mitchell_gross

Thank you so much, this seems to be working just fine. Do you have any explination for why this happened or what caused it? I just want to be sure it doesn't happen again, becasue it is a pain to try to fix. Thanks again for the help!

Results of screen317's Security Check version 0.99.51 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Please wait while WMIC compiles updated MOF files.d i s p l a y N a m e ECHO is off. A V G ECHO is off. I n t e r n e t ECHO is off. S e c u r i t y ECHO is off. 2 0 1 ECHO is off. M i c r o s o f t ECHO is off. S e c u r i t y ECHO is off. E s e n t i a l s ECHO is off. Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.65.0.1400 CCleaner Java DB 10.5.3.0 Java 6 Update 31 Java SE Development Kit 6 Update 23 Java version out of Date! Adobe Flash Player 11.3.300.268 Adobe Reader X 10.1.3 Adobe Reader out of Date! Mozilla Firefox (16.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe Acronis TrueImageHome OnlineBackupStandalone TrueImageMonitor.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 20% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````

I still need to let you know how it is working, but I will as soon as I can. Thank you a ton. I don't think that I would have gotten this fixed without you!

Malwarebytes Anti-Malware (PRO) 1.65.0.1400 www.malwarebytes.org Database version: v2012.10.15.13 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrator :: MITCHELL-DELL [administrator] Protection: Enabled 10/15/2012 6:48:50 PM mbam-log-2012-10-15 (18-48-50).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 318390 Time elapsed: 10 minute(s), 4 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

ComboFix 12-10-14.03 - Administrator 10/14/2012 20:19:04.1.2 - x86 NETWORK Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3117 [GMT -4:00] Running from: c:\documents and settings\Administrator\desktop\combofix.exe Command switches used :: /nombr AV: AVG Internet Security 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF} FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Mitchell\Application Data\Dyyno c:\documents and settings\Mitchell\Application Data\Dyyno\dyyno.xml c:\documents and settings\Mitchell\Application Data\Microsoft\~DFK104b3558.tmp c:\documents and settings\Mitchell\Application Data\Microsoft\1eaadjc.dll c:\documents and settings\Mitchell\Application Data\Microsoft\bass.dll c:\documents and settings\Mitchell\Application Data\Microsoft\engine_vx.dll c:\documents and settings\Mitchell\Application Data\Microsoft\kfgresk.dll c:\documents and settings\Mitchell\Application Data\Microsoft\mjcriu.dll c:\documents and settings\Mitchell\Application Data\Microsoft\peaadje.dll c:\documents and settings\Mitchell\Application Data\Microsoft\qwadjb.dll c:\documents and settings\Mitchell\Application Data\Microsoft\rsaadjd.dll c:\documents and settings\Mitchell\Application Data\Mitchell3SQLite3.dll c:\program files\WeatherBlinkEI c:\windows\system32\_000125_.tmp.dll c:\windows\system32\avgfwdx.dll c:\windows\system32\Cache c:\windows\system32\Cache\04f324d6784a7906.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\36c9f3d41cd4909b.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\8eeea9ea0cb60a5f.fb c:\windows\system32\Cache\a554f9993f17cc04.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\e0de16f883bea794.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\dllcache\dlimport.exe c:\windows\system32\SET29A.tmp c:\windows\system32\SET29E.tmp c:\windows\system32\SET2A6.tmp c:\windows\XSxS . . ((((((((((((((((((((((((( Files Created from 2012-09-15 to 2012-10-15 ))))))))))))))))))))))))))))))) . . 2012-10-12 10:57 . 2012-10-12 10:57 -------- d-----w- C:\TDSSKiller_Quarantine 2012-10-11 10:55 . 2012-10-11 10:59 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2012-10-10 23:51 . 2012-10-10 23:51 -------- d-----w- c:\documents and settings\Administrator\.swt 2012-10-10 23:51 . 2012-10-11 00:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Azureus 2012-10-10 23:49 . 2012-10-14 14:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spotify 2012-10-10 23:49 . 2012-10-14 14:21 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Spotify 2012-09-28 19:50 . 2012-09-28 19:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\Publish Providers 2012-09-28 19:49 . 2012-09-28 19:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sony 2012-09-28 19:49 . 2012-09-28 19:49 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sony 2012-09-28 19:00 . 2012-09-28 19:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer 2012-09-28 10:57 . 2012-09-28 10:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla 2012-09-27 23:14 . 2012-09-27 23:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSoft 2012-09-27 23:13 . 2012-09-27 23:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Zeon 2012-09-26 17:13 . 2012-09-26 17:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-09-17 22:55 . 2012-09-17 22:55 -------- d-----w- c:\program files\Uniblue 2012-09-17 22:55 . 2012-09-17 22:55 -------- d-----w- c:\documents and settings\Mitchell\Application Data\Uniblue 2012-09-17 22:24 . 2012-09-17 22:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SecTaskMan 2012-09-17 22:17 . 2012-09-17 22:52 -------- d-----w- c:\documents and settings\Mitchell\Application Data\HPAppData 2012-09-17 19:48 . 2012-09-17 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG 2012-09-17 19:47 . 2012-09-17 19:47 -------- d-----w- c:\documents and settings\Mitchell\Local Settings\Application Data\HP 2012-09-17 19:45 . 2012-09-17 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant 2012-09-17 19:34 . 2012-09-17 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\HP 2012-09-17 19:34 . 2012-09-17 19:34 -------- d-----w- c:\windows\hpojp8500a909 2012-09-17 19:28 . 2008-08-12 14:58 118272 ----a-w- c:\windows\system32\hpf3l082.dll 2012-09-17 19:28 . 2008-08-12 14:58 314880 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp082.dll 2012-09-17 19:28 . 2008-08-22 12:24 271704 ----a-r- c:\windows\system32\hpzids01.dll 2012-09-17 19:28 . 2008-10-06 19:11 741376 ----a-r- c:\windows\system32\hpwwiax5.dll 2012-09-17 19:28 . 2008-10-06 19:11 966656 ----a-r- c:\windows\system32\hpwtiop4.dll 2012-09-17 19:28 . 2007-07-09 18:13 364544 ----a-r- c:\windows\system32\hppldcoi.dll 2012-09-17 19:28 . 2007-07-06 18:48 294912 ----a-r- c:\windows\system32\hpovst11.dll 2012-09-17 19:28 . 2001-08-17 17:53 6784 ----a-w- c:\windows\system32\drivers\serscan.sys 2012-09-17 19:26 . 2012-09-17 19:26 -------- d-----w- c:\program files\Common Files\HP 2012-09-17 19:26 . 2012-09-17 19:26 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-09-17 19:26 . 2012-09-17 19:26 -------- d-----w- c:\program files\Hewlett-Packard 2012-09-17 19:25 . 2012-09-17 19:46 -------- d-----w- c:\program files\HP 2012-09-17 19:25 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-07 21:04 . 2012-08-09 03:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:14 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14 . 2004-08-04 10:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2004-08-04 10:00 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53 . 2004-08-04 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:33 . 2005-03-30 01:21 2148864 ------w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58 . 2005-03-30 01:01 2027520 ------w- c:\windows\system32\ntkrnlpa.exe 2012-07-28 16:51 . 2012-04-01 17:53 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-28 16:51 . 2011-05-25 10:46 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-09 16:03 . 2011-07-13 00:17 143240 ----a-w- c:\program files\Common Files\ApnStub.exe 2010-01-26 15:11 . 2011-06-12 04:40 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe 2012-10-12 16:03 . 2012-10-12 16:02 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-10 03:40 2074208 ----a-w- c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify"="c:\documents and settings\Mitchell\Application Data\Spotify\spotify.exe" [2012-10-11 5576408] "Spotify Web Helper"="c:\documents and settings\Mitchell\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2012-10-11 1193176] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968] "USB2Check"="c:\windows\system32\PCLECoInst.dll" [2006-11-06 81920] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-10 1107552] "SAOB Monitor"="c:\program files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2536760] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-23 5550984] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-01 390720] "atchk"="c:\program files\Intel\AMT\atchk.exe" [2009-12-01 401408] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 61440] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-08-01 2345592] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2008-06-12 03:43 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] 2008-06-12 07:25 37232 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2011-03-30 13:46 499608 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 12:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager] 2011-01-12 12:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] 2010-07-23 03:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAHeadless] 2009-09-18 08:24 615808 ----a-w- c:\program files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dxtory Update Checker 2.0] 2010-10-17 19:08 93696 ----a-w- c:\program files\Dxtory Software\Dxtory2.0\UpdateChecker.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPodVideoConverter_upgrade] 2011-08-16 14:27 484864 ----a-w- c:\program files\E-Zsoft\iPodVideoConverter\iPodVideoConverter.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-06-07 23:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-09-07 21:04 766536 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF4 Registry Controller] 2006-10-05 18:26 46664 ----a-w- c:\program files\ScanSoft\PDF Professional 4.0\RegistryController.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2007-05-08 13:28 1015808 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-09-28 18:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 19:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2011-03-07 00:56 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] 2010-02-19 18:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2012-07-08 04:13 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\MP3 Skype Recorder\\MP3 Skype Recorder.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"= "c:\\Program Files\\UltraVNC\\winvnc.exe"= "c:\\Program Files\\UltraVNC\\vncviewer.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Adobe\\Adobe Flash Builder 4.5\\FlashBuilder.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgam.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Documents and Settings\\Mitchell\\Application Data\\Spotify\\spotify.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "57826:TCP"= 57826:TCP:Pando Media Booster "57826:UDP"= 57826:UDP:Pando Media Booster "5900:TCP"= 5900:TCP:vnc5900 "5800:TCP"= 5800:TCP:vnc5800 "7935:TCP"= 7935:TCP:Adobe Flash Builder 4.5 "3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server "5353:TCP"= 5353:TCP:Adobe CSI CS4 "51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server "51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2/22/2011 8:13 AM 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [3/16/2011 4:03 PM 32592] R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [7/14/2012 5:16 PM 752128] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4/5/2011 12:59 AM 297168] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [7/12/2010 4:33 AM 30432] S1 archlp;archlp;c:\windows\system32\drivers\ArcHlp.sys [1/14/2011 7:47 PM 127744] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [1/7/2011 6:41 AM 248656] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [7/23/2012 5:19 PM 22312] S1 MpKsl3a0e0eb8;MpKsl3a0e0eb8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E043163-B476-42BC-A1F1-9DFD408B8117}\MpKsl3a0e0eb8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E043163-B476-42BC-A1F1-9DFD408B8117}\MpKsl3a0e0eb8.sys [?] S1 MpKsl7b927d71;MpKsl7b927d71;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E043163-B476-42BC-A1F1-9DFD408B8117}\MpKsl7b927d71.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E043163-B476-42BC-A1F1-9DFD408B8117}\MpKsl7b927d71.sys [?] S1 MpKslfa3aceb7;MpKslfa3aceb7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E043163-B476-42BC-A1F1-9DFD408B8117}\MpKslfa3aceb7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2E043163-B476-42BC-A1F1-9DFD408B8117}\MpKslfa3aceb7.sys [?] S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [7/14/2012 5:16 PM 3246040] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 6:00 AM 14336] S2 avgfws;AVG Firewall;c:\program files\AVG\AVG10\avgfws.exe [3/9/2011 7:24 PM 2708024] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [1/31/2012 4:02 PM 7391072] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2/8/2011 5:33 AM 269520] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [9/12/2012 7:49 PM 399432] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/8/2012 11:21 PM 676936] S2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [8/10/2011 3:35 PM 227184] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/26/2010 10:09 PM 50704] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:28 PM 160944] S2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [7/16/2012 6:17 PM 2519040] S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [6/12/2012 11:18 AM 935480] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 6:46 AM 284016] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/1/2012 1:53 PM 250056] S3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [7/14/2012 5:16 PM 167968] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2/15/2012 4:33 PM 16640] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [5/16/2011 8:04 PM 167264] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [7/12/2010 4:33 AM 30432] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [4/14/2011 9:28 PM 134480] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2/10/2011 7:53 AM 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2/10/2011 7:53 AM 27216] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [7/17/2011 12:22 PM 6016] S3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\drivers\hcwhdpvr.sys [1/14/2011 7:42 PM 157568] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/8/2012 11:21 PM 22856] S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [7/17/2011 12:22 PM 25856] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [7/17/2011 12:22 PM 20480] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [7/17/2011 12:22 PM 8320] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [7/17/2011 12:22 PM 42752] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [7/17/2011 12:22 PM 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [7/17/2011 12:22 PM 11008] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/30/2012 6:50 AM 115168] S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [4/25/2011 4:11 PM 31872] S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 2:37 PM 517096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:51] . 2012-10-11 c:\windows\Tasks\AdobeAAMUpdater-1.0-GROSSWORLD-mitchell.job - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-01-31 13:46] . 2012-10-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57] . 2012-10-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-07 00:25] . 2012-10-11 c:\windows\Tasks\MotoHelper MUM.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08 22:11] . 2012-10-13 c:\windows\Tasks\MotoHelper Routing.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08 22:11] . 2012-10-11 c:\windows\Tasks\MotoHelper Update.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-08-08 22:11] . 2012-10-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3637815973-1601523947-386142109-1138.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 16:00] . 2012-10-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3637815973-1601523947-386142109-1138.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 16:00] . 2012-09-17 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-17 05:46] . 2012-10-14 c:\windows\Tasks\User_Feed_Synchronization-{A2C3F026-9CFC-43B2-B473-D27BBD1CA5C4}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 09:31] . 2012-10-14 c:\windows\Tasks\User_Feed_Synchronization-{B60D6635-9980-4412-A0BD-2693AA264B9E}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 09:31] . 2012-10-14 c:\windows\Tasks\User_Feed_Synchronization-{ED30FEFF-4872-4D40-BEA0-67E7529D8940}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 09:31] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Open with ScanSoft PDF Converter 4.0 - c:\program files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100 TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{E0B61605-2928-42B2-B9B9-6CA3C1307154}: NameServer = 68.94.1.56,68.94.157.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\i72u2tzg.default\ FF - ExtSQL: 2012-09-17 14:53; {1E73965B-8B48-48be-9C8D-68B920ABC1C4}; c:\program files\AVG\AVG10\Firefox4 FF - ExtSQL: 2012-09-17 15:46; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 . - - - - ORPHANS REMOVED - - - - . SafeBoot-80757594.sys SafeBoot-89117365.sys . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-10-14 20:39 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-725345543-507921405-839522115-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,22,a5,91,8b,7f,a8,bf,48,87,d3,b5,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,22,a5,91,8b,7f,a8,bf,48,87,d3,b5,\ . [HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*] "value"="?\0a\00\17\10\076»" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1268) c:\windows\system32\Ati2evxx.dll . Completion time: 2012-10-14 20:41:14 ComboFix-quarantined-files.txt 2012-10-15 00:41 . Pre-Run: 379,329,753,088 bytes free Post-Run: 381,055,553,536 bytes free . - - End Of File - - 9D17B07F4B2BED2C9F9D3E5ECD06F98C

I tried using ComboFix, and when it arrived in the blue CMD screen, at the portion where it said it was scanning for infections and it stops responding. I let it sit on the screen for a while, but it never left a txt file on my C:/ or finished the scan.

I had one entry like this: \Device\Harddisk0\DR0 ( TDSS File System ) that I accidentally cured, just for an FYI. 18:02:32.0892 2512 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 18:02:34.0907 2512 ============================================================ 18:02:34.0907 2512 Current date / time: 2012/10/11 18:02:34.0907 18:02:34.0907 2512 SystemInfo: 18:02:34.0907 2512 18:02:34.0907 2512 OS Version: 5.1.2600 ServicePack: 3.0 18:02:34.0907 2512 Product type: Workstation 18:02:34.0907 2512 ComputerName: MITCHELL-DELL 18:02:34.0907 2512 UserName: Administrator 18:02:34.0907 2512 Windows directory: C:\WINDOWS 18:02:34.0907 2512 System windows directory: C:\WINDOWS 18:02:34.0907 2512 Processor architecture: Intel x86 18:02:34.0907 2512 Number of processors: 2 18:02:34.0907 2512 Page size: 0x1000 18:02:34.0907 2512 Boot type: Normal boot 18:02:34.0907 2512 ============================================================ 18:02:35.0813 2512 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 18:02:35.0813 2512 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 18:02:36.0047 2512 ============================================================ 18:02:36.0047 2512 \Device\Harddisk0\DR0: 18:02:36.0047 2512 MBR partitions: 18:02:36.0047 2512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x53000, BlocksNum 0x3894A800 18:02:36.0047 2512 \Device\Harddisk1\DR1: 18:02:36.0047 2512 MBR partitions: 18:02:36.0047 2512 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 18:02:36.0047 2512 ============================================================ 18:02:36.0094 2512 C: <-> \Device\Harddisk0\DR0\Partition1 18:02:36.0094 2512 E: <-> \Device\Harddisk1\DR1\Partition1 18:02:36.0094 2512 ============================================================ 18:02:36.0094 2512 Initialize success 18:02:36.0094 2512 ============================================================ 18:03:07.0649 6008 Deinitialize success 07:00:15.0796 3260 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 07:00:15.0906 3260 ============================================================ 07:00:15.0906 3260 Current date / time: 2012/10/12 07:00:15.0906 07:00:15.0906 3260 SystemInfo: 07:00:15.0906 3260 07:00:15.0906 3260 OS Version: 5.1.2600 ServicePack: 3.0 07:00:15.0906 3260 Product type: Workstation 07:00:15.0906 3260 ComputerName: MITCHELL-DELL 07:00:15.0906 3260 UserName: Administrator 07:00:15.0906 3260 Windows directory: C:\WINDOWS 07:00:15.0906 3260 System windows directory: C:\WINDOWS 07:00:15.0906 3260 Processor architecture: Intel x86 07:00:15.0906 3260 Number of processors: 2 07:00:15.0906 3260 Page size: 0x1000 07:00:15.0906 3260 Boot type: Normal boot 07:00:15.0906 3260 ============================================================ 07:00:18.0218 3260 BG loaded 07:00:23.0109 3260 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 07:00:24.0062 3260 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 07:00:24.0093 3260 ============================================================ 07:00:24.0093 3260 \Device\Harddisk0\DR0: 07:00:24.0109 3260 MBR partitions: 07:00:24.0109 3260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x53000, BlocksNum 0x3894A800 07:00:24.0109 3260 \Device\Harddisk1\DR1: 07:00:24.0109 3260 MBR partitions: 07:00:24.0109 3260 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 07:00:24.0109 3260 ============================================================ 07:00:28.0718 3260 C: <-> \Device\Harddisk0\DR0\Partition1 07:00:29.0062 3260 E: <-> \Device\Harddisk1\DR1\Partition1 07:00:29.0062 3260 ============================================================ 07:00:29.0062 3260 Initialize success 07:00:29.0062 3260 ============================================================ 19:54:24.0046 2836 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 19:54:24.0484 2836 ============================================================ 19:54:24.0484 2836 Current date / time: 2012/10/11 19:54:24.0484 19:54:24.0484 2836 SystemInfo: 19:54:24.0484 2836 19:54:24.0484 2836 OS Version: 5.1.2600 ServicePack: 3.0 19:54:24.0484 2836 Product type: Workstation 19:54:24.0484 2836 ComputerName: MITCHELL-DELL 19:54:24.0484 2836 UserName: Administrator 19:54:24.0484 2836 Windows directory: C:\WINDOWS 19:54:24.0484 2836 System windows directory: C:\WINDOWS 19:54:24.0484 2836 Processor architecture: Intel x86 19:54:24.0484 2836 Number of processors: 2 19:54:24.0484 2836 Page size: 0x1000 19:54:24.0484 2836 Boot type: Normal boot 19:54:24.0484 2836 ============================================================ 19:54:28.0968 2836 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 19:54:29.0109 2836 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 19:54:29.0125 2836 ============================================================ 19:54:29.0125 2836 \Device\Harddisk0\DR0: 19:54:29.0843 2836 MBR partitions: 19:54:29.0843 2836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x53000, BlocksNum 0x3894A800 19:54:29.0843 2836 \Device\Harddisk1\DR1: 19:54:29.0843 2836 MBR partitions: 19:54:29.0843 2836 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 19:54:29.0843 2836 ============================================================ 19:54:30.0265 2836 C: <-> \Device\Harddisk0\DR0\Partition1 19:54:30.0578 2836 E: <-> \Device\Harddisk1\DR1\Partition1 19:54:30.0578 2836 ============================================================ 19:54:30.0578 2836 Initialize success 19:54:30.0578 2836 ============================================================ 06:57:13.0623 4980 ============================================================ 06:57:13.0623 4980 Scan started 06:57:13.0623 4980 Mode: Manual; 06:57:13.0623 4980 ============================================================ 06:57:14.0014 4980 ================ Scan system memory ======================== 06:57:14.0014 4980 System memory - ok 06:57:14.0014 4980 ================ Scan services ============================= 06:57:14.0076 4980 Abiosdsk - ok 06:57:14.0076 4980 abp480n5 - ok 06:57:14.0154 4980 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 06:57:14.0154 4980 ACDaemon - ok 06:57:14.0201 4980 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 06:57:14.0201 4980 ACPI - ok 06:57:14.0232 4980 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 06:57:14.0248 4980 ACPIEC - ok 06:57:14.0295 4980 [ 6CD368F2F066DFC507A7477F15B75EB6 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe 06:57:14.0310 4980 AcrSch2Svc - ok 06:57:14.0373 4980 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\WINDOWS\system32\drivers\adfs.sys 06:57:14.0373 4980 adfs - ok 06:57:14.0420 4980 [ DE25FC7DE3A464E455C0D0012757B0AC ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys 06:57:14.0420 4980 ADIHdAudAddService - ok 06:57:14.0514 4980 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe 06:57:14.0529 4980 Adobe Version Cue CS3 - ok 06:57:14.0576 4980 [ 57A3B9A69F14414ACE12AFD6BA701773 ] Adobe Version Cue CS4 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe 06:57:14.0607 4980 Adobe Version Cue CS4 - ok 06:57:14.0670 4980 [ 6C40D5ED8951AB7B90D08AF655224EE4 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 06:57:14.0685 4980 AdobeFlashPlayerUpdateSvc - ok 06:57:14.0685 4980 adpu160m - ok 06:57:14.0717 4980 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 06:57:14.0732 4980 aec - ok 06:57:14.0764 4980 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys 06:57:14.0764 4980 Afc - ok 06:57:14.0810 4980 [ 53696AD8FFC5FAC51949A525FF65A689 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys 06:57:14.0810 4980 afcdp - ok 06:57:14.0857 4980 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe 06:57:14.0904 4980 afcdpsrv - ok 06:57:14.0951 4980 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 06:57:14.0951 4980 AFD - ok 06:57:14.0951 4980 Aha154x - ok 06:57:14.0967 4980 aic78u2 - ok 06:57:14.0967 4980 aic78xx - ok 06:57:14.0998 4980 Akamai - ok 06:57:15.0029 4980 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 06:57:15.0029 4980 Alerter - ok 06:57:15.0045 4980 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 06:57:15.0060 4980 ALG - ok 06:57:15.0060 4980 AliIde - ok 06:57:15.0060 4980 amsint - ok 06:57:15.0107 4980 [ 85ECE26F326C2D07BA77A60343468272 ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys 06:57:15.0107 4980 Apowersoft_AudioDevice - ok 06:57:15.0185 4980 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 06:57:15.0201 4980 Apple Mobile Device - ok 06:57:15.0217 4980 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 06:57:15.0217 4980 AppMgmt - ok 06:57:15.0264 4980 [ D781CB30626FF2F391BC9EC6E20801B9 ] archlp C:\WINDOWS\system32\drivers\archlp.sys 06:57:15.0264 4980 archlp - ok 06:57:15.0264 4980 asc - ok 06:57:15.0264 4980 asc3350p - ok 06:57:15.0279 4980 asc3550 - ok 06:57:15.0373 4980 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 06:57:15.0404 4980 aspnet_state - ok 06:57:15.0420 4980 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 06:57:15.0420 4980 AsyncMac - ok 06:57:15.0451 4980 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 06:57:15.0467 4980 atapi - ok 06:57:15.0514 4980 [ 5B38D6E5FEDBCC7925597412554798BB ] atchksrv C:\Program Files\Intel\AMT\atchksrv.exe 06:57:15.0514 4980 atchksrv - ok 06:57:15.0529 4980 Atdisk - ok 06:57:15.0560 4980 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 06:57:15.0576 4980 Ati HotKey Poller - ok 06:57:15.0607 4980 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 06:57:15.0607 4980 ATI Smart - ok 06:57:15.0670 4980 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 06:57:15.0701 4980 ati2mtag - ok 06:57:15.0717 4980 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 06:57:15.0717 4980 Atmarpc - ok 06:57:15.0748 4980 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 06:57:15.0748 4980 AudioSrv - ok 06:57:15.0795 4980 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 06:57:15.0795 4980 audstub - ok 06:57:15.0904 4980 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe 06:57:15.0904 4980 AVG Security Toolbar Service - ok 06:57:15.0935 4980 [ 0C5941AF0B6BF2FDF378937392865217 ] Avgfwdx C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 06:57:15.0967 4980 Avgfwdx - ok 06:57:15.0967 4980 [ 0C5941AF0B6BF2FDF378937392865217 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwdx.sys 06:57:15.0967 4980 Avgfwfd - ok 06:57:16.0029 4980 [ 2F0C5AE2352F22B587EDC2829C971262 ] avgfws C:\Program Files\AVG\AVG10\avgfws.exe 06:57:16.0076 4980 avgfws - ok 06:57:16.0264 4980 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe 06:57:16.0295 4980 AVGIDSAgent - ok 06:57:16.0326 4980 [ 2D18221AAB3DB2D408D6C55C0F23090A ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 06:57:16.0326 4980 AVGIDSDriver - ok 06:57:16.0373 4980 [ 1AF676DB3F3D4CC709CFAB2571CF5FC3 ] AVGIDSEH C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 06:57:16.0373 4980 AVGIDSEH - ok 06:57:16.0404 4980 [ 4C51E233C87F9EC7598551DE554BC99D ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 06:57:16.0420 4980 AVGIDSFilter - ok 06:57:16.0451 4980 [ C3FC426E54F55C1CC3219E415B88E10C ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 06:57:16.0451 4980 AVGIDSShim - ok 06:57:16.0498 4980 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 06:57:16.0498 4980 Avgldx86 - ok 06:57:16.0514 4980 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 06:57:16.0529 4980 Avgmfx86 - ok 06:57:16.0545 4980 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 06:57:16.0545 4980 Avgrkx86 - ok 06:57:16.0592 4980 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys 06:57:16.0592 4980 Avgtdix - ok 06:57:16.0623 4980 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe 06:57:16.0623 4980 avgwd - ok 06:57:16.0701 4980 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 06:57:16.0701 4980 BcmSqlStartupSvc - ok 06:57:16.0732 4980 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 06:57:16.0732 4980 Beep - ok 06:57:16.0764 4980 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 06:57:16.0810 4980 BITS - ok 06:57:16.0873 4980 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 06:57:16.0873 4980 Bonjour Service - ok 06:57:16.0920 4980 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll 06:57:16.0920 4980 Browser - ok 06:57:16.0935 4980 [ 4813DF77EDE536A52E3737971F910BAA ] BTCFilterService C:\WINDOWS\system32\DRIVERS\motfilt.sys 06:57:16.0951 4980 BTCFilterService - ok 06:57:16.0982 4980 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 06:57:16.0982 4980 cbidf2k - ok 06:57:17.0014 4980 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 06:57:17.0014 4980 CCDECODE - ok 06:57:17.0014 4980 cd20xrnt - ok 06:57:17.0029 4980 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 06:57:17.0029 4980 Cdaudio - ok 06:57:17.0060 4980 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 06:57:17.0076 4980 Cdfs - ok 06:57:17.0076 4980 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 06:57:17.0076 4980 Cdrom - ok 06:57:17.0076 4980 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys 06:57:17.0092 4980 cercsr6 - ok 06:57:17.0092 4980 Changer - ok 06:57:17.0107 4980 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 06:57:17.0107 4980 CiSvc - ok 06:57:17.0123 4980 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 06:57:17.0123 4980 ClipSrv - ok 06:57:17.0154 4980 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:57:17.0154 4980 clr_optimization_v2.0.50727_32 - ok 06:57:17.0185 4980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 06:57:17.0232 4980 clr_optimization_v4.0.30319_32 - ok 06:57:17.0232 4980 CmdIde - ok 06:57:17.0232 4980 COMSysApp - ok 06:57:17.0248 4980 Cpqarray - ok 06:57:17.0248 4980 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 06:57:17.0248 4980 CryptSvc - ok 06:57:17.0248 4980 dac2w2k - ok 06:57:17.0248 4980 dac960nt - ok 06:57:17.0295 4980 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINDOWS\system32\DRIVERS\emDevice.sys 06:57:17.0295 4980 DCamUSBEMPIA - ok 06:57:17.0342 4980 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 06:57:17.0342 4980 DcomLaunch - ok 06:57:17.0389 4980 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 06:57:17.0389 4980 Dhcp - ok 06:57:17.0389 4980 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 06:57:17.0389 4980 Disk - ok 06:57:17.0435 4980 [ D8D58A84F3ECE3359DF95FD2E459B330 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS 06:57:17.0451 4980 DLABOIOM - ok 06:57:17.0451 4980 [ EC6AE8BC9F773382D2EED49E4DFDAE2A ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 06:57:17.0451 4980 DLACDBHM - ok 06:57:17.0451 4980 [ 27C78078BD9C4F2DE2AD3EB04BFE101B ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS 06:57:17.0451 4980 DLADResN - ok 06:57:17.0467 4980 [ 7F2D93E560B763EF5D11422D78DA8ED0 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 06:57:17.0467 4980 DLAIFS_M - ok 06:57:17.0467 4980 [ F643637DE6AAC57E38D197AA63D9EA74 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 06:57:17.0467 4980 DLAOPIOM - ok 06:57:17.0467 4980 [ 340705474807F57A46D59D18FC2959F1 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS 06:57:17.0467 4980 DLAPoolM - ok 06:57:17.0482 4980 [ 0605B66052F82B6F07204DBDB61C13FF ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 06:57:17.0482 4980 DLARTL_N - ok 06:57:17.0482 4980 [ 6984EA763907C045CE813468882BC587 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 06:57:17.0482 4980 DLAUDFAM - ok 06:57:17.0482 4980 [ 12B30C449CFD36ADBED53EB6560933C6 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 06:57:17.0482 4980 DLAUDF_M - ok 06:57:17.0498 4980 dmadmin - ok 06:57:17.0545 4980 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 06:57:17.0545 4980 dmboot - ok 06:57:17.0576 4980 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 06:57:17.0576 4980 dmio - ok 06:57:17.0592 4980 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 06:57:17.0592 4980 dmload - ok 06:57:17.0607 4980 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 06:57:17.0623 4980 dmserver - ok 06:57:17.0654 4980 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 06:57:17.0654 4980 DMusic - ok 06:57:17.0701 4980 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 06:57:17.0701 4980 Dnscache - ok 06:57:17.0732 4980 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 06:57:17.0732 4980 Dot3svc - ok 06:57:17.0732 4980 dpti2o - ok 06:57:17.0748 4980 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 06:57:17.0764 4980 drmkaud - ok 06:57:17.0764 4980 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 06:57:17.0764 4980 DRVMCDB - ok 06:57:17.0764 4980 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 06:57:17.0764 4980 DRVNDDM - ok 06:57:17.0795 4980 [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys 06:57:17.0810 4980 E100B - ok 06:57:17.0826 4980 [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys 06:57:17.0857 4980 e1express - ok 06:57:17.0857 4980 EagleNT - ok 06:57:17.0873 4980 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 06:57:17.0873 4980 EapHost - ok 06:57:17.0904 4980 [ B8EAC99B14772BDC36CA963AED109FA2 ] ElRawDisk C:\WINDOWS\system32\drivers\rsdrv.sys 06:57:17.0904 4980 ElRawDisk - ok 06:57:17.0935 4980 [ 200DA4F1964C11B3C19A07F937394624 ] emAudio C:\WINDOWS\system32\drivers\emAudio.sys 06:57:17.0935 4980 emAudio - ok 06:57:17.0967 4980 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 06:57:17.0967 4980 ERSvc - ok 06:57:17.0998 4980 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 06:57:18.0029 4980 Eventlog - ok 06:57:18.0060 4980 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 06:57:18.0060 4980 EventSystem - ok 06:57:18.0076 4980 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 06:57:18.0076 4980 Fastfat - ok 06:57:18.0107 4980 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 06:57:18.0107 4980 FastUserSwitchingCompatibility - ok 06:57:18.0139 4980 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 06:57:18.0139 4980 Fdc - ok 06:57:18.0170 4980 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINDOWS\system32\DRIVERS\emFilter.sys 06:57:18.0170 4980 FiltUSBEMPIA - ok 06:57:18.0201 4980 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 06:57:18.0201 4980 Fips - ok 06:57:18.0232 4980 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 06:57:18.0248 4980 FLEXnet Licensing Service - ok 06:57:18.0326 4980 [ 27B9B2965221E95F23F33206F95C9447 ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe 06:57:18.0326 4980 FlipShare Service - ok 06:57:18.0342 4980 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 06:57:18.0342 4980 Flpydisk - ok 06:57:18.0373 4980 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 06:57:18.0389 4980 FltMgr - ok 06:57:18.0435 4980 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 06:57:18.0435 4980 FontCache3.0.0.0 - ok 06:57:18.0451 4980 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 06:57:18.0451 4980 Fs_Rec - ok 06:57:18.0451 4980 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 06:57:18.0451 4980 Ftdisk - ok 06:57:18.0498 4980 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 06:57:18.0498 4980 GEARAspiWDM - ok 06:57:18.0514 4980 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 06:57:18.0514 4980 Gpc - ok 06:57:18.0576 4980 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 06:57:18.0576 4980 gusvc - ok 06:57:18.0607 4980 [ D9C5E547B2D610A61560A045353962DC ] hcwhdpvr C:\WINDOWS\system32\DRIVERS\hcwhdpvr.sys 06:57:18.0623 4980 hcwhdpvr - ok 06:57:18.0639 4980 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 06:57:18.0639 4980 HDAudBus - ok 06:57:18.0670 4980 [ 0BF1D760B05CAAAF231123D53C4789E2 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys 06:57:18.0670 4980 HECI - ok 06:57:18.0779 4980 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 06:57:18.0779 4980 helpsvc - ok 06:57:18.0810 4980 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 06:57:18.0810 4980 HidServ - ok 06:57:18.0857 4980 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 06:57:18.0857 4980 hidusb - ok 06:57:18.0889 4980 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 06:57:18.0889 4980 hkmsvc - ok 06:57:18.0889 4980 hpn - ok 06:57:18.0967 4980 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 06:57:18.0967 4980 hpqcxs08 - ok 06:57:19.0014 4980 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 06:57:19.0014 4980 hpqddsvc - ok 06:57:19.0029 4980 [ 14229263AA19C704E0D6D2E7404A8455 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 06:57:19.0029 4980 HPSLPSVC - ok 06:57:19.0076 4980 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 06:57:19.0092 4980 HTTP - ok 06:57:19.0139 4980 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 06:57:19.0139 4980 HTTPFilter - ok 06:57:19.0154 4980 i2omgmt - ok 06:57:19.0154 4980 i2omp - ok 06:57:19.0170 4980 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys 06:57:19.0170 4980 i8042prt - ok 06:57:19.0232 4980 [ 5A8E05F1D5C36ABD58CFFA111EB325EA ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 06:57:19.0248 4980 ialm - ok 06:57:19.0326 4980 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 06:57:19.0342 4980 idsvc - ok 06:57:19.0342 4980 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 06:57:19.0342 4980 Imapi - ok 06:57:19.0389 4980 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 06:57:19.0404 4980 ImapiService - ok 06:57:19.0404 4980 ini910u - ok 06:57:19.0420 4980 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\drivers\IntelIde.sys 06:57:19.0420 4980 IntelIde - ok 06:57:19.0451 4980 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 06:57:19.0451 4980 intelppm - ok 06:57:19.0467 4980 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 06:57:19.0467 4980 Ip6Fw - ok 06:57:19.0514 4980 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 06:57:19.0514 4980 IpFilterDriver - ok 06:57:19.0529 4980 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 06:57:19.0529 4980 IpInIp - ok 06:57:19.0560 4980 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 06:57:19.0576 4980 IpNat - ok 06:57:19.0623 4980 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 06:57:19.0639 4980 iPod Service - ok 06:57:19.0654 4980 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 06:57:19.0654 4980 IPSec - ok 06:57:19.0670 4980 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 06:57:19.0670 4980 IRENUM - ok 06:57:19.0701 4980 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 06:57:19.0701 4980 isapnp - ok 06:57:19.0810 4980 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 06:57:19.0810 4980 JavaQuickStarterService - ok 06:57:19.0842 4980 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 06:57:19.0857 4980 Kbdclass - ok 06:57:19.0857 4980 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 06:57:19.0857 4980 kbdhid - ok 06:57:19.0889 4980 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 06:57:19.0889 4980 kmixer - ok 06:57:19.0920 4980 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 06:57:19.0920 4980 KSecDD - ok 06:57:19.0935 4980 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 06:57:19.0935 4980 lanmanserver - ok 06:57:19.0951 4980 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 06:57:19.0982 4980 lanmanworkstation - ok 06:57:19.0982 4980 lbrtfdc - ok 06:57:20.0014 4980 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 06:57:20.0014 4980 LmHosts - ok 06:57:20.0014 4980 [ CEDA82048C4958171674D0E9373B1A68 ] LMS C:\Program Files\Intel\AMT\LMS.exe 06:57:20.0029 4980 LMS - ok 06:57:20.0029 4980 [ 081CAF42D5DB1FCF8794FD77BEFD1B11 ] lusbaudio C:\WINDOWS\system32\drivers\OVSound2.sys 06:57:20.0029 4980 lusbaudio - ok 06:57:20.0076 4980 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys 06:57:20.0076 4980 MarvinBus - ok 06:57:20.0107 4980 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 06:57:20.0107 4980 MBAMProtector - ok 06:57:20.0154 4980 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 06:57:20.0154 4980 MBAMScheduler - ok 06:57:20.0154 4980 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 06:57:20.0170 4980 MBAMService - ok 06:57:20.0264 4980 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 06:57:20.0264 4980 MDM - ok 06:57:20.0295 4980 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 06:57:20.0295 4980 Messenger - ok 06:57:20.0342 4980 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 06:57:20.0342 4980 mnmdd - ok 06:57:20.0373 4980 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 06:57:20.0373 4980 mnmsrvc - ok 06:57:20.0420 4980 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 06:57:20.0420 4980 Modem - ok 06:57:20.0435 4980 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 06:57:20.0451 4980 MODEMCSA - ok 06:57:20.0451 4980 [ 0A43169E115B5E9346A4BA1EFFCB04CB ] motandroidusb C:\WINDOWS\system32\Drivers\motoandroid.sys 06:57:20.0451 4980 motandroidusb - ok 06:57:20.0467 4980 [ F4EA1193A52C8FE4B8A135E210ABE546 ] motccgp C:\WINDOWS\system32\DRIVERS\motccgp.sys 06:57:20.0467 4980 motccgp - ok 06:57:20.0482 4980 [ B812DA6605CAF02641312F1F65C75419 ] motccgpfl C:\WINDOWS\system32\DRIVERS\motccgpfl.sys 06:57:20.0482 4980 motccgpfl - ok 06:57:20.0482 4980 [ E190ED75BCC7928143F8F2AF4C34D91D ] MotDev C:\WINDOWS\system32\DRIVERS\motodrv.sys 06:57:20.0482 4980 MotDev - ok 06:57:20.0482 4980 [ 69814ACD50A9D6D28296050EF6215D46 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys 06:57:20.0482 4980 motmodem - ok 06:57:20.0529 4980 [ 98A10AC4257A3BA48C9611338544EE49 ] MotoHelper C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe 06:57:20.0529 4980 MotoHelper - ok 06:57:20.0529 4980 [ FD8C2CEF7AD8B23C6714103D621FAC1F ] MotoSwitchService C:\WINDOWS\system32\DRIVERS\motswch.sys 06:57:20.0545 4980 MotoSwitchService - ok 06:57:20.0545 4980 [ DDC489D40B49F443787E7FFA75373522 ] Motousbnet C:\WINDOWS\system32\DRIVERS\Motousbnet.sys 06:57:20.0545 4980 Motousbnet - ok 06:57:20.0545 4980 [ F18898D418F43E74A93EDC57E1F28BC9 ] motusbdevice C:\WINDOWS\system32\DRIVERS\motusbdevice.sys 06:57:20.0560 4980 motusbdevice - ok 06:57:20.0576 4980 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 06:57:20.0592 4980 Mouclass - ok 06:57:20.0607 4980 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 06:57:20.0623 4980 mouhid - ok 06:57:20.0623 4980 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 06:57:20.0623 4980 MountMgr - ok 06:57:20.0670 4980 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 06:57:20.0685 4980 MozillaMaintenance - ok 06:57:20.0717 4980 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys 06:57:20.0717 4980 MPE - ok 06:57:20.0764 4980 MpKsl3a0e0eb8 - ok 06:57:20.0779 4980 MpKsl7b927d71 - ok 06:57:20.0779 4980 MpKslfa3aceb7 - ok 06:57:20.0779 4980 mraid35x - ok 06:57:20.0779 4980 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 06:57:20.0779 4980 MRxDAV - ok 06:57:20.0826 4980 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 06:57:20.0842 4980 MRxSmb - ok 06:57:20.0857 4980 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 06:57:20.0857 4980 MSDTC - ok 06:57:20.0857 4980 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 06:57:20.0857 4980 Msfs - ok 06:57:20.0857 4980 MSIServer - ok 06:57:20.0873 4980 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 06:57:20.0873 4980 MSKSSRV - ok 06:57:20.0889 4980 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 06:57:20.0889 4980 MSPCLOCK - ok 06:57:20.0889 4980 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 06:57:20.0889 4980 MSPQM - ok 06:57:20.0920 4980 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 06:57:20.0920 4980 mssmbios - ok 06:57:21.0014 4980 MSSQL$MSSMLBIZ - ok 06:57:21.0060 4980 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 06:57:21.0060 4980 MSSQLServerADHelper - ok 06:57:21.0076 4980 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 06:57:21.0076 4980 MSTEE - ok 06:57:21.0107 4980 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 06:57:21.0123 4980 Mup - ok 06:57:21.0139 4980 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 06:57:21.0139 4980 NABTSFEC - ok 06:57:21.0170 4980 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 06:57:21.0170 4980 napagent - ok 06:57:21.0201 4980 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 06:57:21.0217 4980 NDIS - ok 06:57:21.0232 4980 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 06:57:21.0232 4980 NdisIP - ok 06:57:21.0264 4980 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 06:57:21.0279 4980 NdisTapi - ok 06:57:21.0295 4980 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 06:57:21.0310 4980 Ndisuio - ok 06:57:21.0326 4980 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 06:57:21.0326 4980 NdisWan - ok 06:57:21.0342 4980 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 06:57:21.0357 4980 NDProxy - ok 06:57:21.0389 4980 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 06:57:21.0404 4980 Net Driver HPZ12 - ok 06:57:21.0420 4980 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 06:57:21.0420 4980 NetBIOS - ok 06:57:21.0451 4980 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 06:57:21.0451 4980 NetBT - ok 06:57:21.0482 4980 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 06:57:21.0482 4980 NetDDE - ok 06:57:21.0498 4980 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 06:57:21.0498 4980 NetDDEdsdm - ok 06:57:21.0529 4980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 06:57:21.0529 4980 Netlogon - ok 06:57:21.0576 4980 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 06:57:21.0576 4980 Netman - ok 06:57:21.0607 4980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 06:57:21.0623 4980 NetTcpPortSharing - ok 06:57:21.0654 4980 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 06:57:21.0654 4980 Nla - ok 06:57:21.0685 4980 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys 06:57:21.0685 4980 nm - ok 06:57:21.0717 4980 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\npf.sys 06:57:21.0717 4980 NPF - ok 06:57:21.0732 4980 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 06:57:21.0732 4980 Npfs - ok 06:57:21.0748 4980 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 06:57:21.0748 4980 Ntfs - ok 06:57:21.0748 4980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 06:57:21.0748 4980 NtLmSsp - ok 06:57:21.0795 4980 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 06:57:21.0795 4980 NtmsSvc - ok 06:57:21.0810 4980 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 06:57:21.0826 4980 Null - ok 06:57:21.0842 4980 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 06:57:21.0857 4980 NwlnkFlt - ok 06:57:21.0857 4980 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 06:57:21.0857 4980 NwlnkFwd - ok 06:57:21.0920 4980 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 06:57:21.0920 4980 odserv - ok 06:57:21.0920 4980 OMCI - ok 06:57:21.0967 4980 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:57:21.0967 4980 ose - ok 06:57:21.0982 4980 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 06:57:21.0982 4980 Parport - ok 06:57:22.0029 4980 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 06:57:22.0029 4980 PartMgr - ok 06:57:22.0060 4980 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 06:57:22.0076 4980 ParVdm - ok 06:57:22.0092 4980 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 06:57:22.0092 4980 PCI - ok 06:57:22.0092 4980 PCIDump - ok 06:57:22.0092 4980 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 06:57:22.0107 4980 PCIIde - ok 06:57:22.0123 4980 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 06:57:22.0123 4980 Pcmcia - ok 06:57:22.0123 4980 PDCOMP - ok 06:57:22.0123 4980 PDFRAME - ok 06:57:22.0123 4980 PDRELI - ok 06:57:22.0123 4980 PDRFRAME - ok 06:57:22.0139 4980 perc2 - ok 06:57:22.0139 4980 perc2hib - ok 06:57:22.0154 4980 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 06:57:22.0154 4980 PlugPlay - ok 06:57:22.0248 4980 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 06:57:22.0264 4980 Pml Driver HPZ12 - ok 06:57:22.0264 4980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 06:57:22.0264 4980 PolicyAgent - ok 06:57:22.0264 4980 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 06:57:22.0264 4980 PptpMiniport - ok 06:57:22.0279 4980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 06:57:22.0279 4980 ProtectedStorage - ok 06:57:22.0279 4980 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 06:57:22.0279 4980 PSched - ok 06:57:22.0310 4980 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 06:57:22.0326 4980 PSI_SVC_2 - ok 06:57:22.0326 4980 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 06:57:22.0326 4980 Ptilink - ok 06:57:22.0342 4980 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 06:57:22.0357 4980 PxHelp20 - ok 06:57:22.0373 4980 [ 90849934D37133E069F31F3E9A66C9BC ] QCEmerald C:\WINDOWS\system32\DRIVERS\OVCE.sys 06:57:22.0389 4980 QCEmerald - ok 06:57:22.0389 4980 ql1080 - ok 06:57:22.0389 4980 Ql10wnt - ok 06:57:22.0389 4980 ql12160 - ok 06:57:22.0389 4980 ql1240 - ok 06:57:22.0389 4980 ql1280 - ok 06:57:22.0404 4980 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 06:57:22.0404 4980 RasAcd - ok 06:57:22.0451 4980 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 06:57:22.0467 4980 RasAuto - ok 06:57:22.0482 4980 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 06:57:22.0482 4980 Rasl2tp - ok 06:57:22.0529 4980 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 06:57:22.0529 4980 RasMan - ok 06:57:22.0529 4980 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 06:57:22.0529 4980 RasPppoe - ok 06:57:22.0545 4980 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 06:57:22.0545 4980 Raspti - ok 06:57:22.0560 4980 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 06:57:22.0560 4980 Rdbss - ok 06:57:22.0576 4980 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 06:57:22.0576 4980 RDPCDD - ok 06:57:22.0592 4980 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 06:57:22.0592 4980 rdpdr - ok 06:57:22.0623 4980 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 06:57:22.0639 4980 RDPWD - ok 06:57:22.0670 4980 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 06:57:22.0670 4980 RDSessMgr - ok 06:57:22.0717 4980 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 06:57:22.0717 4980 redbook - ok 06:57:22.0748 4980 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 06:57:22.0748 4980 RemoteAccess - ok 06:57:22.0779 4980 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 06:57:22.0779 4980 RemoteRegistry - ok 06:57:22.0826 4980 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe 06:57:22.0842 4980 rpcapd - ok 06:57:22.0842 4980 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 06:57:22.0857 4980 RpcLocator - ok 06:57:22.0873 4980 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 06:57:22.0873 4980 RpcSs - ok 06:57:22.0889 4980 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 06:57:22.0904 4980 RSVP - ok 06:57:22.0920 4980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 06:57:22.0920 4980 SamSs - ok 06:57:22.0935 4980 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINDOWS\system32\DRIVERS\emScan.sys 06:57:22.0935 4980 ScanUSBEMPIA - ok 06:57:22.0935 4980 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 06:57:22.0951 4980 SCardSvr - ok 06:57:22.0982 4980 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 06:57:22.0982 4980 Schedule - ok 06:57:23.0014 4980 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 06:57:23.0029 4980 Secdrv - ok 06:57:23.0045 4980 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 06:57:23.0045 4980 seclogon - ok 06:57:23.0092 4980 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys 06:57:23.0092 4980 SenFiltService - ok 06:57:23.0123 4980 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 06:57:23.0123 4980 SENS - ok 06:57:23.0154 4980 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 06:57:23.0154 4980 Serenum - ok 06:57:23.0170 4980 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 06:57:23.0170 4980 Serial - ok 06:57:23.0201 4980 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 06:57:23.0201 4980 Sfloppy - ok 06:57:23.0248 4980 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 06:57:23.0264 4980 SharedAccess - ok 06:57:23.0310 4980 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 06:57:23.0310 4980 ShellHWDetection - ok 06:57:23.0310 4980 Simbad - ok 06:57:23.0389 4980 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 06:57:23.0389 4980 SkypeUpdate - ok 06:57:23.0435 4980 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 06:57:23.0435 4980 SLIP - ok 06:57:23.0482 4980 [ EB49860E776CE860DC3CFB9EDB1BA517 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys 06:57:23.0482 4980 snapman - ok 06:57:23.0482 4980 Sparrow - ok 06:57:23.0514 4980 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 06:57:23.0514 4980 splitter - ok 06:57:23.0545 4980 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 06:57:23.0560 4980 Spooler - ok 06:57:23.0560 4980 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 06:57:23.0576 4980 SQLBrowser - ok 06:57:23.0607 4980 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 06:57:23.0607 4980 SQLWriter - ok 06:57:23.0623 4980 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 06:57:23.0623 4980 sr - ok 06:57:23.0654 4980 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 06:57:23.0670 4980 srservice - ok 06:57:23.0685 4980 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 06:57:23.0701 4980 Srv - ok 06:57:23.0732 4980 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 06:57:23.0732 4980 SSDPSRV - ok 06:57:23.0748 4980 Steam Client Service - ok 06:57:23.0764 4980 [ 352B663A81402BE7CD7BD4EA27C9998C ] STHDA C:\WINDOWS\system32\drivers\sthda.sys 06:57:23.0779 4980 STHDA - ok 06:57:23.0810 4980 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 06:57:23.0810 4980 StillCam - ok 06:57:23.0826 4980 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 06:57:23.0842 4980 stisvc - ok 06:57:23.0857 4980 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 06:57:23.0857 4980 streamip - ok 06:57:23.0904 4980 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 06:57:23.0904 4980 swenum - ok 06:57:24.0060 4980 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 06:57:24.0060 4980 SwitchBoard - ok 06:57:24.0107 4980 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 06:57:24.0107 4980 swmidi - ok 06:57:24.0107 4980 SwPrv - ok 06:57:24.0107 4980 symc810 - ok 06:57:24.0107 4980 symc8xx - ok 06:57:24.0107 4980 sym_hi - ok 06:57:24.0123 4980 sym_u3 - ok 06:57:24.0170 4980 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 06:57:24.0170 4980 sysaudio - ok 06:57:24.0185 4980 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 06:57:24.0185 4980 SysmonLog - ok 06:57:24.0201 4980 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 06:57:24.0201 4980 TapiSrv - ok 06:57:24.0248 4980 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 06:57:24.0248 4980 Tcpip - ok 06:57:24.0279 4980 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 06:57:24.0279 4980 TDPIPE - ok 06:57:24.0310 4980 [ 431801FCC97034E04A6EFF81136578D7 ] tdrpman273 C:\WINDOWS\system32\DRIVERS\tdrpm273.sys 06:57:24.0326 4980 tdrpman273 - ok 06:57:24.0342 4980 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 06:57:24.0342 4980 TDTCP - ok 06:57:24.0357 4980 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 06:57:24.0357 4980 TermDD - ok 06:57:24.0389 4980 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 06:57:24.0389 4980 TermService - ok 06:57:24.0420 4980 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 06:57:24.0420 4980 Themes - ok 06:57:24.0451 4980 [ A34D7024BB7140EC785C86BC065D4F60 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys 06:57:24.0467 4980 timounter - ok 06:57:24.0498 4980 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 06:57:24.0514 4980 TlntSvr - ok 06:57:24.0514 4980 TosIde - ok 06:57:24.0529 4980 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 06:57:24.0529 4980 TrkWks - ok 06:57:24.0560 4980 [ C11362058918CD38C8B8D3E265DA80F5 ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys 06:57:24.0576 4980 TrueSight - ok 06:57:24.0592 4980 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 06:57:24.0592 4980 Udfs - ok 06:57:24.0592 4980 ultra - ok 06:57:24.0654 4980 [ 641572746179865BA2AFD8FE2987541A ] UNS C:\Program Files\Intel\AMT\UNS.exe 06:57:24.0685 4980 UNS - ok 06:57:24.0732 4980 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 06:57:24.0732 4980 Update - ok 06:57:24.0764 4980 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 06:57:24.0764 4980 upnphost - ok 06:57:24.0779 4980 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 06:57:24.0779 4980 UPS - ok 06:57:24.0826 4980 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 06:57:24.0842 4980 USBAAPL - ok 06:57:24.0873 4980 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 06:57:24.0873 4980 usbaudio - ok 06:57:24.0920 4980 [ 3EBB87E9839606662E0C3B91B553DBF7 ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys 06:57:24.0920 4980 usbbus - ok 06:57:24.0935 4980 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 06:57:24.0935 4980 usbccgp - ok 06:57:24.0967 4980 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 06:57:24.0967 4980 usbehci - ok 06:57:25.0014 4980 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 06:57:25.0014 4980 usbhub - ok 06:57:25.0029 4980 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 06:57:25.0045 4980 usbprint - ok 06:57:25.0060 4980 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 06:57:25.0060 4980 usbscan - ok 06:57:25.0092 4980 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 06:57:25.0092 4980 USBSTOR - ok 06:57:25.0107 4980 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 06:57:25.0107 4980 usbuhci - ok 06:57:25.0123 4980 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 06:57:25.0123 4980 VgaSave - ok 06:57:25.0123 4980 ViaIde - ok 06:57:25.0170 4980 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 06:57:25.0170 4980 VolSnap - ok 06:57:25.0232 4980 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 06:57:25.0248 4980 VSS - ok 06:57:25.0373 4980 [ 5FA45791413ACCE628D5361458F32DDE ] vToolbarUpdater11.1.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe 06:57:25.0373 4980 vToolbarUpdater11.1.0 - ok 06:57:25.0389 4980 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 06:57:25.0389 4980 W32Time - ok 06:57:25.0404 4980 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 06:57:25.0404 4980 Wanarp - ok 06:57:25.0451 4980 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 06:57:25.0467 4980 Wdf01000 - ok 06:57:25.0467 4980 WDICA - ok 06:57:25.0498 4980 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 06:57:25.0498 4980 wdmaud - ok 06:57:25.0529 4980 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 06:57:25.0545 4980 WebClient - ok 06:57:25.0607 4980 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 06:57:25.0607 4980 winmgmt - ok 06:57:25.0639 4980 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys 06:57:25.0654 4980 WinUSB - ok 06:57:25.0670 4980 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 06:57:25.0685 4980 WmdmPmSN - ok 06:57:25.0717 4980 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 06:57:25.0717 4980 Wmi - ok 06:57:25.0732 4980 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 06:57:25.0732 4980 WmiApSrv - ok 06:57:25.0795 4980 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 06:57:25.0810 4980 WMPNetworkSvc - ok 06:57:25.0826 4980 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 06:57:25.0826 4980 WpdUsb - ok 06:57:25.0904 4980 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 06:57:25.0920 4980 WPFFontCache_v0400 - ok 06:57:25.0951 4980 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 06:57:25.0951 4980 WS2IFSL - ok 06:57:25.0967 4980 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 06:57:25.0967 4980 wscsvc - ok 06:57:25.0982 4980 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 06:57:25.0982 4980 WSTCODEC - ok 06:57:26.0014 4980 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 06:57:26.0029 4980 wuauserv - ok 06:57:26.0060 4980 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 06:57:26.0060 4980 WudfPf - ok 06:57:26.0076 4980 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 06:57:26.0076 4980 WudfRd - ok 06:57:26.0107 4980 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 06:57:26.0107 4980 WudfSvc - ok 06:57:26.0154 4980 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 06:57:26.0154 4980 WZCSVC - ok 06:57:26.0170 4980 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 06:57:26.0185 4980 xmlprov - ok 06:57:26.0185 4980 zumbus - ok 06:57:26.0201 4980 ================ Scan global =============================== 06:57:26.0248 4980 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 06:57:26.0326 4980 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 06:57:26.0357 4980 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 06:57:26.0389 4980 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 06:57:26.0404 4980 [Global] - ok 06:57:26.0404 4980 ================ Scan MBR ================================== 06:57:26.0420 4980 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 06:57:26.0420 4980 Suspicious mbr (Forged): \Device\Harddisk0\DR0 06:57:26.0435 4980 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 06:57:26.0435 4980 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 06:57:26.0435 4980 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 06:57:26.0467 4980 \Device\Harddisk1\DR1 - ok 06:57:26.0467 4980 ================ Scan VBR ================================== 06:57:26.0498 4980 [ 06FF74AF3D5607E277471F6F7A165046 ] \Device\Harddisk0\DR0\Partition1 06:57:26.0498 4980 \Device\Harddisk0\DR0\Partition1 - ok 06:57:26.0498 4980 [ 4DC073B5343C2D48D5B165C328CBA33E ] \Device\Harddisk1\DR1\Partition1 06:57:26.0498 4980 \Device\Harddisk1\DR1\Partition1 - ok 06:57:26.0498 4980 ================ Scan active images ======================== 06:57:26.0498 4980 ============================================================ 06:57:26.0498 4980 Scan finished 06:57:26.0498 4980 ============================================================ 06:57:26.0498 5112 Detected object count: 1 06:57:26.0498 5112 Actual detected object count: 1 06:57:45.0810 5112 \Device\Harddisk0\DR0\# - copied to quarantine 06:57:45.0810 5112 \Device\Harddisk0\DR0 - copied to quarantine 06:57:45.0873 5112 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 06:57:45.0889 5112 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 06:57:45.0889 5112 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 06:57:45.0889 5112 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 06:57:45.0904 5112 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 06:57:45.0920 5112 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 06:57:45.0935 5112 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 06:57:45.0935 5112 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 06:57:45.0935 5112 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 06:57:45.0935 5112 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 06:57:45.0935 5112 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 06:57:45.0951 5112 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 06:57:45.0951 5112 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 06:57:45.0951 5112 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 06:57:45.0967 5112 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 06:57:45.0967 5112 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 06:57:45.0967 5112 \Device\Harddisk0\DR0 - ok 06:57:45.0982 5112 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 06:57:52.0701 1444 Deinitialize success

When I attempt to run my scan, it finds a Run DLL 32 tha is infected, but before the scan is finished, my computer blue screens. I cannot get the log, I have tried multiple times.

I have a problem on one of my user accounts where svchost.exe presents problems to me when I am trying to work. It doesn't allow me to open programs, it disables Windows Audio, it changes my theme, etc. I am on my Administrator account, and it seems to be running smoothly, but I cannot run off of my Admin account because the settings I use on my personal account took a long time to figure out and get just right, and now I am running with the default. While on my infected account, Malwarebytes gives me a popup about a mallicous website (an IP address) is being blocked. I am running both Malwarebytes Pro, and AVG Internet Security 2011, and neither of them found anything. Please help! I am running Windows XP, SP3.