37.0629 1516 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:08:37.0722 1516 mshidkmdf - ok 20:08:37.0754 1516 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 20:08:37.0800 1516 msisadrv - ok 20:08:37.0832 1516 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:08:37.0894 1516 MSiSCSI - ok 20:08:37.0894 1516 msiserver - ok 20:08:37.0941 1516 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:08:38.0034 1516 MSKSSRV - ok 20:08:38.0034 1516 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:08:38.0066 1516 MSPCLOCK - ok 20:08:38.0097 1516 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:08:38.0159 1516 MSPQM - ok 20:08:38.0190 1516 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 20:08:38.0284 1516 MsRPC - ok 20:08:38.0300 1516 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:08:38.0315 1516 mssmbios - ok 20:08:38.0331 1516 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:08:38.0424 1516 MSTEE - ok 20:08:38.0424 1516 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 20:08:38.0440 1516 MTConfig - ok 20:08:38.0471 1516 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:08:38.0487 1516 Mup - ok 20:08:38.0627 1516 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 20:08:38.0752 1516 MyWiFiDHCPDNS - ok 20:08:38.0799 1516 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 20:08:38.0892 1516 napagent - ok 20:08:38.0970 1516 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:08:39.0095 1516 NativeWifiP - ok 20:08:39.0204 1516 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 20:08:39.0251 1516 NDIS - ok 20:08:39.0267 1516 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:08:39.0298 1516 NdisCap - ok 20:08:39.0314 1516 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:08:39.0360 1516 NdisTapi - ok 20:08:39.0376 1516 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 20:08:39.0438 1516 Ndisuio - ok 20:08:39.0470 1516 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 20:08:39.0532 1516 NdisWan - ok 20:08:39.0563 1516 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 20:08:39.0610 1516 NDProxy - ok 20:08:39.0626 1516 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:08:39.0704 1516 NetBIOS - ok 20:08:39.0735 1516 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 20:08:39.0766 1516 NetBT - ok 20:08:39.0797 1516 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:08:39.0828 1516 Netlogon - ok 20:08:39.0922 1516 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:08:40.0016 1516 Netman - ok 20:08:40.0125 1516 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:08:40.0187 1516 NetMsmqActivator - ok 20:08:40.0187 1516 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:08:40.0218 1516 NetPipeActivator - ok 20:08:40.0250 1516 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:08:40.0343 1516 netprofm - ok 20:08:40.0359 1516 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:08:40.0359 1516 NetTcpActivator - ok 20:08:40.0359 1516 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:08:40.0374 1516 NetTcpPortSharing - ok 20:08:40.0437 1516 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys 20:08:40.0499 1516 netvsc - ok 20:08:41.0014 1516 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys 20:08:41.0466 1516 NETwNs64 - ok 20:08:41.0607 1516 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 20:08:41.0654 1516 nfrd960 - ok 20:08:41.0716 1516 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 20:08:41.0810 1516 NlaSvc - ok 20:08:41.0841 1516 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:08:41.0872 1516 Npfs - ok 20:08:41.0888 1516 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:08:41.0966 1516 nsi - ok 20:08:41.0981 1516 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:08:42.0012 1516 nsiproxy - ok 20:08:42.0137 1516 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 20:08:42.0231 1516 Ntfs - ok 20:08:42.0449 1516 ntrtscan (f632dd8aa5c388d1d0528a876a71320d) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe 20:08:42.0527 1516 ntrtscan - ok 20:08:42.0636 1516 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:08:42.0683 1516 Null - ok 20:08:42.0761 1516 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 20:08:42.0964 1516 nusb3hub - ok 20:08:43.0042 1516 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 20:08:43.0136 1516 nusb3xhc - ok 20:08:43.0697 1516 nvlddmkm (573b0941a37aebee96085d56a103f57b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:08:43.0900 1516 nvlddmkm - ok 20:08:43.0978 1516 nvpciflt (43af7ebeac2ab623468e32caddcb61a4) C:\Windows\system32\DRIVERS\nvpciflt.sys 20:08:44.0009 1516 nvpciflt - ok 20:08:44.0072 1516 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 20:08:44.0118 1516 nvraid - ok 20:08:44.0165 1516 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 20:08:44.0212 1516 nvstor - ok 20:08:44.0321 1516 NVSvc (c500760572c6059918fb0c960967695b) C:\Windows\system32\nvvsvc.exe 20:08:44.0352 1516 NVSvc - ok 20:08:44.0524 1516 nvUpdatusService (f28169a7adf7b41809cf92d369e744f0) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 20:08:44.0618 1516 nvUpdatusService - ok 20:08:44.0774 1516 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 20:08:44.0836 1516 nv_agp - ok 20:08:44.0836 1516 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 20:08:44.0867 1516 ohci1394 - ok 20:08:44.0945 1516 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:08:45.0023 1516 ose - ok 20:08:45.0320 1516 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 20:08:45.0538 1516 osppsvc - ok 20:08:45.0694 1516 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:08:45.0788 1516 p2pimsvc - ok 20:08:45.0834 1516 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:08:45.0928 1516 p2psvc - ok 20:08:45.0975 1516 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 20:08:46.0053 1516 Parport - ok 20:08:46.0084 1516 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 20:08:46.0115 1516 partmgr - ok 20:08:46.0146 1516 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:08:46.0178 1516 PcaSvc - ok 20:08:46.0224 1516 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 20:08:46.0271 1516 pci - ok 20:08:46.0271 1516 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 20:08:46.0287 1516 pciide - ok 20:08:46.0334 1516 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 20:08:46.0396 1516 pcmcia - ok 20:08:46.0427 1516 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:08:46.0443 1516 pcw - ok 20:08:46.0474 1516 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:08:46.0661 1516 PEAUTH - ok 20:08:46.0770 1516 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 20:08:46.0880 1516 PeerDistSvc - ok 20:08:46.0989 1516 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:08:47.0051 1516 PerfHost - ok 20:08:47.0223 1516 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 20:08:47.0410 1516 pla - ok 20:08:47.0488 1516 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 20:08:47.0613 1516 PlugPlay - ok 20:08:47.0628 1516 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:08:47.0675 1516 PNRPAutoReg - ok 20:08:47.0722 1516 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:08:47.0753 1516 PNRPsvc - ok 20:08:47.0800 1516 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 20:08:47.0925 1516 PolicyAgent - ok 20:08:47.0956 1516 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:08:48.0018 1516 Power - ok 20:08:48.0081 1516 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 20:08:48.0174 1516 PptpMiniport - ok 20:08:48.0190 1516 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 20:08:48.0252 1516 Processor - ok 20:08:48.0284 1516 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 20:08:48.0377 1516 ProfSvc - ok 20:08:48.0408 1516 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:08:48.0440 1516 ProtectedStorage - ok 20:08:48.0502 1516 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 20:08:48.0564 1516 Psched - ok 20:08:48.0674 1516 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 20:08:48.0705 1516 PxHlpa64 - ok 20:08:48.0845 1516 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 20:08:49.0064 1516 ql2300 - ok 20:08:49.0173 1516 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 20:08:49.0220 1516 ql40xx - ok 20:08:49.0251 1516 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:08:49.0344 1516 QWAVE - ok 20:08:49.0344 1516 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:08:49.0407 1516 QWAVEdrv - ok 20:08:49.0422 1516 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:08:49.0454 1516 RasAcd - ok 20:08:49.0485 1516 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:08:49.0516 1516 RasAgileVpn - ok 20:08:49.0563 1516 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:08:49.0610 1516 RasAuto - ok 20:08:49.0641 1516 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:08:49.0734 1516 Rasl2tp - ok 20:08:49.0797 1516 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 20:08:50.0000 1516 RasMan - ok 20:08:50.0031 1516 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:08:50.0109 1516 RasPppoe - ok 20:08:50.0124 1516 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:08:50.0202 1516 RasSstp - ok 20:08:50.0249 1516 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 20:08:50.0343 1516 rdbss - ok 20:08:50.0358 1516 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:08:50.0405 1516 rdpbus - ok 20:08:50.0436 1516 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:08:50.0514 1516 RDPCDD - ok 20:08:50.0561 1516 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 20:08:50.0639 1516 RDPDR - ok 20:08:50.0686 1516 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:08:50.0748 1516 RDPENCDD - ok 20:08:50.0811 1516 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:08:50.0858 1516 RDPREFMP - ok 20:08:50.0936 1516 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 20:08:51.0029 1516 RDPWD - ok 20:08:51.0092 1516 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 20:08:51.0138 1516 rdyboost - ok 20:08:51.0310 1516 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:08:51.0372 1516 RegSrvc - ok 20:08:51.0404 1516 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:08:51.0528 1516 RemoteAccess - ok 20:08:51.0560 1516 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:08:51.0716 1516 RemoteRegistry - ok 20:08:51.0809 1516 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 20:08:51.0918 1516 RFCOMM - ok 20:08:52.0121 1516 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 20:08:52.0262 1516 RoxMediaDB12OEM - ok 20:08:52.0340 1516 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 20:08:52.0355 1516 RoxWatch12 - ok 20:08:52.0480 1516 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:08:52.0574 1516 RpcEptMapper - ok 20:08:52.0605 1516 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:08:52.0620 1516 RpcLocator - ok 20:08:52.0667 1516 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:08:52.0714 1516 RpcSs - ok 20:08:52.0761 1516 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:08:52.0870 1516 rspndr - ok 20:08:52.0932 1516 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\system32\Drivers\RtsUStor.sys 20:08:52.0964 1516 RSUSBSTOR - ok 20:08:53.0042 1516 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys 20:08:53.0135 1516 RTL8167 - ok 20:08:53.0166 1516 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 20:08:53.0198 1516 s3cap - ok 20:08:53.0244 1516 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:08:53.0260 1516 SamSs - ok 20:08:53.0291 1516 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 20:08:53.0322 1516 sbp2port - ok 20:08:53.0369 1516 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:08:53.0510 1516 SCardSvr - ok 20:08:53.0525 1516 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 20:08:53.0603 1516 scfilter - ok 20:08:53.0681 1516 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 20:08:53.0790 1516 Schedule - ok 20:08:53.0822 1516 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:08:53.0884 1516 SCPolicySvc - ok 20:08:53.0915 1516 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 20:08:53.0931 1516 SDRSVC - ok 20:08:54.0024 1516 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:08:54.0102 1516 secdrv - ok 20:08:54.0134 1516 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 20:08:54.0258 1516 seclogon - ok 20:08:54.0290 1516 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 20:08:54.0383 1516 SENS - ok 20:08:54.0414 1516 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:08:54.0477 1516 SensrSvc - ok 20:08:54.0539 1516 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 20:08:54.0602 1516 Serenum - ok 20:08:54.0617 1516 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 20:08:54.0680 1516 Serial - ok 20:08:54.0711 1516 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 20:08:54.0742 1516 sermouse - ok 20:08:54.0773 1516 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 20:08:54.0882 1516 SessionEnv - ok 20:08:54.0882 1516 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 20:08:54.0898 1516 sffdisk - ok 20:08:54.0898 1516 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 20:08:54.0914 1516 sffp_mmc - ok 20:08:54.0929 1516 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 20:08:54.0945 1516 sffp_sd - ok 20:08:54.0960 1516 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 20:08:54.0976 1516 sfloppy - ok 20:08:55.0054 1516 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:08:55.0179 1516 SharedAccess - ok 20:08:55.0210 1516 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 20:08:55.0272 1516 ShellHWDetection - ok 20:08:55.0304 1516 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 20:08:55.0319 1516 SiSRaid2 - ok 20:08:55.0335 1516 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 20:08:55.0366 1516 SiSRaid4 - ok 20:08:55.0397 1516 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:08:55.0491 1516 Smb - ok 20:08:55.0538 1516 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:08:55.0584 1516 SNMPTRAP - ok 20:08:55.0616 1516 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:08:55.0631 1516 spldr - ok 20:08:55.0694 1516 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 20:08:55.0772 1516 Spooler - ok 20:08:55.0943 1516 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 20:08:56.0084 1516 sppsvc - ok 20:08:56.0240 1516 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:08:56.0380 1516 sppuinotify - ok 20:08:56.0458 1516 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 20:08:56.0598 1516 srv - ok 20:08:56.0661 1516 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 20:08:56.0739 1516 srv2 - ok 20:08:56.0786 1516 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 20:08:56.0832 1516 srvnet - ok 20:08:56.0895 1516 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:08:56.0973 1516 SSDPSRV - ok 20:08:56.0988 1516 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:08:57.0082 1516 SstpSvc - ok 20:08:57.0144 1516 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys 20:08:57.0160 1516 stdcfltn - ok 20:08:57.0238 1516 Steam Client Service - ok 20:08:57.0332 1516 Stereo Service (0683504bbb3ffc0a73d9d217b63dd0e0) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 20:08:57.0363 1516 Stereo Service - ok 20:08:57.0394 1516 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 20:08:57.0410 1516 stexstor - ok 20:08:57.0488 1516 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 20:08:57.0534 1516 stisvc - ok 20:08:57.0566 1516 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 20:08:57.0581 1516 stllssvr - ok 20:08:57.0612 1516 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 20:08:57.0690 1516 StorSvc - ok 20:08:57.0737 1516 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 20:08:57.0768 1516 storvsc - ok 20:08:57.0893 1516 svcGenericHost (15323ae5d254aa1d389522166e6f4244) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe 20:08:57.0940 1516 svcGenericHost - ok 20:08:57.0956 1516 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:08:57.0987 1516 swenum - ok 20:08:58.0127 1516 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 20:08:58.0221 1516 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 20:08:58.0221 1516 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 20:08:58.0283 1516 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:08:58.0424 1516 swprv - ok 20:08:58.0486 1516 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys 20:08:58.0517 1516 SynthVid - ok 20:08:58.0626 1516 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 20:08:58.0689 1516 SysMain - ok 20:08:58.0798 1516 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 20:08:58.0860 1516 TabletInputService - ok 20:08:58.0876 1516 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 20:08:59.0032 1516 TapiSrv - ok 20:08:59.0094 1516 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:08:59.0141 1516 TBS - ok 20:08:59.0282 1516 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 20:08:59.0469 1516 Tcpip - ok 20:08:59.0640 1516 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 20:08:59.0672 1516 TCPIP6 - ok 20:08:59.0750 1516 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 20:08:59.0843 1516 tcpipreg - ok 20:08:59.0874 1516 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:08:59.0906 1516 TDPIPE - ok 20:08:59.0937 1516 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 20:08:59.0984 1516 TDTCP - ok 20:09:00.0015 1516 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 20:09:00.0093 1516 tdx - ok 20:09:00.0155 1516 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 20:09:00.0202 1516 TermDD - ok 20:09:00.0264 1516 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 20:09:00.0420 1516 TermService - ok 20:09:00.0436 1516 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:09:00.0514 1516 Themes - ok 20:09:00.0545 1516 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:09:00.0608 1516 THREADORDER - ok 20:09:00.0701 1516 TMBMServer (963c903e5176c5cdcae321d48635b21f) c:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe 20:09:00.0748 1516 TMBMServer - ok 20:09:00.0904 1516 TmFilter (8b97ba7e28bd39a2bc4a2bb66a83fec0) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys 20:09:00.0998 1516 TmFilter - ok 20:09:01.0216 1516 tmlisten (e5f23152b394fdebc53b07e2b2e64c62) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe 20:09:01.0294 1516 tmlisten - ok 20:09:01.0388 1516 TmPreFilter (1889f49a828b1cf0e2866cdd325875b0) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys 20:09:01.0419 1516 TmPreFilter - ok 20:09:01.0497 1516 TmProxy (6b322de56d58daf1daba4740dea86925) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe 20:09:01.0637 1516 TmProxy - ok 20:09:01.0793 1516 tmtdi (a42e6780c52b248af54c6010a9a93384) C:\Windows\system32\DRIVERS\tmtdi.sys 20:09:01.0824 1516 tmtdi - ok 20:09:01.0840 1516 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:09:01.0934 1516 TrkWks - ok 20:09:01.0980 1516 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 20:09:02.0090 1516 TrustedInstaller - ok 20:09:02.0121 1516 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:09:02.0214 1516 tssecsrv - ok 20:09:02.0246 1516 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 20:09:02.0292 1516 TsUsbFlt - ok 20:09:02.0308 1516 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 20:09:02.0324 1516 TsUsbGD - ok 20:09:02.0386 1516 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 20:09:02.0480 1516 tunnel - ok 20:09:02.0526 1516 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys 20:09:02.0573 1516 TurboB - ok 20:09:02.0636 1516 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 20:09:02.0714 1516 TurboBoost - ok 20:09:02.0745 1516 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 20:09:02.0776 1516 uagp35 - ok 20:09:02.0807 1516 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 20:09:02.0932 1516 udfs - ok 20:09:02.0979 1516 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:09:02.0994 1516 UI0Detect - ok 20:09:03.0026 1516 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 20:09:03.0072 1516 uliagpkx - ok 20:09:03.0088 1516 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 20:09:03.0150 1516 umbus - ok 20:09:03.0182 1516 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 20:09:03.0228 1516 UmPass - ok 20:09:03.0275 1516 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 20:09:03.0416 1516 UmRdpService - ok 20:09:03.0634 1516 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 20:09:03.0681 1516 UNS - ok 20:09:03.0790 1516 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:09:03.0915 1516 upnphost - ok 20:09:03.0962 1516 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 20:09:04.0055 1516 usbccgp - ok 20:09:04.0086 1516 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 20:09:04.0133 1516 usbcir - ok 20:09:04.0164 1516 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 20:09:04.0227 1516 usbehci - ok 20:09:04.0289 1516 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys 20:09:04.0414 1516 usbhub - ok 20:09:04.0445 1516 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 20:09:04.0508 1516 usbohci - ok 20:09:04.0539 1516 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 20:09:04.0586 1516 usbprint - ok 20:09:04.0617 1516 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:09:04.0726 1516 USBSTOR - ok 20:09:04.0742 1516 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 20:09:04.0788 1516 usbuhci - ok 20:09:04.0835 1516 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 20:09:04.0882 1516 usbvideo - ok 20:09:04.0913 1516 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:09:05.0007 1516 UxSms - ok 20:09:05.0054 1516 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:09:05.0069 1516 VaultSvc - ok 20:09:05.0272 1516 vcsFPService (20bf96c13db4ba085d98f4700f3b05fe) C:\Windows\system32\vcsFPService.exe 20:09:05.0381 1516 vcsFPService - ok 20:09:05.0522 1516 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 20:09:05.0553 1516 vdrvroot - ok 20:09:05.0615 1516 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 20:09:05.0756 1516 vds - ok 20:09:05.0771 1516 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:09:05.0787 1516 vga - ok 20:09:05.0818 1516 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:09:05.0880 1516 VgaSave - ok 20:09:05.0943 1516 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 20:09:05.0990 1516 vhdmp - ok 20:09:05.0990 1516 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 20:09:06.0005 1516 viaide - ok 20:09:06.0036 1516 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 20:09:06.0099 1516 VMBusHID - ok 20:09:06.0130 1516 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 20:09:06.0146 1516 volmgr - ok 20:09:06.0192 1516 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 20:09:06.0224 1516 volmgrx - ok 20:09:06.0255 1516 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 20:09:06.0348 1516 volsnap - ok 20:09:06.0364 1516 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\Windows\system32\DRIVERS\vpchbus.sys 20:09:06.0442 1516 vpcbus - ok 20:09:06.0473 1516 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\Windows\system32\DRIVERS\vpcnfltr.sys 20:09:06.0520 1516 vpcnfltr - ok 20:09:06.0551 1516 vpcusb (31924e31bc315773e6d149b157db46d5) C:\Windows\system32\DRIVERS\vpcusb.sys 20:09:06.0629 1516 vpcusb - ok 20:09:06.0676 1516 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\Windows\system32\drivers\vpcvmm.sys 20:09:06.0723 1516 vpcvmm - ok 20:09:06.0972 1516 VSApiNt (3a5862d9a4fe4bbb2ffa1700e2b21b9b) c:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys 20:09:07.0144 1516 VSApiNt - ok 20:09:07.0347 1516 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 20:09:07.0425 1516 vsmraid - ok 20:09:07.0534 1516 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 20:09:07.0643 1516 VSS - ok 20:09:07.0737 1516 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:09:07.0799 1516 vwifibus - ok 20:09:07.0830 1516 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:09:07.0893 1516 vwififlt - ok 20:09:07.0940 1516 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 20:09:07.0986 1516 vwifimp - ok 20:09:08.0080 1516 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:09:08.0189 1516 W32Time - ok 20:09:08.0205 1516 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 20:09:08.0252 1516 WacomPen - ok 20:09:08.0283 1516 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:09:08.0376 1516 WANARP - ok 20:09:08.0376 1516 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:09:08.0408 1516 Wanarpv6 - ok 20:09:08.0548 1516 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 20:09:08.0673 1516 WatAdminSvc - ok 20:09:08.0766 1516 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 20:09:08.0860 1516 wbengine - ok 20:09:08.0985 1516 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:09:09.0016 1516 WbioSrvc - ok 20:09:09.0063 1516 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 20:09:09.0110 1516 wcncsvc - ok 20:09:09.0125 1516 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:09:09.0156 1516 WcsPlugInService - ok 20:09:09.0188 1516 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 20:09:09.0219 1516 Wd - ok 20:09:09.0312 1516 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:09:09.0390 1516 Wdf01000 - ok 20:09:09.0406 1516 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:09:09.0515 1516 WdiServiceHost - ok 20:09:09.0531 1516 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:09:09.0546 1516 WdiSystemHost - ok 20:09:09.0578 1516 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 20:09:09.0671 1516 WebClient - ok 20:09:09.0702 1516 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:09:09.0796 1516 Wecsvc - ok 20:09:09.0827 1516 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:09:09.0890 1516 wercplsupport - ok 20:09:09.0936 1516 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:09:10.0030 1516 WerSvc - ok 20:09:10.0092 1516 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:09:10.0155 1516 WfpLwf - ok 20:09:10.0170 1516 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:09:10.0186 1516 WIMMount - ok 20:09:10.0217 1516 WinDefend - ok 20:09:10.0217 1516 WinHttpAutoProxySvc - ok 20:09:10.0280 1516 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:09:10.0326 1516 Winmgmt - ok 20:09:10.0451 1516 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 20:09:10.0654 1516 WinRM - ok 20:09:10.0763 1516 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 20:09:10.0794 1516 WinUSB - ok 20:09:10.0857 1516 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:09:10.0966 1516 Wlansvc - ok 20:09:11.0060 1516 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 20:09:11.0091 1516 wlcrasvc - ok 20:09:11.0309 1516 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:09:11.0418 1516 wlidsvc - ok 20:09:11.0559 1516 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:09:11.0606 1516 WmiAcpi - ok 20:09:11.0699 1516 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:09:11.0730 1516 wmiApSrv - ok 20:09:11.0793 1516 WMPNetworkSvc - ok 20:09:11.0824 1516 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:09:11.0855 1516 WPCSvc - ok 20:09:11.0902 1516 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 20:09:11.0964 1516 WPDBusEnum - ok 20:09:11.0980 1516 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:09:12.0011 1516 ws2ifsl - ok 20:09:12.0042 1516 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 20:09:12.0105 1516 wscsvc - ok 20:09:12.0105 1516 WSearch - ok 20:09:12.0292 1516 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 20:09:12.0370 1516 wuauserv - ok 20:09:12.0479 1516 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 20:09:12.0588 1516 WudfPf - ok 20:09:12.0635 1516 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:09:12.0744 1516 WUDFRd - ok 20:09:12.0791 1516 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 20:09:12.0822 1516 wudfsvc - ok 20:09:12.0854 1516 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:09:12.0900 1516 WwanSvc - ok 20:09:12.0963 1516 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 20:09:13.0041 1516 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 20:09:13.0041 1516 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 20:09:13.0134 1516 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 20:09:13.0134 1516 \Device\Harddisk0\DR0 - detected TDSS File System (1) 20:09:13.0150 1516 Boot (0x1200) (be00559886a3178b06f882bcedec14a3) \Device\Harddisk0\DR0\Partition0 20:09:13.0150 1516 \Device\Harddisk0\DR0\Partition0 - ok 20:09:13.0181 1516 Boot (0x1200) (e4a3d06f99e279d0e8b6d7a4fdcbc53d) \Device\Harddisk0\DR0\Partition1 20:09:13.0181 1516 \Device\Harddisk0\DR0\Partition1 - ok 20:09:13.0181 1516 ============================================================ 20:09:13.0181 1516 Scan finished 20:09:13.0181 1516 ============================================================ 20:09:13.0197 5488 Detected object count: 8 20:09:13.0197 5488 Actual detected object count: 8 20:10:12.0368 5488 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user 20:10:12.0368 5488 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:10:12.0383 5488 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:10:12.0383 5488 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:10:12.0383 5488 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:10:12.0383 5488 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:10:12.0383 5488 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:10:12.0383 5488 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:10:12.0383 5488 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 20:10:12.0383 5488 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:10:12.0383 5488 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 20:10:12.0383 5488 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:10:13.0273 5488 \Device\Harddisk0\DR0\# - copied to quarantine 20:10:13.0273 5488 \Device\Harddisk0\DR0 - copied to quarantine 20:10:13.0397 5488 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 20:10:13.0881 5488 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 20:10:13.0897 5488 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 20:10:14.0287 5488 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 20:10:14.0879 5488 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 20:10:14.0942 5488 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 20:10:15.0410 5488 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 20:10:15.0410 5488 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 20:10:15.0410 5488 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 20:10:15.0425 5488 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 20:10:15.0441 5488 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 20:10:15.0971 5488 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 20:10:15.0971 5488 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 20:10:15.0971 5488 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 20:10:16.0018 5488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 20:10:16.0018 5488 \Device\Harddisk0\DR0 - ok 20:10:17.0968 5488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 20:10:17.0968 5488 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 20:10:17.0968 5488 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 20:10:21.0946 5276 Deinitialize success
  5. Thanks Mr C! Here's the RogueKiller report: -------------------------------------------------------------------------- RogueKiller V7.6.5 [08/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Nick [Admin rights] Mode: Scan -- Date: 08/09/2012 19:02:52 ¤¤¤ Bad processes: 1 ¤¤¤ [sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 5 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : 7 Taskbar Tweaker ("C:\Users\Nick\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd) -> FOUND [sUSP PATH] HKUS\S-1-5-21-3950330392-3544514729-2435179646-1002[...]\Run : 7 Taskbar Tweaker ("C:\Users\Nick\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST320LT007-9ZV142 +++++ --- User --- [MBR] c5bbad98daec81ef35ea1cbe1f8906e6 [bSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 208896 | Size: 21900 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 45060096 | Size: 283242 Mo User != LL1 ... KO! --- LL1 --- [MBR] b9409bfc8d070b4155756c5e6b8ec80f [bSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code Partition table: 1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 208896 | Size: 21900 Mo 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 45060096 | Size: 283242 Mo User != LL2 ... KO! --- LL2 --- [MBR] b9409bfc8d070b4155756c5e6b8ec80f [bSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code Partition table: 1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 208896 | Size: 21900 Mo 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 45060096 | Size: 283242 Mo Finished : << RKreport[1].txt >> RKreport[1].txt
  6. I keep getting a popup warning from Trend Micro Client/Server Security Agent that says "Unauthorized URL Detected". (The URLs are zolyaworldtraf.com and colexity777.com.) I ran MalWareBytes in Safe Mode with a full scan, and it claimed to remove 6 instances of Trojan.Agent.BRVGen. But on reboot I still seem to be reinfected. I'd be really grateful if someone could walk me through nailing these. Results of initial DDS.scr scan follow. I also have the Attach.txt if needed? Many thanks in advance! ---------------------------------------------------------- . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32 Run by Nick at 16:30:05 on 2012-08-09 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4010.2001 [GMT -4:00] . AV: Trend Micro Client/Server Security Agent Antivirus *Enabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92} SP: Trend Micro Client/Server Security Agent Anti-spyware *Enabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Trend Micro Personal Firewall *Disabled* {50C2E989-60CF-0845-AFD3-290B7D301E79} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\vcsFPService.exe C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Program Files\DigitalPersona\Bin\DpHostW.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k NetworkService C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\DigitalPersona\Bin\DPAgent.exe c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe c:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted c:\Program Files (x86)\Trend Micro\Client Server Security Agent\PccNTMon.exe -netsvcs C:\Windows\system32\conhost.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\rundll32.exe c:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\dell\DBRM\Reminder\DbrmTrayicon.exe C:\Users\Nick\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\conhost.exe c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\System32\svchost.exe -k swprv C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.ca/advanced_search uDefault_Page_URL = hxxp://www.dell.com mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1051\TmIEPlg32.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [7 Taskbar Tweaker] "C:\Users\Nick\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd uRun: [MediaGet2] C:\Users\Nick\AppData\Local\MediaGet2\mediaget.exe --minimized uRun: [AdobeBridge] mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [OfficeScanNT Monitor] "c:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [OE] "c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe" mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://remote-us.mcgraw-hill.com/dana-cached/sc/JuniperSetupClient.cab TCP: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187 TCP: Interfaces\{8EB7CE39-ADE5-4293-87F3-1A420B87DFB4} : DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187 TCP: Interfaces\{8EB7CE39-ADE5-4293-87F3-1A420B87DFB4}\245616368647275656020527F607562747965637 : DhcpNameServer = 68.87.71.226 68.87.73.242 TCP: Interfaces\{965ADB34-16C5-4520-8136-9CD1B9AABCC7} : DhcpNameServer = 13.35.0.1 13.35.0.2 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1051\TmIEPlg32.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll LSA: Notification Packages = DPPassFilter scecli BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1051\TmIEPlg32.dll BHO-X64: Trend Micro NSC BHO - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [OfficeScanNT Monitor] "c:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [(Default)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [OE] "c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe" mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\p6swhzft.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/advanced_search FF - prefs.js: network.proxy.http - corp-apps-proxy FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-7-4 98208] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-4 2009704] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472] R2 svcGenericHost;Trend Micro Client/Server Security Agent;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [2012-2-7 50704] R2 TmFilter;Trend Micro Filter;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [2010-5-11 342288] R2 TmPreFilter;Trend Micro PreFilter;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmpreflt.sys [2010-5-11 42768] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-4 2656280] R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-10-7 2692400] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?] R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe [2009-7-15 918064] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-5 257696] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-10 129976] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-09 19:24:33 20480 ------w- C:\Windows\svchost.exe 2012-08-09 15:51:41 -------- d-----w- C:\Windows\pss 2012-08-09 15:19:14 -------- d-----w- C:\Users\Nick\AppData\Roaming\Malwarebytes 2012-08-09 15:19:03 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-09 15:19:01 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-09 15:19:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-01 19:12:44 -------- d-----w- C:\Program Files (x86)\EA GAMES 2012-07-12 07:06:34 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 10:06:34 2004480 ----a-w- C:\Windows\System32\msxml6.dll . ==================== Find3M ==================== . 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-05 18:31:18 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-05 18:31:18 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-05 18:31:09 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-06-04 15:23:19 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-06-04 15:23:19 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 16:30:47.43 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.