Jump to content

andrew_2040g

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. andrew_2040g
    It appears that there are no longer any issues with my comp. Here is the checkup.txt log: Results of screen317's Security Check version 0.99.54 Windows Vista Service Pack 2 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.1.1000 Adobe Flash Player 11.4.402.287 Adobe Reader X (10.1.4) Mozilla Firefox (16.0.2) ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  2. andrew_2040g
    here is the scan log: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=151a99553969f34d84b38750140ab410 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-11-05 12:13:47 # local_time=2012-11-04 04:13:47 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=1792 16777215 100 0 6229086 6229086 0 0 # compatibility_mode=5892 16776574 100 45 150267595 188669282 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=121936 # found=0 # cleaned=0 # scan_time=3851
  3. andrew_2040g
    here is the log from systemlook. Looks like the file in question has been removed! SystemLook 30.07.11 by jpshortstuff Log created at 14:41 on 04/11/2012 by Andrew Administrator - Elevation successful WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results. ========== filefind ========== Searching for "cabinet5.dll" No files found. -= EOF =-
  4. andrew_2040g
    things appear to be working correctly again! thanks for your help! here is the last combofix log: ComboFix 12-11-04.01 - Andrew 11/04/2012 13:36:00.2.8 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6470 [GMT -8:00] Running from: c:\users\Andrew\Desktop\ComboFix.exe Command switches used :: c:\users\Andrew\Desktop\CFScript.txt AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Andrew\AppData\Roaming\cabinet5.dll" . . ((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 ))))))))))))))))))))))))))))))) . . 2012-11-04 21:39 . 2012-11-04 21:41 -------- d-----w- c:\users\Andrew\AppData\Local\temp 2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\users\Andrew\AppData\Roaming\Malwarebytes 2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\programdata\Malwarebytes 2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-11-04 01:37 . 2012-09-30 02:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-10 13:38 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-10 13:38 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-10-10 13:38 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll 2012-10-10 13:38 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-10-10 13:38 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll 2012-10-10 13:38 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll 2012-10-10 13:38 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll 2012-10-10 13:38 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-10-10 13:38 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-10-10 13:38 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-10-10 13:38 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-10 14:04 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe 2012-10-09 01:21 . 2012-08-16 01:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 01:21 . 2012-08-16 01:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-24 11:15 . 2012-09-22 19:49 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-08-24 10:39 . 2012-09-22 19:49 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-08-24 10:31 . 2012-09-22 19:49 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 10:22 . 2012-09-22 19:49 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-08-24 10:21 . 2012-09-22 19:49 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 10:20 . 2012-09-22 19:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 10:18 . 2012-09-22 19:49 237056 ----a-w- c:\windows\system32\url.dll 2012-08-24 10:17 . 2012-09-22 19:49 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-08-24 10:14 . 2012-09-22 19:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 10:14 . 2012-09-22 19:49 816640 ----a-w- c:\windows\system32\jscript.dll 2012-08-24 10:13 . 2012-09-22 19:49 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 10:12 . 2012-09-22 19:49 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-08-24 10:11 . 2012-09-22 19:49 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-08-24 10:10 . 2012-09-22 19:49 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-08-24 10:09 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-24 10:04 . 2012-09-22 19:49 248320 ----a-w- c:\windows\system32\ieui.dll 2012-08-24 06:59 . 2012-09-22 19:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-08-24 06:51 . 2012-09-22 19:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-08-24 06:51 . 2012-09-22 19:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-08-24 06:47 . 2012-09-22 19:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-08-24 06:47 . 2012-09-22 19:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-08-24 06:43 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-08-19 17:07 . 2012-08-19 17:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-08-19 17:07 . 2012-08-19 17:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-08-19 17:07 . 2012-08-19 17:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-08-19 17:07 . 2012-08-19 17:07 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-08-19 17:07 . 2012-08-19 17:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-08-19 17:07 . 2012-08-19 17:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-08-19 17:07 . 2012-08-19 17:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-08-19 17:07 . 2012-08-19 17:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-08-19 17:07 . 2012-08-19 17:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-08-19 17:07 . 2012-08-19 17:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-08-19 17:07 . 2012-08-19 17:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-08-19 17:07 . 2012-08-19 17:07 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-08-19 17:07 . 2012-08-19 17:07 222208 ----a-w- c:\windows\system32\msls31.dll 2012-08-19 17:07 . 2012-08-19 17:07 197120 ----a-w- c:\windows\system32\msrating.dll 2012-08-19 17:07 . 2012-08-19 17:07 12288 ----a-w- c:\windows\system32\mshta.exe 2012-08-19 17:07 . 2012-08-19 17:07 114176 ----a-w- c:\windows\system32\admparse.dll 2012-08-19 17:07 . 2012-08-19 17:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-08-19 17:07 . 2012-08-19 17:07 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-08-19 17:07 . 2012-08-19 17:07 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-08-19 17:07 . 2012-08-19 17:07 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-08-19 17:07 . 2012-08-19 17:07 448512 ----a-w- c:\windows\system32\html.iec 2012-08-19 17:07 . 2012-08-19 17:07 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-08-19 17:07 . 2012-08-19 17:07 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-08-19 17:07 . 2012-08-19 17:07 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-08-19 17:07 . 2012-08-19 17:07 136192 ----a-w- c:\windows\system32\advpack.dll 2012-08-19 17:07 . 2012-08-19 17:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-08-19 17:07 . 2012-08-19 17:07 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-08-19 17:07 . 2012-08-19 17:07 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-08-19 17:07 . 2012-08-19 17:07 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-08-19 17:07 . 2012-08-19 17:07 82432 ----a-w- c:\windows\system32\icardie.dll 2012-08-19 17:07 . 2012-08-19 17:07 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-08-19 17:07 . 2012-08-19 17:07 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-08-19 17:07 . 2012-08-19 17:07 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-08-19 17:07 . 2012-08-19 17:07 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-08-19 17:07 . 2012-08-19 17:07 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-19 17:07 . 2012-08-19 17:07 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-08-19 17:07 . 2012-08-19 17:07 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\wextract.exe 2012-08-19 17:07 . 2012-08-19 17:07 103936 ----a-w- c:\windows\system32\inseng.dll 2012-08-19 17:07 . 2012-08-19 17:07 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-08-19 17:07 . 2012-08-19 17:07 149504 ----a-w- c:\windows\system32\occache.dll 2012-08-19 17:06 . 2012-08-19 17:06 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll 2012-08-19 17:06 . 2012-08-19 17:06 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll 2012-08-19 17:06 . 2012-08-19 17:06 377344 ----a-w- c:\windows\system32\mfmp4src.dll 2012-08-19 17:06 . 2012-08-19 17:06 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll 2012-08-19 17:06 . 2012-08-19 17:06 3548672 ----a-w- c:\windows\system32\mf.dll 2012-08-19 17:06 . 2012-08-19 17:06 345088 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-08-19 17:06 . 2012-08-19 17:06 34304 ----a-w- c:\windows\system32\mfpmp.exe 2012-08-19 17:06 . 2012-08-19 17:06 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll 2012-08-19 17:06 . 2012-08-19 17:06 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll 2012-08-19 17:06 . 2012-08-19 17:06 195072 ----a-w- c:\windows\system32\mfps.dll 2012-08-19 17:06 . 2012-08-19 17:06 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll 2012-08-19 17:06 . 2012-08-19 17:06 98816 ----a-w- c:\windows\SysWow64\mfps.dll 2012-08-19 17:06 . 2012-08-19 17:06 748544 ----a-w- c:\windows\system32\stobject.dll 2012-08-19 17:06 . 2012-08-19 17:06 586240 ----a-w- c:\windows\SysWow64\stobject.dll 2012-08-19 17:06 . 2012-08-19 17:06 2873344 ----a-w- c:\windows\SysWow64\mf.dll 2012-08-19 17:06 . 2012-08-19 17:06 278528 ----a-w- c:\windows\system32\mfplat.dll 2012-08-19 17:06 . 2012-08-19 17:06 209920 ----a-w- c:\windows\SysWow64\mfplat.dll 2012-08-19 17:06 . 2012-08-19 17:06 1204224 ----a-w- c:\windows\system32\shdocvw.dll 2012-08-19 17:06 . 2012-08-19 17:06 566272 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-19 17:06 . 2012-08-19 17:06 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-08-19 17:06 . 2012-08-19 17:06 231936 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-08-19 17:06 . 2012-08-19 17:06 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-19 17:06 . 2012-08-19 17:06 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll 2012-08-19 17:06 . 2012-08-19 17:06 625152 ----a-w- c:\windows\system32\dxgi.dll 2012-08-19 17:06 . 2012-08-19 17:06 478720 ----a-w- c:\windows\SysWow64\dxgi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-19 348664] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-15 981544] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSr64.exe [2008-07-15 88576] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 01:21] . 2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29] . 2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RAVCpl64.exe" [2008-09-03 6475808] "Skytel"="Skytel.exe" [bU] "Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 56320] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3725312] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gzn7pkwz.default\ FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/|about:home FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Avira\AntiVir Desktop\sched.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe . ************************************************************************** . Completion time: 2012-11-04 13:44:38 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-04 21:44 ComboFix2.txt 2012-11-04 16:34 . Pre-Run: 1,066,235,719,680 bytes free Post-Run: 1,066,822,111,232 bytes free . - - End Of File - - 797500D2D3EC0958DD46E699705C4ECD
  5. andrew_2040g
    I ran combofx, then tdsskiller. TDSSkiller didnt find any suspicious item. the logs are below. Thanks again! ComboFix 12-11-04.01 - Andrew 11/04/2012 8:27.1.8 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6674 [GMT -8:00] Running from: c:\users\Andrew\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Andrew\AppData\Roaming\cabinet5.dll . . ((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 ))))))))))))))))))))))))))))))) . . 2012-11-04 16:32 . 2012-11-04 16:32 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-04 16:32 . 2012-11-04 16:32 -------- d-----w- c:\users\Andrew\AppData\Local\temp 2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\users\Andrew\AppData\Roaming\Malwarebytes 2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\programdata\Malwarebytes 2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-11-04 01:37 . 2012-09-30 02:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-10 13:38 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-10 13:38 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-10-10 13:38 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll 2012-10-10 13:38 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-10-10 13:38 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll 2012-10-10 13:38 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll 2012-10-10 13:38 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll 2012-10-10 13:38 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-10-10 13:38 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-10-10 13:38 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-10-10 13:38 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-10 14:04 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe 2012-10-09 01:21 . 2012-08-16 01:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 01:21 . 2012-08-16 01:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-24 11:15 . 2012-09-22 19:49 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-08-24 10:39 . 2012-09-22 19:49 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-08-24 10:31 . 2012-09-22 19:49 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 10:22 . 2012-09-22 19:49 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-08-24 10:21 . 2012-09-22 19:49 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 10:20 . 2012-09-22 19:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 10:18 . 2012-09-22 19:49 237056 ----a-w- c:\windows\system32\url.dll 2012-08-24 10:17 . 2012-09-22 19:49 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-08-24 10:14 . 2012-09-22 19:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 10:14 . 2012-09-22 19:49 816640 ----a-w- c:\windows\system32\jscript.dll 2012-08-24 10:13 . 2012-09-22 19:49 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 10:12 . 2012-09-22 19:49 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-08-24 10:11 . 2012-09-22 19:49 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-08-24 10:10 . 2012-09-22 19:49 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-08-24 10:09 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-24 10:04 . 2012-09-22 19:49 248320 ----a-w- c:\windows\system32\ieui.dll 2012-08-24 06:59 . 2012-09-22 19:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-08-24 06:51 . 2012-09-22 19:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-08-24 06:51 . 2012-09-22 19:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-08-24 06:47 . 2012-09-22 19:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-08-24 06:47 . 2012-09-22 19:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-08-24 06:43 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-08-19 17:07 . 2012-08-19 17:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-08-19 17:07 . 2012-08-19 17:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-08-19 17:07 . 2012-08-19 17:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-08-19 17:07 . 2012-08-19 17:07 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-08-19 17:07 . 2012-08-19 17:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-08-19 17:07 . 2012-08-19 17:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-08-19 17:07 . 2012-08-19 17:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-08-19 17:07 . 2012-08-19 17:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-08-19 17:07 . 2012-08-19 17:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-08-19 17:07 . 2012-08-19 17:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-08-19 17:07 . 2012-08-19 17:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-08-19 17:07 . 2012-08-19 17:07 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-08-19 17:07 . 2012-08-19 17:07 222208 ----a-w- c:\windows\system32\msls31.dll 2012-08-19 17:07 . 2012-08-19 17:07 197120 ----a-w- c:\windows\system32\msrating.dll 2012-08-19 17:07 . 2012-08-19 17:07 12288 ----a-w- c:\windows\system32\mshta.exe 2012-08-19 17:07 . 2012-08-19 17:07 114176 ----a-w- c:\windows\system32\admparse.dll 2012-08-19 17:07 . 2012-08-19 17:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-08-19 17:07 . 2012-08-19 17:07 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-08-19 17:07 . 2012-08-19 17:07 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-08-19 17:07 . 2012-08-19 17:07 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-08-19 17:07 . 2012-08-19 17:07 448512 ----a-w- c:\windows\system32\html.iec 2012-08-19 17:07 . 2012-08-19 17:07 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-08-19 17:07 . 2012-08-19 17:07 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-08-19 17:07 . 2012-08-19 17:07 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-08-19 17:07 . 2012-08-19 17:07 136192 ----a-w- c:\windows\system32\advpack.dll 2012-08-19 17:07 . 2012-08-19 17:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-08-19 17:07 . 2012-08-19 17:07 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-08-19 17:07 . 2012-08-19 17:07 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-08-19 17:07 . 2012-08-19 17:07 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-08-19 17:07 . 2012-08-19 17:07 82432 ----a-w- c:\windows\system32\icardie.dll 2012-08-19 17:07 . 2012-08-19 17:07 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-08-19 17:07 . 2012-08-19 17:07 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-08-19 17:07 . 2012-08-19 17:07 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-08-19 17:07 . 2012-08-19 17:07 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-08-19 17:07 . 2012-08-19 17:07 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-19 17:07 . 2012-08-19 17:07 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-08-19 17:07 . 2012-08-19 17:07 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\wextract.exe 2012-08-19 17:07 . 2012-08-19 17:07 103936 ----a-w- c:\windows\system32\inseng.dll 2012-08-19 17:07 . 2012-08-19 17:07 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-08-19 17:07 . 2012-08-19 17:07 149504 ----a-w- c:\windows\system32\occache.dll 2012-08-19 17:06 . 2012-08-19 17:06 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll 2012-08-19 17:06 . 2012-08-19 17:06 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll 2012-08-19 17:06 . 2012-08-19 17:06 377344 ----a-w- c:\windows\system32\mfmp4src.dll 2012-08-19 17:06 . 2012-08-19 17:06 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll 2012-08-19 17:06 . 2012-08-19 17:06 3548672 ----a-w- c:\windows\system32\mf.dll 2012-08-19 17:06 . 2012-08-19 17:06 345088 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-08-19 17:06 . 2012-08-19 17:06 34304 ----a-w- c:\windows\system32\mfpmp.exe 2012-08-19 17:06 . 2012-08-19 17:06 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll 2012-08-19 17:06 . 2012-08-19 17:06 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll 2012-08-19 17:06 . 2012-08-19 17:06 195072 ----a-w- c:\windows\system32\mfps.dll 2012-08-19 17:06 . 2012-08-19 17:06 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll 2012-08-19 17:06 . 2012-08-19 17:06 98816 ----a-w- c:\windows\SysWow64\mfps.dll 2012-08-19 17:06 . 2012-08-19 17:06 748544 ----a-w- c:\windows\system32\stobject.dll 2012-08-19 17:06 . 2012-08-19 17:06 586240 ----a-w- c:\windows\SysWow64\stobject.dll 2012-08-19 17:06 . 2012-08-19 17:06 2873344 ----a-w- c:\windows\SysWow64\mf.dll 2012-08-19 17:06 . 2012-08-19 17:06 278528 ----a-w- c:\windows\system32\mfplat.dll 2012-08-19 17:06 . 2012-08-19 17:06 209920 ----a-w- c:\windows\SysWow64\mfplat.dll 2012-08-19 17:06 . 2012-08-19 17:06 1204224 ----a-w- c:\windows\system32\shdocvw.dll 2012-08-19 17:06 . 2012-08-19 17:06 566272 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-19 17:06 . 2012-08-19 17:06 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-08-19 17:06 . 2012-08-19 17:06 231936 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-08-19 17:06 . 2012-08-19 17:06 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-19 17:06 . 2012-08-19 17:06 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll 2012-08-19 17:06 . 2012-08-19 17:06 625152 ----a-w- c:\windows\system32\dxgi.dll 2012-08-19 17:06 . 2012-08-19 17:06 478720 ----a-w- c:\windows\SysWow64\dxgi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-19 348664] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-15 981544] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSr64.exe [2008-07-15 88576] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 01:21] . 2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29] . 2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RAVCpl64.exe" [2008-09-03 6475808] "Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 56320] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3725312] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gzn7pkwz.default\ FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/|about:home FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-vakmvpuhzg - c:\users\Andrew\AppData\Roaming\cabinet5.dll HKLM-Run-Skytel - Skytel.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . Completion time: 2012-11-04 08:34:38 ComboFix-quarantined-files.txt 2012-11-04 16:34 . Pre-Run: 1,072,957,931,520 bytes free Post-Run: 1,073,419,325,440 bytes free . - - End Of File - - E14896FB3C605063B5553AE90910B5BF 08:36:03.0317 4064 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 08:36:03.0332 4064 ============================================================ 08:36:03.0332 4064 Current date / time: 2012/11/04 08:36:03.0332 08:36:03.0332 4064 SystemInfo: 08:36:03.0332 4064 08:36:03.0332 4064 OS Version: 6.0.6002 ServicePack: 2.0 08:36:03.0332 4064 Product type: Workstation 08:36:03.0332 4064 ComputerName: WINSTON 08:36:03.0332 4064 UserName: Andrew 08:36:03.0332 4064 Windows directory: C:\Windows 08:36:03.0332 4064 System windows directory: C:\Windows 08:36:03.0332 4064 Running under WOW64 08:36:03.0332 4064 Processor architecture: Intel x64 08:36:03.0332 4064 Number of processors: 8 08:36:03.0332 4064 Page size: 0x1000 08:36:03.0332 4064 Boot type: Normal boot 08:36:03.0332 4064 ============================================================ 08:36:03.0847 4064 Drive \Device\Harddisk0\DR0 - Size: 0x12A15C00000 (1192.34 Gb), SectorSize: 0x200, Cylinders: 0x26002, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 08:36:03.0910 4064 Drive \Device\Harddisk5\DR6 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 08:36:03.0910 4064 ============================================================ 08:36:03.0910 4064 \Device\Harddisk0\DR0: 08:36:03.0910 4064 MBR partitions: 08:36:03.0910 4064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x9328A000 08:36:03.0910 4064 \Device\Harddisk5\DR6: 08:36:03.0910 4064 MBR partitions: 08:36:03.0910 4064 \Device\Harddisk5\DR6\Partition1: MBR, Type 0xC, StartLBA 0x8D8, BlocksNum 0xEEF728 08:36:03.0910 4064 ============================================================ 08:36:03.0941 4064 C: <-> \Device\Harddisk0\DR0\Partition1 08:36:03.0941 4064 ============================================================ 08:36:03.0941 4064 Initialize success 08:36:03.0941 4064 ============================================================ 08:36:22.0162 3708 ============================================================ 08:36:22.0162 3708 Scan started 08:36:22.0162 3708 Mode: Manual; 08:36:22.0162 3708 ============================================================ 08:36:22.0380 3708 ================ Scan system memory ======================== 08:36:22.0380 3708 System memory - ok 08:36:22.0380 3708 ================ Scan services ============================= 08:36:22.0598 3708 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys 08:36:22.0598 3708 ACPI - ok 08:36:22.0692 3708 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 08:36:22.0692 3708 AdobeARMservice - ok 08:36:22.0770 3708 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 08:36:22.0770 3708 AdobeFlashPlayerUpdateSvc - ok 08:36:22.0801 3708 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 08:36:22.0801 3708 adp94xx - ok 08:36:22.0832 3708 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys 08:36:22.0832 3708 adpahci - ok 08:36:22.0848 3708 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 08:36:22.0848 3708 adpu160m - ok 08:36:22.0879 3708 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 08:36:22.0879 3708 adpu320 - ok 08:36:22.0942 3708 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 08:36:22.0942 3708 AeLookupSvc - ok 08:36:22.0957 3708 [ 233EE06F203F6FD78CCBB8E0D139A271 ] AERTFilters C:\Windows\system32\AERTSr64.exe 08:36:22.0973 3708 AERTFilters - ok 08:36:23.0020 3708 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys 08:36:23.0020 3708 AFD - ok 08:36:23.0035 3708 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys 08:36:23.0035 3708 agp440 - ok 08:36:23.0066 3708 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 08:36:23.0066 3708 aic78xx - ok 08:36:23.0082 3708 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe 08:36:23.0082 3708 ALG - ok 08:36:23.0098 3708 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys 08:36:23.0098 3708 aliide - ok 08:36:23.0144 3708 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 08:36:23.0144 3708 AMD External Events Utility - ok 08:36:23.0160 3708 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys 08:36:23.0176 3708 amdide - ok 08:36:23.0176 3708 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 08:36:23.0176 3708 AmdK8 - ok 08:36:23.0363 3708 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 08:36:23.0425 3708 amdkmdag - ok 08:36:23.0472 3708 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 08:36:23.0472 3708 amdkmdap - ok 08:36:23.0503 3708 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 08:36:23.0519 3708 AntiVirSchedulerService - ok 08:36:23.0534 3708 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 08:36:23.0534 3708 AntiVirService - ok 08:36:23.0550 3708 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll 08:36:23.0550 3708 Appinfo - ok 08:36:23.0597 3708 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 08:36:23.0597 3708 Apple Mobile Device - ok 08:36:23.0644 3708 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys 08:36:23.0644 3708 arc - ok 08:36:23.0644 3708 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys 08:36:23.0644 3708 arcsas - ok 08:36:23.0675 3708 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 08:36:23.0675 3708 AsyncMac - ok 08:36:23.0722 3708 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys 08:36:23.0722 3708 atapi - ok 08:36:23.0862 3708 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 08:36:23.0924 3708 atikmdag - ok 08:36:23.0987 3708 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 08:36:23.0987 3708 AudioEndpointBuilder - ok 08:36:24.0002 3708 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll 08:36:24.0002 3708 AudioSrv - ok 08:36:24.0002 3708 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 08:36:24.0002 3708 avgntflt - ok 08:36:24.0034 3708 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 08:36:24.0034 3708 avipbb - ok 08:36:24.0034 3708 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 08:36:24.0034 3708 avkmgr - ok 08:36:24.0049 3708 BCM42RLY - ok 08:36:24.0080 3708 [ F48D3478ACB1B4CCC9FB6FD3CB6835E6 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl664.sys 08:36:24.0096 3708 BCM43XV - ok 08:36:24.0127 3708 [ F48D3478ACB1B4CCC9FB6FD3CB6835E6 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 08:36:24.0143 3708 BCM43XX - ok 08:36:24.0143 3708 Beep - ok 08:36:24.0221 3708 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll 08:36:24.0221 3708 BFE - ok 08:36:24.0283 3708 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll 08:36:24.0283 3708 BITS - ok 08:36:24.0330 3708 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 08:36:24.0330 3708 blbdrive - ok 08:36:24.0377 3708 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 08:36:24.0392 3708 Bonjour Service - ok 08:36:24.0408 3708 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 08:36:24.0408 3708 bowser - ok 08:36:24.0408 3708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 08:36:24.0408 3708 BrFiltLo - ok 08:36:24.0424 3708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 08:36:24.0424 3708 BrFiltUp - ok 08:36:24.0455 3708 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll 08:36:24.0455 3708 Browser - ok 08:36:24.0486 3708 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys 08:36:24.0486 3708 Brserid - ok 08:36:24.0502 3708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 08:36:24.0502 3708 BrSerWdm - ok 08:36:24.0517 3708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 08:36:24.0517 3708 BrUsbMdm - ok 08:36:24.0517 3708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 08:36:24.0517 3708 BrUsbSer - ok 08:36:24.0564 3708 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 08:36:24.0564 3708 BthEnum - ok 08:36:24.0564 3708 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 08:36:24.0564 3708 BTHMODEM - ok 08:36:24.0595 3708 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 08:36:24.0595 3708 BthPan - ok 08:36:24.0658 3708 [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 08:36:24.0658 3708 BTHPORT - ok 08:36:24.0689 3708 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll 08:36:24.0689 3708 BthServ - ok 08:36:24.0720 3708 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 08:36:24.0720 3708 BTHUSB - ok 08:36:24.0751 3708 [ A44AD9AB3BF98A65EB58662E3C78EAE0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 08:36:24.0751 3708 btwaudio - ok 08:36:24.0782 3708 [ A441D453821A6336F516F97F79BBFA17 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 08:36:24.0782 3708 btwavdt - ok 08:36:24.0814 3708 [ 09548DB96993C846895EB1222F6FE620 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 08:36:24.0829 3708 btwdins - ok 08:36:24.0845 3708 [ B550C75397D96251A92391555FE5534C ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 08:36:24.0845 3708 btwrchid - ok 08:36:24.0845 3708 catchme - ok 08:36:24.0845 3708 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 08:36:24.0845 3708 cdfs - ok 08:36:24.0892 3708 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 08:36:24.0892 3708 cdrom - ok 08:36:24.0938 3708 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll 08:36:24.0938 3708 CertPropSvc - ok 08:36:24.0970 3708 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys 08:36:24.0970 3708 circlass - ok 08:36:25.0001 3708 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys 08:36:25.0001 3708 CLFS - ok 08:36:25.0094 3708 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 08:36:25.0094 3708 clr_optimization_v2.0.50727_32 - ok 08:36:25.0141 3708 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 08:36:25.0141 3708 clr_optimization_v2.0.50727_64 - ok 08:36:25.0219 3708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 08:36:25.0219 3708 clr_optimization_v4.0.30319_32 - ok 08:36:25.0250 3708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 08:36:25.0250 3708 clr_optimization_v4.0.30319_64 - ok 08:36:25.0266 3708 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys 08:36:25.0266 3708 cmdide - ok 08:36:25.0266 3708 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 08:36:25.0266 3708 Compbatt - ok 08:36:25.0266 3708 COMSysApp - ok 08:36:25.0282 3708 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 08:36:25.0282 3708 crcdisk - ok 08:36:25.0313 3708 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll 08:36:25.0313 3708 CryptSvc - ok 08:36:25.0360 3708 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll 08:36:25.0375 3708 DcomLaunch - ok 08:36:25.0391 3708 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 08:36:25.0391 3708 DfsC - ok 08:36:25.0469 3708 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe 08:36:25.0484 3708 DFSR - ok 08:36:25.0547 3708 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll 08:36:25.0547 3708 Dhcp - ok 08:36:25.0594 3708 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys 08:36:25.0594 3708 disk - ok 08:36:25.0625 3708 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 08:36:25.0625 3708 Dnscache - ok 08:36:25.0672 3708 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll 08:36:25.0672 3708 dot3svc - ok 08:36:25.0672 3708 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll 08:36:25.0672 3708 DPS - ok 08:36:25.0703 3708 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 08:36:25.0703 3708 drmkaud - ok 08:36:25.0765 3708 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 08:36:25.0765 3708 DXGKrnl - ok 08:36:25.0812 3708 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 08:36:25.0812 3708 E1G60 - ok 08:36:25.0859 3708 [ B37F6853D6E0C6F5F8EFDE33E831B5F8 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys 08:36:25.0859 3708 e1yexpress - ok 08:36:25.0859 3708 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll 08:36:25.0859 3708 EapHost - ok 08:36:25.0921 3708 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys 08:36:25.0921 3708 Ecache - ok 08:36:25.0952 3708 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe 08:36:25.0952 3708 ehRecvr - ok 08:36:25.0968 3708 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe 08:36:25.0968 3708 ehSched - ok 08:36:25.0984 3708 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll 08:36:25.0984 3708 ehstart - ok 08:36:26.0015 3708 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys 08:36:26.0015 3708 elxstor - ok 08:36:26.0077 3708 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll 08:36:26.0077 3708 EMDMgmt - ok 08:36:26.0093 3708 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys 08:36:26.0093 3708 ErrDev - ok 08:36:26.0140 3708 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll 08:36:26.0155 3708 EventSystem - ok 08:36:26.0186 3708 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys 08:36:26.0186 3708 exfat - ok 08:36:26.0233 3708 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys 08:36:26.0233 3708 fastfat - ok 08:36:26.0264 3708 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 08:36:26.0264 3708 fdc - ok 08:36:26.0280 3708 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll 08:36:26.0280 3708 fdPHost - ok 08:36:26.0296 3708 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll 08:36:26.0296 3708 FDResPub - ok 08:36:26.0296 3708 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 08:36:26.0296 3708 FileInfo - ok 08:36:26.0296 3708 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys 08:36:26.0311 3708 Filetrace - ok 08:36:26.0327 3708 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 08:36:26.0327 3708 flpydisk - ok 08:36:26.0358 3708 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 08:36:26.0358 3708 FltMgr - ok 08:36:26.0452 3708 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll 08:36:26.0452 3708 FontCache - ok 08:36:26.0514 3708 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 08:36:26.0514 3708 FontCache3.0.0.0 - ok 08:36:26.0530 3708 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 08:36:26.0530 3708 Fs_Rec - ok 08:36:26.0545 3708 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 08:36:26.0545 3708 gagp30kx - ok 08:36:26.0561 3708 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 08:36:26.0561 3708 GEARAspiWDM - ok 08:36:26.0623 3708 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll 08:36:26.0623 3708 gpsvc - ok 08:36:26.0670 3708 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 08:36:26.0670 3708 gupdate - ok 08:36:26.0670 3708 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 08:36:26.0670 3708 gupdatem - ok 08:36:26.0732 3708 [ 98405343D7DCD330FE1B08C8F4C3900C ] hcw85bda C:\Windows\system32\drivers\HCW85BDA.sys 08:36:26.0748 3708 hcw85bda - ok 08:36:26.0795 3708 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 08:36:26.0795 3708 HdAudAddService - ok 08:36:26.0842 3708 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 08:36:26.0842 3708 HDAudBus - ok 08:36:26.0857 3708 [ 39F7D79B3401BE029D8451F761D30331 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 08:36:26.0857 3708 HidBth - ok 08:36:26.0873 3708 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys 08:36:26.0873 3708 HidIr - ok 08:36:26.0904 3708 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll 08:36:26.0904 3708 hidserv - ok 08:36:26.0951 3708 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 08:36:26.0951 3708 HidUsb - ok 08:36:26.0966 3708 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll 08:36:26.0966 3708 hkmsvc - ok 08:36:26.0982 3708 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 08:36:26.0982 3708 HpCISSs - ok 08:36:26.0998 3708 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys 08:36:26.0998 3708 HTTP - ok 08:36:27.0013 3708 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys 08:36:27.0013 3708 i2omp - ok 08:36:27.0029 3708 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 08:36:27.0029 3708 i8042prt - ok 08:36:27.0060 3708 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 08:36:27.0060 3708 iaStorV - ok 08:36:27.0107 3708 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 08:36:27.0107 3708 idsvc - ok 08:36:27.0122 3708 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys 08:36:27.0122 3708 iirsp - ok 08:36:27.0185 3708 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll 08:36:27.0185 3708 IKEEXT - ok 08:36:27.0232 3708 [ 358A23ACF3A78893EEACD4BEB20953D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 08:36:27.0232 3708 IntcAzAudAddService - ok 08:36:27.0263 3708 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys 08:36:27.0263 3708 intelide - ok 08:36:27.0278 3708 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 08:36:27.0278 3708 intelppm - ok 08:36:27.0294 3708 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 08:36:27.0294 3708 IPBusEnum - ok 08:36:27.0341 3708 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 08:36:27.0341 3708 IpFilterDriver - ok 08:36:27.0372 3708 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 08:36:27.0372 3708 iphlpsvc - ok 08:36:27.0372 3708 IpInIp - ok 08:36:27.0388 3708 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 08:36:27.0388 3708 IPMIDRV - ok 08:36:27.0388 3708 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 08:36:27.0403 3708 IPNAT - ok 08:36:27.0419 3708 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 08:36:27.0434 3708 iPod Service - ok 08:36:27.0450 3708 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys 08:36:27.0450 3708 IRENUM - ok 08:36:27.0481 3708 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys 08:36:27.0481 3708 isapnp - ok 08:36:27.0528 3708 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 08:36:27.0528 3708 iScsiPrt - ok 08:36:27.0528 3708 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 08:36:27.0528 3708 iteatapi - ok 08:36:27.0544 3708 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys 08:36:27.0544 3708 iteraid - ok 08:36:27.0559 3708 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 08:36:27.0559 3708 kbdclass - ok 08:36:27.0606 3708 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 08:36:27.0606 3708 kbdhid - ok 08:36:27.0606 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe 08:36:27.0606 3708 KeyIso - ok 08:36:27.0653 3708 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 08:36:27.0668 3708 KSecDD - ok 08:36:27.0668 3708 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 08:36:27.0668 3708 ksthunk - ok 08:36:27.0715 3708 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll 08:36:27.0715 3708 KtmRm - ok 08:36:27.0746 3708 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll 08:36:27.0746 3708 LanmanServer - ok 08:36:27.0762 3708 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 08:36:27.0762 3708 LanmanWorkstation - ok 08:36:27.0778 3708 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 08:36:27.0778 3708 lltdio - ok 08:36:27.0809 3708 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll 08:36:27.0809 3708 lltdsvc - ok 08:36:27.0840 3708 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll 08:36:27.0840 3708 lmhosts - ok 08:36:27.0871 3708 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 08:36:27.0871 3708 LSI_FC - ok 08:36:27.0887 3708 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 08:36:27.0902 3708 LSI_SAS - ok 08:36:27.0902 3708 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 08:36:27.0902 3708 LSI_SCSI - ok 08:36:27.0902 3708 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys 08:36:27.0902 3708 luafv - ok 08:36:27.0934 3708 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 08:36:27.0934 3708 Mcx2Svc - ok 08:36:27.0934 3708 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys 08:36:27.0934 3708 megasas - ok 08:36:27.0965 3708 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys 08:36:27.0965 3708 MegaSR - ok 08:36:27.0996 3708 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll 08:36:27.0996 3708 MMCSS - ok 08:36:27.0996 3708 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys 08:36:27.0996 3708 Modem - ok 08:36:28.0027 3708 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 08:36:28.0027 3708 monitor - ok 08:36:28.0043 3708 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 08:36:28.0043 3708 mouclass - ok 08:36:28.0058 3708 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 08:36:28.0058 3708 mouhid - ok 08:36:28.0058 3708 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 08:36:28.0058 3708 MountMgr - ok 08:36:28.0105 3708 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 08:36:28.0105 3708 MozillaMaintenance - ok 08:36:28.0121 3708 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys 08:36:28.0121 3708 mpio - ok 08:36:28.0136 3708 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 08:36:28.0136 3708 mpsdrv - ok 08:36:28.0183 3708 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll 08:36:28.0183 3708 MpsSvc - ok 08:36:28.0199 3708 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 08:36:28.0199 3708 Mraid35x - ok 08:36:28.0246 3708 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 08:36:28.0246 3708 MRxDAV - ok 08:36:28.0277 3708 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 08:36:28.0277 3708 mrxsmb - ok 08:36:28.0277 3708 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 08:36:28.0292 3708 mrxsmb10 - ok 08:36:28.0292 3708 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 08:36:28.0292 3708 mrxsmb20 - ok 08:36:28.0324 3708 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys 08:36:28.0324 3708 msahci - ok 08:36:28.0339 3708 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys 08:36:28.0339 3708 msdsm - ok 08:36:28.0370 3708 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe 08:36:28.0370 3708 MSDTC - ok 08:36:28.0386 3708 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys 08:36:28.0386 3708 Msfs - ok 08:36:28.0402 3708 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 08:36:28.0402 3708 msisadrv - ok 08:36:28.0433 3708 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 08:36:28.0433 3708 MSiSCSI - ok 08:36:28.0433 3708 msiserver - ok 08:36:28.0464 3708 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 08:36:28.0464 3708 MSKSSRV - ok 08:36:28.0511 3708 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 08:36:28.0511 3708 MSPCLOCK - ok 08:36:28.0526 3708 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 08:36:28.0526 3708 MSPQM - ok 08:36:28.0620 3708 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 08:36:28.0620 3708 MsRPC - ok 08:36:28.0651 3708 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 08:36:28.0651 3708 mssmbios - ok 08:36:28.0667 3708 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 08:36:28.0667 3708 MSTEE - ok 08:36:28.0729 3708 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys 08:36:28.0729 3708 Mup - ok 08:36:28.0776 3708 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll 08:36:28.0776 3708 napagent - ok 08:36:28.0838 3708 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 08:36:28.0838 3708 NativeWifiP - ok 08:36:28.0901 3708 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys 08:36:28.0901 3708 NDIS - ok 08:36:28.0901 3708 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 08:36:28.0901 3708 NdisTapi - ok 08:36:28.0916 3708 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 08:36:28.0916 3708 Ndisuio - ok 08:36:28.0932 3708 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 08:36:28.0932 3708 NdisWan - ok 08:36:28.0948 3708 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 08:36:28.0948 3708 NDProxy - ok 08:36:28.0963 3708 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 08:36:28.0963 3708 NetBIOS - ok 08:36:28.0979 3708 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 08:36:28.0979 3708 netbt - ok 08:36:28.0994 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe 08:36:28.0994 3708 Netlogon - ok 08:36:29.0010 3708 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll 08:36:29.0026 3708 Netman - ok 08:36:29.0041 3708 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll 08:36:29.0041 3708 netprofm - ok 08:36:29.0088 3708 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 08:36:29.0088 3708 NetTcpPortSharing - ok 08:36:29.0104 3708 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 08:36:29.0104 3708 nfrd960 - ok 08:36:29.0135 3708 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll 08:36:29.0135 3708 NlaSvc - ok 08:36:29.0182 3708 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys 08:36:29.0182 3708 Npfs - ok 08:36:29.0182 3708 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll 08:36:29.0182 3708 nsi - ok 08:36:29.0197 3708 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 08:36:29.0197 3708 nsiproxy - ok 08:36:29.0291 3708 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 08:36:29.0306 3708 Ntfs - ok 08:36:29.0322 3708 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys 08:36:29.0322 3708 Null - ok 08:36:29.0338 3708 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys 08:36:29.0338 3708 nvraid - ok 08:36:29.0369 3708 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys 08:36:29.0369 3708 nvstor - ok 08:36:29.0400 3708 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 08:36:29.0400 3708 nv_agp - ok 08:36:29.0400 3708 NwlnkFlt - ok 08:36:29.0400 3708 NwlnkFwd - ok 08:36:29.0478 3708 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 08:36:29.0478 3708 odserv - ok 08:36:29.0540 3708 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 08:36:29.0540 3708 ohci1394 - ok 08:36:29.0556 3708 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:36:29.0556 3708 ose - ok 08:36:29.0603 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll 08:36:29.0603 3708 p2pimsvc - ok 08:36:29.0634 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll 08:36:29.0634 3708 p2psvc - ok 08:36:29.0665 3708 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys 08:36:29.0665 3708 Parport - ok 08:36:29.0696 3708 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys 08:36:29.0696 3708 partmgr - ok 08:36:29.0712 3708 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll 08:36:29.0712 3708 PcaSvc - ok 08:36:29.0728 3708 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys 08:36:29.0728 3708 pci - ok 08:36:29.0759 3708 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys 08:36:29.0759 3708 pciide - ok 08:36:29.0774 3708 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 08:36:29.0774 3708 pcmcia - ok 08:36:29.0790 3708 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys 08:36:29.0806 3708 PEAUTH - ok 08:36:29.0868 3708 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe 08:36:29.0868 3708 PerfHost - ok 08:36:29.0930 3708 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll 08:36:29.0946 3708 pla - ok 08:36:29.0993 3708 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 08:36:29.0993 3708 PlugPlay - ok 08:36:30.0008 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 08:36:30.0008 3708 PNRPAutoReg - ok 08:36:30.0024 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll 08:36:30.0024 3708 PNRPsvc - ok 08:36:30.0055 3708 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 08:36:30.0071 3708 PolicyAgent - ok 08:36:30.0086 3708 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 08:36:30.0086 3708 PptpMiniport - ok 08:36:30.0102 3708 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys 08:36:30.0102 3708 Processor - ok 08:36:30.0149 3708 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll 08:36:30.0149 3708 ProfSvc - ok 08:36:30.0164 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe 08:36:30.0164 3708 ProtectedStorage - ok 08:36:30.0196 3708 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 08:36:30.0196 3708 PSched - ok 08:36:30.0242 3708 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys 08:36:30.0242 3708 ql2300 - ok 08:36:30.0289 3708 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 08:36:30.0289 3708 ql40xx - ok 08:36:30.0289 3708 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll 08:36:30.0305 3708 QWAVE - ok 08:36:30.0305 3708 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 08:36:30.0305 3708 QWAVEdrv - ok 08:36:30.0305 3708 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 08:36:30.0305 3708 RasAcd - ok 08:36:30.0336 3708 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll 08:36:30.0336 3708 RasAuto - ok 08:36:30.0336 3708 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 08:36:30.0336 3708 Rasl2tp - ok 08:36:30.0352 3708 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll 08:36:30.0352 3708 RasMan - ok 08:36:30.0383 3708 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 08:36:30.0383 3708 RasPppoe - ok 08:36:30.0414 3708 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 08:36:30.0414 3708 RasSstp - ok 08:36:30.0414 3708 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 08:36:30.0430 3708 rdbss - ok 08:36:30.0430 3708 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 08:36:30.0430 3708 RDPCDD - ok 08:36:30.0445 3708 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 08:36:30.0445 3708 rdpdr - ok 08:36:30.0461 3708 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 08:36:30.0461 3708 RDPENCDD - ok 08:36:30.0508 3708 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 08:36:30.0508 3708 RDPWD - ok 08:36:30.0523 3708 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll 08:36:30.0523 3708 RemoteAccess - ok 08:36:30.0570 3708 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll 08:36:30.0570 3708 RemoteRegistry - ok 08:36:30.0632 3708 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 08:36:30.0632 3708 RFCOMM - ok 08:36:30.0648 3708 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe 08:36:30.0648 3708 RpcLocator - ok 08:36:30.0664 3708 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll 08:36:30.0679 3708 RpcSs - ok 08:36:30.0679 3708 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 08:36:30.0679 3708 rspndr - ok 08:36:30.0695 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe 08:36:30.0695 3708 SamSs - ok 08:36:30.0695 3708 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 08:36:30.0710 3708 sbp2port - ok 08:36:30.0742 3708 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll 08:36:30.0742 3708 SCardSvr - ok 08:36:30.0773 3708 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll 08:36:30.0788 3708 Schedule - ok 08:36:30.0835 3708 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll 08:36:30.0835 3708 SCPolicySvc - ok 08:36:30.0851 3708 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll 08:36:30.0866 3708 SDRSVC - ok 08:36:30.0866 3708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 08:36:30.0866 3708 secdrv - ok 08:36:30.0882 3708 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll 08:36:30.0882 3708 seclogon - ok 08:36:30.0898 3708 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll 08:36:30.0898 3708 SENS - ok 08:36:30.0913 3708 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys 08:36:30.0913 3708 Serenum - ok 08:36:30.0944 3708 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys 08:36:30.0944 3708 Serial - ok 08:36:30.0944 3708 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys 08:36:30.0944 3708 sermouse - ok 08:36:30.0976 3708 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll 08:36:30.0991 3708 SessionEnv - ok 08:36:30.0991 3708 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 08:36:30.0991 3708 sffdisk - ok 08:36:31.0007 3708 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 08:36:31.0007 3708 sffp_mmc - ok 08:36:31.0007 3708 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 08:36:31.0007 3708 sffp_sd - ok 08:36:31.0022 3708 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 08:36:31.0022 3708 sfloppy - ok 08:36:31.0054 3708 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll 08:36:31.0054 3708 SharedAccess - ok 08:36:31.0085 3708 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 08:36:31.0085 3708 ShellHWDetection - ok 08:36:31.0100 3708 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 08:36:31.0100 3708 SiSRaid2 - ok 08:36:31.0100 3708 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 08:36:31.0100 3708 SiSRaid4 - ok 08:36:31.0178 3708 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe 08:36:31.0194 3708 slsvc - ok 08:36:31.0210 3708 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll 08:36:31.0210 3708 SLUINotify - ok 08:36:31.0272 3708 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys 08:36:31.0272 3708 Smb - ok 08:36:31.0303 3708 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe 08:36:31.0303 3708 SNMPTRAP - ok 08:36:31.0350 3708 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys 08:36:31.0350 3708 spldr - ok 08:36:31.0381 3708 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe 08:36:31.0381 3708 Spooler - ok 08:36:31.0412 3708 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys 08:36:31.0412 3708 srv - ok 08:36:31.0444 3708 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 08:36:31.0444 3708 srv2 - ok 08:36:31.0459 3708 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 08:36:31.0459 3708 srvnet - ok 08:36:31.0475 3708 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 08:36:31.0475 3708 SSDPSRV - ok 08:36:31.0490 3708 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll 08:36:31.0490 3708 SstpSvc - ok 08:36:31.0506 3708 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll 08:36:31.0522 3708 stisvc - ok 08:36:31.0522 3708 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys 08:36:31.0522 3708 swenum - ok 08:36:31.0537 3708 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll 08:36:31.0553 3708 swprv - ok 08:36:31.0568 3708 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 08:36:31.0568 3708 Symc8xx - ok 08:36:31.0600 3708 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 08:36:31.0600 3708 Sym_hi - ok 08:36:31.0631 3708 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 08:36:31.0631 3708 Sym_u3 - ok 08:36:31.0678 3708 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll 08:36:31.0693 3708 SysMain - ok 08:36:31.0709 3708 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll 08:36:31.0709 3708 TabletInputService - ok 08:36:31.0724 3708 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll 08:36:31.0724 3708 TapiSrv - ok 08:36:31.0771 3708 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll 08:36:31.0771 3708 TBS - ok 08:36:31.0818 3708 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys 08:36:31.0834 3708 Tcpip - ok 08:36:31.0865 3708 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 08:36:31.0880 3708 Tcpip6 - ok 08:36:31.0896 3708 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 08:36:31.0896 3708 tcpipreg - ok 08:36:31.0912 3708 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 08:36:31.0912 3708 TDPIPE - ok 08:36:31.0927 3708 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 08:36:31.0927 3708 TDTCP - ok 08:36:31.0958 3708 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 08:36:31.0958 3708 tdx - ok 08:36:31.0974 3708 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 08:36:31.0974 3708 TermDD - ok 08:36:32.0021 3708 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll 08:36:32.0036 3708 TermService - ok 08:36:32.0036 3708 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll 08:36:32.0036 3708 Themes - ok 08:36:32.0052 3708 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll 08:36:32.0052 3708 THREADORDER - ok 08:36:32.0068 3708 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll 08:36:32.0068 3708 TrkWks - ok 08:36:32.0130 3708 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 08:36:32.0130 3708 TrustedInstaller - ok 08:36:32.0146 3708 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 08:36:32.0146 3708 tssecsrv - ok 08:36:32.0177 3708 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 08:36:32.0177 3708 tunmp - ok 08:36:32.0192 3708 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 08:36:32.0192 3708 tunnel - ok 08:36:32.0192 3708 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 08:36:32.0192 3708 uagp35 - ok 08:36:32.0208 3708 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 08:36:32.0208 3708 udfs - ok 08:36:32.0224 3708 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe 08:36:32.0239 3708 UI0Detect - ok 08:36:32.0255 3708 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 08:36:32.0255 3708 uliagpkx - ok 08:36:32.0270 3708 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys 08:36:32.0270 3708 uliahci - ok 08:36:32.0286 3708 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys 08:36:32.0302 3708 UlSata - ok 08:36:32.0302 3708 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 08:36:32.0317 3708 ulsata2 - ok 08:36:32.0317 3708 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 08:36:32.0317 3708 umbus - ok 08:36:32.0333 3708 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll 08:36:32.0333 3708 upnphost - ok 08:36:32.0364 3708 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 08:36:32.0364 3708 USBAAPL64 - ok 08:36:32.0395 3708 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 08:36:32.0395 3708 usbccgp - ok 08:36:32.0426 3708 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys 08:36:32.0426 3708 usbcir - ok 08:36:32.0458 3708 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 08:36:32.0458 3708 usbehci - ok 08:36:32.0504 3708 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 08:36:32.0504 3708 usbhub - ok 08:36:32.0520 3708 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys 08:36:32.0520 3708 usbohci - ok 08:36:32.0536 3708 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys 08:36:32.0536 3708 usbprint - ok 08:36:32.0582 3708 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 08:36:32.0582 3708 USBSTOR - ok 08:36:32.0598 3708 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 08:36:32.0598 3708 usbuhci - ok 08:36:32.0598 3708 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll 08:36:32.0598 3708 UxSms - ok 08:36:32.0645 3708 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe 08:36:32.0645 3708 vds - ok 08:36:32.0660 3708 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 08:36:32.0660 3708 vga - ok 08:36:32.0676 3708 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys 08:36:32.0676 3708 VgaSave - ok 08:36:32.0692 3708 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys 08:36:32.0692 3708 viaide - ok 08:36:32.0723 3708 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys 08:36:32.0723 3708 volmgr - ok 08:36:32.0754 3708 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 08:36:32.0754 3708 volmgrx - ok 08:36:32.0816 3708 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys 08:36:32.0816 3708 volsnap - ok 08:36:32.0832 3708 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 08:36:32.0848 3708 vsmraid - ok 08:36:32.0957 3708 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe 08:36:32.0972 3708 VSS - ok 08:36:33.0019 3708 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll 08:36:33.0019 3708 W32Time - ok 08:36:33.0066 3708 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 08:36:33.0066 3708 WacomPen - ok 08:36:33.0113 3708 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 08:36:33.0113 3708 Wanarp - ok 08:36:33.0113 3708 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 08:36:33.0113 3708 Wanarpv6 - ok 08:36:33.0128 3708 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll 08:36:33.0144 3708 wcncsvc - ok 08:36:33.0160 3708 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 08:36:33.0160 3708 WcsPlugInService - ok 08:36:33.0191 3708 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys 08:36:33.0191 3708 Wd - ok 08:36:33.0222 3708 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 08:36:33.0222 3708 Wdf01000 - ok 08:36:33.0238 3708 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll 08:36:33.0238 3708 WdiServiceHost - ok 08:36:33.0238 3708 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll 08:36:33.0238 3708 WdiSystemHost - ok 08:36:33.0253 3708 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll 08:36:33.0253 3708 WebClient - ok 08:36:33.0284 3708 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll 08:36:33.0284 3708 Wecsvc - ok 08:36:33.0316 3708 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll 08:36:33.0316 3708 wercplsupport - ok 08:36:33.0331 3708 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll 08:36:33.0331 3708 WerSvc - ok 08:36:33.0331 3708 WinDefend - ok 08:36:33.0347 3708 WinHttpAutoProxySvc - ok 08:36:33.0409 3708 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 08:36:33.0425 3708 Winmgmt - ok 08:36:33.0472 3708 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll 08:36:33.0487 3708 WinRM - ok 08:36:33.0518 3708 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll 08:36:33.0518 3708 Wlansvc - ok 08:36:33.0518 3708 wltrysvc - ok 08:36:33.0534 3708 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 08:36:33.0534 3708 WmiAcpi - ok 08:36:33.0581 3708 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 08:36:33.0581 3708 wmiApSrv - ok 08:36:33.0596 3708 WMPNetworkSvc - ok 08:36:33.0612 3708 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 08:36:33.0612 3708 WPCSvc - ok 08:36:33.0659 3708 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 08:36:33.0659 3708 WPDBusEnum - ok 08:36:33.0752 3708 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 08:36:33.0752 3708 WPFFontCache_v0400 - ok 08:36:33.0784 3708 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 08:36:33.0784 3708 ws2ifsl - ok 08:36:33.0815 3708 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll 08:36:33.0815 3708 wscsvc - ok 08:36:33.0830 3708 WSearch - ok 08:36:33.0862 3708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 08:36:33.0893 3708 wuauserv - ok 08:36:33.0908 3708 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 08:36:33.0908 3708 WUDFRd - ok 08:36:33.0908 3708 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll 08:36:33.0924 3708 wudfsvc - ok 08:36:33.0955 3708 [ 177590B0D2F8BE513626BB8C8D6E6A08 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl 08:36:33.0955 3708 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok 08:36:33.0955 3708 ================ Scan global =============================== 08:36:33.0971 3708 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll 08:36:34.0018 3708 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll 08:36:34.0033 3708 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll 08:36:34.0080 3708 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe 08:36:34.0080 3708 [Global] - ok 08:36:34.0080 3708 ================ Scan MBR ================================== 08:36:34.0096 3708 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 08:36:34.0595 3708 \Device\Harddisk0\DR0 - ok 08:36:34.0595 3708 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR6 08:36:37.0746 3708 \Device\Harddisk5\DR6 - ok 08:36:37.0746 3708 ================ Scan VBR ================================== 08:36:37.0762 3708 [ 0F3314DEABCE17ABFC4CB407B1723113 ] \Device\Harddisk0\DR0\Partition1 08:36:37.0762 3708 \Device\Harddisk0\DR0\Partition1 - ok 08:36:37.0777 3708 [ 1CB0AFE4A5E96A8B963775E4842F2A7A ] \Device\Harddisk5\DR6\Partition1 08:36:37.0777 3708 \Device\Harddisk5\DR6\Partition1 - ok 08:36:37.0777 3708 ============================================================ 08:36:37.0777 3708 Scan finished 08:36:37.0777 3708 ============================================================ 08:36:37.0777 1804 Detected object count: 0 08:36:37.0777 1804 Actual detected object count: 0 08:37:07.0214 2344 Deinitialize success
  6. andrew_2040g
    Hi, today I noticed that when browsing the internet with IE or Firefox & using google to search, if I click on any of the search results I am redirected to dubious unrelated websites. I had my antivirus (Avira) activated at the time. A subsequent system scan resulted in no found viruses. I also ran MBAM quick & full searches, but neither found any viruses. The following are the dds log & attch files. Thanks in advance for any assistance. DDS (Ver_2012-10-19.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Andrew at 20:08:37 on 2012-11-03 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.5957 [GMT -7:00] . AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\atieclxx.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\AERTSr64.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RAVCpl64.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\splwow64.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll uRun: [vakmvpuhzg] rundll32 "C:\Users\Andrew\AppData\Roaming\cabinet5.dll",ODNRBJGW mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: NameServer = 192.168.1.1 TCP: Interfaces\{EA2C077B-D256-4A26-903F-E678FD7B4F5B} : DHCPNameServer = 192.168.1.1 LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide x64-Run: [RtHDVCpl] RAVCpl64.exe x64-Run: [skytel] Skytel.exe x64-Run: [bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode x64-Run: [broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.exe x64-mPolicies-Explorer: NoActiveDesktop = dword:1 x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1 x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 x64-mPolicies-System: EnableUIADesktopToggle = dword:0 x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gzn7pkwz.default\ FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/|about:home FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-8-13 27760] R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2012-8-15 32240] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AERTFilters;Andrea RT Filters Service;C:\Windows\System32\AERTSr64.exe [2012-8-13 88576] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-20 203776] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-8-13 86224] R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-8-13 110032] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-8-13 98848] R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-4-20 9319936] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-4-20 306176] R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2012-8-13 316544] R3 hcw85bda;Hauppauge WinTV 885 Video Capture;C:\Windows\System32\drivers\HCW85BDA.sys [2009-7-14 1708800] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-15 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-15 250808] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-15 116648] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-13 115168] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2012-8-18 89920] . =============== File Associations =============== . FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %* FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2012-11-03 21:03:22 94208 --sha-r- C:\Users\Andrew\AppData\Roaming\cabinet5.dll 2012-10-10 14:04:55 65309168 ----a-w- C:\Windows\System32\mrt.exe 2012-10-09 01:21:31 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 01:21:31 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-09-30 02:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-13 13:45:46 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-13 13:28:08 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-29 11:40:01 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-24 16:07:02 218624 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 15:53:29 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 11:15:45 17810944 ----a-w- C:\Windows\System32\mshtml.dll 2012-08-24 10:39:42 10925568 ----a-w- C:\Windows\System32\ieframe.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:22:46 1346048 ----a-w- C:\Windows\System32\urlmon.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:18:46 237056 ----a-w- C:\Windows\System32\url.dll 2012-08-24 10:17:03 85504 ----a-w- C:\Windows\System32\jsproxy.dll 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:14:34 816640 ----a-w- C:\Windows\System32\jscript.dll 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:12:04 2144768 ----a-w- C:\Windows\System32\iertutil.dll 2012-08-24 10:11:57 729088 ----a-w- C:\Windows\System32\msfeeds.dll 2012-08-24 10:10:14 96768 ----a-w- C:\Windows\System32\mshtmled.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 10:04:06 248320 ----a-w- C:\Windows\System32\ieui.dll 2012-08-24 07:27:00 12319744 ----a-w- C:\Windows\SysWow64\mshtml.dll 2012-08-24 07:03:49 9738240 ----a-w- C:\Windows\SysWow64\ieframe.dll 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:50 1103872 ----a-w- C:\Windows\SysWow64\urlmon.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:49:57 231936 ----a-w- C:\Windows\SysWow64\url.dll 2012-08-24 06:48:38 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll 2012-08-24 06:47:36 717824 ----a-w- C:\Windows\SysWow64\jscript.dll 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:45:46 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll 2012-08-24 06:44:35 1793024 ----a-w- C:\Windows\SysWow64\iertutil.dll 2012-08-24 06:44:10 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-24 06:40:11 176640 ----a-w- C:\Windows\SysWow64\ieui.dll 2012-08-19 17:06:38 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll 2012-08-19 17:05:52 449024 ----a-w- C:\Windows\System32\WMPhoto.dll 2012-08-14 13:44:29 0 ----a-w- C:\Windows\ativpsrm.bin 2012-08-14 04:55:35 525792 ----a-w- C:\Windows\DIFxAPI.dll 2012-08-14 04:55:29 319488 ----a-w- C:\Windows\HideWin.exe . ============= FINISH: 20:08:57.72 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-19.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 8/13/2012 9:27:56 PM System Uptime: 11/3/2012 1:16:05 PM (7 hours ago) . Motherboard: Dell Inc. | | 0R849J Processor: Intel® Core i7 CPU 920 @ 2.67GHz | CPU 1 | 1600/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1177 GiB total, 997.913 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Apple Application Support Apple Mobile Device Support Apple Software Update Avira Free Antivirus Bonjour Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Dell Resource CD Dell Wireless WLAN Card Google Earth Google Update Helper Hauppauge TV Tuner Driver Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Intel® Network Connections Drivers iTunes Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service PowerDVD Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) WIDCOMM Bluetooth Software 6.0.1.4303 Windows Driver Package - Logitech HIDClass (10/30/2006 1.0) . ==== End Of File ===========================
  7. andrew_2040g
    My subscription to Trend Micro has expired... I cant get into the program console or exit the program. I've tried to uninstall trend mirco from my comp a number of times but it never gets past 13% uninstalled, not sure if that is associated with my other problems. The scan completed with no items found. Here is the log: Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.12.05 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 7.0.6002.18005 Andrew :: MORDECAI [administrator] Protection: Enabled 8/12/2012 10:57:34 AM mbam-log-2012-08-12 (10-57-34).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 391159 Time elapsed: 2 hour(s), 28 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  8. andrew_2040g
    I ran the express scan, but when I clicked yes to allow it to cure the first file, my computer rebooted on its own. I ran the express scan a second time, but it seemed more like a complete scan. Also after the second scan, it found 6 files, but I did not see the icon with the red check shown above. I moved all the files, but 5 wouldnt move... it said they had invalid paths. When I clicked on the save report list option no list was saved.
  9. andrew_2040g
    Hi, I need your help. My computer was recently infected with a "Live Security Platnum" fake anti-virus virus. I ran malwarebytes, which seemed to resolve the issue. But now Im noticing that my desktop icons are defaulting to a different size than I had them set at. Also, when I connect my computer to the internet I get random streaming audio, with or without an IE or firefox brower open. Im afraid I have a backdoor infection. I re-ran malwarebytes, but it is not finding anything. The following are the dds.txt and attach.txt logs. Thanks in advance for any help! dds.txt log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_31 Run by Andrew at 19:22:31 on 2012-08-09 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6409 [GMT -7:00] . AV: Trend Micro Titanium *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\SetPoint\LBTWiz.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\SetPoint\SetPoint.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\SetPoint\x86\SetPoint32.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = https://mail.knaconsulting.com/owa uWindow Title = Internet Explorer provided by Dell uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: Interfaces\{78F0951B-12F7-4011-A7F1-4C323571B3EB} : DhcpNameServer = 192.168.1.1 Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll BHO-X64: Trend Micro NSC BHO - No File BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll BHO-X64: Trend Micro Toolbar BHO - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO-X64: TmBpIeBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [(Default)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\svajfezi.default\ FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3201318&SearchSource=2&q= FF - component: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\components\TmFFEx6.dll FF - component: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\components\TmFFExt.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2009/06/13 20:28:38];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2009-6-13 146928] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-3-30 88576] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-6-18 256336] R2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-9-23 155648] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-5 655944] R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?] R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate1c9b550e82e26e4;Google Update Service (gupdate1c9b550e82e26e4);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-4-4 133104] S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-5-14 309744] S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-5-14 166384] S2 SessionLauncher;SessionLauncher;C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 AtiDCM;AtiDCM;C:\Users\Andrew\AppData\Local\Temp\atdcm64a.sys [2012-4-30 26752] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-4-4 133104] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-28 113120] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-5-14 1120752] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-18 89920] . =============== Created Last 30 ================ . 2012-08-10 02:03:47 711240 ----a-w- C:\Windows\isRS-000.tmp 2012-08-05 15:22:08 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-05 15:22:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-05 04:05:30 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Curiolab 2012-08-04 20:23:22 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Malwarebytes 2012-08-04 20:23:12 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-04 18:44:31 -------- d-----w- C:\ProgramData\225932D2027DA07918C5CFEC2F3B707C 2012-08-02 01:09:14 7596032 ----a-w- C:\Windows\System32\xpsrchvw.exe 2012-08-02 01:09:14 1421312 ----a-w- C:\Windows\System32\XpsFilt.dll 2012-07-12 05:11:07 2769408 ----a-w- C:\Windows\System32\win32k.sys . ==================== Find3M ==================== . 2012-08-05 02:38:49 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-05 02:38:49 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-05 16:47:28 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-05 16:47:27 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-05 16:22:47 1797120 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-05 16:22:46 1869824 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-04 15:29:59 516480 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 22:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 22:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe 2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll 2012-06-02 00:22:56 347136 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 00:22:10 254464 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 00:05:11 77312 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 00:04:25 278528 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 00:03:42 204288 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-05-15 22:18:23 1032192 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 22:04:50 834048 ----a-w- C:\Windows\SysWow64\wininet.dll . ============= FINISH: 19:22:51.45 =============== attach.txt log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 3/30/2009 12:44:56 AM System Uptime: 8/9/2012 7:05:04 PM (0 hours ago) . Motherboard: Dell Inc. | | 0R849J Processor: Intel® Core i7 CPU 920 @ 2.67GHz | CPU 1 | 2667/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1177 GiB total, 871.64 GiB free. D: is FIXED (NTFS) - 15 GiB total, 6.752 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP491: 5/17/2012 7:22:26 PM - Scheduled Checkpoint RP492: 5/19/2012 12:15:19 PM - Scheduled Checkpoint RP493: 5/21/2012 9:05:23 PM - Scheduled Checkpoint RP494: 5/26/2012 11:36:13 AM - Scheduled Checkpoint RP495: 5/28/2012 11:21:27 AM - Scheduled Checkpoint RP496: 5/30/2012 7:39:37 PM - Scheduled Checkpoint RP497: 5/31/2012 7:30:33 PM - Scheduled Checkpoint RP498: 6/1/2012 8:29:00 PM - Scheduled Checkpoint RP499: 6/2/2012 12:27:08 PM - Scheduled Checkpoint RP500: 6/3/2012 3:32:06 PM - Scheduled Checkpoint RP501: 6/6/2012 6:44:08 AM - Windows Update RP502: 6/9/2012 4:12:06 PM - Scheduled Checkpoint RP503: 6/11/2012 7:53:51 PM - Scheduled Checkpoint RP504: 6/12/2012 7:11:20 PM - Scheduled Checkpoint RP505: 6/13/2012 7:14:53 AM - Windows Update RP506: 6/13/2012 7:37:53 PM - Scheduled Checkpoint RP507: 6/15/2012 7:52:29 PM - Scheduled Checkpoint RP508: 6/22/2012 5:52:54 PM - Windows Update RP509: 6/23/2012 9:57:56 AM - Scheduled Checkpoint RP510: 7/2/2012 8:42:43 PM - Scheduled Checkpoint RP511: 7/3/2012 7:00:28 PM - Scheduled Checkpoint RP512: 7/5/2012 12:07:27 PM - Scheduled Checkpoint RP513: 7/7/2012 10:37:08 AM - Scheduled Checkpoint RP514: 7/8/2012 9:27:18 AM - Scheduled Checkpoint RP515: 7/11/2012 10:10:15 PM - Windows Update RP516: 7/12/2012 7:14:43 PM - Scheduled Checkpoint RP517: 7/14/2012 6:14:08 PM - Scheduled Checkpoint RP518: 7/15/2012 11:07:34 AM - Scheduled Checkpoint RP519: 7/16/2012 7:48:48 PM - Scheduled Checkpoint RP520: 7/18/2012 7:06:54 PM - Scheduled Checkpoint RP521: 7/19/2012 7:14:49 PM - Scheduled Checkpoint RP522: 7/20/2012 8:45:12 PM - Scheduled Checkpoint RP523: 7/21/2012 2:06:14 PM - Scheduled Checkpoint RP524: 7/23/2012 7:02:27 PM - Scheduled Checkpoint RP525: 7/25/2012 6:57:44 PM - Scheduled Checkpoint RP526: 7/26/2012 8:06:53 PM - Scheduled Checkpoint RP527: 7/28/2012 5:40:28 PM - Scheduled Checkpoint RP528: 7/29/2012 9:46:25 AM - Scheduled Checkpoint RP529: 8/1/2012 6:08:37 PM - Windows Update RP530: 8/3/2012 8:13:49 PM - Scheduled Checkpoint RP531: 8/4/2012 10:46:03 PM - Scheduled Checkpoint RP532: 8/5/2012 7:54:50 AM - Removed America's Army Deploy Client RP533: 8/5/2012 7:56:09 AM - Removed America's Army Deploy Client . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) AnswerWorks 5.0 English Runtime Apple Application Support Apple Software Update ATI Catalyst Control Center Banctec Service Agreement Bing Bar Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Spanish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help English CCC Help French CCC Help German CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Polish CCC Help Portuguese CCC Help Spanish CCC Help Thai CCC Help Turkish CDDRV_Installer Choice Guard Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Dell DataSafe Online Dell Getting Started Guide Dell Video Chat DirectXInstallService Google Earth Google Update Helper Google Updater GTA San Andreas Hauppauge MCE XP/Vista Software Encoder (2.0.25296) Hauppauge TV Tuner Driver Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Java Auto Updater Java 6 Update 31 Junk Mail filter update Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) PowerDVD DX Quicken 2009 QuickTime Realtek High Definition Audio Driver Roxio Activation Module Roxio CinePlayer Decoder Pack Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator Premier Roxio Creator Premier 10 Roxio Creator Tools Roxio Express Labeler Roxio Update Manager Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition SetPoint Skins Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 8/9/2012 7:07:04 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 8/9/2012 7:07:04 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 8/9/2012 7:07:04 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 8/9/2012 7:07:04 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the path specified. 8/9/2012 6:50:47 PM, Error: Microsoft-Windows-WMPNSS-Service [14325] - Service 'WMPNetworkSvc' did not start correctly because QueryService encountered error '0x80070424'. In Windows Media Player, turn off media sharing, and then turn it back on. 8/5/2012 7:40:17 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr tmtdi Wanarpv6 8/5/2012 7:40:17 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 8/5/2012 7:39:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 8/5/2012 7:39:15 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 8/5/2012 7:39:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 8/5/2012 7:39:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 8/5/2012 7:39:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 8/5/2012 7:39:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 8/5/2012 7:39:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 8/4/2012 8:05:50 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00242BC154EC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 8/4/2012 3:05:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL spldr tmtdi Wanarpv6 8/4/2012 12:27:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr Tcpip tdx tmtdi Wanarpv6 8/4/2012 12:16:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr Tcpip tdx tmtdi Wanarpv6 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 8/4/2012 1:31:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 8/4/2012 1:31:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 8/3/2012 9:07:18 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.5 for the Network Card with network address 00242BC154EC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.