Jump to content

iamsid

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

Reputation

0 Neutral
  1. iamsid
    Will "fixing" the items listed in category O4 stop them from starting up? Or otherwise affect those programs? A lot of those programs I want running... ituneshelper, everything, 7taskbar, etc....
  2. iamsid
    Oh, and computer seems to still be running fine. No issues during any of the steps.
  3. iamsid
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:01:25 PM, on 10/18/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Users\sshaffer\Downloads\TwoFingerScroll_1_0_9-MacHater-Mod\TwoFingerScroll.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Everything\Everything.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Citrix\ICA Client\PNAMAIN.EXE C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\SSDriver\fi5110\SsWiaChecker.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE C:\Users\sshafferMFI\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\sshaffer\Desktop\security tools\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [EverioService] "C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass\KeePass.exe" --preload O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [TwoFingerScroll] C:\Users\sshaffer\Downloads\TwoFingerScroll_1_0_9-MacHater-Mod\TwoFingerScroll.exe O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Users\sshaffer\AppData\Roaming\7 Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd O4 - HKUS\S-1-5-21-2108967553-259258955-711445176-1005\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'sshafferMFI') O4 - HKUS\S-1-5-21-2108967553-259258955-711445176-1005\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime (User 'sshafferMFI') O4 - S-1-5-21-2108967553-259258955-711445176-1005 Startup: Dropbox.lnk = sshafferMFI\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'sshafferMFI') O4 - S-1-5-21-2108967553-259258955-711445176-1005 User Startup: Dropbox.lnk = sshafferMFI\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'sshafferMFI') O4 - Startup: Dropbox.lnk = sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: MFI-dropbox.lnk = C:\Windows\System32\runas.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Online plug-in.lnk = ? O4 - Global Startup: ScanSnap Manager.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=928 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Box Sync Auto-updater (#UpdateService) - Box, Inc. - C:\Program Files\Box Sync\UpdateService.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ElephantDrive-MappedDrive (ElephantDrive-MappedDrive.exe) - ElephantDrive - C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe O23 - Service: ElephantDrive-Service (ElephantDrive-Service.exe) - ElephantDrive - C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-Service.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing) O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 20335 bytes
  4. iamsid
    Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.10.18.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 sshaffer :: SIRIUSSID [administrator] 10/18/2012 5:58:07 PM mbam-log-2012-10-18 (17-58-07).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 317383 Time elapsed: 7 minute(s), 27 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  5. iamsid
    Just to be clear, the problem seemed to be fixed after the first ComboFix run (as opposed to the second). Just wanted to clarify my above post and couldn't figure out how to edit it.
  6. iamsid
    Computer continues to work well. It went away after the ComboFix run. So far I've had no problems during this process. Neither ComboFix or TDSSKiller needed to reboot. Below is the new ComboFix log. Any idea what I had to begin with? sid ====== ComboFix 12-10-16.02 - sshaffer 10/18/2012 13:01:14.2.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4046.1959 [GMT -5:00] Running from: c:\users\sshaffer\Desktop\security tools\04-ComboFix.exe Command switches used :: c:\users\sshaffer\Desktop\security tools\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Resident AV is active . . . ((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 ))))))))))))))))))))))))))))))) . . 2012-10-18 18:10 . 2012-10-18 18:10 -------- d-----w- c:\users\sshafferMFI\AppData\Local\temp 2012-10-18 18:10 . 2012-10-18 18:10 -------- d-----w- c:\users\HelpDesk\AppData\Local\temp 2012-10-18 18:10 . 2012-10-18 18:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-18 17:19 . 2012-10-18 17:19 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2EDF866C-9A6E-44A2-B359-9CDE44B9B2BB}\offreg.dll 2012-10-18 17:18 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2EDF866C-9A6E-44A2-B359-9CDE44B9B2BB}\mpengine.dll 2012-10-17 03:46 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-17 00:38 . 2012-10-17 00:38 -------- d-----w- c:\users\sshafferMFI\AppData\Local\VirtualStore 2012-10-14 14:12 . 2012-10-14 14:12 -------- d-----w- c:\users\sshaffer\AppData\Roaming\SUPERAntiSpyware.com 2012-10-14 14:12 . 2012-10-14 14:12 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-10-14 14:12 . 2012-10-14 14:12 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-10-10 18:14 . 2012-10-10 18:14 -------- d-----w- c:\users\sshaffer\AppData\Roaming\C2OutlookExport 2012-10-10 18:14 . 2012-10-10 18:14 -------- d-----w- c:\program files (x86)\CodeTwo 2012-10-10 16:47 . 2012-10-10 16:46 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B33693D-A3D9-431D-A203-E2BFE82EDA97}\gapaengine.dll 2012-10-10 16:23 . 2012-10-10 16:23 -------- d-----w- c:\windows\Temp7ADA2139-05D7-8850-E7DE-F58DD86F8174-Signatures 2012-10-10 14:33 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-10-10 14:32 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-10 14:31 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-10-10 14:28 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-10-10 14:28 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-10-10 14:28 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-10-02 20:48 . 2012-10-02 21:04 -------- d-----w- c:\users\sshaffer\AppData\Roaming\Audacity 2012-09-28 23:43 . 2012-09-28 23:43 -------- d-----w- c:\users\sshaffer\AppData\Roaming\Fujitsu 2012-09-28 23:43 . 2012-09-28 23:48 -------- d-----w- c:\users\sshaffer\AppData\Roaming\PFU 2012-09-28 23:42 . 2009-09-19 03:01 367616 ----a-w- c:\windows\system32\s1300u-x64.dll 2012-09-28 23:42 . 2009-04-24 01:29 695296 ----a-w- c:\windows\system32\ippi5s1300-x64.dll 2012-09-28 23:42 . 2007-07-27 03:47 351744 ----a-w- c:\windows\system32\s300u-x64.dll 2012-09-28 23:42 . 2007-05-24 00:57 695296 ----a-w- c:\windows\system32\ippi5s300-x64.dll 2012-09-28 23:41 . 2009-04-24 01:29 2873856 ----a-w- c:\windows\system32\ijl5s1300-x64.dll 2012-09-28 23:41 . 2008-04-03 13:08 33280 ----a-w- c:\windows\system32\fj52usb-x64.dll 2012-09-28 23:41 . 2007-08-17 21:33 33280 ----a-w- c:\windows\system32\fjmcusb-x64.dll 2012-09-28 23:41 . 2007-05-24 00:57 2873856 ----a-w- c:\windows\system32\ijl5s300-x64.dll 2012-09-28 23:41 . 2012-09-28 23:42 -------- d-----w- c:\windows\SSDriver 2012-09-28 23:40 . 2012-09-28 23:40 -------- d-----w- c:\program files (x86)\Common Files\PFU 2012-09-28 23:40 . 2012-09-28 23:40 -------- d-----w- c:\program files (x86)\PFU 2012-09-24 22:08 . 2012-09-24 22:08 -------- d-----w- c:\program files\Common Files\Adobe 2012-09-24 22:07 . 2012-09-24 22:07 -------- d-----w- c:\program files\Adobe 2012-09-20 20:23 . 2012-04-24 11:51 476160 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpcpp130.dll 2012-09-20 20:03 . 2012-09-20 20:05 -------- d-----w- C:\Drivers . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-18 13:29 . 2012-04-24 14:04 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-18 13:29 . 2011-10-21 14:41 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-28 05:18 . 2011-10-21 16:04 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-09-07 22:04 . 2011-10-28 21:17 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-31 03:03 . 2012-08-31 03:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-31 03:03 . 2011-04-27 20:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-28 19:38 . 2012-03-02 01:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-08-20 17:38 . 2012-10-10 14:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TwoFingerScroll"="c:\users\sshaffer\Downloads\TwoFingerScroll_1_0_9-MacHater-Mod\TwoFingerScroll.exe" [2012-01-13 1471488] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-10-08 5628288] "7 Taskbar Tweaker"="c:\users\sshaffer\AppData\Roaming\7 Taskbar Tweaker\7+ Taskbar Tweaker.exe" [2012-09-26 213504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2011-01-03 112152] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160] "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-21 106496] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-08-10 336384] "QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-07-06 323128] "OfficeScanNT Monitor"="c:\program files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" [2009-04-16 1176880] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Everything"="c:\program files (x86)\Everything\Everything.exe" [2009-03-13 602624] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2011-08-11 358336] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "EverioService"="c:\program files (x86)\CyberLink\PCM4Everio\EverioService.exe" [2006-11-23 151552] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "KeePass 2 PreLoad"="c:\program files (x86)\KeePass\KeePass.exe" [2012-05-01 1895424] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "ScanSnap WIA Service Checker"="c:\windows\SSDriver\fi5110\SsWiaChecker.exe" [2009-09-30 86016] . c:\users\sshafferMFI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\users\sshaffer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] MFI-dropbox.lnk - c:\windows\System32\runas.exe [2009-7-13 20480] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320] Online plug-in.lnk - c:\windows\Installer\{E5F3D1E9-006E-4435-85D6-483B66376655}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2011-12-15 77824] ScanSnap Manager.lnk - c:\program files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe [2012-9-28 1146880] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 116648] R3 AceecaUSBDx64;AceecaUSBDx64;c:\windows\system32\DRIVERS\AceecaUSBDx64.sys [2011-04-05 66552] R3 ElephantDrive-Service.exe;ElephantDrive-Service;c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-Service.exe [2011-05-13 118456] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 116648] R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-08-19 351136] R3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-08-19 4869024] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-16 115168] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-07 24176] R3 RemoteControl-USBLAN;RemoteControl-USBLAN;c:\windows\system32\DRIVERS\rcblan.sys [2007-01-24 46616] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-01-15 1116656] R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2011-12-09 37480] R3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704] R3 TmProxy;OfficeScan NT Proxy Service;c:\program files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [2009-02-23 865032] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-21 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2011-08-11 91864] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] S2 8704pdateService;Box Sync Auto-updater;c:\program files\Box Sync\UpdateService.exe [2012-04-24 8704] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-10-20 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-20 203776] S2 ElephantDrive-MappedDrive.exe;ElephantDrive-MappedDrive;c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe [2011-05-13 118968] S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-26 131128] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-05 227384] S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-07-06 1698360] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-01-26 30520] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336] S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264] S2 TmFilter;Trend Micro Filter;c:\program files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2011-07-12 342288] S2 TmPreFilter;Trend Micro PreFilter;c:\program files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2011-07-12 42768] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-01-03 2656280] S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-08-23 3175728] S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-09-22 645048] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-20 9090560] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-20 299520] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-20 231440] S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2011-05-04 340656] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-10-20 174680] S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2011-10-20 26712] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-10-20 8593920] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248] S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2011-12-09 37480] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 79987885 *NewlyCreated* - ASWMBR *Deregistered* - 79987885 *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 17:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 22:03] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 22:03] . 2012-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2108967553-259258955-711445176-1001Core.job - c:\users\sshaffer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-28 06:15] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2108967553-259258955-711445176-1001UA.job - c:\users\sshaffer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-28 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked] @="{C253B817-3A00-475f-A5A3-6F2DD704B48D}" [HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced] @="{19ACC806-F7AA-46AA-A80A-726A07CA6637}" [HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs] @="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}" [HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced] @="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}" [HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab] @="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}" [HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01ElephantIconOverlay] @="{AFA39CBB-DF66-47f9-A047-47ED25FE655E}" [HKEY_CLASSES_ROOT\CLSID\{AFA39CBB-DF66-47f9-A047-47ED25FE655E}] 2010-07-10 02:20 244736 ----a-w- c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\IconOverlay-64bit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02ElephantIconOverlay] @="{1E519A85-494E-4706-AC87-1CC8BB9CC5DA}" [HKEY_CLASSES_ROOT\CLSID\{1E519A85-494E-4706-AC87-1CC8BB9CC5DA}] 2010-07-10 02:20 244736 ----a-w- c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\IconOverlay-64bit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03ElephantIconOverlay] @="{0E2DD711-458A-4b39-8211-3F5FDAA0539E}" [HKEY_CLASSES_ROOT\CLSID\{0E2DD711-458A-4b39-8211-3F5FDAA0539E}] 2010-07-10 02:20 244736 ----a-w- c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\IconOverlay-64bit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeScanNT Monitor"="-HideWindow" [X] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-10-20 1128448] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704] "BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2012-04-24 394240] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: google.com\www Trusted Zone: intuit.com\ttlc Trusted Zone: rhapsody.com\rhap-app-4-0 Trusted Zone: rhapsody.com\rhapreg TCP: DhcpNameServer = 66.196.216.10 66.196.212.10 FF - ProfilePath - c:\users\sshaffer\AppData\Roaming\Mozilla\Firefox\Profiles\aubmf11t.default\ FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com|http://www.msn.com|http://www.gizmodo.com| http://www.engadget.com . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\0b\02\08\13\10\02?" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-10-18 13:14:08 ComboFix-quarantined-files.txt 2012-10-18 18:14 ComboFix2.txt 2012-10-17 00:27 . Pre-Run: 18,953,613,312 bytes free Post-Run: 19,333,111,808 bytes free . - - End Of File - - 6EA1DCE10387AD453F503F1C3C773BC7
  7. iamsid
    ============== TDSSKILLER ============== 10:51:47.0710 1640 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 10:51:48.0130 1640 ============================================================ 10:51:48.0130 1640 Current date / time: 2012/10/18 10:51:48.0130 10:51:48.0130 1640 SystemInfo: 10:51:48.0130 1640 10:51:48.0130 1640 OS Version: 6.1.7601 ServicePack: 1.0 10:51:48.0130 1640 Product type: Workstation 10:51:48.0130 1640 ComputerName: SIRIUSSID 10:51:48.0130 1640 UserName: sshaffer 10:51:48.0130 1640 Windows directory: C:\Windows 10:51:48.0130 1640 System windows directory: C:\Windows 10:51:48.0130 1640 Running under WOW64 10:51:48.0130 1640 Processor architecture: Intel x64 10:51:48.0130 1640 Number of processors: 4 10:51:48.0130 1640 Page size: 0x1000 10:51:48.0130 1640 Boot type: Normal boot 10:51:48.0130 1640 ============================================================ 10:51:48.0780 1640 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:51:48.0785 1640 ============================================================ 10:51:48.0785 1640 \Device\Harddisk0\DR0: 10:51:48.0785 1640 MBR partitions: 10:51:48.0785 1640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000 10:51:48.0785 1640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x14FF3000 10:51:48.0807 1640 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1508A000, BlocksNum 0xF9A0000 10:51:48.0807 1640 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24A2A000, BlocksNum 0xA00000 10:51:48.0807 1640 ============================================================ 10:51:48.0849 1640 C: <-> \Device\Harddisk0\DR0\Partition2 10:51:48.0873 1640 H: <-> \Device\Harddisk0\DR0\Partition4 10:51:48.0926 1640 D: <-> \Device\Harddisk0\DR0\Partition3 10:51:48.0926 1640 ============================================================ 10:51:48.0926 1640 Initialize success 10:51:48.0926 1640 ============================================================ 10:52:22.0774 4868 ============================================================ 10:52:22.0774 4868 Scan started 10:52:22.0774 4868 Mode: Manual; 10:52:22.0774 4868 ============================================================ 10:52:24.0228 4868 ================ Scan system memory ======================== 10:52:24.0228 4868 System memory - ok 10:52:24.0228 4868 ================ Scan services ============================= 10:52:24.0301 4868 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 10:52:24.0309 4868 !SASCORE - ok 10:52:24.0397 4868 [ 52C4AE4942F0AE3A63D11FA2B4CF32A7 ] #UpdateService C:\Program Files\Box Sync\UpdateService.exe 10:52:24.0403 4868 #UpdateService - ok 10:52:24.0643 4868 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 10:52:24.0646 4868 1394ohci - ok 10:52:24.0679 4868 [ 7A330A42870EB1FA81F88BE514D2D566 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys 10:52:24.0685 4868 Accelerometer - ok 10:52:24.0792 4868 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 10:52:24.0810 4868 ACDaemon - ok 10:52:24.0861 4868 [ 5677F1633EA1FA5DB3482080A506EA24 ] AceecaUSBDx64 C:\Windows\system32\DRIVERS\AceecaUSBDx64.sys 10:52:24.0869 4868 AceecaUSBDx64 - ok 10:52:24.0901 4868 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 10:52:24.0905 4868 ACPI - ok 10:52:24.0944 4868 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 10:52:24.0949 4868 AcpiPmi - ok 10:52:25.0022 4868 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:52:25.0029 4868 AdobeARMservice - ok 10:52:25.0071 4868 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 10:52:25.0092 4868 adp94xx - ok 10:52:25.0139 4868 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 10:52:25.0158 4868 adpahci - ok 10:52:25.0187 4868 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 10:52:25.0197 4868 adpu320 - ok 10:52:25.0224 4868 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:52:25.0225 4868 AeLookupSvc - ok 10:52:25.0290 4868 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe 10:52:25.0298 4868 AESTFilters - ok 10:52:25.0356 4868 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 10:52:25.0556 4868 AFD - ok 10:52:25.0601 4868 [ 48008D4EA73C1058F36D323A644410D4 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe 10:52:25.0602 4868 AgereModemAudio - ok 10:52:25.0633 4868 [ DDF52C4C92D831A4CDB7788B37585E36 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys 10:52:25.0669 4868 AgereSoftModem - ok 10:52:25.0725 4868 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 10:52:25.0732 4868 agp440 - ok 10:52:25.0760 4868 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 10:52:25.0769 4868 ALG - ok 10:52:25.0796 4868 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 10:52:25.0801 4868 aliide - ok 10:52:25.0837 4868 [ 9F822F77D3A7018F5FC28558DCB0A774 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 10:52:25.0849 4868 AMD External Events Utility - ok 10:52:25.0852 4868 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 10:52:25.0858 4868 amdide - ok 10:52:25.0909 4868 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 10:52:25.0916 4868 AmdK8 - ok 10:52:26.0060 4868 [ 45CC3C9D674BBC1703FE58DFB0E53616 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 10:52:26.0283 4868 amdkmdag - ok 10:52:26.0336 4868 [ 469E2BFEDF2A77C1DDDCD9D89E5EA4AA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 10:52:26.0348 4868 amdkmdap - ok 10:52:26.0366 4868 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 10:52:26.0372 4868 AmdPPM - ok 10:52:26.0403 4868 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 10:52:26.0411 4868 amdsata - ok 10:52:26.0439 4868 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 10:52:26.0449 4868 amdsbs - ok 10:52:26.0466 4868 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 10:52:26.0471 4868 amdxata - ok 10:52:26.0506 4868 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 10:52:26.0513 4868 AppID - ok 10:52:26.0529 4868 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 10:52:26.0534 4868 AppIDSvc - ok 10:52:26.0555 4868 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 10:52:26.0561 4868 Appinfo - ok 10:52:26.0618 4868 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 10:52:26.0626 4868 Apple Mobile Device - ok 10:52:26.0664 4868 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 10:52:26.0674 4868 AppMgmt - ok 10:52:26.0706 4868 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 10:52:26.0713 4868 arc - ok 10:52:26.0727 4868 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 10:52:26.0734 4868 arcsas - ok 10:52:26.0859 4868 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 10:52:26.0865 4868 aspnet_state - ok 10:52:26.0898 4868 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:52:26.0904 4868 AsyncMac - ok 10:52:26.0941 4868 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 10:52:26.0947 4868 atapi - ok 10:52:27.0002 4868 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 10:52:27.0019 4868 AtiHDAudioService - ok 10:52:27.0054 4868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:52:27.0085 4868 AudioEndpointBuilder - ok 10:52:27.0103 4868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:52:27.0106 4868 AudioSrv - ok 10:52:27.0168 4868 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 10:52:27.0177 4868 AxInstSV - ok 10:52:27.0229 4868 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 10:52:27.0257 4868 b06bdrv - ok 10:52:27.0323 4868 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 10:52:27.0342 4868 b57nd60a - ok 10:52:27.0416 4868 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 10:52:27.0423 4868 BDESVC - ok 10:52:27.0433 4868 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 10:52:27.0438 4868 Beep - ok 10:52:27.0478 4868 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 10:52:27.0501 4868 BFE - ok 10:52:27.0552 4868 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 10:52:27.0562 4868 BITS - ok 10:52:27.0582 4868 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 10:52:27.0590 4868 blbdrive - ok 10:52:27.0625 4868 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 10:52:27.0641 4868 Bonjour Service - ok 10:52:27.0684 4868 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:52:27.0692 4868 bowser - ok 10:52:27.0721 4868 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:52:27.0727 4868 BrFiltLo - ok 10:52:27.0751 4868 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:52:27.0756 4868 BrFiltUp - ok 10:52:27.0812 4868 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 10:52:27.0820 4868 BridgeMP - ok 10:52:27.0864 4868 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 10:52:27.0873 4868 Browser - ok 10:52:27.0892 4868 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 10:52:27.0908 4868 Brserid - ok 10:52:27.0918 4868 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 10:52:27.0925 4868 BrSerWdm - ok 10:52:27.0955 4868 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 10:52:27.0961 4868 BrUsbMdm - ok 10:52:27.0969 4868 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 10:52:27.0974 4868 BrUsbSer - ok 10:52:28.0032 4868 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 10:52:28.0039 4868 BthEnum - ok 10:52:28.0061 4868 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 10:52:28.0070 4868 BTHMODEM - ok 10:52:28.0105 4868 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 10:52:28.0107 4868 BthPan - ok 10:52:28.0167 4868 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 10:52:28.0188 4868 BTHPORT - ok 10:52:28.0243 4868 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 10:52:28.0250 4868 bthserv - ok 10:52:28.0287 4868 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 10:52:28.0296 4868 BTHUSB - ok 10:52:28.0336 4868 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys 10:52:28.0338 4868 btwampfl - ok 10:52:28.0363 4868 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 10:52:28.0372 4868 btwaudio - ok 10:52:28.0395 4868 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 10:52:28.0406 4868 btwavdt - ok 10:52:28.0472 4868 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 10:52:28.0496 4868 btwdins - ok 10:52:28.0538 4868 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 10:52:28.0544 4868 btwl2cap - ok 10:52:28.0555 4868 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 10:52:28.0560 4868 btwrchid - ok 10:52:28.0580 4868 catchme - ok 10:52:28.0616 4868 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:52:28.0624 4868 cdfs - ok 10:52:28.0662 4868 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:52:28.0671 4868 cdrom - ok 10:52:28.0704 4868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 10:52:28.0711 4868 CertPropSvc - ok 10:52:28.0744 4868 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 10:52:28.0750 4868 circlass - ok 10:52:28.0786 4868 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 10:52:28.0804 4868 CLFS - ok 10:52:28.0859 4868 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:52:28.0868 4868 clr_optimization_v2.0.50727_32 - ok 10:52:28.0901 4868 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:52:28.0911 4868 clr_optimization_v2.0.50727_64 - ok 10:52:28.0983 4868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:52:28.0995 4868 clr_optimization_v4.0.30319_32 - ok 10:52:29.0010 4868 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:52:29.0020 4868 clr_optimization_v4.0.30319_64 - ok 10:52:29.0041 4868 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 10:52:29.0047 4868 CmBatt - ok 10:52:29.0071 4868 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:52:29.0076 4868 cmdide - ok 10:52:29.0106 4868 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 10:52:29.0127 4868 CNG - ok 10:52:29.0167 4868 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 10:52:29.0172 4868 Compbatt - ok 10:52:29.0194 4868 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 10:52:29.0200 4868 CompositeBus - ok 10:52:29.0208 4868 COMSysApp - ok 10:52:29.0229 4868 CpqDfw - ok 10:52:29.0247 4868 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 10:52:29.0252 4868 crcdisk - ok 10:52:29.0299 4868 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:52:29.0309 4868 CryptSvc - ok 10:52:29.0335 4868 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 10:52:29.0372 4868 CSC - ok 10:52:29.0390 4868 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 10:52:29.0395 4868 CscService - ok 10:52:29.0428 4868 [ BF62FF663AE55E4ED99DE76881C2C0F1 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys 10:52:29.0435 4868 ctxusbm - ok 10:52:29.0465 4868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 10:52:29.0470 4868 DcomLaunch - ok 10:52:29.0496 4868 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 10:52:29.0498 4868 defragsvc - ok 10:52:29.0532 4868 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:52:29.0541 4868 DfsC - ok 10:52:29.0561 4868 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 10:52:29.0574 4868 Dhcp - ok 10:52:29.0606 4868 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 10:52:29.0612 4868 discache - ok 10:52:29.0638 4868 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 10:52:29.0645 4868 Disk - ok 10:52:29.0674 4868 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:52:29.0676 4868 Dnscache - ok 10:52:29.0698 4868 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 10:52:29.0708 4868 dot3svc - ok 10:52:29.0731 4868 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 10:52:29.0732 4868 DPS - ok 10:52:29.0765 4868 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:52:29.0770 4868 drmkaud - ok 10:52:29.0805 4868 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:52:29.0832 4868 DXGKrnl - ok 10:52:29.0870 4868 [ FAF4969BDDEE7786862BBD75F4B499DE ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys 10:52:29.0891 4868 e1cexpress - ok 10:52:29.0922 4868 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 10:52:29.0930 4868 EapHost - ok 10:52:30.0004 4868 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 10:52:30.0126 4868 ebdrv - ok 10:52:30.0172 4868 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 10:52:30.0179 4868 EFS - ok 10:52:30.0237 4868 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:52:30.0274 4868 ehRecvr - ok 10:52:30.0298 4868 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 10:52:30.0309 4868 ehSched - ok 10:52:30.0352 4868 [ E943D9C3F9A26B259C5053B49724E840 ] ElephantDrive-MappedDrive.exe C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe 10:52:30.0363 4868 ElephantDrive-MappedDrive.exe - ok 10:52:30.0380 4868 [ EF5ECBCA789C9C63CB5453ACFD25EDAD ] ElephantDrive-Service.exe C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-Service.exe 10:52:30.0392 4868 ElephantDrive-Service.exe - ok 10:52:30.0426 4868 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 10:52:30.0447 4868 elxstor - ok 10:52:30.0477 4868 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:52:30.0482 4868 ErrDev - ok 10:52:30.0520 4868 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 10:52:30.0530 4868 EventSystem - ok 10:52:30.0560 4868 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 10:52:30.0572 4868 exfat - ok 10:52:30.0589 4868 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:52:30.0600 4868 fastfat - ok 10:52:30.0639 4868 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 10:52:30.0646 4868 Fax - ok 10:52:30.0677 4868 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 10:52:30.0683 4868 fdc - ok 10:52:30.0711 4868 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 10:52:30.0716 4868 fdPHost - ok 10:52:30.0723 4868 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 10:52:30.0729 4868 FDResPub - ok 10:52:30.0761 4868 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:52:30.0768 4868 FileInfo - ok 10:52:30.0781 4868 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:52:30.0788 4868 Filetrace - ok 10:52:30.0839 4868 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 10:52:30.0877 4868 FLEXnet Licensing Service - ok 10:52:30.0915 4868 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 10:52:30.0921 4868 flpydisk - ok 10:52:30.0949 4868 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:52:30.0966 4868 FltMgr - ok 10:52:31.0011 4868 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 10:52:31.0064 4868 FontCache - ok 10:52:31.0112 4868 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:52:31.0120 4868 FontCache3.0.0.0 - ok 10:52:31.0149 4868 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:52:31.0155 4868 FsDepends - ok 10:52:31.0196 4868 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:52:31.0202 4868 Fs_Rec - ok 10:52:31.0239 4868 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:52:31.0253 4868 fvevol - ok 10:52:31.0272 4868 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 10:52:31.0280 4868 gagp30kx - ok 10:52:31.0296 4868 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:52:31.0302 4868 GEARAspiWDM - ok 10:52:31.0330 4868 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 10:52:31.0335 4868 gpsvc - ok 10:52:31.0461 4868 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:52:31.0463 4868 gupdate - ok 10:52:31.0479 4868 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:52:31.0480 4868 gupdatem - ok 10:52:31.0516 4868 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 10:52:31.0533 4868 gusvc - ok 10:52:31.0598 4868 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 10:52:31.0604 4868 hcw85cir - ok 10:52:31.0636 4868 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 10:52:31.0655 4868 HdAudAddService - ok 10:52:31.0687 4868 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 10:52:31.0695 4868 HDAudBus - ok 10:52:31.0710 4868 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 10:52:31.0717 4868 HidBatt - ok 10:52:31.0730 4868 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 10:52:31.0739 4868 HidBth - ok 10:52:31.0764 4868 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 10:52:31.0772 4868 HidIr - ok 10:52:31.0795 4868 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 10:52:31.0801 4868 hidserv - ok 10:52:31.0855 4868 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:52:31.0861 4868 HidUsb - ok 10:52:31.0886 4868 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:52:31.0894 4868 hkmsvc - ok 10:52:31.0915 4868 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:52:31.0926 4868 HomeGroupListener - ok 10:52:31.0956 4868 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:52:31.0959 4868 HomeGroupProvider - ok 10:52:32.0019 4868 HP Health Check Service - ok 10:52:32.0097 4868 [ 02C2108111D9656A9729995D2219FB99 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe 10:52:32.0107 4868 HP Power Assistant Service - ok 10:52:32.0166 4868 [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 10:52:32.0175 4868 HP Support Assistant Service - ok 10:52:32.0237 4868 [ C5D2F308E1C12A5C328EF549696DBC05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe 10:52:32.0290 4868 hpCMSrv - ok 10:52:32.0340 4868 [ A9FC4D7EA174BBF5A675B299FFAD80A2 ] HPDayStarterService C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe 10:52:32.0350 4868 HPDayStarterService - ok 10:52:32.0404 4868 [ D17F9E527F01770BD04A9223BC40EC22 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 10:52:32.0415 4868 HPDrvMntSvc.exe - ok 10:52:32.0437 4868 [ A4BE23C451ADEB252CD17A0532CAE220 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys 10:52:32.0443 4868 hpdskflt - ok 10:52:32.0506 4868 [ 7D10E0F2F603A3CE65F0B9750F7ABDB2 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe 10:52:32.0588 4868 hpHotkeyMonitor - ok 10:52:32.0620 4868 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 10:52:32.0626 4868 HpqKbFiltr - ok 10:52:32.0661 4868 [ 0955C23C041451FB4E7099D6B2CF1C06 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 10:52:32.0670 4868 hpqwmiex - ok 10:52:32.0739 4868 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:52:32.0746 4868 HpSAMD - ok 10:52:32.0749 4868 [ A88A45E82BC54BFFB49C63973010226A ] hpsrv C:\Windows\system32\Hpservice.exe 10:52:32.0755 4868 hpsrv - ok 10:52:32.0824 4868 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:52:32.0868 4868 HTTP - ok 10:52:32.0914 4868 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:52:32.0919 4868 hwpolicy - ok 10:52:32.0953 4868 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 10:52:32.0964 4868 i8042prt - ok 10:52:32.0989 4868 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 10:52:32.0991 4868 iaStor - ok 10:52:33.0041 4868 [ 117FF657E0D9BBD61B5C3E71E63D3919 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 10:52:33.0047 4868 IAStorDataMgrSvc - ok 10:52:33.0076 4868 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:52:33.0096 4868 iaStorV - ok 10:52:33.0187 4868 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 10:52:33.0216 4868 IDriverT - ok 10:52:33.0318 4868 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:52:33.0343 4868 idsvc - ok 10:52:33.0383 4868 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 10:52:33.0389 4868 iirsp - ok 10:52:33.0419 4868 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 10:52:33.0444 4868 IKEEXT - ok 10:52:33.0481 4868 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 10:52:33.0486 4868 intelide - ok 10:52:33.0509 4868 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:52:33.0515 4868 intelppm - ok 10:52:33.0611 4868 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe 10:52:33.0617 4868 IntuitUpdateServiceV4 - ok 10:52:33.0649 4868 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:52:33.0657 4868 IPBusEnum - ok 10:52:33.0701 4868 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:52:33.0709 4868 IpFilterDriver - ok 10:52:33.0747 4868 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:52:33.0768 4868 iphlpsvc - ok 10:52:33.0816 4868 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 10:52:33.0826 4868 IPMIDRV - ok 10:52:33.0842 4868 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:52:33.0851 4868 IPNAT - ok 10:52:33.0890 4868 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 10:52:33.0899 4868 iPod Service - ok 10:52:33.0965 4868 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:52:33.0970 4868 IRENUM - ok 10:52:33.0995 4868 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:52:34.0001 4868 isapnp - ok 10:52:34.0014 4868 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 10:52:34.0039 4868 iScsiPrt - ok 10:52:34.0077 4868 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 10:52:34.0089 4868 jhi_service - ok 10:52:34.0107 4868 [ 665554F9F795446181C70349AFA1B0A4 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys 10:52:34.0117 4868 JMCR - ok 10:52:34.0154 4868 [ C6A3593D397B111C1DBBC1BE6384B548 ] johci C:\Windows\system32\DRIVERS\johci.sys 10:52:34.0160 4868 johci - ok 10:52:34.0182 4868 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 10:52:34.0182 4868 kbdclass - ok 10:52:34.0216 4868 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 10:52:34.0223 4868 kbdhid - ok 10:52:34.0226 4868 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 10:52:34.0227 4868 KeyIso - ok 10:52:34.0244 4868 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:52:34.0252 4868 KSecDD - ok 10:52:34.0261 4868 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:52:34.0272 4868 KSecPkg - ok 10:52:34.0297 4868 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:52:34.0302 4868 ksthunk - ok 10:52:34.0334 4868 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 10:52:34.0347 4868 KtmRm - ok 10:52:34.0391 4868 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 10:52:34.0418 4868 LanmanServer - ok 10:52:34.0450 4868 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:52:34.0458 4868 LanmanWorkstation - ok 10:52:34.0553 4868 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 10:52:34.0567 4868 LBTServ - ok 10:52:34.0626 4868 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys 10:52:34.0633 4868 LEqdUsb - ok 10:52:34.0652 4868 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys 10:52:34.0657 4868 LHidEqd - ok 10:52:34.0668 4868 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 10:52:34.0675 4868 LHidFilt - ok 10:52:34.0739 4868 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 10:52:34.0753 4868 LightScribeService - ok 10:52:34.0780 4868 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:52:34.0787 4868 lltdio - ok 10:52:34.0810 4868 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:52:34.0826 4868 lltdsvc - ok 10:52:34.0841 4868 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:52:34.0847 4868 lmhosts - ok 10:52:34.0869 4868 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 10:52:34.0875 4868 LMouFilt - ok 10:52:34.0931 4868 [ DE75F2EA497DA4B3A764D4EAC43135E9 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 10:52:34.0952 4868 LMS - ok 10:52:35.0025 4868 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 10:52:35.0034 4868 LSI_FC - ok 10:52:35.0061 4868 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 10:52:35.0070 4868 LSI_SAS - ok 10:52:35.0086 4868 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:52:35.0093 4868 LSI_SAS2 - ok 10:52:35.0097 4868 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:52:35.0105 4868 LSI_SCSI - ok 10:52:35.0120 4868 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 10:52:35.0130 4868 luafv - ok 10:52:35.0170 4868 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 10:52:35.0189 4868 LVRS64 - ok 10:52:35.0302 4868 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 10:52:35.0441 4868 LVUVC64 - ok 10:52:35.0472 4868 MCSTRM - ok 10:52:35.0494 4868 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:52:35.0502 4868 Mcx2Svc - ok 10:52:35.0561 4868 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 10:52:35.0577 4868 MDM - ok 10:52:35.0595 4868 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 10:52:35.0602 4868 megasas - ok 10:52:35.0629 4868 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 10:52:35.0642 4868 MegaSR - ok 10:52:35.0680 4868 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 10:52:35.0687 4868 MEIx64 - ok 10:52:35.0723 4868 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 10:52:35.0724 4868 MMCSS - ok 10:52:35.0730 4868 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 10:52:35.0737 4868 Modem - ok 10:52:35.0794 4868 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:52:35.0794 4868 monitor - ok 10:52:35.0813 4868 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:52:35.0821 4868 mouclass - ok 10:52:35.0845 4868 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:52:35.0852 4868 mouhid - ok 10:52:35.0886 4868 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:52:35.0894 4868 mountmgr - ok 10:52:35.0977 4868 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:52:35.0991 4868 MozillaMaintenance - ok 10:52:36.0066 4868 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 10:52:36.0078 4868 MpFilter - ok 10:52:36.0101 4868 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 10:52:36.0113 4868 mpio - ok 10:52:36.0149 4868 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:52:36.0158 4868 mpsdrv - ok 10:52:36.0196 4868 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 10:52:36.0203 4868 MpsSvc - ok 10:52:36.0233 4868 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:52:36.0243 4868 MRxDAV - ok 10:52:36.0268 4868 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:52:36.0279 4868 mrxsmb - ok 10:52:36.0295 4868 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:52:36.0309 4868 mrxsmb10 - ok 10:52:36.0323 4868 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:52:36.0333 4868 mrxsmb20 - ok 10:52:36.0352 4868 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 10:52:36.0358 4868 msahci - ok 10:52:36.0388 4868 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:52:36.0397 4868 msdsm - ok 10:52:36.0421 4868 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 10:52:36.0432 4868 MSDTC - ok 10:52:36.0471 4868 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:52:36.0478 4868 Msfs - ok 10:52:36.0490 4868 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:52:36.0495 4868 mshidkmdf - ok 10:52:36.0503 4868 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:52:36.0508 4868 msisadrv - ok 10:52:36.0543 4868 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:52:36.0553 4868 MSiSCSI - ok 10:52:36.0555 4868 msiserver - ok 10:52:36.0584 4868 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:52:36.0590 4868 MSKSSRV - ok 10:52:36.0654 4868 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 10:52:36.0654 4868 MsMpSvc - ok 10:52:36.0679 4868 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:52:36.0684 4868 MSPCLOCK - ok 10:52:36.0698 4868 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:52:36.0702 4868 MSPQM - ok 10:52:36.0736 4868 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:52:36.0762 4868 MsRPC - ok 10:52:36.0806 4868 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 10:52:36.0812 4868 mssmbios - ok 10:52:36.0829 4868 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:52:36.0833 4868 MSTEE - ok 10:52:36.0849 4868 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 10:52:36.0854 4868 MTConfig - ok 10:52:36.0870 4868 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 10:52:36.0876 4868 Mup - ok 10:52:36.0903 4868 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 10:52:36.0909 4868 napagent - ok 10:52:36.0940 4868 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:52:36.0960 4868 NativeWifiP - ok 10:52:36.0996 4868 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:52:37.0006 4868 NDIS - ok 10:52:37.0019 4868 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 10:52:37.0026 4868 NdisCap - ok 10:52:37.0050 4868 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:52:37.0056 4868 NdisTapi - ok 10:52:37.0072 4868 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:52:37.0080 4868 Ndisuio - ok 10:52:37.0096 4868 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:52:37.0106 4868 NdisWan - ok 10:52:37.0142 4868 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:52:37.0148 4868 NDProxy - ok 10:52:37.0207 4868 [ 76C4D5C98A808D8C8E0C46280036FAF8 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 10:52:37.0213 4868 Net Driver HPZ12 - ok 10:52:37.0255 4868 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:52:37.0262 4868 NetBIOS - ok 10:52:37.0286 4868 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:52:37.0299 4868 NetBT - ok 10:52:37.0306 4868 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 10:52:37.0307 4868 Netlogon - ok 10:52:37.0333 4868 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 10:52:37.0354 4868 Netman - ok 10:52:37.0380 4868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:52:37.0390 4868 NetMsmqActivator - ok 10:52:37.0394 4868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:52:37.0395 4868 NetPipeActivator - ok 10:52:37.0431 4868 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 10:52:37.0435 4868 netprofm - ok 10:52:37.0439 4868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:52:37.0440 4868 NetTcpActivator - ok 10:52:37.0443 4868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:52:37.0444 4868 NetTcpPortSharing - ok 10:52:37.0585 4868 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 10:52:37.0775 4868 NETwNs64 - ok 10:52:37.0817 4868 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 10:52:37.0823 4868 nfrd960 - ok 10:52:37.0883 4868 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 10:52:37.0892 4868 NisDrv - ok 10:52:37.0934 4868 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 10:52:37.0944 4868 NisSrv - ok 10:52:37.0982 4868 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 10:52:37.0994 4868 NlaSvc - ok 10:52:38.0006 4868 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:52:38.0014 4868 Npfs - ok 10:52:38.0039 4868 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 10:52:38.0044 4868 nsi - ok 10:52:38.0053 4868 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:52:38.0059 4868 nsiproxy - ok 10:52:38.0107 4868 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:52:38.0146 4868 Ntfs - ok 10:52:38.0217 4868 [ 8FC776AA1FE21FC2742E8C5EE0BC27EC ] ntrtscan C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe 10:52:38.0231 4868 ntrtscan - ok 10:52:38.0255 4868 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 10:52:38.0260 4868 Null - ok 10:52:38.0301 4868 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 10:52:38.0310 4868 nusb3hub - ok 10:52:38.0325 4868 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 10:52:38.0337 4868 nusb3xhc - ok 10:52:38.0368 4868 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:52:38.0380 4868 nvraid - ok 10:52:38.0392 4868 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:52:38.0402 4868 nvstor - ok 10:52:38.0428 4868 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:52:38.0437 4868 nv_agp - ok 10:52:38.0466 4868 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:52:38.0474 4868 ohci1394 - ok 10:52:38.0501 4868 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:52:38.0512 4868 ose - ok 10:52:38.0543 4868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:52:38.0555 4868 p2pimsvc - ok 10:52:38.0572 4868 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 10:52:38.0591 4868 p2psvc - ok 10:52:38.0640 4868 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 10:52:38.0651 4868 Parport - ok 10:52:38.0685 4868 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:52:38.0693 4868 partmgr - ok 10:52:38.0748 4868 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys 10:52:38.0756 4868 pbfilter - ok 10:52:38.0769 4868 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 10:52:38.0777 4868 PcaSvc - ok 10:52:38.0800 4868 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 10:52:38.0802 4868 pci - ok 10:52:38.0812 4868 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 10:52:38.0816 4868 pciide - ok 10:52:38.0864 4868 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 10:52:38.0880 4868 pcmcia - ok 10:52:38.0897 4868 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 10:52:38.0903 4868 pcw - ok 10:52:38.0955 4868 [ 8F924F00F2F81422FD7C340FDA0E00D8 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe 10:52:38.0966 4868 PdiService - ok 10:52:38.0985 4868 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:52:39.0029 4868 PEAUTH - ok 10:52:39.0081 4868 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 10:52:39.0115 4868 PeerDistSvc - ok 10:52:39.0194 4868 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:52:39.0203 4868 PerfHost - ok 10:52:39.0263 4868 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 10:52:39.0322 4868 pla - ok 10:52:39.0351 4868 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:52:39.0369 4868 PlugPlay - ok 10:52:39.0441 4868 [ D1A4DBB8A29F7FFC78378F47F9EA6B91 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 10:52:39.0447 4868 Pml Driver HPZ12 - ok 10:52:39.0460 4868 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:52:39.0466 4868 PNRPAutoReg - ok 10:52:39.0476 4868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:52:39.0478 4868 PNRPsvc - ok 10:52:39.0520 4868 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:52:39.0539 4868 PolicyAgent - ok 10:52:39.0570 4868 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 10:52:39.0580 4868 Power - ok 10:52:39.0605 4868 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:52:39.0614 4868 PptpMiniport - ok 10:52:39.0630 4868 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 10:52:39.0636 4868 Processor - ok 10:52:39.0675 4868 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 10:52:39.0685 4868 ProfSvc - ok 10:52:39.0697 4868 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 10:52:39.0698 4868 ProtectedStorage - ok 10:52:39.0731 4868 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 10:52:39.0742 4868 Psched - ok 10:52:39.0775 4868 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 10:52:39.0783 4868 PxHlpa64 - ok 10:52:39.0826 4868 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 10:52:39.0871 4868 ql2300 - ok 10:52:39.0905 4868 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 10:52:39.0913 4868 ql40xx - ok 10:52:39.0934 4868 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 10:52:39.0946 4868 QWAVE - ok 10:52:39.0960 4868 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:52:39.0967 4868 QWAVEdrv - ok 10:52:39.0983 4868 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:52:39.0989 4868 RasAcd - ok 10:52:40.0020 4868 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 10:52:40.0027 4868 RasAgileVpn - ok 10:52:40.0039 4868 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 10:52:40.0048 4868 RasAuto - ok 10:52:40.0071 4868 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:52:40.0081 4868 Rasl2tp - ok 10:52:40.0110 4868 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 10:52:40.0123 4868 RasMan - ok 10:52:40.0150 4868 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:52:40.0159 4868 RasPppoe - ok 10:52:40.0173 4868 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:52:40.0181 4868 RasSstp - ok 10:52:40.0198 4868 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:52:40.0214 4868 rdbss - ok 10:52:40.0223 4868 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 10:52:40.0230 4868 rdpbus - ok 10:52:40.0255 4868 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:52:40.0259 4868 RDPCDD - ok 10:52:40.0287 4868 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 10:52:40.0303 4868 RDPDR - ok 10:52:40.0321 4868 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:52:40.0325 4868 RDPENCDD - ok 10:52:40.0330 4868 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 10:52:40.0334 4868 RDPREFMP - ok 10:52:40.0387 4868 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:52:40.0399 4868 RDPWD - ok 10:52:40.0442 4868 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:52:40.0456 4868 rdyboost - ok 10:52:40.0485 4868 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:52:40.0493 4868 RemoteAccess - ok 10:52:40.0541 4868 [ BFA4873CD96D7144DC0059A70E1E358F ] RemoteControl-USBLAN C:\Windows\system32\DRIVERS\rcblan.sys 10:52:40.0547 4868 RemoteControl-USBLAN - ok 10:52:40.0579 4868 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:52:40.0588 4868 RemoteRegistry - ok 10:52:40.0624 4868 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 10:52:40.0631 4868 RFCOMM - ok 10:52:40.0701 4868 [ B216B03852DF788C7E2AFDF6C6E8A9B0 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe 10:52:40.0738 4868 RichVideo - ok 10:52:40.0833 4868 [ 7566F7C551606D44479A5E22F3405B89 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 10:52:40.0875 4868 RoxMediaDB12OEM - ok 10:52:40.0908 4868 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:52:40.0915 4868 RpcEptMapper - ok 10:52:40.0936 4868 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 10:52:40.0942 4868 RpcLocator - ok 10:52:40.0973 4868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 10:52:40.0976 4868 RpcSs - ok 10:52:41.0014 4868 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys 10:52:41.0020 4868 RRNetCap - ok 10:52:41.0023 4868 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys 10:52:41.0024 4868 RRNetCapMP - ok 10:52:41.0052 4868 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:52:41.0060 4868 rspndr - ok 10:52:41.0090 4868 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 10:52:41.0094 4868 s3cap - ok 10:52:41.0114 4868 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 10:52:41.0115 4868 SamSs - ok 10:52:41.0148 4868 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 10:52:41.0153 4868 SASDIFSV - ok 10:52:41.0167 4868 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 10:52:41.0172 4868 SASKUTIL - ok 10:52:41.0190 4868 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:52:41.0198 4868 sbp2port - ok 10:52:41.0232 4868 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:52:41.0243 4868 SCardSvr - ok 10:52:41.0262 4868 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:52:41.0268 4868 scfilter - ok 10:52:41.0304 4868 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 10:52:41.0336 4868 Schedule - ok 10:52:41.0378 4868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 10:52:41.0379 4868 SCPolicySvc - ok 10:52:41.0419 4868 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys 10:52:41.0427 4868 sdbus - ok 10:52:41.0448 4868 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:52:41.0459 4868 SDRSVC - ok 10:52:41.0486 4868 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:52:41.0492 4868 secdrv - ok 10:52:41.0519 4868 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 10:52:41.0525 4868 seclogon - ok 10:52:41.0546 4868 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 10:52:41.0547 4868 SENS - ok 10:52:41.0557 4868 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:52:41.0562 4868 SensrSvc - ok 10:52:41.0576 4868 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 10:52:41.0582 4868 Serenum - ok 10:52:41.0588 4868 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 10:52:41.0598 4868 Serial - ok 10:52:41.0624 4868 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 10:52:41.0630 4868 sermouse - ok 10:52:41.0688 4868 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 10:52:41.0695 4868 SessionEnv - ok 10:52:41.0715 4868 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:52:41.0721 4868 sffdisk - ok 10:52:41.0737 4868 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:52:41.0742 4868 sffp_mmc - ok 10:52:41.0751 4868 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:52:41.0757 4868 sffp_sd - ok 10:52:41.0774 4868 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 10:52:41.0780 4868 sfloppy - ok 10:52:41.0819 4868 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:52:41.0834 4868 SharedAccess - ok 10:52:41.0861 4868 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:52:41.0877 4868 ShellHWDetection - ok 10:52:41.0897 4868 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:52:41.0903 4868 SiSRaid2 - ok 10:52:41.0918 4868 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 10:52:41.0925 4868 SiSRaid4 - ok 10:52:41.0942 4868 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:52:41.0951 4868 Smb - ok 10:52:41.0979 4868 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:52:41.0984 4868 SNMPTRAP - ok 10:52:41.0998 4868 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 10:52:42.0003 4868 spldr - ok 10:52:42.0034 4868 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 10:52:42.0058 4868 Spooler - ok 10:52:42.0159 4868 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 10:52:42.0263 4868 sppsvc - ok 10:52:42.0314 4868 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 10:52:42.0320 4868 sppuinotify - ok 10:52:42.0405 4868 [ DC3458CE25D50152CEA22DC8230E5AAD ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys 10:52:42.0527 4868 SPUVCbv - ok 10:52:42.0571 4868 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 10:52:42.0594 4868 srv - ok 10:52:42.0626 4868 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:52:42.0650 4868 srv2 - ok 10:52:42.0661 4868 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:52:42.0671 4868 srvnet - ok 10:52:42.0701 4868 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:52:42.0704 4868 SSDPSRV - ok 10:52:42.0711 4868 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:52:42.0719 4868 SstpSvc - ok 10:52:42.0771 4868 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 10:52:42.0786 4868 STacSV - ok 10:52:42.0804 4868 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 10:52:42.0810 4868 stexstor - ok 10:52:42.0843 4868 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys 10:52:42.0879 4868 STHDA - ok 10:52:42.0923 4868 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 10:52:42.0945 4868 stisvc - ok 10:52:42.0978 4868 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 10:52:42.0989 4868 stllssvr - ok 10:52:43.0024 4868 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 10:52:43.0030 4868 storflt - ok 10:52:43.0043 4868 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 10:52:43.0049 4868 StorSvc - ok 10:52:43.0061 4868 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 10:52:43.0067 4868 storvsc - ok 10:52:43.0084 4868 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 10:52:43.0089 4868 swenum - ok 10:52:43.0116 4868 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 10:52:43.0137 4868 swprv - ok 10:52:43.0184 4868 [ 1BFDD504F8C2E76B74E86CCF11283368 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 10:52:43.0237 4868 SynTP - ok 10:52:43.0281 4868 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 10:52:43.0299 4868 SysMain - ok 10:52:43.0319 4868 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:52:43.0327 4868 TabletInputService - ok 10:52:43.0337 4868 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 10:52:43.0353 4868 TapiSrv - ok 10:52:43.0386 4868 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys 10:52:43.0392 4868 tbhsd - ok 10:52:43.0418 4868 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 10:52:43.0425 4868 TBS - ok 10:52:43.0474 4868 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:52:43.0578 4868 Tcpip - ok 10:52:43.0611 4868 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 10:52:43.0619 4868 TCPIP6 - ok 10:52:43.0637 4868 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:52:43.0645 4868 tcpipreg - ok 10:52:43.0678 4868 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:52:43.0683 4868 TDPIPE - ok 10:52:43.0725 4868 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:52:43.0732 4868 TDTCP - ok 10:52:43.0767 4868 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:52:43.0776 4868 tdx - ok 10:52:43.0799 4868 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 10:52:43.0805 4868 TermDD - ok 10:52:43.0823 4868 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 10:52:43.0851 4868 TermService - ok 10:52:43.0878 4868 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 10:52:43.0885 4868 Themes - ok 10:52:43.0914 4868 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 10:52:43.0915 4868 THREADORDER - ok 10:52:43.0969 4868 [ 8B97BA7E28BD39A2BC4A2BB66A83FEC0 ] TmFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys 10:52:43.0971 4868 TmFilter - ok 10:52:44.0017 4868 [ 111DD96C2CC58ED1135B0743A1164059 ] tmlisten C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe 10:52:44.0025 4868 tmlisten - ok 10:52:44.0057 4868 [ 1889F49A828B1CF0E2866CDD325875B0 ] TmPreFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys 10:52:44.0058 4868 TmPreFilter - ok 10:52:44.0082 4868 [ FA404D95C57556E58DE5645E7251E0BC ] TmProxy C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe 10:52:44.0096 4868 TmProxy - ok 10:52:44.0119 4868 [ E3033F9B5CBB5C7C0F9EF75F69BA875B ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys 10:52:44.0120 4868 tmtdi - ok 10:52:44.0162 4868 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 10:52:44.0168 4868 TPM - ok 10:52:44.0205 4868 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 10:52:44.0214 4868 TrkWks - ok 10:52:44.0260 4868 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:52:44.0262 4868 TrustedInstaller - ok 10:52:44.0298 4868 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:52:44.0306 4868 tssecsrv - ok 10:52:44.0342 4868 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 10:52:44.0349 4868 TsUsbFlt - ok 10:52:44.0398 4868 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:52:44.0408 4868 tunnel - ok 10:52:44.0434 4868 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 10:52:44.0442 4868 uagp35 - ok 10:52:44.0464 4868 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:52:44.0480 4868 udfs - ok 10:52:44.0503 4868 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:52:44.0510 4868 UI0Detect - ok 10:52:44.0550 4868 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:52:44.0557 4868 uliagpkx - ok 10:52:44.0591 4868 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:52:44.0597 4868 umbus - ok 10:52:44.0615 4868 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 10:52:44.0620 4868 UmPass - ok 10:52:44.0635 4868 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 10:52:44.0645 4868 UmRdpService - ok 10:52:44.0712 4868 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 10:52:44.0737 4868 UMVPFSrv - ok 10:52:44.0833 4868 [ 2955A9ADBC618B6A09E3D3BECC3CCB3D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 10:52:44.0874 4868 UNS - ok 10:52:44.0899 4868 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 10:52:44.0914 4868 upnphost - ok 10:52:44.0950 4868 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 10:52:44.0958 4868 USBAAPL64 - ok 10:52:44.0989 4868 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 10:52:44.0999 4868 usbaudio - ok 10:52:45.0021 4868 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:52:45.0029 4868 usbccgp - ok 10:52:45.0051 4868 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:52:45.0060 4868 usbcir - ok 10:52:45.0074 4868 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 10:52:45.0081 4868 usbehci - ok 10:52:45.0102 4868 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:52:45.0130 4868 usbhub - ok 10:52:45.0151 4868 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:52:45.0157 4868 usbohci - ok 10:52:45.0182 4868 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:52:45.0189 4868 usbprint - ok 10:52:45.0242 4868 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:52:45.0249 4868 usbscan - ok 10:52:45.0283 4868 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys 10:52:45.0311 4868 usbser - ok 10:52:45.0332 4868 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:52:45.0341 4868 USBSTOR - ok 10:52:45.0357 4868 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 10:52:45.0363 4868 usbuhci - ok 10:52:45.0404 4868 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 10:52:45.0415 4868 usbvideo - ok 10:52:45.0436 4868 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 10:52:45.0442 4868 UxSms - ok 10:52:45.0455 4868 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 10:52:45.0456 4868 VaultSvc - ok 10:52:45.0532 4868 [ 832EFBAC3205B1468E537476BA1EBD52 ] vcsFPService C:\Windows\system32\vcsFPService.exe 10:52:45.0582 4868 vcsFPService - ok 10:52:45.0622 4868 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:52:45.0628 4868 vdrvroot - ok 10:52:45.0656 4868 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 10:52:45.0678 4868 vds - ok 10:52:45.0700 4868 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:52:45.0706 4868 vga - ok 10:52:45.0719 4868 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 10:52:45.0726 4868 VgaSave - ok 10:52:45.0748 4868 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 10:52:45.0760 4868 vhdmp - ok 10:52:45.0786 4868 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 10:52:45.0791 4868 viaide - ok 10:52:45.0813 4868 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 10:52:45.0825 4868 vmbus - ok 10:52:45.0851 4868 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 10:52:45.0857 4868 VMBusHID - ok 10:52:45.0871 4868 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:52:45.0878 4868 volmgr - ok 10:52:45.0907 4868 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:52:45.0925 4868 volmgrx - ok 10:52:45.0935 4868 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:52:45.0955 4868 volsnap - ok 10:52:46.0002 4868 [ 3B98AB9849754CB88265111422441DF7 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe 10:52:46.0025 4868 vpnagent - ok 10:52:46.0044 4868 [ 13E6D95E7AC67ABB7A1196557EF8849F ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys 10:52:46.0050 4868 vpnva - ok 10:52:46.0102 4868 [ 3A5862D9A4FE4BBB2FFA1700E2B21B9B ] VSApiNt C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys 10:52:46.0111 4868 VSApiNt - ok 10:52:46.0153 4868 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 10:52:46.0163 4868 vsmraid - ok 10:52:46.0204 4868 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 10:52:46.0292 4868 VSS - ok 10:52:46.0300 4868 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 10:52:46.0305 4868 vwifibus - ok 10:52:46.0329 4868 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 10:52:46.0337 4868 vwififlt - ok 10:52:46.0362 4868 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 10:52:46.0367 4868 vwifimp - ok 10:52:46.0403 4868 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 10:52:46.0422 4868 W32Time - ok 10:52:46.0433 4868 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 10:52:46.0440 4868 WacomPen - ok 10:52:46.0468 4868 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 10:52:46.0476 4868 WANARP - ok 10:52:46.0489 4868 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:52:46.0490 4868 Wanarpv6 - ok 10:52:46.0550 4868 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 10:52:46.0620 4868 WatAdminSvc - ok 10:52:46.0684 4868 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 10:52:46.0741 4868 wbengine - ok 10:52:46.0774 4868 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:52:46.0785 4868 WbioSrvc - ok 10:52:46.0813 4868 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:52:46.0832 4868 wcncsvc - ok 10:52:46.0840 4868 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:52:46.0846 4868 WcsPlugInService - ok 10:52:46.0875 4868 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 10:52:46.0881 4868 Wd - ok 10:52:46.0911 4868 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 10:52:46.0917 4868 WDC_SAM - ok 10:52:46.0934 4868 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:52:46.0956 4868 Wdf01000 - ok 10:52:46.0968 4868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:52:46.0975 4868 WdiServiceHost - ok 10:52:46.0978 4868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:52:46.0979 4868 WdiSystemHost - ok 10:52:46.0990 4868 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 10:52:47.0006 4868 WebClient - ok 10:52:47.0019 4868 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:52:47.0030 4868 Wecsvc - ok 10:52:47.0042 4868 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:52:47.0049 4868 wercplsupport - ok 10:52:47.0071 4868 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 10:52:47.0073 4868 WerSvc - ok 10:52:47.0102 4868 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 10:52:47.0108 4868 WfpLwf - ok 10:52:47.0118 4868 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:52:47.0123 4868 WIMMount - ok 10:52:47.0144 4868 WinDefend - ok 10:52:47.0149 4868 WinHttpAutoProxySvc - ok 10:52:47.0191 4868 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:52:47.0202 4868 Winmgmt - ok 10:52:47.0252 4868 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 10:52:47.0353 4868 WinRM - ok 10:52:47.0383 4868 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 10:52:47.0384 4868 WinUSB - ok 10:52:47.0425 4868 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 10:52:47.0433 4868 Wlansvc - ok 10:52:47.0525 4868 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 10:52:47.0636 4868 wlidsvc - ok 10:52:47.0674 4868 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:52:47.0679 4868 WmiAcpi - ok 10:52:47.0700 4868 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:52:47.0713 4868 wmiApSrv - ok 10:52:47.0742 4868 WMPNetworkSvc - ok 10:52:47.0772 4868 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:52:47.0778 4868 WPCSvc - ok 10:52:47.0800 4868 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:52:47.0808 4868 WPDBusEnum - ok 10:52:47.0840 4868 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:52:47.0846 4868 ws2ifsl - ok 10:52:47.0874 4868 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 10:52:47.0882 4868 wscsvc - ok 10:52:47.0913 4868 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 10:52:47.0920 4868 WSDPrintDevice - ok 10:52:47.0922 4868 WSearch - ok 10:52:47.0990 4868 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 10:52:48.0029 4868 wuauserv - ok 10:52:48.0056 4868 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:52:48.0066 4868 WudfPf - ok 10:52:48.0089 4868 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:52:48.0101 4868 WUDFRd - ok 10:52:48.0120 4868 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:52:48.0128 4868 wudfsvc - ok 10:52:48.0148 4868 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll 10:52:48.0160 4868 WwanSvc - ok 10:52:48.0195 4868 ================ Scan global =============================== 10:52:48.0214 4868 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 10:52:48.0261 4868 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 10:52:48.0278 4868 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 10:52:48.0302 4868 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 10:52:48.0328 4868 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 10:52:48.0330 4868 [Global] - ok 10:52:48.0330 4868 ================ Scan MBR ================================== 10:52:48.0343 4868 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 10:52:48.0548 4868 \Device\Harddisk0\DR0 - ok 10:52:48.0548 4868 ================ Scan VBR ================================== 10:52:48.0550 4868 [ 906EECF9519D1612D1D401F9AE339CF1 ] \Device\Harddisk0\DR0\Partition1 10:52:48.0551 4868 \Device\Harddisk0\DR0\Partition1 - ok 10:52:48.0558 4868 [ 92AD0D96EE5559EB4720D42A6C1483E3 ] \Device\Harddisk0\DR0\Partition2 10:52:48.0559 4868 \Device\Harddisk0\DR0\Partition2 - ok 10:52:48.0581 4868 [ 737BF760CC7C7CE6B994E5459D9D372D ] \Device\Harddisk0\DR0\Partition3 10:52:48.0583 4868 \Device\Harddisk0\DR0\Partition3 - ok 10:52:48.0602 4868 [ F3EB5941036DE66CA14D977B48EFE442 ] \Device\Harddisk0\DR0\Partition4 10:52:48.0603 4868 \Device\Harddisk0\DR0\Partition4 - ok 10:52:48.0604 4868 ============================================================ 10:52:48.0604 4868 Scan finished 10:52:48.0604 4868 ============================================================ 10:52:48.0610 0292 Detected object count: 0 10:52:48.0610 0292 Actual detected object count: 0 ============== aswMBR ============== aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-10-18 10:55:26 ----------------------------- 10:55:26.247 OS Version: Windows x64 6.1.7601 Service Pack 1 10:55:26.247 Number of processors: 4 586 0x2A07 10:55:26.248 ComputerName: SIRIUSSID UserName: sshaffer 10:55:26.861 Initialize success 10:57:53.044 AVAST engine defs: 12101801 10:58:39.874 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 10:58:39.875 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3 10:58:39.887 Disk 0 MBR read successfully 10:58:39.889 Disk 0 MBR scan 10:58:39.892 Disk 0 Windows 7 default MBR code 10:58:39.895 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048 10:58:39.909 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 172006 MB offset 616448 10:58:39.914 Disk 0 Partition - 00 0F Extended LBA 127809 MB offset 352884736 10:58:39.945 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 5120 MB offset 614637568 10:58:39.974 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 127808 MB offset 352886784 10:58:39.998 Disk 0 scanning C:\Windows\system32\drivers 10:58:50.579 Service scanning 10:59:10.345 Service TmFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys **LOCKED** 32 10:59:10.464 Service TmPreFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys **LOCKED** 32 10:59:12.836 Service VSApiNt C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys **LOCKED** 32 10:59:15.521 Modules scanning 10:59:15.527 Disk 0 trace - called modules: 10:59:15.542 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll 10:59:15.547 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800482d060] 10:59:15.553 3 CLASSPNP.SYS[fffff88001b5743f] -> nt!IofCallDriver -> [0xfffffa8004ad3930] 10:59:15.559 5 hpdskflt.sys[fffff88001afe361] -> nt!IofCallDriver -> [0xfffffa80047bce40] 10:59:15.564 7 ACPI.sys[fffff88000f4a7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800483d050] 10:59:16.601 AVAST engine scan C:\Windows 10:59:20.829 AVAST engine scan C:\Windows\system32 11:03:28.088 AVAST engine scan C:\Windows\system32\drivers 11:03:44.395 AVAST engine scan C:\Users\sshaffer 11:15:09.835 AVAST engine scan C:\ProgramData 11:17:13.068 Scan finished successfully 11:29:01.837 Disk 0 MBR has been saved successfully to "C:\Users\sshaffer\Desktop\security tools\MBR.dat" 11:29:01.844 The log file has been saved successfully to "C:\Users\sshaffer\Desktop\security tools\06-aswMBR.txt"
  8. iamsid
    Before I run these - does Anti-Virus need to be disabled (since I've already re-enabled it) - or can these two run with AV still going?
  9. iamsid
    Been up and running a few hours and everything seems to be working fine. No more ads anyway. Any idea what exactly happened to me and how it happened? Log from ComboFix is below. ComboFix 12-10-16.02 - sshaffer 10/16/2012 19:19:35.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4046.1839 [GMT -5:00] Running from: c:\users\sshaffer\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\sshaffer\AppData\Roaming\B0ED00 c:\users\sshaffer\AppData\Roaming\JomCap.dll c:\windows\SysWow64\msstdfmt.dll . . ((((((((((((((((((((((((( Files Created from 2012-09-17 to 2012-10-17 ))))))))))))))))))))))))))))))) . . 2012-10-17 00:25 . 2012-10-17 00:25 -------- d-----w- c:\users\sshafferMFI\AppData\Local\temp 2012-10-17 00:25 . 2012-10-17 00:25 -------- d-----w- c:\users\HelpDesk\AppData\Local\temp 2012-10-17 00:25 . 2012-10-17 00:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-16 17:40 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B039E483-7250-433E-906D-AEEBB9DA0927}\mpengine.dll 2012-10-15 16:09 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-14 14:12 . 2012-10-14 14:12 -------- d-----w- c:\users\sshaffer\AppData\Roaming\SUPERAntiSpyware.com 2012-10-14 14:12 . 2012-10-14 14:12 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-10-14 14:12 . 2012-10-14 14:12 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-10-10 18:14 . 2012-10-10 18:14 -------- d-----w- c:\users\sshaffer\AppData\Roaming\C2OutlookExport 2012-10-10 18:14 . 2012-10-10 18:14 -------- d-----w- c:\program files (x86)\CodeTwo 2012-10-10 16:47 . 2012-10-10 16:46 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B33693D-A3D9-431D-A203-E2BFE82EDA97}\gapaengine.dll 2012-10-10 16:23 . 2012-10-10 16:23 -------- d-----w- c:\windows\Temp7ADA2139-05D7-8850-E7DE-F58DD86F8174-Signatures 2012-10-10 14:33 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-10-10 14:32 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-10 14:31 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-10-10 14:28 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-10-10 14:28 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-10-10 14:28 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-10-02 20:48 . 2012-10-02 21:04 -------- d-----w- c:\users\sshaffer\AppData\Roaming\Audacity 2012-09-28 23:43 . 2012-09-28 23:43 -------- d-----w- c:\users\sshaffer\AppData\Roaming\Fujitsu 2012-09-28 23:43 . 2012-09-28 23:48 -------- d-----w- c:\users\sshaffer\AppData\Roaming\PFU 2012-09-28 23:42 . 2009-09-19 03:01 367616 ----a-w- c:\windows\system32\s1300u-x64.dll 2012-09-28 23:42 . 2009-04-24 01:29 695296 ----a-w- c:\windows\system32\ippi5s1300-x64.dll 2012-09-28 23:42 . 2007-07-27 03:47 351744 ----a-w- c:\windows\system32\s300u-x64.dll 2012-09-28 23:42 . 2007-05-24 00:57 695296 ----a-w- c:\windows\system32\ippi5s300-x64.dll 2012-09-28 23:41 . 2009-04-24 01:29 2873856 ----a-w- c:\windows\system32\ijl5s1300-x64.dll 2012-09-28 23:41 . 2008-04-03 13:08 33280 ----a-w- c:\windows\system32\fj52usb-x64.dll 2012-09-28 23:41 . 2007-08-17 21:33 33280 ----a-w- c:\windows\system32\fjmcusb-x64.dll 2012-09-28 23:41 . 2007-05-24 00:57 2873856 ----a-w- c:\windows\system32\ijl5s300-x64.dll 2012-09-28 23:41 . 2012-09-28 23:42 -------- d-----w- c:\windows\SSDriver 2012-09-28 23:40 . 2012-09-28 23:40 -------- d-----w- c:\program files (x86)\Common Files\PFU 2012-09-28 23:40 . 2012-09-28 23:40 -------- d-----w- c:\program files (x86)\PFU 2012-09-24 22:08 . 2012-09-24 22:08 -------- d-----w- c:\program files\Common Files\Adobe 2012-09-24 22:07 . 2012-09-24 22:07 -------- d-----w- c:\program files\Adobe 2012-09-20 20:23 . 2012-04-24 11:51 476160 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpcpp130.dll 2012-09-20 20:03 . 2012-09-20 20:05 -------- d-----w- C:\Drivers 2012-09-18 05:05 . 2012-09-18 05:05 -------- d-----w- c:\program files (x86)\iTunes Library Updater . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-28 05:18 . 2011-10-21 16:04 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-09-07 22:04 . 2011-10-28 21:17 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-31 03:03 . 2012-08-31 03:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-31 03:03 . 2011-04-27 20:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-28 19:38 . 2012-03-02 01:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-08-20 17:38 . 2012-10-10 14:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\sshaffer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TwoFingerScroll"="c:\users\sshaffer\Downloads\TwoFingerScroll_1_0_9-MacHater-Mod\TwoFingerScroll.exe" [2012-01-13 1471488] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-10-08 5628288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2011-01-03 112152] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160] "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-21 106496] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-08-10 336384] "QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-07-06 323128] "OfficeScanNT Monitor"="c:\program files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" [2009-04-16 1176880] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Everything"="c:\program files (x86)\Everything\Everything.exe" [2009-03-13 602624] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2011-08-11 358336] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "EverioService"="c:\program files (x86)\CyberLink\PCM4Everio\EverioService.exe" [2006-11-23 151552] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "KeePass 2 PreLoad"="c:\program files (x86)\KeePass\KeePass.exe" [2012-05-01 1895424] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "ScanSnap WIA Service Checker"="c:\windows\SSDriver\fi5110\SsWiaChecker.exe" [2009-09-30 86016] . c:\users\sshafferMFI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\users\sshaffer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] MFI-dropbox.lnk - c:\windows\System32\runas.exe [2009-7-13 20480] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320] Online plug-in.lnk - c:\windows\Installer\{E5F3D1E9-006E-4435-85D6-483B66376655}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2011-12-15 77824] ScanSnap Manager.lnk - c:\program files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe [2012-9-28 1146880] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 116648] R2 TmFilter;Trend Micro Filter;c:\program files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2011-07-12 342288] R2 TmPreFilter;Trend Micro PreFilter;c:\program files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2011-07-12 42768] R3 AceecaUSBDx64;AceecaUSBDx64;c:\windows\system32\DRIVERS\AceecaUSBDx64.sys [2011-04-05 66552] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 253088] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464] R3 ElephantDrive-Service.exe;ElephantDrive-Service;c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-Service.exe [2011-05-13 118456] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 116648] R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-08-19 351136] R3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-08-19 4869024] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-16 115168] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-07 24176] R3 RemoteControl-USBLAN;RemoteControl-USBLAN;c:\windows\system32\DRIVERS\rcblan.sys [2007-01-24 46616] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-01-15 1116656] R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2011-12-09 37480] R3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704] R3 TmProxy;OfficeScan NT Proxy Service;c:\program files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [2009-02-23 865032] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-21 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2011-08-11 91864] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] S2 8704pdateService;Box Sync Auto-updater;c:\program files\Box Sync\UpdateService.exe [2012-04-24 8704] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-10-20 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-20 203776] S2 ElephantDrive-MappedDrive.exe;ElephantDrive-MappedDrive;c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe [2011-05-13 118968] S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-26 131128] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-05 227384] S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-07-06 1698360] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-01-26 30520] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336] S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-01-03 2656280] S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-08-23 3175728] S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-09-22 645048] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-20 9090560] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-20 299520] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-20 231440] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2011-05-04 340656] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-10-20 174680] S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2011-10-20 26712] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-10-20 8593920] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248] S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2011-12-09 37480] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 17:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 14:04] . 2012-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 22:03] . 2012-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-20 22:03] . 2012-10-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2108967553-259258955-711445176-1001Core.job - c:\users\sshaffer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-28 06:15] . 2012-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2108967553-259258955-711445176-1001UA.job - c:\users\sshaffer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-28 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked] @="{C253B817-3A00-475f-A5A3-6F2DD704B48D}" [HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced] @="{19ACC806-F7AA-46AA-A80A-726A07CA6637}" [HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs] @="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}" [HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced] @="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}" [HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab] @="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}" [HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01ElephantIconOverlay] @="{AFA39CBB-DF66-47f9-A047-47ED25FE655E}" [HKEY_CLASSES_ROOT\CLSID\{AFA39CBB-DF66-47f9-A047-47ED25FE655E}] 2010-07-10 02:20 244736 ----a-w- c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\IconOverlay-64bit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02ElephantIconOverlay] @="{1E519A85-494E-4706-AC87-1CC8BB9CC5DA}" [HKEY_CLASSES_ROOT\CLSID\{1E519A85-494E-4706-AC87-1CC8BB9CC5DA}] 2010-07-10 02:20 244736 ----a-w- c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\IconOverlay-64bit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03ElephantIconOverlay] @="{0E2DD711-458A-4b39-8211-3F5FDAA0539E}" [HKEY_CLASSES_ROOT\CLSID\{0E2DD711-458A-4b39-8211-3F5FDAA0539E}] 2010-07-10 02:20 244736 ----a-w- c:\program files (x86)\ElephantDrive\ElephantDrive Desktop\IconOverlay-64bit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\sshafferMFI\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeScanNT Monitor"="-HideWindow" [X] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-10-20 1128448] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704] "BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2012-04-24 394240] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: google.com\www Trusted Zone: intuit.com\ttlc Trusted Zone: rhapsody.com\rhap-app-4-0 Trusted Zone: rhapsody.com\rhapreg TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\sshaffer\AppData\Roaming\Mozilla\Firefox\Profiles\aubmf11t.default\ FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com|http://www.msn.com|http://www.gizmodo.com| http://www.engadget.com . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\0b\02\08\13\10\02?" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-10-16 19:27:51 ComboFix-quarantined-files.txt 2012-10-17 00:27 . Pre-Run: 23,155,482,624 bytes free Post-Run: 22,964,023,296 bytes free . - - End Of File - - 7FB61AB046BF7F98F255AF4CB0DEDDF1
  10. iamsid
    RogueKiller V8.1.1 [10/01/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : sshaffer [Admin rights] Mode : Remove -- Date : 10/16/2012 09:41:18 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 12 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : 7 Taskbar Tweaker ("C:\Users\sshaffer\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd) -> DELETED [RUN][sUSP PATH] HKCU\[...]\Run : cdloader ("C:\Users\sshaffer\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK) -> DELETED [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1) [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost 198.15.104.132 www.google-analytics.com. 198.15.104.132 ad-emea.doubleclick.net. 198.15.104.132 www.statcounter.com. 72.29.93.243 www.google-analytics.com. 72.29.93.243 ad-emea.doubleclick.net. 72.29.93.243 www.statcounter.com. ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEKT-60PVMT0 +++++ --- User --- [MBR] ca45d1d5cbe74fee9263b6b3494825df [bSP] 270e5d797478a887184f50094096aa5e : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 172006 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 352884736 | Size: 127809 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 614637568 | Size: 5120 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
  11. iamsid
    Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials (On Access scanning disabled!) Error obtaining update status for antivirus! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 JavaFX 2.1.0 Java 6 Update 29 Java 7 Update 4 Java version out of Date! Adobe Flash Player 11.2.202.233 Flash Player out of Date! Adobe Reader X 10.1.1 Adobe Reader out of Date! Mozilla Firefox (15.0.1) Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Trend Micro OfficeScan Client pccntmon.exe Trend Micro OfficeScan Client ntrtscan.exe Trend Micro OfficeScan Client tmlisten.exe Trend Micro OfficeScan Client CNTAoSMgr.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  12. iamsid
    # AdwCleaner v2.005 - Logfile created 10/16/2012 at 09:33:26 # Updated 14/10/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (64 bits) # User : sshaffer - SIRIUSSID # Boot Mode : Normal # Running from : C:\Users\sshaffer\Desktop\security tools\02-adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v15.0.1 (en-US) Profile name : default File : C:\Users\sshaffer\AppData\Roaming\Mozilla\Firefox\Profiles\aubmf11t.default\prefs.js [OK] File is clean. -\\ Google Chrome v22.0.1229.94 File : C:\Users\sshaffer\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.12] : urls_to_restore_on_startup = [ "hxxps://www.google.com/calendar/render?tab=mc", "hxxps://mail.google.com/mail/?tab=om#inbox", "hxxps://docs.google.com/?tab=mo&authuser=0#home", "hxxps://www.planningcenteronline.com/dashboard/0" ] Deleted [l.1817] : urls_to_restore_on_startup = [ "hxxps://www.google.com/calendar/render?tab=mc", "hxxps://mail.google.com/mail/?tab=om#inbox", "hxxps://docs.google.com/?tab=mo&authuser=0#home", "hxxps://www.planningcenteronline.com/dashboard/0" ] ************************* AdwCleaner[s1].txt - [1737 octets] - [16/10/2012 09:33:26] ########## EOF - C:\AdwCleaner[s1].txt - [1797 octets] ##########
  13. iamsid
    Any help would be appreciated. Scans of computer with AV software yield no results. DDS.txt ------------- DDS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1 Run by sshaffer at 16:12:56 on 2012-10-15 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4046.1849 [GMT -5:00] . AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\vcsFPService.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files\Box Sync\UpdateService.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Box Sync\BoxSyncHelper.exe C:\Users\sshaffer\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Users\sshaffer\Downloads\TwoFingerScroll_1_0_9-MacHater-Mod\TwoFingerScroll.exe C:\Program Files\Logitech\SetPointG\SetPointII.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Citrix\ICA Client\PNAMAIN.EXE C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Everything\Everything.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Windows\SSDriver\fi5110\SsWiaChecker.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE C:\Users\sshafferMFI\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Axantum\AxCrypt\AxCrypt.exe C:\Windows\system32\taskhost.exe C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\TechSmith\SnagIt 7\SnagIt32.exe C:\Program Files (x86)\TechSmith\SnagIt 7\TSCHelp.exe C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE C:\Windows\splwow64.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\sshaffer\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Windows\system32\wbem\WmiApSrv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mWinlogon: Userinit = userinit.exe, BHO: HelperObject Class: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 7\SnagItBHO.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 7\SnagItIEAddin.dll uRun: [Google Update] "C:\Users\sshaffer\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [7 Taskbar Tweaker] "C:\Users\sshaffer\AppData\Roaming\7 Taskbar Tweaker\7 Taskbar Tweaker.exe" -hidewnd uRun: [cdloader] "C:\Users\sshaffer\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK uRun: [TwoFingerScroll] C:\Users\sshaffer\Downloads\TwoFingerScroll_1_0_9-MacHater-Mod\TwoFingerScroll.exe uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start mRun: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [EverioService] "C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe" mRun: [HP Software Update] "C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass\KeePass.exe" --preload mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe StartupFolder: C:\Users\sshaffer\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\sshaffer\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\sshaffer\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MFI-DR~1.LNK - C:\Windows\System32\runas.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ONLINE~1.LNK - C:\Windows\Installer\{E5F3D1E9-006E-4435-85D6-483B66376655}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: dontdisplaylastusername = dword:1 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} - hxxps://portal.oyogeospace.com/+CSCOL+/csvrloader32.cab DPF: {74233DB3-F72F-44EA-94DC-258A624037E6} - hxxp://geoalt/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/VSFlex8.CAB DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://sidandemily.dyndns.org:206/codebase/DVM_IPCam2.ocx DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} - hxxps://vpn.oyogeospace.com/CACHE/stc/6/binaries/vpnweb.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928 DPF: {FDF527BA-DDDA-11D3-AA82-006094EB09CB} - hxxp://geoalt/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/AeXClipboard.CAB TCP: NameServer = 10.60.1.20 10.60.0.10 TCP: Interfaces\{2CB29362-7C7F-4213-A9EB-4CB4313DAA39} : DHCPNameServer = 10.60.1.20 10.60.0.10 TCP: Interfaces\{6E8D0226-C778-44F2-9562-B6F5E173582D}\2375942554331323 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{6E8D0226-C778-44F2-9562-B6F5E173582D}\24B44424 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{6E8D0226-C778-44F2-9562-B6F5E173582D}\34641484F4D454 : DHCPNameServer = 10.20.10.54 TCP: Interfaces\{6E8D0226-C778-44F2-9562-B6F5E173582D}\34F62616C647 : DHCPNameServer = 66.196.216.10 66.196.212.10 TCP: Interfaces\{6E8D0226-C778-44F2-9562-B6F5E173582D}\F47414D27657563747 : DHCPNameServer = 10.1.10.1 192.168.10.1 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [OfficeScanNT Monitor] -HideWindow x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [boxSyncHelper] "C:\Program Files\Box Sync\BoxSyncHelper.exe" x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> Hosts: 198.15.104.132 www.google-analytics.com. Hosts: 198.15.104.132 ad-emea.doubleclick.net. Hosts: 198.15.104.132 www.statcounter.com. Hosts: 72.29.93.243 www.google-analytics.com. Hosts: 72.29.93.243 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\sshaffer\AppData\Roaming\Mozilla\Firefox\Profiles\aubmf11t.default\ FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com|http://www.msn.com|http://www.gizmodo.com| http://www.engadget.com| http://www.engadget.com/tag/gaming+laptop| http://www.lifehacker.com| http://www.bgr.com/| http://www.rottentomatoes.com/news/| http://www.comingsoon.net/tv/| http://www.slashfilm.com| http://archive.psuplaybook.org/modules.php?name=Headline&file=index3&tpid=1| http://www.amazon.com/gp/feature.html?ie=UTF8&docId=1000677541&tag=gmgamzn-20| http://www.amazon.com/MP3-Music-Download/b/ref=sa_menu_mp3_str1?ie=UTF8&node=163856011| http://www.amazon.com/gp/bestsellers/dmusic/digital-music-album/ref=dm_bb_top_albums?| http://www.amazon.com/gp/bestsellers/dmusic/digital-music-track/ref=dm_bb_top_songs?| http://www.slickdeals.net| http://slickdeals.net/forums/forumdisplay.php?f=9&daysprune=7&icon=23&order=desc&perpage=80&sort=threadstarted| http://slickdeals.net/forums/forumdisplay.php?f=9&daysprune=7&icon=38&order=desc&perpage=80&sort=threadstarted| http://townhall.com/| http://www.ktrh.com/pages/Connected.html?_show| http://www.thefancy.com/|http://www.americasmusiccharts.com/index.cgi?fmt=R3|http://foreclosures.bankofamerica.com/recSearch.aspx?stateName=Texas&cityName=Houston FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\sshaffer\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Users\sshaffer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\sshaffer\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-20 55856] R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2011-8-10 91864] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 #UpdateService;Box Sync Auto-updater;C:\Program Files\Box Sync\UpdateService.exe [2012-4-23 8704] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-10-20 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-20 203776] R2 ElephantDrive-MappedDrive.exe;ElephantDrive-MappedDrive;C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe [2011-5-13 118968] R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-1-26 131128] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560] R2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-1-28 133688] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-5 227384] R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-7-6 1698360] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-1-26 30520] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-20 13336] R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-10-20 113264] R2 TmFilter;Trend Micro Filter;C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2009-5-22 342288] R2 TmPreFilter;Trend Micro PreFilter;C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys [2009-5-22 42768] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-20 2656280] R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-8-23 3175728] R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-9-22 645048] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-10-20 9090560] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-10-20 299520] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-20 231440] R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-10-20 344616] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-10-20 39464] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\System32\drivers\e1c62x64.sys [2011-10-20 340656] R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-10-20 174680] R3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2011-10-20 26712] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2011-9-2 76056] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2011-9-2 15128] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-10-20 56344] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETwNs64.sys [2011-10-20 8593920] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248] R3 RRNetCapMP;RRNetCapMP;C:\Windows\System32\drivers\rrnetcap.sys [2011-12-9 37480] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-20 116648] S3 AceecaUSBDx64;AceecaUSBDx64;C:\Windows\System32\drivers\AceecaUSBDx64.sys [2011-11-2 66552] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-24 253088] S3 ElephantDrive-Service.exe;ElephantDrive-Service;C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-Service.exe [2011-5-13 118456] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-20 116648] S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136] S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-30 114144] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2011-11-8 24176] S3 RemoteControl-USBLAN;RemoteControl-USBLAN;C:\Windows\System32\drivers\rcblan.sys [2011-12-4 46616] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-1-15 1116656] S3 RRNetCap;RRNetCap Service;C:\Windows\System32\drivers\rrnetcap.sys [2011-12-9 37480] S3 SPUVCbv;SPUVCb Driver Service;C:\Windows\System32\drivers\SPUVCBv_x64.sys [2011-10-20 2611704] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TmProxy;OfficeScan NT Proxy Service;C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [2009-2-23 865032] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-21 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-21 1255736] . =============== Created Last 30 ================ . 2012-10-15 18:09:19 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB132156-4523-4776-9065-D7D740367ECB}\mpengine.dll 2012-10-15 16:09:40 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-14 14:12:29 -------- d-----w- C:\Users\sshaffer\AppData\Roaming\SUPERAntiSpyware.com 2012-10-14 14:12:25 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-10-14 14:12:25 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-10-10 18:14:34 -------- d-----w- C:\Users\sshaffer\AppData\Roaming\C2OutlookExport 2012-10-10 18:14:05 -------- d-----w- C:\Program Files (x86)\CodeTwo 2012-10-10 16:47:11 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3B33693D-A3D9-431D-A203-E2BFE82EDA97}\gapaengine.dll 2012-10-10 16:23:16 -------- d-----w- C:\Windows\Temp7ADA2139-05D7-8850-E7DE-F58DD86F8174-Signatures 2012-10-10 14:32:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-10-10 14:28:47 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-10-10 14:28:47 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-10-10 14:28:30 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-09-28 23:43:58 -------- d-----w- C:\Users\sshaffer\AppData\Roaming\Fujitsu 2012-09-28 23:43:06 -------- d-----w- C:\Users\sshaffer\AppData\Roaming\PFU 2012-09-28 23:42:00 695296 ----a-w- C:\Windows\System32\ippi5s300-x64.dll 2012-09-28 23:42:00 695296 ----a-w- C:\Windows\System32\ippi5s1300-x64.dll 2012-09-28 23:42:00 367616 ----a-w- C:\Windows\System32\s1300u-x64.dll 2012-09-28 23:42:00 351744 ----a-w- C:\Windows\System32\s300u-x64.dll 2012-09-28 23:41:58 33280 ----a-w- C:\Windows\System32\fjmcusb-x64.dll 2012-09-28 23:41:58 33280 ----a-w- C:\Windows\System32\fj52usb-x64.dll 2012-09-28 23:41:58 2873856 ----a-w- C:\Windows\System32\ijl5s300-x64.dll 2012-09-28 23:41:58 2873856 ----a-w- C:\Windows\System32\ijl5s1300-x64.dll 2012-09-28 23:41:41 -------- d-----w- C:\Windows\SSDriver 2012-09-28 23:40:58 -------- d-----w- C:\Program Files (x86)\Common Files\PFU 2012-09-28 23:40:31 -------- d-----w- C:\Program Files (x86)\PFU 2012-09-20 20:23:21 476160 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp130.dll 2012-09-20 20:03:43 -------- d-----w- C:\Drivers 2012-09-18 05:05:06 -------- d-----w- C:\Program Files (x86)\iTunes Library Updater . ==================== Find3M ==================== . 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-07 22:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-31 03:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2012-08-31 03:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-28 19:38:16 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 16:13:05.50 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 10/20/2011 2:02:19 PM System Uptime: 10/14/2012 12:57:20 PM (28 hours ago) . Motherboard: Hewlett-Packard | | 1618 Processor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU 1 | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 168 GiB total, 12.39 GiB free. D: is FIXED (NTFS) - 125 GiB total, 36.243 GiB free. E: is CDROM (CDFS) F: is FIXED (NTFS) - 443 GiB total, 248.3 GiB free. G: is FIXED (NTFS) - 488 GiB total, 50.523 GiB free. H: is FIXED (FAT32) - 5 GiB total, 4.979 GiB free. S: is NetworkDisk (NTFS) - 300 GiB total, 17.956 GiB free. T: is NetworkDisk (FAT) - 168 GiB total, 12.39 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP221: 10/7/2012 1:57:12 PM - Windows Update RP222: 10/10/2012 1:21:28 AM - HPSF Restore Point RP223: 10/10/2012 9:34:03 AM - Windows Update RP224: 10/10/2012 11:22:12 AM - Windows Update RP225: 10/10/2012 11:39:03 AM - Windows Update RP226: 10/10/2012 11:43:10 AM - Windows Update RP227: 10/10/2012 11:46:05 AM - Windows Update RP228: 10/10/2012 1:13:52 PM - Installed CodeTwo OutlookExport RP229: 10/14/2012 12:27:23 AM - Windows Update . ==== Hosts File Hijack ====================== . Hosts: 198.15.104.132 www.google-analytics.com. Hosts: 198.15.104.132 ad-emea.doubleclick.net. Hosts: 198.15.104.132 www.statcounter.com. Hosts: 72.29.93.243 www.google-analytics.com. Hosts: 72.29.93.243 ad-emea.doubleclick.net. Hosts: 72.29.93.243 www.statcounter.com. . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) 7 Taskbar Tweaker v3.1 ABBYY FineReader 8.0 Professional Edition Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe Digital Editions Adobe ExtendScript Toolkit 2 Adobe Flash Player 11 ActiveX 64-bit Adobe Flash Player 11 Plugin 64-bit Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Photoshop Lightroom 4.1 64-bit Adobe Reader X (10.1.1) Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Album Art Downloader XUI 0.42.1 Alcor Micro Smart Card Reader Driver allTunes Amazon Kindle For PC Amazon MP3 Downloader 1.0.17 AmoK Exif Sorter 2.5.6 (remove only) Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Print Creations ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card ATI Catalyst Install Manager ATI Stream SDK v2 Developer Attribute Changer 6.20 Audacity 1.3.13 (Unicode) Audials AxCrypt 1.7.2687.0 Beyond Compare Version 2.3.1 Beyond Compare Version 3.3.4 Bonjour Box Sync (64 bit) Broadcom 2070 Bluetooth 3.0 calibre Canon MP Navigator EX 1.0 Canon Utilities Solution Menu CanoScan 8800F Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Cisco AnyConnect VPN Client Citrix online plug-in (PNA) Citrix online plug-in (SSON) Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) CodeTwo OutlookExport Combined Community Codec Pack 2011-07-30 ComicRack v0.9.142 Compatibility Pack for the 2007 Office system Copernic Desktop Search - Home coverXP (remove only) CutePDF Writer 2.8 D3DX10 DirectX 9 Runtime Dropbox Easy HR Word Document Properties ElephantDrive Desktop Eraser 6.0.8.2273 eReg erLT ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSTOOLS essvatgt Everything 1.2.1.371 Exact Audio Copy 1.0beta3 Exifer ExifPro 1.0 Photo Viewer EZDetach (remove only) Family Tree Maker 2009 FileZilla Client 3.5.1 Foxit Reader Free Video Flip and Rotate version 1.8.10 Freedom GEDxlate version 1.2 Google Chrome Google Earth Google Talk Plugin Google Update Helper Hewlett-Packard ACLM.NET v1.1.1.0 HP 3D DriveGuard HP Connection Manager HP DayStarter HP ESU for Microsoft Windows 7 HP HD Webcam [Fixed] HP HotKey Support HP Media Vault HP Power Assistant HP Software Framework HP Software Update HP Support Assistant HP System Default Settings HP Wallpaper HP Web Camera HP Webcam ID3-TagIT 3 IDT Audio Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Intel® Network Connections Drivers Intel® Rapid Storage Technology IP Camera iSEEK AnswerWorks English Runtime iTag iTunes iTunes Library Updater iTunesKeys Java Auto Updater Java 6 Update 29 Java 7 Update 4 JavaFX 2.1.0 JMicron 1394 Filter Driver JMicron Flash Media Controller Driver join.me KeePass Password Safe 2.19 Kodak EasyShare software LightScribe System Software Logitech Harmony Remote Software 7 Logitech SetPoint 6.32 LSI HDA Modem magicJack Malwarebytes Anti-Malware version 1.65.0.1400 MediaMonkey 3.2 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Office Visio Professional 2003 Microsoft Primary Interoperability Assemblies 2005 Microsoft Pro Photo Tools Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visio Viewer 2010 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Movie Rotator 1.2 Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service Mp3tag v2.50 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NEC Electronics USB 3.0 Host Controller Driver netbrdg NTI DriveBackup! 4 NTI Shadow 3 ODIR OfotoXMI Online Plug-in Palm PDF ePub DRM Removal PDF Settings PeerBlock 1.1 (r518) PhotoME Picasa 3 PowerCinema NE for Everio PowerDirector Express PowerProducer Quicken 2011 QuickTime RBVirtualFolder64Inst Remote Control USB Driver Remove Hidden Data Tool Renamer (remove only) Renesas Electronics USB 3.0 Host Controller Driver Revo Uninstaller 1.93 Rhapsody Roxio Activation Module Roxio CinePlayer Decoder Pack Roxio Express Labeler 3 Roxio MyDVD Business 2010 Roxio Secure Burn ScanSnap ScanSnap Manager SDK Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) SFR SHASTA Sigil 0.5.3 SIW version 1.72 skin0001 SKINXSDK Skype™ 5.5 SnagIt 7 staticcr SUPERAntiSpyware Synaptics Pointing Device Driver SyncBack TeraCopy 1.22 TreeSize Free V1.77 Trend Micro OfficeScan Client TurboTax 2011 TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper Uninstall 1.0.0.1 Unlocker 1.9.1-x64 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Validity Fingerprint Sensor Driver VIP Access SDK (1.0.1.5) VPRINTOL Vuze WebSlingPlayer ActiveX Winamp Winamp Detector Plug-in WinDirStat 1.1.2 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinMerge 2.12.4 WIRELESS XnView 1.98.2 xplorer² lite 32 bit . ==== Event Viewer Messages From Past Week ======== . 10/9/2012 8:27:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service. 10/14/2012 12:17:11 PM, Error: Application Popup [56] - Driver USB returned invalid ID for a child device (0). 10/14/2012 11:57:40 AM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The system cannot find the file specified. 10/14/2012 11:55:30 AM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified. 10/14/2012 11:49:04 AM, Error: Service Control Manager [7034] - The ElephantDrive-MappedDrive service terminated unexpectedly. It has done this 1 time(s). 10/11/2012 2:49:24 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/11/2012 12:06:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpsrv service. 10/10/2012 11:33:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials Client Update Package - KB2754296. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.