andrew_2040g
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by andrew_2040g
-
-
here is the scan log:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=151a99553969f34d84b38750140ab410
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-05 12:13:47
# local_time=2012-11-04 04:13:47 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 6229086 6229086 0 0
# compatibility_mode=5892 16776574 100 45 150267595 188669282 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=121936
# found=0
# cleaned=0
# scan_time=3851
-
here is the log from systemlook. Looks like the file in question has been removed!
SystemLook 30.07.11 by jpshortstuff
Log created at 14:41 on 04/11/2012 by Andrew
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== filefind ==========
Searching for "cabinet5.dll"
No files found.
-= EOF =-
-
things appear to be working correctly again! thanks for your help! here is the last combofix log:
ComboFix 12-11-04.01 - Andrew 11/04/2012 13:36:00.2.8 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6470 [GMT -8:00]
Running from: c:\users\Andrew\Desktop\ComboFix.exe
Command switches used :: c:\users\Andrew\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Andrew\AppData\Roaming\cabinet5.dll"
.
.
((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 )))))))))))))))))))))))))))))))
.
.
2012-11-04 21:39 . 2012-11-04 21:41 -------- d-----w- c:\users\Andrew\AppData\Local\temp
2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\users\Andrew\AppData\Roaming\Malwarebytes
2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\programdata\Malwarebytes
2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-04 01:37 . 2012-09-30 02:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-10 13:38 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 13:38 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 13:38 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 13:38 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 13:38 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 13:38 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 13:38 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 13:38 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 13:38 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 13:38 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-10 13:38 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 14:04 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe
2012-10-09 01:21 . 2012-08-16 01:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 01:21 . 2012-08-16 01:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-24 11:15 . 2012-09-22 19:49 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 19:49 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 19:49 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 19:49 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 19:49 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 19:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 19:49 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 19:49 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 19:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 19:49 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 19:49 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 19:49 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 19:49 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 19:49 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 19:49 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 19:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 19:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 19:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 19:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 19:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-19 17:07 . 2012-08-19 17:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-08-19 17:07 . 2012-08-19 17:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-08-19 17:07 . 2012-08-19 17:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-08-19 17:07 . 2012-08-19 17:07 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-08-19 17:07 . 2012-08-19 17:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-08-19 17:07 . 2012-08-19 17:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-08-19 17:07 . 2012-08-19 17:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-08-19 17:07 . 2012-08-19 17:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-08-19 17:07 . 2012-08-19 17:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-08-19 17:07 . 2012-08-19 17:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-08-19 17:07 . 2012-08-19 17:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-08-19 17:07 . 2012-08-19 17:07 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-08-19 17:07 . 2012-08-19 17:07 222208 ----a-w- c:\windows\system32\msls31.dll
2012-08-19 17:07 . 2012-08-19 17:07 197120 ----a-w- c:\windows\system32\msrating.dll
2012-08-19 17:07 . 2012-08-19 17:07 12288 ----a-w- c:\windows\system32\mshta.exe
2012-08-19 17:07 . 2012-08-19 17:07 114176 ----a-w- c:\windows\system32\admparse.dll
2012-08-19 17:07 . 2012-08-19 17:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-08-19 17:07 . 2012-08-19 17:07 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-08-19 17:07 . 2012-08-19 17:07 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-08-19 17:07 . 2012-08-19 17:07 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-08-19 17:07 . 2012-08-19 17:07 448512 ----a-w- c:\windows\system32\html.iec
2012-08-19 17:07 . 2012-08-19 17:07 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-08-19 17:07 . 2012-08-19 17:07 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-08-19 17:07 . 2012-08-19 17:07 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-08-19 17:07 . 2012-08-19 17:07 136192 ----a-w- c:\windows\system32\advpack.dll
2012-08-19 17:07 . 2012-08-19 17:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-08-19 17:07 . 2012-08-19 17:07 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-08-19 17:07 . 2012-08-19 17:07 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-08-19 17:07 . 2012-08-19 17:07 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-08-19 17:07 . 2012-08-19 17:07 82432 ----a-w- c:\windows\system32\icardie.dll
2012-08-19 17:07 . 2012-08-19 17:07 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-08-19 17:07 . 2012-08-19 17:07 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-08-19 17:07 . 2012-08-19 17:07 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-08-19 17:07 . 2012-08-19 17:07 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-08-19 17:07 . 2012-08-19 17:07 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-19 17:07 . 2012-08-19 17:07 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-08-19 17:07 . 2012-08-19 17:07 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\wextract.exe
2012-08-19 17:07 . 2012-08-19 17:07 103936 ----a-w- c:\windows\system32\inseng.dll
2012-08-19 17:07 . 2012-08-19 17:07 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-08-19 17:07 . 2012-08-19 17:07 149504 ----a-w- c:\windows\system32\occache.dll
2012-08-19 17:06 . 2012-08-19 17:06 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2012-08-19 17:06 . 2012-08-19 17:06 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-08-19 17:06 . 2012-08-19 17:06 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2012-08-19 17:06 . 2012-08-19 17:06 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2012-08-19 17:06 . 2012-08-19 17:06 3548672 ----a-w- c:\windows\system32\mf.dll
2012-08-19 17:06 . 2012-08-19 17:06 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-08-19 17:06 . 2012-08-19 17:06 34304 ----a-w- c:\windows\system32\mfpmp.exe
2012-08-19 17:06 . 2012-08-19 17:06 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2012-08-19 17:06 . 2012-08-19 17:06 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2012-08-19 17:06 . 2012-08-19 17:06 195072 ----a-w- c:\windows\system32\mfps.dll
2012-08-19 17:06 . 2012-08-19 17:06 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-08-19 17:06 . 2012-08-19 17:06 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2012-08-19 17:06 . 2012-08-19 17:06 748544 ----a-w- c:\windows\system32\stobject.dll
2012-08-19 17:06 . 2012-08-19 17:06 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2012-08-19 17:06 . 2012-08-19 17:06 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2012-08-19 17:06 . 2012-08-19 17:06 278528 ----a-w- c:\windows\system32\mfplat.dll
2012-08-19 17:06 . 2012-08-19 17:06 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2012-08-19 17:06 . 2012-08-19 17:06 1204224 ----a-w- c:\windows\system32\shdocvw.dll
2012-08-19 17:06 . 2012-08-19 17:06 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-19 17:06 . 2012-08-19 17:06 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-08-19 17:06 . 2012-08-19 17:06 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-08-19 17:06 . 2012-08-19 17:06 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-08-19 17:06 . 2012-08-19 17:06 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2012-08-19 17:06 . 2012-08-19 17:06 625152 ----a-w- c:\windows\system32\dxgi.dll
2012-08-19 17:06 . 2012-08-19 17:06 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-19 348664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-15 981544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSr64.exe [2008-07-15 88576]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 01:21]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-09-03 6475808]
"Skytel"="Skytel.exe" [bU]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 56320]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3725312]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gzn7pkwz.default\
FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/|about:home
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\sched.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Completion time: 2012-11-04 13:44:38 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-04 21:44
ComboFix2.txt 2012-11-04 16:34
.
Pre-Run: 1,066,235,719,680 bytes free
Post-Run: 1,066,822,111,232 bytes free
.
- - End Of File - - 797500D2D3EC0958DD46E699705C4ECD
-
I ran combofx, then tdsskiller. TDSSkiller didnt find any suspicious item. the logs are below. Thanks again!
ComboFix 12-11-04.01 - Andrew 11/04/2012 8:27.1.8 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6674 [GMT -8:00]
Running from: c:\users\Andrew\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Andrew\AppData\Roaming\cabinet5.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 )))))))))))))))))))))))))))))))
.
.
2012-11-04 16:32 . 2012-11-04 16:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-04 16:32 . 2012-11-04 16:32 -------- d-----w- c:\users\Andrew\AppData\Local\temp
2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\users\Andrew\AppData\Roaming\Malwarebytes
2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\programdata\Malwarebytes
2012-11-04 01:37 . 2012-11-04 01:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-04 01:37 . 2012-09-30 02:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-10 13:38 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 13:38 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 13:38 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 13:38 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 13:38 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 13:38 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 13:38 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 13:38 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 13:38 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 13:38 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-10 13:38 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 14:04 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe
2012-10-09 01:21 . 2012-08-16 01:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 01:21 . 2012-08-16 01:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-24 11:15 . 2012-09-22 19:49 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 19:49 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 19:49 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 19:49 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 19:49 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 19:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 19:49 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 19:49 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 19:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 19:49 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 19:49 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 19:49 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 19:49 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 19:49 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 19:49 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 19:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 19:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 19:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 19:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 19:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 19:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-19 17:07 . 2012-08-19 17:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-08-19 17:07 . 2012-08-19 17:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-08-19 17:07 . 2012-08-19 17:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-08-19 17:07 . 2012-08-19 17:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-08-19 17:07 . 2012-08-19 17:07 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-08-19 17:07 . 2012-08-19 17:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-08-19 17:07 . 2012-08-19 17:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-08-19 17:07 . 2012-08-19 17:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-08-19 17:07 . 2012-08-19 17:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-08-19 17:07 . 2012-08-19 17:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-08-19 17:07 . 2012-08-19 17:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-08-19 17:07 . 2012-08-19 17:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-08-19 17:07 . 2012-08-19 17:07 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-08-19 17:07 . 2012-08-19 17:07 222208 ----a-w- c:\windows\system32\msls31.dll
2012-08-19 17:07 . 2012-08-19 17:07 197120 ----a-w- c:\windows\system32\msrating.dll
2012-08-19 17:07 . 2012-08-19 17:07 12288 ----a-w- c:\windows\system32\mshta.exe
2012-08-19 17:07 . 2012-08-19 17:07 114176 ----a-w- c:\windows\system32\admparse.dll
2012-08-19 17:07 . 2012-08-19 17:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-08-19 17:07 . 2012-08-19 17:07 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-08-19 17:07 . 2012-08-19 17:07 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-08-19 17:07 . 2012-08-19 17:07 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-08-19 17:07 . 2012-08-19 17:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-08-19 17:07 . 2012-08-19 17:07 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-08-19 17:07 . 2012-08-19 17:07 448512 ----a-w- c:\windows\system32\html.iec
2012-08-19 17:07 . 2012-08-19 17:07 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-08-19 17:07 . 2012-08-19 17:07 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-08-19 17:07 . 2012-08-19 17:07 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-08-19 17:07 . 2012-08-19 17:07 136192 ----a-w- c:\windows\system32\advpack.dll
2012-08-19 17:07 . 2012-08-19 17:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-08-19 17:07 . 2012-08-19 17:07 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-08-19 17:07 . 2012-08-19 17:07 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-08-19 17:07 . 2012-08-19 17:07 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-08-19 17:07 . 2012-08-19 17:07 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-08-19 17:07 . 2012-08-19 17:07 82432 ----a-w- c:\windows\system32\icardie.dll
2012-08-19 17:07 . 2012-08-19 17:07 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-08-19 17:07 . 2012-08-19 17:07 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-08-19 17:07 . 2012-08-19 17:07 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-08-19 17:07 . 2012-08-19 17:07 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-08-19 17:07 . 2012-08-19 17:07 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-19 17:07 . 2012-08-19 17:07 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-08-19 17:07 . 2012-08-19 17:07 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-08-19 17:07 . 2012-08-19 17:07 160256 ----a-w- c:\windows\system32\wextract.exe
2012-08-19 17:07 . 2012-08-19 17:07 103936 ----a-w- c:\windows\system32\inseng.dll
2012-08-19 17:07 . 2012-08-19 17:07 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-08-19 17:07 . 2012-08-19 17:07 149504 ----a-w- c:\windows\system32\occache.dll
2012-08-19 17:06 . 2012-08-19 17:06 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2012-08-19 17:06 . 2012-08-19 17:06 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-08-19 17:06 . 2012-08-19 17:06 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2012-08-19 17:06 . 2012-08-19 17:06 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2012-08-19 17:06 . 2012-08-19 17:06 3548672 ----a-w- c:\windows\system32\mf.dll
2012-08-19 17:06 . 2012-08-19 17:06 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-08-19 17:06 . 2012-08-19 17:06 34304 ----a-w- c:\windows\system32\mfpmp.exe
2012-08-19 17:06 . 2012-08-19 17:06 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2012-08-19 17:06 . 2012-08-19 17:06 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2012-08-19 17:06 . 2012-08-19 17:06 195072 ----a-w- c:\windows\system32\mfps.dll
2012-08-19 17:06 . 2012-08-19 17:06 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-08-19 17:06 . 2012-08-19 17:06 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2012-08-19 17:06 . 2012-08-19 17:06 748544 ----a-w- c:\windows\system32\stobject.dll
2012-08-19 17:06 . 2012-08-19 17:06 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2012-08-19 17:06 . 2012-08-19 17:06 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2012-08-19 17:06 . 2012-08-19 17:06 278528 ----a-w- c:\windows\system32\mfplat.dll
2012-08-19 17:06 . 2012-08-19 17:06 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2012-08-19 17:06 . 2012-08-19 17:06 1204224 ----a-w- c:\windows\system32\shdocvw.dll
2012-08-19 17:06 . 2012-08-19 17:06 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-19 17:06 . 2012-08-19 17:06 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-08-19 17:06 . 2012-08-19 17:06 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-08-19 17:06 . 2012-08-19 17:06 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-08-19 17:06 . 2012-08-19 17:06 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2012-08-19 17:06 . 2012-08-19 17:06 625152 ----a-w- c:\windows\system32\dxgi.dll
2012-08-19 17:06 . 2012-08-19 17:06 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-19 348664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-15 981544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSr64.exe [2008-07-15 88576]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 01:21]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 03:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-09-03 6475808]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 56320]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3725312]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gzn7pkwz.default\
FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/|about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-vakmvpuhzg - c:\users\Andrew\AppData\Roaming\cabinet5.dll
HKLM-Run-Skytel - Skytel.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Completion time: 2012-11-04 08:34:38
ComboFix-quarantined-files.txt 2012-11-04 16:34
.
Pre-Run: 1,072,957,931,520 bytes free
Post-Run: 1,073,419,325,440 bytes free
.
- - End Of File - - E14896FB3C605063B5553AE90910B5BF
08:36:03.0317 4064 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:36:03.0332 4064 ============================================================
08:36:03.0332 4064 Current date / time: 2012/11/04 08:36:03.0332
08:36:03.0332 4064 SystemInfo:
08:36:03.0332 4064
08:36:03.0332 4064 OS Version: 6.0.6002 ServicePack: 2.0
08:36:03.0332 4064 Product type: Workstation
08:36:03.0332 4064 ComputerName: WINSTON
08:36:03.0332 4064 UserName: Andrew
08:36:03.0332 4064 Windows directory: C:\Windows
08:36:03.0332 4064 System windows directory: C:\Windows
08:36:03.0332 4064 Running under WOW64
08:36:03.0332 4064 Processor architecture: Intel x64
08:36:03.0332 4064 Number of processors: 8
08:36:03.0332 4064 Page size: 0x1000
08:36:03.0332 4064 Boot type: Normal boot
08:36:03.0332 4064 ============================================================
08:36:03.0847 4064 Drive \Device\Harddisk0\DR0 - Size: 0x12A15C00000 (1192.34 Gb), SectorSize: 0x200, Cylinders: 0x26002, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:36:03.0910 4064 Drive \Device\Harddisk5\DR6 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:36:03.0910 4064 ============================================================
08:36:03.0910 4064 \Device\Harddisk0\DR0:
08:36:03.0910 4064 MBR partitions:
08:36:03.0910 4064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x9328A000
08:36:03.0910 4064 \Device\Harddisk5\DR6:
08:36:03.0910 4064 MBR partitions:
08:36:03.0910 4064 \Device\Harddisk5\DR6\Partition1: MBR, Type 0xC, StartLBA 0x8D8, BlocksNum 0xEEF728
08:36:03.0910 4064 ============================================================
08:36:03.0941 4064 C: <-> \Device\Harddisk0\DR0\Partition1
08:36:03.0941 4064 ============================================================
08:36:03.0941 4064 Initialize success
08:36:03.0941 4064 ============================================================
08:36:22.0162 3708 ============================================================
08:36:22.0162 3708 Scan started
08:36:22.0162 3708 Mode: Manual;
08:36:22.0162 3708 ============================================================
08:36:22.0380 3708 ================ Scan system memory ========================
08:36:22.0380 3708 System memory - ok
08:36:22.0380 3708 ================ Scan services =============================
08:36:22.0598 3708 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
08:36:22.0598 3708 ACPI - ok
08:36:22.0692 3708 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:36:22.0692 3708 AdobeARMservice - ok
08:36:22.0770 3708 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:36:22.0770 3708 AdobeFlashPlayerUpdateSvc - ok
08:36:22.0801 3708 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:36:22.0801 3708 adp94xx - ok
08:36:22.0832 3708 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:36:22.0832 3708 adpahci - ok
08:36:22.0848 3708 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
08:36:22.0848 3708 adpu160m - ok
08:36:22.0879 3708 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:36:22.0879 3708 adpu320 - ok
08:36:22.0942 3708 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:36:22.0942 3708 AeLookupSvc - ok
08:36:22.0957 3708 [ 233EE06F203F6FD78CCBB8E0D139A271 ] AERTFilters C:\Windows\system32\AERTSr64.exe
08:36:22.0973 3708 AERTFilters - ok
08:36:23.0020 3708 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
08:36:23.0020 3708 AFD - ok
08:36:23.0035 3708 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:36:23.0035 3708 agp440 - ok
08:36:23.0066 3708 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
08:36:23.0066 3708 aic78xx - ok
08:36:23.0082 3708 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
08:36:23.0082 3708 ALG - ok
08:36:23.0098 3708 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
08:36:23.0098 3708 aliide - ok
08:36:23.0144 3708 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:36:23.0144 3708 AMD External Events Utility - ok
08:36:23.0160 3708 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
08:36:23.0176 3708 amdide - ok
08:36:23.0176 3708 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:36:23.0176 3708 AmdK8 - ok
08:36:23.0363 3708 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:36:23.0425 3708 amdkmdag - ok
08:36:23.0472 3708 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:36:23.0472 3708 amdkmdap - ok
08:36:23.0503 3708 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:36:23.0519 3708 AntiVirSchedulerService - ok
08:36:23.0534 3708 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:36:23.0534 3708 AntiVirService - ok
08:36:23.0550 3708 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
08:36:23.0550 3708 Appinfo - ok
08:36:23.0597 3708 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:36:23.0597 3708 Apple Mobile Device - ok
08:36:23.0644 3708 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
08:36:23.0644 3708 arc - ok
08:36:23.0644 3708 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:36:23.0644 3708 arcsas - ok
08:36:23.0675 3708 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:36:23.0675 3708 AsyncMac - ok
08:36:23.0722 3708 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
08:36:23.0722 3708 atapi - ok
08:36:23.0862 3708 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:36:23.0924 3708 atikmdag - ok
08:36:23.0987 3708 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:36:23.0987 3708 AudioEndpointBuilder - ok
08:36:24.0002 3708 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:36:24.0002 3708 AudioSrv - ok
08:36:24.0002 3708 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
08:36:24.0002 3708 avgntflt - ok
08:36:24.0034 3708 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
08:36:24.0034 3708 avipbb - ok
08:36:24.0034 3708 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
08:36:24.0034 3708 avkmgr - ok
08:36:24.0049 3708 BCM42RLY - ok
08:36:24.0080 3708 [ F48D3478ACB1B4CCC9FB6FD3CB6835E6 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl664.sys
08:36:24.0096 3708 BCM43XV - ok
08:36:24.0127 3708 [ F48D3478ACB1B4CCC9FB6FD3CB6835E6 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:36:24.0143 3708 BCM43XX - ok
08:36:24.0143 3708 Beep - ok
08:36:24.0221 3708 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
08:36:24.0221 3708 BFE - ok
08:36:24.0283 3708 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
08:36:24.0283 3708 BITS - ok
08:36:24.0330 3708 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:36:24.0330 3708 blbdrive - ok
08:36:24.0377 3708 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:36:24.0392 3708 Bonjour Service - ok
08:36:24.0408 3708 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:36:24.0408 3708 bowser - ok
08:36:24.0408 3708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
08:36:24.0408 3708 BrFiltLo - ok
08:36:24.0424 3708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
08:36:24.0424 3708 BrFiltUp - ok
08:36:24.0455 3708 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
08:36:24.0455 3708 Browser - ok
08:36:24.0486 3708 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
08:36:24.0486 3708 Brserid - ok
08:36:24.0502 3708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
08:36:24.0502 3708 BrSerWdm - ok
08:36:24.0517 3708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
08:36:24.0517 3708 BrUsbMdm - ok
08:36:24.0517 3708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
08:36:24.0517 3708 BrUsbSer - ok
08:36:24.0564 3708 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
08:36:24.0564 3708 BthEnum - ok
08:36:24.0564 3708 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:36:24.0564 3708 BTHMODEM - ok
08:36:24.0595 3708 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:36:24.0595 3708 BthPan - ok
08:36:24.0658 3708 [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
08:36:24.0658 3708 BTHPORT - ok
08:36:24.0689 3708 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
08:36:24.0689 3708 BthServ - ok
08:36:24.0720 3708 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
08:36:24.0720 3708 BTHUSB - ok
08:36:24.0751 3708 [ A44AD9AB3BF98A65EB58662E3C78EAE0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:36:24.0751 3708 btwaudio - ok
08:36:24.0782 3708 [ A441D453821A6336F516F97F79BBFA17 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
08:36:24.0782 3708 btwavdt - ok
08:36:24.0814 3708 [ 09548DB96993C846895EB1222F6FE620 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
08:36:24.0829 3708 btwdins - ok
08:36:24.0845 3708 [ B550C75397D96251A92391555FE5534C ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:36:24.0845 3708 btwrchid - ok
08:36:24.0845 3708 catchme - ok
08:36:24.0845 3708 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:36:24.0845 3708 cdfs - ok
08:36:24.0892 3708 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:36:24.0892 3708 cdrom - ok
08:36:24.0938 3708 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
08:36:24.0938 3708 CertPropSvc - ok
08:36:24.0970 3708 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
08:36:24.0970 3708 circlass - ok
08:36:25.0001 3708 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
08:36:25.0001 3708 CLFS - ok
08:36:25.0094 3708 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:36:25.0094 3708 clr_optimization_v2.0.50727_32 - ok
08:36:25.0141 3708 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:36:25.0141 3708 clr_optimization_v2.0.50727_64 - ok
08:36:25.0219 3708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:36:25.0219 3708 clr_optimization_v4.0.30319_32 - ok
08:36:25.0250 3708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:36:25.0250 3708 clr_optimization_v4.0.30319_64 - ok
08:36:25.0266 3708 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:36:25.0266 3708 cmdide - ok
08:36:25.0266 3708 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:36:25.0266 3708 Compbatt - ok
08:36:25.0266 3708 COMSysApp - ok
08:36:25.0282 3708 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:36:25.0282 3708 crcdisk - ok
08:36:25.0313 3708 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:36:25.0313 3708 CryptSvc - ok
08:36:25.0360 3708 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
08:36:25.0375 3708 DcomLaunch - ok
08:36:25.0391 3708 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:36:25.0391 3708 DfsC - ok
08:36:25.0469 3708 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
08:36:25.0484 3708 DFSR - ok
08:36:25.0547 3708 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
08:36:25.0547 3708 Dhcp - ok
08:36:25.0594 3708 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
08:36:25.0594 3708 disk - ok
08:36:25.0625 3708 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:36:25.0625 3708 Dnscache - ok
08:36:25.0672 3708 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
08:36:25.0672 3708 dot3svc - ok
08:36:25.0672 3708 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
08:36:25.0672 3708 DPS - ok
08:36:25.0703 3708 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:36:25.0703 3708 drmkaud - ok
08:36:25.0765 3708 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:36:25.0765 3708 DXGKrnl - ok
08:36:25.0812 3708 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
08:36:25.0812 3708 E1G60 - ok
08:36:25.0859 3708 [ B37F6853D6E0C6F5F8EFDE33E831B5F8 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
08:36:25.0859 3708 e1yexpress - ok
08:36:25.0859 3708 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
08:36:25.0859 3708 EapHost - ok
08:36:25.0921 3708 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
08:36:25.0921 3708 Ecache - ok
08:36:25.0952 3708 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:36:25.0952 3708 ehRecvr - ok
08:36:25.0968 3708 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
08:36:25.0968 3708 ehSched - ok
08:36:25.0984 3708 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
08:36:25.0984 3708 ehstart - ok
08:36:26.0015 3708 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:36:26.0015 3708 elxstor - ok
08:36:26.0077 3708 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
08:36:26.0077 3708 EMDMgmt - ok
08:36:26.0093 3708 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:36:26.0093 3708 ErrDev - ok
08:36:26.0140 3708 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
08:36:26.0155 3708 EventSystem - ok
08:36:26.0186 3708 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
08:36:26.0186 3708 exfat - ok
08:36:26.0233 3708 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:36:26.0233 3708 fastfat - ok
08:36:26.0264 3708 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:36:26.0264 3708 fdc - ok
08:36:26.0280 3708 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
08:36:26.0280 3708 fdPHost - ok
08:36:26.0296 3708 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
08:36:26.0296 3708 FDResPub - ok
08:36:26.0296 3708 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:36:26.0296 3708 FileInfo - ok
08:36:26.0296 3708 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:36:26.0311 3708 Filetrace - ok
08:36:26.0327 3708 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:36:26.0327 3708 flpydisk - ok
08:36:26.0358 3708 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:36:26.0358 3708 FltMgr - ok
08:36:26.0452 3708 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
08:36:26.0452 3708 FontCache - ok
08:36:26.0514 3708 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:36:26.0514 3708 FontCache3.0.0.0 - ok
08:36:26.0530 3708 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:36:26.0530 3708 Fs_Rec - ok
08:36:26.0545 3708 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:36:26.0545 3708 gagp30kx - ok
08:36:26.0561 3708 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:36:26.0561 3708 GEARAspiWDM - ok
08:36:26.0623 3708 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
08:36:26.0623 3708 gpsvc - ok
08:36:26.0670 3708 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:36:26.0670 3708 gupdate - ok
08:36:26.0670 3708 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:36:26.0670 3708 gupdatem - ok
08:36:26.0732 3708 [ 98405343D7DCD330FE1B08C8F4C3900C ] hcw85bda C:\Windows\system32\drivers\HCW85BDA.sys
08:36:26.0748 3708 hcw85bda - ok
08:36:26.0795 3708 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:36:26.0795 3708 HdAudAddService - ok
08:36:26.0842 3708 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:36:26.0842 3708 HDAudBus - ok
08:36:26.0857 3708 [ 39F7D79B3401BE029D8451F761D30331 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:36:26.0857 3708 HidBth - ok
08:36:26.0873 3708 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:36:26.0873 3708 HidIr - ok
08:36:26.0904 3708 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
08:36:26.0904 3708 hidserv - ok
08:36:26.0951 3708 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:36:26.0951 3708 HidUsb - ok
08:36:26.0966 3708 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
08:36:26.0966 3708 hkmsvc - ok
08:36:26.0982 3708 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
08:36:26.0982 3708 HpCISSs - ok
08:36:26.0998 3708 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:36:26.0998 3708 HTTP - ok
08:36:27.0013 3708 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
08:36:27.0013 3708 i2omp - ok
08:36:27.0029 3708 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:36:27.0029 3708 i8042prt - ok
08:36:27.0060 3708 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
08:36:27.0060 3708 iaStorV - ok
08:36:27.0107 3708 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:36:27.0107 3708 idsvc - ok
08:36:27.0122 3708 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:36:27.0122 3708 iirsp - ok
08:36:27.0185 3708 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
08:36:27.0185 3708 IKEEXT - ok
08:36:27.0232 3708 [ 358A23ACF3A78893EEACD4BEB20953D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:36:27.0232 3708 IntcAzAudAddService - ok
08:36:27.0263 3708 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
08:36:27.0263 3708 intelide - ok
08:36:27.0278 3708 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:36:27.0278 3708 intelppm - ok
08:36:27.0294 3708 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:36:27.0294 3708 IPBusEnum - ok
08:36:27.0341 3708 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:36:27.0341 3708 IpFilterDriver - ok
08:36:27.0372 3708 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:36:27.0372 3708 iphlpsvc - ok
08:36:27.0372 3708 IpInIp - ok
08:36:27.0388 3708 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
08:36:27.0388 3708 IPMIDRV - ok
08:36:27.0388 3708 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
08:36:27.0403 3708 IPNAT - ok
08:36:27.0419 3708 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:36:27.0434 3708 iPod Service - ok
08:36:27.0450 3708 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:36:27.0450 3708 IRENUM - ok
08:36:27.0481 3708 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:36:27.0481 3708 isapnp - ok
08:36:27.0528 3708 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:36:27.0528 3708 iScsiPrt - ok
08:36:27.0528 3708 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
08:36:27.0528 3708 iteatapi - ok
08:36:27.0544 3708 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
08:36:27.0544 3708 iteraid - ok
08:36:27.0559 3708 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:36:27.0559 3708 kbdclass - ok
08:36:27.0606 3708 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:36:27.0606 3708 kbdhid - ok
08:36:27.0606 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
08:36:27.0606 3708 KeyIso - ok
08:36:27.0653 3708 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:36:27.0668 3708 KSecDD - ok
08:36:27.0668 3708 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:36:27.0668 3708 ksthunk - ok
08:36:27.0715 3708 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
08:36:27.0715 3708 KtmRm - ok
08:36:27.0746 3708 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:36:27.0746 3708 LanmanServer - ok
08:36:27.0762 3708 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:36:27.0762 3708 LanmanWorkstation - ok
08:36:27.0778 3708 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:36:27.0778 3708 lltdio - ok
08:36:27.0809 3708 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:36:27.0809 3708 lltdsvc - ok
08:36:27.0840 3708 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:36:27.0840 3708 lmhosts - ok
08:36:27.0871 3708 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:36:27.0871 3708 LSI_FC - ok
08:36:27.0887 3708 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:36:27.0902 3708 LSI_SAS - ok
08:36:27.0902 3708 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:36:27.0902 3708 LSI_SCSI - ok
08:36:27.0902 3708 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
08:36:27.0902 3708 luafv - ok
08:36:27.0934 3708 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:36:27.0934 3708 Mcx2Svc - ok
08:36:27.0934 3708 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
08:36:27.0934 3708 megasas - ok
08:36:27.0965 3708 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
08:36:27.0965 3708 MegaSR - ok
08:36:27.0996 3708 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
08:36:27.0996 3708 MMCSS - ok
08:36:27.0996 3708 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
08:36:27.0996 3708 Modem - ok
08:36:28.0027 3708 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:36:28.0027 3708 monitor - ok
08:36:28.0043 3708 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:36:28.0043 3708 mouclass - ok
08:36:28.0058 3708 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:36:28.0058 3708 mouhid - ok
08:36:28.0058 3708 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
08:36:28.0058 3708 MountMgr - ok
08:36:28.0105 3708 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:36:28.0105 3708 MozillaMaintenance - ok
08:36:28.0121 3708 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
08:36:28.0121 3708 mpio - ok
08:36:28.0136 3708 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:36:28.0136 3708 mpsdrv - ok
08:36:28.0183 3708 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
08:36:28.0183 3708 MpsSvc - ok
08:36:28.0199 3708 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
08:36:28.0199 3708 Mraid35x - ok
08:36:28.0246 3708 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:36:28.0246 3708 MRxDAV - ok
08:36:28.0277 3708 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:36:28.0277 3708 mrxsmb - ok
08:36:28.0277 3708 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:36:28.0292 3708 mrxsmb10 - ok
08:36:28.0292 3708 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:36:28.0292 3708 mrxsmb20 - ok
08:36:28.0324 3708 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
08:36:28.0324 3708 msahci - ok
08:36:28.0339 3708 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:36:28.0339 3708 msdsm - ok
08:36:28.0370 3708 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
08:36:28.0370 3708 MSDTC - ok
08:36:28.0386 3708 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:36:28.0386 3708 Msfs - ok
08:36:28.0402 3708 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:36:28.0402 3708 msisadrv - ok
08:36:28.0433 3708 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:36:28.0433 3708 MSiSCSI - ok
08:36:28.0433 3708 msiserver - ok
08:36:28.0464 3708 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:36:28.0464 3708 MSKSSRV - ok
08:36:28.0511 3708 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:36:28.0511 3708 MSPCLOCK - ok
08:36:28.0526 3708 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:36:28.0526 3708 MSPQM - ok
08:36:28.0620 3708 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:36:28.0620 3708 MsRPC - ok
08:36:28.0651 3708 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:36:28.0651 3708 mssmbios - ok
08:36:28.0667 3708 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:36:28.0667 3708 MSTEE - ok
08:36:28.0729 3708 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
08:36:28.0729 3708 Mup - ok
08:36:28.0776 3708 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
08:36:28.0776 3708 napagent - ok
08:36:28.0838 3708 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:36:28.0838 3708 NativeWifiP - ok
08:36:28.0901 3708 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:36:28.0901 3708 NDIS - ok
08:36:28.0901 3708 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:36:28.0901 3708 NdisTapi - ok
08:36:28.0916 3708 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:36:28.0916 3708 Ndisuio - ok
08:36:28.0932 3708 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:36:28.0932 3708 NdisWan - ok
08:36:28.0948 3708 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:36:28.0948 3708 NDProxy - ok
08:36:28.0963 3708 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:36:28.0963 3708 NetBIOS - ok
08:36:28.0979 3708 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
08:36:28.0979 3708 netbt - ok
08:36:28.0994 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
08:36:28.0994 3708 Netlogon - ok
08:36:29.0010 3708 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
08:36:29.0026 3708 Netman - ok
08:36:29.0041 3708 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
08:36:29.0041 3708 netprofm - ok
08:36:29.0088 3708 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:36:29.0088 3708 NetTcpPortSharing - ok
08:36:29.0104 3708 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:36:29.0104 3708 nfrd960 - ok
08:36:29.0135 3708 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
08:36:29.0135 3708 NlaSvc - ok
08:36:29.0182 3708 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:36:29.0182 3708 Npfs - ok
08:36:29.0182 3708 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
08:36:29.0182 3708 nsi - ok
08:36:29.0197 3708 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:36:29.0197 3708 nsiproxy - ok
08:36:29.0291 3708 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:36:29.0306 3708 Ntfs - ok
08:36:29.0322 3708 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
08:36:29.0322 3708 Null - ok
08:36:29.0338 3708 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:36:29.0338 3708 nvraid - ok
08:36:29.0369 3708 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:36:29.0369 3708 nvstor - ok
08:36:29.0400 3708 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:36:29.0400 3708 nv_agp - ok
08:36:29.0400 3708 NwlnkFlt - ok
08:36:29.0400 3708 NwlnkFwd - ok
08:36:29.0478 3708 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:36:29.0478 3708 odserv - ok
08:36:29.0540 3708 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
08:36:29.0540 3708 ohci1394 - ok
08:36:29.0556 3708 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:36:29.0556 3708 ose - ok
08:36:29.0603 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
08:36:29.0603 3708 p2pimsvc - ok
08:36:29.0634 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
08:36:29.0634 3708 p2psvc - ok
08:36:29.0665 3708 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
08:36:29.0665 3708 Parport - ok
08:36:29.0696 3708 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:36:29.0696 3708 partmgr - ok
08:36:29.0712 3708 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
08:36:29.0712 3708 PcaSvc - ok
08:36:29.0728 3708 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
08:36:29.0728 3708 pci - ok
08:36:29.0759 3708 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
08:36:29.0759 3708 pciide - ok
08:36:29.0774 3708 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:36:29.0774 3708 pcmcia - ok
08:36:29.0790 3708 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:36:29.0806 3708 PEAUTH - ok
08:36:29.0868 3708 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:36:29.0868 3708 PerfHost - ok
08:36:29.0930 3708 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
08:36:29.0946 3708 pla - ok
08:36:29.0993 3708 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:36:29.0993 3708 PlugPlay - ok
08:36:30.0008 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
08:36:30.0008 3708 PNRPAutoReg - ok
08:36:30.0024 3708 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
08:36:30.0024 3708 PNRPsvc - ok
08:36:30.0055 3708 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:36:30.0071 3708 PolicyAgent - ok
08:36:30.0086 3708 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:36:30.0086 3708 PptpMiniport - ok
08:36:30.0102 3708 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
08:36:30.0102 3708 Processor - ok
08:36:30.0149 3708 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
08:36:30.0149 3708 ProfSvc - ok
08:36:30.0164 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
08:36:30.0164 3708 ProtectedStorage - ok
08:36:30.0196 3708 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
08:36:30.0196 3708 PSched - ok
08:36:30.0242 3708 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:36:30.0242 3708 ql2300 - ok
08:36:30.0289 3708 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:36:30.0289 3708 ql40xx - ok
08:36:30.0289 3708 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
08:36:30.0305 3708 QWAVE - ok
08:36:30.0305 3708 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:36:30.0305 3708 QWAVEdrv - ok
08:36:30.0305 3708 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:36:30.0305 3708 RasAcd - ok
08:36:30.0336 3708 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
08:36:30.0336 3708 RasAuto - ok
08:36:30.0336 3708 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:36:30.0336 3708 Rasl2tp - ok
08:36:30.0352 3708 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
08:36:30.0352 3708 RasMan - ok
08:36:30.0383 3708 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:36:30.0383 3708 RasPppoe - ok
08:36:30.0414 3708 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:36:30.0414 3708 RasSstp - ok
08:36:30.0414 3708 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:36:30.0430 3708 rdbss - ok
08:36:30.0430 3708 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:36:30.0430 3708 RDPCDD - ok
08:36:30.0445 3708 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
08:36:30.0445 3708 rdpdr - ok
08:36:30.0461 3708 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:36:30.0461 3708 RDPENCDD - ok
08:36:30.0508 3708 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:36:30.0508 3708 RDPWD - ok
08:36:30.0523 3708 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:36:30.0523 3708 RemoteAccess - ok
08:36:30.0570 3708 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:36:30.0570 3708 RemoteRegistry - ok
08:36:30.0632 3708 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:36:30.0632 3708 RFCOMM - ok
08:36:30.0648 3708 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
08:36:30.0648 3708 RpcLocator - ok
08:36:30.0664 3708 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
08:36:30.0679 3708 RpcSs - ok
08:36:30.0679 3708 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:36:30.0679 3708 rspndr - ok
08:36:30.0695 3708 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
08:36:30.0695 3708 SamSs - ok
08:36:30.0695 3708 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:36:30.0710 3708 sbp2port - ok
08:36:30.0742 3708 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:36:30.0742 3708 SCardSvr - ok
08:36:30.0773 3708 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
08:36:30.0788 3708 Schedule - ok
08:36:30.0835 3708 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:36:30.0835 3708 SCPolicySvc - ok
08:36:30.0851 3708 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:36:30.0866 3708 SDRSVC - ok
08:36:30.0866 3708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:36:30.0866 3708 secdrv - ok
08:36:30.0882 3708 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
08:36:30.0882 3708 seclogon - ok
08:36:30.0898 3708 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
08:36:30.0898 3708 SENS - ok
08:36:30.0913 3708 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
08:36:30.0913 3708 Serenum - ok
08:36:30.0944 3708 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
08:36:30.0944 3708 Serial - ok
08:36:30.0944 3708 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:36:30.0944 3708 sermouse - ok
08:36:30.0976 3708 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
08:36:30.0991 3708 SessionEnv - ok
08:36:30.0991 3708 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:36:30.0991 3708 sffdisk - ok
08:36:31.0007 3708 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:36:31.0007 3708 sffp_mmc - ok
08:36:31.0007 3708 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:36:31.0007 3708 sffp_sd - ok
08:36:31.0022 3708 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:36:31.0022 3708 sfloppy - ok
08:36:31.0054 3708 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:36:31.0054 3708 SharedAccess - ok
08:36:31.0085 3708 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:36:31.0085 3708 ShellHWDetection - ok
08:36:31.0100 3708 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
08:36:31.0100 3708 SiSRaid2 - ok
08:36:31.0100 3708 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:36:31.0100 3708 SiSRaid4 - ok
08:36:31.0178 3708 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
08:36:31.0194 3708 slsvc - ok
08:36:31.0210 3708 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
08:36:31.0210 3708 SLUINotify - ok
08:36:31.0272 3708 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:36:31.0272 3708 Smb - ok
08:36:31.0303 3708 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:36:31.0303 3708 SNMPTRAP - ok
08:36:31.0350 3708 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
08:36:31.0350 3708 spldr - ok
08:36:31.0381 3708 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
08:36:31.0381 3708 Spooler - ok
08:36:31.0412 3708 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
08:36:31.0412 3708 srv - ok
08:36:31.0444 3708 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:36:31.0444 3708 srv2 - ok
08:36:31.0459 3708 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:36:31.0459 3708 srvnet - ok
08:36:31.0475 3708 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:36:31.0475 3708 SSDPSRV - ok
08:36:31.0490 3708 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:36:31.0490 3708 SstpSvc - ok
08:36:31.0506 3708 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
08:36:31.0522 3708 stisvc - ok
08:36:31.0522 3708 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:36:31.0522 3708 swenum - ok
08:36:31.0537 3708 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
08:36:31.0553 3708 swprv - ok
08:36:31.0568 3708 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
08:36:31.0568 3708 Symc8xx - ok
08:36:31.0600 3708 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
08:36:31.0600 3708 Sym_hi - ok
08:36:31.0631 3708 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
08:36:31.0631 3708 Sym_u3 - ok
08:36:31.0678 3708 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
08:36:31.0693 3708 SysMain - ok
08:36:31.0709 3708 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:36:31.0709 3708 TabletInputService - ok
08:36:31.0724 3708 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:36:31.0724 3708 TapiSrv - ok
08:36:31.0771 3708 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
08:36:31.0771 3708 TBS - ok
08:36:31.0818 3708 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:36:31.0834 3708 Tcpip - ok
08:36:31.0865 3708 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
08:36:31.0880 3708 Tcpip6 - ok
08:36:31.0896 3708 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:36:31.0896 3708 tcpipreg - ok
08:36:31.0912 3708 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:36:31.0912 3708 TDPIPE - ok
08:36:31.0927 3708 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:36:31.0927 3708 TDTCP - ok
08:36:31.0958 3708 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:36:31.0958 3708 tdx - ok
08:36:31.0974 3708 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:36:31.0974 3708 TermDD - ok
08:36:32.0021 3708 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
08:36:32.0036 3708 TermService - ok
08:36:32.0036 3708 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
08:36:32.0036 3708 Themes - ok
08:36:32.0052 3708 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
08:36:32.0052 3708 THREADORDER - ok
08:36:32.0068 3708 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
08:36:32.0068 3708 TrkWks - ok
08:36:32.0130 3708 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:36:32.0130 3708 TrustedInstaller - ok
08:36:32.0146 3708 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:36:32.0146 3708 tssecsrv - ok
08:36:32.0177 3708 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
08:36:32.0177 3708 tunmp - ok
08:36:32.0192 3708 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:36:32.0192 3708 tunnel - ok
08:36:32.0192 3708 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:36:32.0192 3708 uagp35 - ok
08:36:32.0208 3708 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:36:32.0208 3708 udfs - ok
08:36:32.0224 3708 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:36:32.0239 3708 UI0Detect - ok
08:36:32.0255 3708 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:36:32.0255 3708 uliagpkx - ok
08:36:32.0270 3708 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
08:36:32.0270 3708 uliahci - ok
08:36:32.0286 3708 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
08:36:32.0302 3708 UlSata - ok
08:36:32.0302 3708 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
08:36:32.0317 3708 ulsata2 - ok
08:36:32.0317 3708 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:36:32.0317 3708 umbus - ok
08:36:32.0333 3708 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
08:36:32.0333 3708 upnphost - ok
08:36:32.0364 3708 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:36:32.0364 3708 USBAAPL64 - ok
08:36:32.0395 3708 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:36:32.0395 3708 usbccgp - ok
08:36:32.0426 3708 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:36:32.0426 3708 usbcir - ok
08:36:32.0458 3708 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:36:32.0458 3708 usbehci - ok
08:36:32.0504 3708 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:36:32.0504 3708 usbhub - ok
08:36:32.0520 3708 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:36:32.0520 3708 usbohci - ok
08:36:32.0536 3708 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
08:36:32.0536 3708 usbprint - ok
08:36:32.0582 3708 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:36:32.0582 3708 USBSTOR - ok
08:36:32.0598 3708 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:36:32.0598 3708 usbuhci - ok
08:36:32.0598 3708 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
08:36:32.0598 3708 UxSms - ok
08:36:32.0645 3708 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
08:36:32.0645 3708 vds - ok
08:36:32.0660 3708 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:36:32.0660 3708 vga - ok
08:36:32.0676 3708 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:36:32.0676 3708 VgaSave - ok
08:36:32.0692 3708 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
08:36:32.0692 3708 viaide - ok
08:36:32.0723 3708 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:36:32.0723 3708 volmgr - ok
08:36:32.0754 3708 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:36:32.0754 3708 volmgrx - ok
08:36:32.0816 3708 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:36:32.0816 3708 volsnap - ok
08:36:32.0832 3708 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:36:32.0848 3708 vsmraid - ok
08:36:32.0957 3708 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
08:36:32.0972 3708 VSS - ok
08:36:33.0019 3708 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
08:36:33.0019 3708 W32Time - ok
08:36:33.0066 3708 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:36:33.0066 3708 WacomPen - ok
08:36:33.0113 3708 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
08:36:33.0113 3708 Wanarp - ok
08:36:33.0113 3708 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:36:33.0113 3708 Wanarpv6 - ok
08:36:33.0128 3708 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:36:33.0144 3708 wcncsvc - ok
08:36:33.0160 3708 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:36:33.0160 3708 WcsPlugInService - ok
08:36:33.0191 3708 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
08:36:33.0191 3708 Wd - ok
08:36:33.0222 3708 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:36:33.0222 3708 Wdf01000 - ok
08:36:33.0238 3708 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:36:33.0238 3708 WdiServiceHost - ok
08:36:33.0238 3708 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:36:33.0238 3708 WdiSystemHost - ok
08:36:33.0253 3708 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
08:36:33.0253 3708 WebClient - ok
08:36:33.0284 3708 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:36:33.0284 3708 Wecsvc - ok
08:36:33.0316 3708 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:36:33.0316 3708 wercplsupport - ok
08:36:33.0331 3708 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
08:36:33.0331 3708 WerSvc - ok
08:36:33.0331 3708 WinDefend - ok
08:36:33.0347 3708 WinHttpAutoProxySvc - ok
08:36:33.0409 3708 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:36:33.0425 3708 Winmgmt - ok
08:36:33.0472 3708 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
08:36:33.0487 3708 WinRM - ok
08:36:33.0518 3708 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:36:33.0518 3708 Wlansvc - ok
08:36:33.0518 3708 wltrysvc - ok
08:36:33.0534 3708 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:36:33.0534 3708 WmiAcpi - ok
08:36:33.0581 3708 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:36:33.0581 3708 wmiApSrv - ok
08:36:33.0596 3708 WMPNetworkSvc - ok
08:36:33.0612 3708 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:36:33.0612 3708 WPCSvc - ok
08:36:33.0659 3708 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:36:33.0659 3708 WPDBusEnum - ok
08:36:33.0752 3708 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:36:33.0752 3708 WPFFontCache_v0400 - ok
08:36:33.0784 3708 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:36:33.0784 3708 ws2ifsl - ok
08:36:33.0815 3708 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll
08:36:33.0815 3708 wscsvc - ok
08:36:33.0830 3708 WSearch - ok
08:36:33.0862 3708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:36:33.0893 3708 wuauserv - ok
08:36:33.0908 3708 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:36:33.0908 3708 WUDFRd - ok
08:36:33.0908 3708 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:36:33.0924 3708 wudfsvc - ok
08:36:33.0955 3708 [ 177590B0D2F8BE513626BB8C8D6E6A08 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
08:36:33.0955 3708 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
08:36:33.0955 3708 ================ Scan global ===============================
08:36:33.0971 3708 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
08:36:34.0018 3708 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
08:36:34.0033 3708 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
08:36:34.0080 3708 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
08:36:34.0080 3708 [Global] - ok
08:36:34.0080 3708 ================ Scan MBR ==================================
08:36:34.0096 3708 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:36:34.0595 3708 \Device\Harddisk0\DR0 - ok
08:36:34.0595 3708 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR6
08:36:37.0746 3708 \Device\Harddisk5\DR6 - ok
08:36:37.0746 3708 ================ Scan VBR ==================================
08:36:37.0762 3708 [ 0F3314DEABCE17ABFC4CB407B1723113 ] \Device\Harddisk0\DR0\Partition1
08:36:37.0762 3708 \Device\Harddisk0\DR0\Partition1 - ok
08:36:37.0777 3708 [ 1CB0AFE4A5E96A8B963775E4842F2A7A ] \Device\Harddisk5\DR6\Partition1
08:36:37.0777 3708 \Device\Harddisk5\DR6\Partition1 - ok
08:36:37.0777 3708 ============================================================
08:36:37.0777 3708 Scan finished
08:36:37.0777 3708 ============================================================
08:36:37.0777 1804 Detected object count: 0
08:36:37.0777 1804 Actual detected object count: 0
08:37:07.0214 2344 Deinitialize success
-
Hi, today I noticed that when browsing the internet with IE or Firefox & using google to search, if I click on any of the search results I am redirected to dubious unrelated websites. I had my antivirus (Avira) activated at the time. A subsequent system scan resulted in no found viruses. I also ran MBAM quick & full searches, but neither found any viruses. The following are the dds log & attch files. Thanks in advance for any assistance.
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by Andrew at 20:08:37 on 2012-11-03
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.5957 [GMT -7:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSr64.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RAVCpl64.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\splwow64.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
uRun: [vakmvpuhzg] rundll32 "C:\Users\Andrew\AppData\Roaming\cabinet5.dll",ODNRBJGW
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{EA2C077B-D256-4A26-903F-E678FD7B4F5B} : DHCPNameServer = 192.168.1.1
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [RtHDVCpl] RAVCpl64.exe
x64-Run: [skytel] Skytel.exe
x64-Run: [bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode
x64-Run: [broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.exe
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gzn7pkwz.default\
FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/|about:home
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-8-13 27760]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2012-8-15 32240]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AERTFilters;Andrea RT Filters Service;C:\Windows\System32\AERTSr64.exe [2012-8-13 88576]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-20 203776]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-8-13 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-8-13 110032]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-8-13 98848]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-4-20 9319936]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-4-20 306176]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2012-8-13 316544]
R3 hcw85bda;Hauppauge WinTV 885 Video Capture;C:\Windows\System32\drivers\HCW85BDA.sys [2009-7-14 1708800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-15 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-15 250808]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-15 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-13 115168]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2012-8-18 89920]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-11-03 21:03:22 94208 --sha-r- C:\Users\Andrew\AppData\Roaming\cabinet5.dll
2012-10-10 14:04:55 65309168 ----a-w- C:\Windows\System32\mrt.exe
2012-10-09 01:21:31 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 01:21:31 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-30 02:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-13 13:45:46 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-13 13:28:08 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-29 11:40:01 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-24 16:07:02 218624 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 15:53:29 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 11:15:45 17810944 ----a-w- C:\Windows\System32\mshtml.dll
2012-08-24 10:39:42 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:22:46 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:18:46 237056 ----a-w- C:\Windows\System32\url.dll
2012-08-24 10:17:03 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:14:34 816640 ----a-w- C:\Windows\System32\jscript.dll
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:12:04 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2012-08-24 10:11:57 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2012-08-24 10:10:14 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 10:04:06 248320 ----a-w- C:\Windows\System32\ieui.dll
2012-08-24 07:27:00 12319744 ----a-w- C:\Windows\SysWow64\mshtml.dll
2012-08-24 07:03:49 9738240 ----a-w- C:\Windows\SysWow64\ieframe.dll
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:50 1103872 ----a-w- C:\Windows\SysWow64\urlmon.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:49:57 231936 ----a-w- C:\Windows\SysWow64\url.dll
2012-08-24 06:48:38 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2012-08-24 06:47:36 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:45:46 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2012-08-24 06:44:35 1793024 ----a-w- C:\Windows\SysWow64\iertutil.dll
2012-08-24 06:44:10 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-24 06:40:11 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2012-08-19 17:06:38 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll
2012-08-19 17:05:52 449024 ----a-w- C:\Windows\System32\WMPhoto.dll
2012-08-14 13:44:29 0 ----a-w- C:\Windows\ativpsrm.bin
2012-08-14 04:55:35 525792 ----a-w- C:\Windows\DIFxAPI.dll
2012-08-14 04:55:29 319488 ----a-w- C:\Windows\HideWin.exe
.
============= FINISH: 20:08:57.72 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/13/2012 9:27:56 PM
System Uptime: 11/3/2012 1:16:05 PM (7 hours ago)
.
Motherboard: Dell Inc. | | 0R849J
Processor: Intel® Core i7 CPU 920 @ 2.67GHz | CPU 1 | 1600/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1177 GiB total, 997.913 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira Free Antivirus
Bonjour
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Dell Resource CD
Dell Wireless WLAN Card
Google Earth
Google Update Helper
Hauppauge TV Tuner Driver
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Network Connections Drivers
iTunes
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
PowerDVD
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
WIDCOMM Bluetooth Software 6.0.1.4303
Windows Driver Package - Logitech HIDClass (10/30/2006 1.0)
.
==== End Of File ===========================
-
My subscription to Trend Micro has expired... I cant get into the program console or exit the program. I've tried to uninstall trend mirco from my comp a number of times but it never gets past 13% uninstalled, not sure if that is associated with my other problems.
The scan completed with no items found. Here is the log:
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.12.05
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 7.0.6002.18005
Andrew :: MORDECAI [administrator]
Protection: Enabled
8/12/2012 10:57:34 AM
mbam-log-2012-08-12 (10-57-34).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 391159
Time elapsed: 2 hour(s), 28 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
I ran the express scan, but when I clicked yes to allow it to cure the first file, my computer rebooted on its own. I ran the express scan a second time, but it seemed more like a complete scan. Also after the second scan, it found 6 files, but I did not see the icon with the red check shown above. I moved all the files, but 5 wouldnt move... it said they had invalid paths. When I clicked on the save report list option no list was saved.
-
Hi, I need your help. My computer was recently infected with a "Live Security Platnum" fake anti-virus virus. I ran malwarebytes, which seemed to resolve the issue. But now Im noticing that my desktop icons are defaulting to a different size than I had them set at. Also, when I connect my computer to the internet I get random streaming audio, with or without an IE or firefox brower open. Im afraid I have a backdoor infection. I re-ran malwarebytes, but it is not finding anything. The following are the dds.txt and attach.txt logs. Thanks in advance for any help!
dds.txt log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_31
Run by Andrew at 19:22:31 on 2012-08-09
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6409 [GMT -7:00]
.
AV: Trend Micro Titanium *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\SetPoint\LBTWiz.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://mail.knaconsulting.com/owa
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: Interfaces\{78F0951B-12F7-4011-A7F1-4C323571B3EB} : DhcpNameServer = 192.168.1.1
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO-X64: Trend Micro Toolbar BHO - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\svajfezi.default\
FF - prefs.js: browser.startup.homepage - hxxp://xkcd.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3201318&SearchSource=2&q=
FF - component: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\components\TmFFEx6.dll
FF - component: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\components\TmFFExt.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2009/06/13 20:28:38];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2009-6-13 146928]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-3-30 88576]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-6-18 256336]
R2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-9-23 155648]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-5 655944]
R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1c9b550e82e26e4;Google Update Service (gupdate1c9b550e82e26e4);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-4-4 133104]
S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-5-14 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-5-14 166384]
S2 SessionLauncher;SessionLauncher;C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056]
S3 AtiDCM;AtiDCM;C:\Users\Andrew\AppData\Local\Temp\atdcm64a.sys [2012-4-30 26752]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-4-4 133104]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-28 113120]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-5-14 1120752]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-18 89920]
.
=============== Created Last 30 ================
.
2012-08-10 02:03:47 711240 ----a-w- C:\Windows\isRS-000.tmp
2012-08-05 15:22:08 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-05 15:22:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-05 04:05:30 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Curiolab
2012-08-04 20:23:22 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Malwarebytes
2012-08-04 20:23:12 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-04 18:44:31 -------- d-----w- C:\ProgramData\225932D2027DA07918C5CFEC2F3B707C
2012-08-02 01:09:14 7596032 ----a-w- C:\Windows\System32\xpsrchvw.exe
2012-08-02 01:09:14 1421312 ----a-w- C:\Windows\System32\XpsFilt.dll
2012-07-12 05:11:07 2769408 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2012-08-05 02:38:49 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-05 02:38:49 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-05 16:47:28 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-05 16:47:27 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-05 16:22:47 1797120 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-05 16:22:46 1869824 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-04 15:29:59 516480 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 22:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 22:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll
2012-06-02 00:22:56 347136 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 00:22:10 254464 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 00:05:11 77312 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 00:04:25 278528 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 00:03:42 204288 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-05-15 22:18:23 1032192 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 22:04:50 834048 ----a-w- C:\Windows\SysWow64\wininet.dll
.
============= FINISH: 19:22:51.45 ===============
attach.txt log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 3/30/2009 12:44:56 AM
System Uptime: 8/9/2012 7:05:04 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0R849J
Processor: Intel® Core i7 CPU 920 @ 2.67GHz | CPU 1 | 2667/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1177 GiB total, 871.64 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 6.752 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP491: 5/17/2012 7:22:26 PM - Scheduled Checkpoint
RP492: 5/19/2012 12:15:19 PM - Scheduled Checkpoint
RP493: 5/21/2012 9:05:23 PM - Scheduled Checkpoint
RP494: 5/26/2012 11:36:13 AM - Scheduled Checkpoint
RP495: 5/28/2012 11:21:27 AM - Scheduled Checkpoint
RP496: 5/30/2012 7:39:37 PM - Scheduled Checkpoint
RP497: 5/31/2012 7:30:33 PM - Scheduled Checkpoint
RP498: 6/1/2012 8:29:00 PM - Scheduled Checkpoint
RP499: 6/2/2012 12:27:08 PM - Scheduled Checkpoint
RP500: 6/3/2012 3:32:06 PM - Scheduled Checkpoint
RP501: 6/6/2012 6:44:08 AM - Windows Update
RP502: 6/9/2012 4:12:06 PM - Scheduled Checkpoint
RP503: 6/11/2012 7:53:51 PM - Scheduled Checkpoint
RP504: 6/12/2012 7:11:20 PM - Scheduled Checkpoint
RP505: 6/13/2012 7:14:53 AM - Windows Update
RP506: 6/13/2012 7:37:53 PM - Scheduled Checkpoint
RP507: 6/15/2012 7:52:29 PM - Scheduled Checkpoint
RP508: 6/22/2012 5:52:54 PM - Windows Update
RP509: 6/23/2012 9:57:56 AM - Scheduled Checkpoint
RP510: 7/2/2012 8:42:43 PM - Scheduled Checkpoint
RP511: 7/3/2012 7:00:28 PM - Scheduled Checkpoint
RP512: 7/5/2012 12:07:27 PM - Scheduled Checkpoint
RP513: 7/7/2012 10:37:08 AM - Scheduled Checkpoint
RP514: 7/8/2012 9:27:18 AM - Scheduled Checkpoint
RP515: 7/11/2012 10:10:15 PM - Windows Update
RP516: 7/12/2012 7:14:43 PM - Scheduled Checkpoint
RP517: 7/14/2012 6:14:08 PM - Scheduled Checkpoint
RP518: 7/15/2012 11:07:34 AM - Scheduled Checkpoint
RP519: 7/16/2012 7:48:48 PM - Scheduled Checkpoint
RP520: 7/18/2012 7:06:54 PM - Scheduled Checkpoint
RP521: 7/19/2012 7:14:49 PM - Scheduled Checkpoint
RP522: 7/20/2012 8:45:12 PM - Scheduled Checkpoint
RP523: 7/21/2012 2:06:14 PM - Scheduled Checkpoint
RP524: 7/23/2012 7:02:27 PM - Scheduled Checkpoint
RP525: 7/25/2012 6:57:44 PM - Scheduled Checkpoint
RP526: 7/26/2012 8:06:53 PM - Scheduled Checkpoint
RP527: 7/28/2012 5:40:28 PM - Scheduled Checkpoint
RP528: 7/29/2012 9:46:25 AM - Scheduled Checkpoint
RP529: 8/1/2012 6:08:37 PM - Windows Update
RP530: 8/3/2012 8:13:49 PM - Scheduled Checkpoint
RP531: 8/4/2012 10:46:03 PM - Scheduled Checkpoint
RP532: 8/5/2012 7:54:50 AM - Removed America's Army Deploy Client
RP533: 8/5/2012 7:56:09 AM - Removed America's Army Deploy Client
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
ATI Catalyst Control Center
Banctec Service Agreement
Bing Bar
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help English
CCC Help French
CCC Help German
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Polish
CCC Help Portuguese
CCC Help Spanish
CCC Help Thai
CCC Help Turkish
CDDRV_Installer
Choice Guard
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Dell DataSafe Online
Dell Getting Started Guide
Dell Video Chat
DirectXInstallService
Google Earth
Google Update Helper
Google Updater
GTA San Andreas
Hauppauge MCE XP/Vista Software Encoder (2.0.25296)
Hauppauge TV Tuner Driver
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java Auto Updater
Java 6 Update 31
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PowerDVD DX
Quicken 2009
QuickTime
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Premier 10
Roxio Creator Tools
Roxio Express Labeler
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
SetPoint
Skins
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
8/9/2012 7:07:04 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
8/9/2012 7:07:04 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
8/9/2012 7:07:04 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
8/9/2012 7:07:04 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the path specified.
8/9/2012 6:50:47 PM, Error: Microsoft-Windows-WMPNSS-Service [14325] - Service 'WMPNetworkSvc' did not start correctly because QueryService encountered error '0x80070424'. In Windows Media Player, turn off media sharing, and then turn it back on.
8/5/2012 7:40:17 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr tmtdi Wanarpv6
8/5/2012 7:40:17 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/5/2012 7:39:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
8/5/2012 7:39:15 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
8/5/2012 7:39:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/5/2012 7:39:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/5/2012 7:39:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
8/5/2012 7:39:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/5/2012 7:39:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/4/2012 8:05:50 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00242BC154EC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
8/4/2012 3:05:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL spldr tmtdi Wanarpv6
8/4/2012 12:27:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr Tcpip tdx tmtdi Wanarpv6
8/4/2012 12:16:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr Tcpip tdx tmtdi Wanarpv6
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:32:44 PM, Error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2012 1:31:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
8/4/2012 1:31:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
8/3/2012 9:07:18 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.5 for the Network Card with network address 00242BC154EC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
Browser Redirect issue (Virus?)
in Resolved Malware Removal Logs
Posted
It appears that there are no longer any issues with my comp.
Here is the checkup.txt log:
Results of screen317's Security Check version 0.99.54
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Mozilla Firefox (16.0.2)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````