Jump to content

LucDuran

Members
 View Profile  See their activity

  • Posts

    20

  • Joined

  • Last visited

Reputation

0 Neutral
  1. LucDuran
    Good morning, Yes, I am still here. I have working with Microsoft on this issue however there has been a few screw ups on there part while trying to send me the proper Vista DVD in order to do a repair install. Should be able to give you some feedback sometime at the beginning of next week. Lucas
  2. LucDuran
    Hi, I ran both virus definition update and app update. Everything went through fine. MSE does indicate that I have 30 days to authenticate as this is still an issue for the moment. Luc
  3. LucDuran
    Hi, Here is the ComboFix log. Luc ==================================== ComboFix 13-01-06.01 - Luc Duranleau 2013-01-08 7:02.4.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.2.1036.18.2046.987 [GMT -5:00] Lancé depuis: c:\users\Luc Duranleau\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Luc Duranleau\Desktop\CFScript.txt SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\found.000 c:\found.000\dir0000.chk\00010029.ci c:\found.000\dir0000.chk\00010029.dir c:\found.000\dir0000.chk\00010029.wid c:\users\Luc Duranleau\AppData\Roaming\PC Cleaners c:\users\Luc Duranleau\AppData\Roaming\PC Cleaners\app.log . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-12-08 au 2013-01-08 )))))))))))))))))))))))))))))))))))) . . 2013-01-08 12:15 . 2013-01-08 12:18 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\temp 2013-01-08 12:15 . 2013-01-08 12:15 -------- d-----w- c:\users\Invité\AppData\Local\temp 2013-01-08 12:15 . 2013-01-08 12:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-07 19:49 . 2013-01-07 19:49 -------- d-----w- c:\programdata\Apple Computer 2013-01-07 18:59 . 2013-01-07 18:59 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\Secunia PSI 2013-01-07 18:58 . 2013-01-07 18:58 -------- d-----w- c:\program files\Secunia 2013-01-07 18:44 . 2013-01-07 18:44 -------- d-----w- c:\program files\FileHippo.com 2013-01-05 19:21 . 2013-01-06 18:11 -------- d-----w- C:\MGADiagToolOutput 2013-01-05 19:11 . 2013-01-05 19:11 -------- d-----w- c:\programdata\Office Genuine Advantage 2013-01-05 16:42 . 2013-01-05 16:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-01-05 16:42 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-05 14:21 . 2013-01-05 14:21 -------- d-----w- c:\programdata\RegSERVO 2013-01-04 20:32 . 2013-01-07 18:21 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\LogMeIn Rescue Applet 2013-01-04 19:05 . 2013-01-04 19:05 4729224 ----a-w- c:\windows\uninst.exe 2013-01-04 19:05 . 2013-01-04 19:17 -------- d-----w- c:\programdata\PC1Data 2013-01-04 19:05 . 2013-01-04 19:05 -------- d-----w- c:\users\Luc Duranleau\AppData\Roaming\PCPro 2013-01-04 16:37 . 2013-01-04 16:37 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\Macromedia 2013-01-04 16:36 . 2013-01-04 16:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-04 16:25 . 2012-11-28 15:35 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-01-03 22:58 . 2013-01-03 22:58 -------- d-----w- C:\TDSSKiller_Quarantine 2013-01-03 21:13 . 2013-01-03 21:13 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe 2013-01-03 21:13 . 2013-01-03 21:13 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe 2012-12-25 07:53 . 2012-12-25 07:53 -------- d-----w- c:\users\Luc Duranleau\dwhelper . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-08 12:17 . 2010-08-25 23:14 58288 ----a-w- c:\windows\system32\rpcnet.dll 2013-01-08 03:23 . 2008-10-03 13:26 58288 ------w- c:\windows\system32\rpcnet.exe 2013-01-07 19:47 . 2011-09-11 20:32 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-03 23:00 . 2010-08-29 03:54 279552 ----a-w- c:\windows\system32\services.exe 2012-10-25 08:12 . 2012-10-25 08:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 08:12 . 2012-10-25 08:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2013-01-03 21:13 . 2012-04-12 20:05 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "reminder"="c:\program files\TOSHIBA\reminder\reminder.exe" [2007-05-16 407672] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2005-10-17 81920] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "MaxtorOneTouch"="c:\program files\Maxtor\OneTouch\utils\Onetouch.exe" [2006-03-27 712704] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-13 113664] Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-11-26 573024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' . 2013-01-07 c:\windows\Tasks\User_Feed_Synchronization-{74AEAE6A-923F-4414-A6C1-ABCC0714A59C}.job - c:\windows\system32\msfeedssync.exe [2010-08-29 04:24] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.iciwave.com/ uInternet Settings,ProxyServer = fpro.rtss.qc.ca:8080 uInternet Settings,ProxyOverride = *.rtss;*.gmf.qc.ca;*.mtl.rtss.qc.ca;*.rtss.qc.ca*;10.*;<local> IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: desjardins.com\accesd.affaires TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Luc Duranleau\AppData\Roaming\Mozilla\Firefox\Profiles\h1myzu6n.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: network.proxy.ftp - fpro.rtss.qc.ca FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - fpro.rtss.qc.ca FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - fpro.rtss.qc.ca FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - fpro.rtss.qc.ca FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - fpro.rtss.qc.ca FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-12-25 02:50; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Luc Duranleau\AppData\Roaming\Mozilla\Firefox\Profiles\h1myzu6n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} . - - - - ORPHELINS SUPPRIMES - - - - . HKCU-Run-toscdspd - TOSCDSPD.EXE HKLM-Run-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-01-08 07:18 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\system\ControlSet003\control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Autres processus actifs ------------------------ . c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\WLANExt.exe c:\program files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe c:\program files\Juniper Networks\Common Files\dsNcService.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe c:\program files\Microsoft Office\Office12\GrooveAuditService.exe c:\windows\System32\msdtc.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\program files\Microsoft Security Client\NisSrv.exe c:\program files\Nitro PDF\Converter\NitroPDFDriverService.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\system32\locator.exe c:\windows\system32\rpcnet.exe c:\program files\Secunia\PSI\PSIA.exe c:\program files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe c:\windows\system32\TODDSrv.exe c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe c:\windows\System32\vds.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\wbem\WmiApSrv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\iashost.exe c:\program files\Secunia\PSI\sua.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\SLUI.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Heure de fin: 2013-01-08 07:28:26 - La machine a redémarré ComboFix-quarantined-files.txt 2013-01-08 12:27 ComboFix2.txt 2013-01-08 00:46 . Avant-CF: 33 834 127 360 octets libres Après-CF: 33 828 306 944 octets libres . - - End Of File - - 4DE651249A4AF833F34DB3A83880936A
  4. LucDuran
    Hi, I just wanted to be sure as other posts I have read mentionned this when trying to run ComboFix a second time. As for the claim, I am sorry if it is interpreted this way. It was not my intention. I simply checked the time the authentication problem occured and the reboot I did after the Malaware disinfection. The issue is obviously more complex than that as I can well see. Please do not As for ComboFix. I did run it after the problem began to manifest itself. It ran and asked to reboot. On reboot, it started up again with a message saying it was preparing a report. It hung there and I had to close the window after a long wait. I then uninstalled it. This probably deleted the log files in the folder. My mistake. Will run your script now. Luc
  5. LucDuran
    Hi, Here are the TDSSKiller, ESET and RogueKiller logs at the time things screwed up with authentication. Luc ================================================================= 17:57:47.0936 4804 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:57:48.0290 4804 ============================================================ 17:57:48.0290 4804 Current date / time: 2013/01/03 17:57:48.0290 17:57:48.0290 4804 SystemInfo: 17:57:48.0290 4804 17:57:48.0290 4804 OS Version: 6.0.6002 ServicePack: 2.0 17:57:48.0290 4804 Product type: Workstation 17:57:48.0290 4804 ComputerName: LEONIDAS 17:57:48.0290 4804 UserName: Luc Duranleau 17:57:48.0290 4804 Windows directory: C:\Windows 17:57:48.0290 4804 System windows directory: C:\Windows 17:57:48.0290 4804 Processor architecture: Intel x86 17:57:48.0290 4804 Number of processors: 2 17:57:48.0290 4804 Page size: 0x1000 17:57:48.0290 4804 Boot type: Normal boot 17:57:48.0290 4804 ============================================================ 17:57:49.0530 4804 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 17:57:49.0530 4804 ============================================================ 17:57:49.0530 4804 \Device\Harddisk0\DR0: 17:57:49.0530 4804 MBR partitions: 17:57:49.0530 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1B865800 17:57:49.0530 4804 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C717800, BlocksNum 0xAAE000 17:57:49.0530 4804 ============================================================ 17:57:49.0580 4804 C: <-> \Device\Harddisk0\DR0\Partition1 17:57:49.0630 4804 D: <-> \Device\Harddisk0\DR0\Partition2 17:57:49.0630 4804 ============================================================ 17:57:49.0630 4804 Initialize success 17:57:49.0630 4804 ============================================================ 17:57:53.0031 1652 ============================================================ 17:57:53.0031 1652 Scan started 17:57:53.0031 1652 Mode: Manual; 17:57:53.0031 1652 ============================================================ 17:57:54.0121 1652 ================ Scan system memory ======================== 17:57:54.0121 1652 System memory - ok 17:57:54.0121 1652 ================ Scan services ============================= 17:57:54.0431 1652 [ 585E64BB6DFBC0A2F1F0B554DED012DF ] 61883 C:\Windows\system32\DRIVERS\61883.sys 17:57:54.0431 1652 61883 - ok 17:57:54.0582 1652 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 17:57:54.0582 1652 ACPI - ok 17:57:54.0683 1652 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 17:57:54.0683 1652 Adobe LM Service - ok 17:57:54.0753 1652 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:57:54.0763 1652 adp94xx - ok 17:57:54.0813 1652 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:57:54.0813 1652 adpahci - ok 17:57:54.0843 1652 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 17:57:54.0843 1652 adpu160m - ok 17:57:54.0883 1652 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:57:54.0883 1652 adpu320 - ok 17:57:54.0963 1652 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:57:54.0963 1652 AeLookupSvc - ok 17:57:55.0043 1652 [ A201207363AA900ABF1A388468688570 ] AFD C:\Windows\system32\drivers\afd.sys 17:57:55.0043 1652 AFD - ok 17:57:55.0083 1652 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe 17:57:55.0083 1652 AgereModemAudio - ok 17:57:55.0183 1652 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 17:57:55.0253 1652 AgereSoftModem - ok 17:57:55.0293 1652 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:57:55.0293 1652 agp440 - ok 17:57:55.0343 1652 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 17:57:55.0353 1652 aic78xx - ok 17:57:55.0413 1652 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 17:57:55.0413 1652 ALG - ok 17:57:55.0443 1652 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys 17:57:55.0453 1652 aliide - ok 17:57:55.0503 1652 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys 17:57:55.0503 1652 amdagp - ok 17:57:55.0523 1652 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys 17:57:55.0523 1652 amdide - ok 17:57:55.0553 1652 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 17:57:55.0553 1652 AmdK7 - ok 17:57:55.0593 1652 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:57:55.0593 1652 AmdK8 - ok 17:57:55.0633 1652 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 17:57:55.0633 1652 Appinfo - ok 17:57:55.0683 1652 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys 17:57:55.0693 1652 arc - ok 17:57:55.0713 1652 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:57:55.0713 1652 arcsas - ok 17:57:55.0753 1652 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:57:55.0753 1652 AsyncMac - ok 17:57:55.0823 1652 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys 17:57:55.0833 1652 atapi - ok 17:57:55.0883 1652 [ CED8A3D0DA7803CC755A21D78D326139 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 17:57:55.0883 1652 Ati External Event Utility - ok 17:57:56.0073 1652 [ 8CE91545423A431353869ED5ADE90ECE ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 17:57:56.0203 1652 atikmdag - ok 17:57:56.0273 1652 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:57:56.0283 1652 AudioEndpointBuilder - ok 17:57:56.0303 1652 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 17:57:56.0303 1652 Audiosrv - ok 17:57:56.0353 1652 [ F4B56425A00BEB32F5FA6603FF7B0EA2 ] Avc C:\Windows\system32\DRIVERS\avc.sys 17:57:56.0363 1652 Avc - ok 17:57:56.0403 1652 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 17:57:56.0403 1652 Beep - ok 17:57:56.0483 1652 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 17:57:56.0483 1652 BFE - ok 17:57:56.0603 1652 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 17:57:56.0613 1652 BITS - ok 17:57:56.0623 1652 blbdrive - ok 17:57:56.0633 1652 Bonjour Service - ok 17:57:56.0704 1652 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:57:56.0704 1652 bowser - ok 17:57:56.0735 1652 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 17:57:56.0735 1652 BrFiltLo - ok 17:57:56.0751 1652 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 17:57:56.0751 1652 BrFiltUp - ok 17:57:56.0798 1652 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 17:57:56.0798 1652 Browser - ok 17:57:56.0829 1652 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 17:57:56.0829 1652 Brserid - ok 17:57:56.0854 1652 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 17:57:56.0854 1652 BrSerWdm - ok 17:57:56.0874 1652 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 17:57:56.0874 1652 BrUsbMdm - ok 17:57:56.0894 1652 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 17:57:56.0894 1652 BrUsbSer - ok 17:57:56.0914 1652 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 17:57:56.0924 1652 BTHMODEM - ok 17:57:57.0184 1652 catchme - ok 17:57:57.0224 1652 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:57:57.0224 1652 cdfs - ok 17:57:57.0294 1652 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:57:57.0294 1652 cdrom - ok 17:57:57.0394 1652 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 17:57:57.0394 1652 CertPropSvc - ok 17:57:57.0444 1652 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 17:57:57.0444 1652 CFSvcs - ok 17:57:57.0494 1652 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys 17:57:57.0494 1652 circlass - ok 17:57:57.0564 1652 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 17:57:57.0574 1652 CLFS - ok 17:57:57.0664 1652 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:57:57.0664 1652 clr_optimization_v2.0.50727_32 - ok 17:57:57.0704 1652 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:57:57.0704 1652 CmBatt - ok 17:57:57.0734 1652 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:57:57.0744 1652 cmdide - ok 17:57:57.0784 1652 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:57:57.0784 1652 Compbatt - ok 17:57:57.0794 1652 COMSysApp - ok 17:57:57.0804 1652 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:57:57.0814 1652 crcdisk - ok 17:57:57.0844 1652 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys 17:57:57.0844 1652 Crusoe - ok 17:57:57.0914 1652 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:57:57.0914 1652 CryptSvc - ok 17:57:58.0004 1652 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:57:58.0034 1652 DcomLaunch - ok 17:57:58.0144 1652 [ 218D8AE46C88E82014F5D73D0236D9B2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:57:58.0144 1652 DfsC - ok 17:57:58.0304 1652 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 17:57:58.0384 1652 DFSR - ok 17:57:58.0454 1652 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 17:57:58.0464 1652 Dhcp - ok 17:57:58.0524 1652 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 17:57:58.0524 1652 disk - ok 17:57:58.0594 1652 [ 30A08728740E71947AE1E073B5CE69B4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:57:58.0604 1652 Dnscache - ok 17:57:58.0664 1652 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 17:57:58.0674 1652 dot3svc - ok 17:57:58.0724 1652 [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys 17:57:58.0724 1652 dot4 - ok 17:57:58.0784 1652 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 17:57:58.0794 1652 Dot4Print - ok 17:57:58.0804 1652 [ A84D8A9006B1AE515CC7B6B3586C295A ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys 17:57:58.0804 1652 Dot4Scan - ok 17:57:58.0824 1652 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 17:57:58.0834 1652 dot4usb - ok 17:57:58.0874 1652 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 17:57:58.0884 1652 DPS - ok 17:57:58.0904 1652 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:57:58.0914 1652 drmkaud - ok 17:57:58.0956 1652 [ B2C3F71B86E25C3DF78339DDB40A7562 ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys 17:57:58.0956 1652 dsNcAdpt - ok 17:57:59.0065 1652 [ A6B5ECF684769A99D96175F9D1E1337C ] dsNcService C:\Program Files\Juniper Networks\Common Files\dsNcService.exe 17:57:59.0065 1652 dsNcService - ok 17:57:59.0126 1652 [ 5C7E2097B91D689DED7A6FF90F0F3A25 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:57:59.0156 1652 DXGKrnl - ok 17:57:59.0216 1652 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 17:57:59.0216 1652 E1G60 - ok 17:57:59.0276 1652 [ 0DC2665363C769FF0AA3B30FA73D69D6 ] E2ECAM C:\Windows\system32\DRIVERS\wavedt.sys 17:57:59.0276 1652 E2ECAM - ok 17:57:59.0346 1652 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 17:57:59.0346 1652 EapHost - ok 17:57:59.0426 1652 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 17:57:59.0436 1652 Ecache - ok 17:57:59.0436 1652 eeef - ok 17:57:59.0506 1652 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:57:59.0516 1652 ehRecvr - ok 17:57:59.0576 1652 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 17:57:59.0576 1652 ehSched - ok 17:57:59.0616 1652 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 17:57:59.0616 1652 ehstart - ok 17:57:59.0686 1652 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:57:59.0686 1652 elxstor - ok 17:57:59.0766 1652 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 17:57:59.0776 1652 EMDMgmt - ok 17:57:59.0796 1652 esgiguard - ok 17:57:59.0896 1652 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 17:57:59.0896 1652 EventSystem - ok 17:57:59.0976 1652 [ 298C8F404968A600D1C298D43783BDB8 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 17:57:59.0986 1652 EvtEng - ok 17:58:00.0056 1652 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 17:58:00.0066 1652 exfat - ok 17:58:00.0106 1652 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:58:00.0116 1652 fastfat - ok 17:58:00.0156 1652 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:58:00.0156 1652 fdc - ok 17:58:00.0226 1652 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 17:58:00.0226 1652 fdPHost - ok 17:58:00.0266 1652 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 17:58:00.0276 1652 FDResPub - ok 17:58:00.0306 1652 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:58:00.0306 1652 FileInfo - ok 17:58:00.0366 1652 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:58:00.0366 1652 Filetrace - ok 17:58:00.0506 1652 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 17:58:00.0546 1652 FLEXnet Licensing Service - ok 17:58:00.0586 1652 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:58:00.0586 1652 flpydisk - ok 17:58:00.0676 1652 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:58:00.0696 1652 FltMgr - ok 17:58:00.0776 1652 [ D49705F25390265CAD9B620F55EA968C ] FontCache C:\Windows\system32\FntCache.dll 17:58:00.0816 1652 FontCache - ok 17:58:00.0936 1652 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 17:58:00.0956 1652 FontCache3.0.0.0 - ok 17:58:00.0986 1652 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:58:00.0986 1652 Fs_Rec - ok 17:58:01.0036 1652 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:58:01.0036 1652 gagp30kx - ok 17:58:01.0156 1652 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 17:58:01.0186 1652 gpsvc - ok 17:58:01.0226 1652 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 17:58:01.0226 1652 hamachi - ok 17:58:01.0306 1652 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:58:01.0316 1652 HdAudAddService - ok 17:58:01.0466 1652 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:58:01.0546 1652 HDAudBus - ok 17:58:01.0596 1652 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:58:01.0596 1652 HidBth - ok 17:58:01.0656 1652 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 17:58:01.0676 1652 HidIr - ok 17:58:01.0716 1652 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll 17:58:01.0716 1652 hidserv - ok 17:58:01.0736 1652 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:58:01.0756 1652 HidUsb - ok 17:58:01.0806 1652 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:58:01.0806 1652 hkmsvc - ok 17:58:01.0856 1652 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 17:58:01.0876 1652 HpCISSs - ok 17:58:01.0926 1652 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:58:01.0946 1652 HTTP - ok 17:58:01.0996 1652 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys 17:58:02.0016 1652 i2omp - ok 17:58:02.0076 1652 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:58:02.0122 1652 i8042prt - ok 17:58:02.0184 1652 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 17:58:02.0184 1652 iaStor - ok 17:58:02.0215 1652 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 17:58:02.0231 1652 iaStorV - ok 17:58:02.0342 1652 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:58:02.0362 1652 idsvc - ok 17:58:02.0362 1652 igfx - ok 17:58:02.0392 1652 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:58:02.0392 1652 iirsp - ok 17:58:02.0472 1652 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 17:58:02.0482 1652 IKEEXT - ok 17:58:02.0492 1652 IntcAzAudAddService - ok 17:58:02.0532 1652 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 17:58:02.0532 1652 intelide - ok 17:58:02.0542 1652 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:58:02.0542 1652 intelppm - ok 17:58:02.0612 1652 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:58:02.0612 1652 IPBusEnum - ok 17:58:02.0662 1652 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:58:02.0662 1652 IpFilterDriver - ok 17:58:02.0692 1652 [ 7F83B06A929A981BC001B2EA304D2036 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:58:02.0692 1652 iphlpsvc - ok 17:58:02.0702 1652 IpInIp - ok 17:58:02.0752 1652 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 17:58:02.0752 1652 IPMIDRV - ok 17:58:02.0812 1652 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 17:58:02.0812 1652 IPNAT - ok 17:58:02.0872 1652 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:58:02.0872 1652 IRENUM - ok 17:58:02.0912 1652 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:58:02.0912 1652 isapnp - ok 17:58:03.0002 1652 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 17:58:03.0012 1652 iScsiPrt - ok 17:58:03.0062 1652 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 17:58:03.0062 1652 iteatapi - ok 17:58:03.0112 1652 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 17:58:03.0112 1652 iteraid - ok 17:58:03.0182 1652 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:58:03.0182 1652 kbdclass - ok 17:58:03.0222 1652 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 17:58:03.0232 1652 kbdhid - ok 17:58:03.0272 1652 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe 17:58:03.0272 1652 KeyIso - ok 17:58:03.0332 1652 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:58:03.0362 1652 KSecDD - ok 17:58:03.0442 1652 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 17:58:03.0452 1652 KtmRm - ok 17:58:03.0502 1652 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll 17:58:03.0512 1652 LanmanServer - ok 17:58:03.0542 1652 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:58:03.0552 1652 LanmanWorkstation - ok 17:58:03.0592 1652 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:58:03.0602 1652 lltdio - ok 17:58:03.0652 1652 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:58:03.0652 1652 lltdsvc - ok 17:58:03.0692 1652 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:58:03.0692 1652 lmhosts - ok 17:58:03.0742 1652 LMIInfo - ok 17:58:03.0792 1652 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys 17:58:03.0792 1652 lmimirr - ok 17:58:03.0802 1652 LMIRfsClientNP - ok 17:58:03.0832 1652 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys 17:58:03.0832 1652 LMIRfsDriver - ok 17:58:03.0872 1652 [ 515FC18CABEE0158A324B08B1C2667CF ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys 17:58:03.0902 1652 LPCFilter - ok 17:58:03.0932 1652 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 17:58:03.0932 1652 LSI_FC - ok 17:58:03.0992 1652 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 17:58:03.0992 1652 LSI_SAS - ok 17:58:04.0022 1652 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 17:58:04.0022 1652 LSI_SCSI - ok 17:58:04.0062 1652 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 17:58:04.0062 1652 luafv - ok 17:58:04.0072 1652 LVcKap - ok 17:58:04.0082 1652 LVMVDrv - ok 17:58:04.0202 1652 [ FF6E9C169F3372D0046DEDBE63E461F2 ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys 17:58:04.0272 1652 lvpopflt - ok 17:58:04.0282 1652 LVPr2Mon - ok 17:58:04.0302 1652 LVPrcSrv - ok 17:58:04.0342 1652 [ F7D667093387A389D2D90CCE7178B3A5 ] lvselsus C:\Windows\system32\DRIVERS\lvselsus.sys 17:58:04.0342 1652 lvselsus - ok 17:58:04.0392 1652 [ CCFF53B1FCDFA9EDE919E3BDBD10D0FD ] LVUSBSta C:\Windows\system32\drivers\lvusbsta.sys 17:58:04.0392 1652 LVUSBSta - ok 17:58:04.0482 1652 [ 9C1123052624356CD7C05D5C5767BF57 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys 17:58:04.0532 1652 LVUVC - ok 17:58:04.0632 1652 [ 677FB31C7F6140FD97C91FF3929B702A ] MaxBackServiceInt C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe 17:58:04.0662 1652 MaxBackServiceInt - ok 17:58:04.0722 1652 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:58:04.0732 1652 Mcx2Svc - ok 17:58:04.0902 1652 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 17:58:04.0902 1652 MDM - ok 17:58:04.0952 1652 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys 17:58:04.0952 1652 megasas - ok 17:58:05.0102 1652 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 17:58:05.0102 1652 Microsoft Office Groove Audit Service - ok 17:58:05.0162 1652 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 17:58:05.0162 1652 MMCSS - ok 17:58:05.0202 1652 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 17:58:05.0202 1652 Modem - ok 17:58:05.0252 1652 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:58:05.0252 1652 monitor - ok 17:58:05.0262 1652 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:58:05.0272 1652 mouclass - ok 17:58:05.0282 1652 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:58:05.0282 1652 mouhid - ok 17:58:05.0302 1652 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\DRIVERS\MOUNTMGR.SYS 17:58:05.0312 1652 MountMgr - ok 17:58:05.0362 1652 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 17:58:05.0362 1652 MozillaMaintenance - ok 17:58:05.0402 1652 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 17:58:05.0412 1652 MpFilter - ok 17:58:05.0452 1652 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys 17:58:05.0452 1652 mpio - ok 17:58:05.0492 1652 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:58:05.0492 1652 mpsdrv - ok 17:58:05.0532 1652 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 17:58:05.0532 1652 Mraid35x - ok 17:58:05.0602 1652 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:58:05.0602 1652 MRxDAV - ok 17:58:05.0662 1652 [ 454341E652BDF5E01B0F2140232B073E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:58:05.0662 1652 mrxsmb - ok 17:58:05.0692 1652 [ 2A4901AFF069944FA945ED5BBF4DCDE3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:58:05.0702 1652 mrxsmb10 - ok 17:58:05.0722 1652 [ 28B3F1AB44BDD4432C041581412F17D9 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:58:05.0722 1652 mrxsmb20 - ok 17:58:05.0742 1652 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys 17:58:05.0742 1652 msahci - ok 17:58:05.0772 1652 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:58:05.0782 1652 msdsm - ok 17:58:05.0822 1652 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 17:58:05.0832 1652 MSDTC - ok 17:58:05.0882 1652 [ 343291A4DFD7C923C3F71F550830EC1C ] MSDV C:\Windows\system32\DRIVERS\msdv.sys 17:58:05.0882 1652 MSDV - ok 17:58:05.0922 1652 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:58:05.0922 1652 Msfs - ok 17:58:05.0942 1652 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:58:05.0952 1652 msisadrv - ok 17:58:06.0002 1652 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:58:06.0002 1652 MSiSCSI - ok 17:58:06.0012 1652 msiserver - ok 17:58:06.0092 1652 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:58:06.0092 1652 MSKSSRV - ok 17:58:06.0152 1652 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 17:58:06.0152 1652 MsMpSvc - ok 17:58:06.0182 1652 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:58:06.0182 1652 MSPCLOCK - ok 17:58:06.0222 1652 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:58:06.0232 1652 MSPQM - ok 17:58:06.0322 1652 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:58:06.0322 1652 MsRPC - ok 17:58:06.0342 1652 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 17:58:06.0342 1652 mssmbios - ok 17:58:06.0362 1652 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:58:06.0362 1652 MSTEE - ok 17:58:06.0392 1652 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 17:58:06.0392 1652 Mup - ok 17:58:06.0432 1652 [ C29F284FF7AB4ED38CE419A9424E52A2 ] MXOPSWD C:\Windows\system32\DRIVERS\mxopswd.sys 17:58:06.0432 1652 MXOPSWD - ok 17:58:06.0492 1652 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 17:58:06.0512 1652 napagent - ok 17:58:06.0592 1652 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:58:06.0602 1652 NativeWifiP - ok 17:58:06.0692 1652 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:58:06.0722 1652 NDIS - ok 17:58:06.0772 1652 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:58:06.0772 1652 NdisTapi - ok 17:58:06.0822 1652 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:58:06.0832 1652 Ndisuio - ok 17:58:06.0852 1652 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:58:06.0852 1652 NdisWan - ok 17:58:06.0892 1652 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:58:06.0892 1652 NDProxy - ok 17:58:06.0912 1652 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:58:06.0912 1652 NetBIOS - ok 17:58:06.0982 1652 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 17:58:06.0982 1652 netbt - ok 17:58:07.0023 1652 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon C:\Windows\system32\lsass.exe 17:58:07.0023 1652 Netlogon - ok 17:58:07.0070 1652 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 17:58:07.0070 1652 Netman - ok 17:58:07.0132 1652 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 17:58:07.0132 1652 netprofm - ok 17:58:07.0189 1652 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:58:07.0189 1652 NetTcpPortSharing - ok 17:58:07.0329 1652 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys 17:58:07.0429 1652 NETw4v32 - ok 17:58:07.0479 1652 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 17:58:07.0479 1652 nfrd960 - ok 17:58:07.0549 1652 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 17:58:07.0549 1652 NisDrv - ok 17:58:07.0609 1652 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 17:58:07.0619 1652 NisSrv - ok 17:58:07.0719 1652 [ D78F02AFC7C3422D6EA1EA823D4957C7 ] NitroDriverReadSpool C:\Program Files\Nitro PDF\Converter\NitroPDFDriverService.exe 17:58:07.0719 1652 NitroDriverReadSpool - ok 17:58:07.0789 1652 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:58:07.0789 1652 NlaSvc - ok 17:58:07.0849 1652 [ 00602D89A2564414E6F81DB0F2E24685 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE 17:58:07.0849 1652 nlsX86cc - ok 17:58:07.0909 1652 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:58:07.0919 1652 Npfs - ok 17:58:07.0969 1652 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 17:58:07.0969 1652 nsi - ok 17:58:08.0009 1652 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:58:08.0009 1652 nsiproxy - ok 17:58:08.0149 1652 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:58:08.0219 1652 Ntfs - ok 17:58:08.0279 1652 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 17:58:08.0279 1652 ntrigdigi - ok 17:58:08.0349 1652 [ C2C0FF5F58DC258B77A799E0F8B5925C ] NTService1 C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe 17:58:08.0359 1652 NTService1 - ok 17:58:08.0379 1652 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 17:58:08.0379 1652 Null - ok 17:58:08.0419 1652 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:58:08.0439 1652 nvraid - ok 17:58:08.0469 1652 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:58:08.0469 1652 nvstor - ok 17:58:08.0519 1652 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:58:08.0519 1652 nv_agp - ok 17:58:08.0529 1652 NwlnkFlt - ok 17:58:08.0539 1652 NwlnkFwd - ok 17:58:08.0639 1652 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:58:08.0649 1652 odserv - ok 17:58:08.0719 1652 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 17:58:08.0719 1652 ohci1394 - ok 17:58:08.0789 1652 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:58:08.0789 1652 ose - ok 17:58:08.0879 1652 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 17:58:08.0889 1652 p2pimsvc - ok 17:58:08.0939 1652 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 17:58:08.0949 1652 p2psvc - ok 17:58:08.0999 1652 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 17:58:08.0999 1652 Parport - ok 17:58:09.0059 1652 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:58:09.0059 1652 partmgr - ok 17:58:09.0089 1652 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 17:58:09.0089 1652 Parvdm - ok 17:58:09.0149 1652 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 17:58:09.0149 1652 PcaSvc - ok 17:58:09.0219 1652 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 17:58:09.0219 1652 pci - ok 17:58:09.0280 1652 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys 17:58:09.0280 1652 pciide - ok 17:58:09.0363 1652 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 17:58:09.0363 1652 pcmcia - ok 17:58:09.0433 1652 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:58:09.0473 1652 PEAUTH - ok 17:58:09.0593 1652 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 17:58:09.0663 1652 pla - ok 17:58:09.0733 1652 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:58:09.0743 1652 PlugPlay - ok 17:58:09.0813 1652 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 17:58:09.0823 1652 PNRPAutoReg - ok 17:58:09.0863 1652 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 17:58:09.0873 1652 PNRPsvc - ok 17:58:09.0913 1652 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:58:09.0923 1652 PolicyAgent - ok 17:58:09.0943 1652 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:58:09.0943 1652 PptpMiniport - ok 17:58:09.0993 1652 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys 17:58:09.0993 1652 Processor - ok 17:58:10.0093 1652 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 17:58:10.0103 1652 ProfSvc - ok 17:58:10.0113 1652 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe 17:58:10.0123 1652 ProtectedStorage - ok 17:58:10.0193 1652 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 17:58:10.0193 1652 PSched - ok 17:58:10.0203 1652 qekfvmer - ok 17:58:10.0283 1652 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys 17:58:10.0463 1652 ql2300 - ok 17:58:10.0493 1652 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 17:58:10.0503 1652 ql40xx - ok 17:58:10.0553 1652 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 17:58:10.0563 1652 QWAVE - ok 17:58:10.0593 1652 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:58:10.0603 1652 QWAVEdrv - ok 17:58:10.0643 1652 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:58:10.0643 1652 RasAcd - ok 17:58:10.0703 1652 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 17:58:10.0703 1652 RasAuto - ok 17:58:10.0763 1652 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:58:10.0763 1652 Rasl2tp - ok 17:58:10.0833 1652 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 17:58:10.0843 1652 RasMan - ok 17:58:10.0903 1652 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:58:10.0903 1652 RasPppoe - ok 17:58:10.0973 1652 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:58:10.0983 1652 RasSstp - ok 17:58:11.0053 1652 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:58:11.0063 1652 rdbss - ok 17:58:11.0083 1652 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:58:11.0083 1652 RDPCDD - ok 17:58:11.0143 1652 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 17:58:11.0143 1652 rdpdr - ok 17:58:11.0153 1652 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:58:11.0153 1652 RDPENCDD - ok 17:58:11.0213 1652 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:58:11.0223 1652 RDPWD - ok 17:58:11.0273 1652 [ 83A5D92ACE4465C667D1D55FCDAB2658 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 17:58:11.0283 1652 RegSrvc - ok 17:58:11.0313 1652 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:58:11.0313 1652 RemoteAccess - ok 17:58:11.0373 1652 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:58:11.0383 1652 RemoteRegistry - ok 17:58:11.0413 1652 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 17:58:11.0413 1652 RpcLocator - ok 17:58:11.0485 1652 [ 449BF2E12822299C0B153B61C5B8D58E ] rpcnet C:\Windows\system32\rpcnet.exe 17:58:11.0485 1652 rpcnet - ok 17:58:11.0532 1652 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 17:58:11.0548 1652 RpcSs - ok 17:58:11.0579 1652 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:58:11.0579 1652 rspndr - ok 17:58:11.0604 1652 [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 17:58:11.0614 1652 RTL8169 - ok 17:58:11.0634 1652 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe 17:58:11.0634 1652 SamSs - ok 17:58:11.0674 1652 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 17:58:11.0674 1652 SASDIFSV - ok 17:58:11.0694 1652 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 17:58:11.0704 1652 SASKUTIL - ok 17:58:11.0744 1652 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:58:11.0744 1652 sbp2port - ok 17:58:11.0924 1652 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:58:11.0934 1652 SCardSvr - ok 17:58:12.0014 1652 [ 323AE0BDFD2EB15B668DDA50CC597329 ] Schedule C:\Windows\system32\schedsvc.dll 17:58:12.0024 1652 Schedule - ok 17:58:12.0044 1652 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 17:58:12.0054 1652 SCPolicySvc - ok 17:58:12.0104 1652 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 17:58:12.0114 1652 sdbus - ok 17:58:12.0144 1652 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:58:12.0154 1652 SDRSVC - ok 17:58:12.0174 1652 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:58:12.0174 1652 secdrv - ok 17:58:12.0214 1652 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 17:58:12.0214 1652 seclogon - ok 17:58:12.0234 1652 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 17:58:12.0244 1652 SENS - ok 17:58:12.0274 1652 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 17:58:12.0284 1652 Serenum - ok 17:58:12.0314 1652 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 17:58:12.0314 1652 Serial - ok 17:58:12.0374 1652 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 17:58:12.0374 1652 sermouse - ok 17:58:12.0454 1652 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 17:58:12.0454 1652 SessionEnv - ok 17:58:12.0494 1652 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 17:58:12.0494 1652 sffdisk - ok 17:58:12.0534 1652 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:58:12.0544 1652 sffp_mmc - ok 17:58:12.0594 1652 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 17:58:12.0594 1652 sffp_sd - ok 17:58:12.0614 1652 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 17:58:12.0634 1652 sfloppy - ok 17:58:12.0714 1652 [ C818C44C201898399BF999BB6B35D4E3 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:58:12.0724 1652 ShellHWDetection - ok 17:58:12.0764 1652 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys 17:58:12.0764 1652 sisagp - ok 17:58:12.0804 1652 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 17:58:12.0804 1652 SiSRaid2 - ok 17:58:12.0834 1652 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 17:58:12.0844 1652 SiSRaid4 - ok 17:58:13.0064 1652 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 17:58:13.0204 1652 slsvc - ok 17:58:13.0294 1652 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 17:58:13.0294 1652 SLUINotify - ok 17:58:13.0354 1652 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:58:13.0354 1652 Smb - ok 17:58:13.0404 1652 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:58:13.0404 1652 SNMPTRAP - ok 17:58:13.0464 1652 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 17:58:13.0464 1652 spldr - ok 17:58:13.0494 1652 [ 524BFBEA40E6E404737CCBC754647A2E ] Spooler C:\Windows\System32\spoolsv.exe 17:58:13.0504 1652 Spooler - ok 17:58:13.0554 1652 [ FF3CBC13DB84D81F56931BC922CC37C4 ] srv C:\Windows\system32\DRIVERS\srv.sys 17:58:13.0564 1652 srv - ok 17:58:13.0604 1652 [ D15959D9F69F0D39A0153E9C244F20DD ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:58:13.0614 1652 srv2 - ok 17:58:13.0644 1652 [ FAA0D553A49E85008C6BB3781987C574 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:58:13.0644 1652 srvnet - ok 17:58:13.0686 1652 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:58:13.0686 1652 SSDPSRV - ok 17:58:13.0764 1652 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:58:13.0764 1652 SstpSvc - ok 17:58:13.0844 1652 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 17:58:13.0854 1652 stisvc - ok 17:58:13.0874 1652 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 17:58:13.0874 1652 swenum - ok 17:58:13.0954 1652 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 17:58:13.0964 1652 swprv - ok 17:58:14.0014 1652 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 17:58:14.0014 1652 Symc8xx - ok 17:58:14.0044 1652 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 17:58:14.0044 1652 Sym_hi - ok 17:58:14.0074 1652 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 17:58:14.0074 1652 Sym_u3 - ok 17:58:14.0134 1652 [ 964524A9EDCCE945E82419ABE9DB94EE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 17:58:14.0134 1652 SynTP - ok 17:58:14.0224 1652 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 17:58:14.0234 1652 SysMain - ok 17:58:14.0264 1652 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:58:14.0264 1652 TabletInputService - ok 17:58:14.0334 1652 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 17:58:14.0344 1652 TapiSrv - ok 17:58:14.0374 1652 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 17:58:14.0384 1652 TBS - ok 17:58:14.0454 1652 [ 6A10AFCE0B38371064BE41C1FBFD3C6B ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:58:14.0534 1652 Tcpip - ok 17:58:14.0624 1652 [ 6A10AFCE0B38371064BE41C1FBFD3C6B ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 17:58:14.0634 1652 Tcpip6 - ok 17:58:14.0684 1652 [ 9BF343F4C878D6AD6922B2C5A4FEFE0D ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:58:14.0684 1652 tcpipreg - ok 17:58:14.0724 1652 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 17:58:14.0724 1652 tdcmdpst - ok 17:58:14.0774 1652 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:58:14.0774 1652 TDPIPE - ok 17:58:14.0804 1652 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:58:14.0804 1652 TDTCP - ok 17:58:14.0874 1652 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:58:14.0874 1652 tdx - ok 17:58:14.0904 1652 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 17:58:14.0904 1652 TermDD - ok 17:58:14.0974 1652 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 17:58:14.0984 1652 TermService - ok 17:58:15.0024 1652 [ C818C44C201898399BF999BB6B35D4E3 ] Themes C:\Windows\system32\shsvcs.dll 17:58:15.0034 1652 Themes - ok 17:58:15.0074 1652 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 17:58:15.0074 1652 THREADORDER - ok 17:58:15.0124 1652 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\Windows\system32\drivers\tifm21.sys 17:58:15.0134 1652 tifm21 - ok 17:58:15.0254 1652 [ 1F9A37B633C11EBE5D68137645FA1337 ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe 17:58:15.0254 1652 TNaviSrv - ok 17:58:15.0314 1652 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe 17:58:15.0314 1652 TODDSrv - ok 17:58:15.0384 1652 [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 17:58:15.0394 1652 TosCoSrv - ok 17:58:15.0434 1652 [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 17:58:15.0434 1652 TOSHIBA Bluetooth Service - ok 17:58:15.0444 1652 Tosrfcom - ok 17:58:15.0464 1652 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys 17:58:15.0464 1652 tosrfec - ok 17:58:15.0494 1652 [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys 17:58:15.0494 1652 tos_sps32 - ok 17:58:15.0504 1652 TpChoice - ok 17:58:15.0584 1652 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 17:58:15.0584 1652 TrkWks - ok 17:58:15.0674 1652 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:58:15.0674 1652 TrustedInstaller - ok 17:58:15.0744 1652 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:58:15.0744 1652 tssecsrv - ok 17:58:15.0784 1652 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 17:58:15.0784 1652 tunmp - ok 17:58:15.0804 1652 [ 119B8184E106BAEDC83FCE5DDF3950DA ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:58:15.0814 1652 tunnel - ok 17:58:15.0865 1652 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS 17:58:15.0865 1652 TVALZ - ok 17:58:15.0896 1652 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 17:58:15.0912 1652 uagp35 - ok 17:58:15.0957 1652 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:58:15.0967 1652 udfs - ok 17:58:16.0027 1652 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:58:16.0027 1652 UI0Detect - ok 17:58:16.0107 1652 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 17:58:16.0107 1652 UleadBurningHelper - ok 17:58:16.0157 1652 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:58:16.0157 1652 uliagpkx - ok 17:58:16.0197 1652 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys 17:58:16.0207 1652 uliahci - ok 17:58:16.0237 1652 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 17:58:16.0247 1652 UlSata - ok 17:58:16.0277 1652 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 17:58:16.0287 1652 ulsata2 - ok 17:58:16.0317 1652 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:58:16.0317 1652 umbus - ok 17:58:16.0347 1652 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 17:58:16.0357 1652 upnphost - ok 17:58:16.0427 1652 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 17:58:16.0427 1652 usbaudio - ok 17:58:16.0477 1652 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:58:16.0477 1652 usbccgp - ok 17:58:16.0517 1652 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:58:16.0517 1652 usbcir - ok 17:58:16.0547 1652 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:58:16.0547 1652 usbehci - ok 17:58:16.0577 1652 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:58:16.0587 1652 usbhub - ok 17:58:16.0627 1652 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 17:58:16.0627 1652 usbohci - ok 17:58:16.0647 1652 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys 17:58:16.0647 1652 usbprint - ok 17:58:16.0657 1652 Usbrfcddworb - ok 17:58:16.0687 1652 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:58:16.0687 1652 USBSTOR - ok 17:58:16.0737 1652 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:58:16.0737 1652 usbuhci - ok 17:58:16.0807 1652 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 17:58:16.0817 1652 usbvideo - ok 17:58:16.0857 1652 [ 3B929A72AAEA96DC0150D3A6DA268C89 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS 17:58:16.0857 1652 UVCFTR - ok 17:58:16.0927 1652 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 17:58:16.0927 1652 UxSms - ok 17:58:16.0997 1652 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 17:58:17.0007 1652 vds - ok 17:58:17.0057 1652 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:58:17.0057 1652 vga - ok 17:58:17.0127 1652 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 17:58:17.0127 1652 VgaSave - ok 17:58:17.0167 1652 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys 17:58:17.0167 1652 viaagp - ok 17:58:17.0197 1652 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 17:58:17.0197 1652 ViaC7 - ok 17:58:17.0227 1652 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys 17:58:17.0237 1652 viaide - ok 17:58:17.0277 1652 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:58:17.0277 1652 volmgr - ok 17:58:17.0377 1652 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:58:17.0387 1652 volmgrx - ok 17:58:17.0457 1652 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:58:17.0457 1652 volsnap - ok 17:58:17.0507 1652 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 17:58:17.0507 1652 vsmraid - ok 17:58:17.0617 1652 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 17:58:17.0687 1652 VSS - ok 17:58:17.0767 1652 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 17:58:17.0767 1652 W32Time - ok 17:58:17.0807 1652 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 17:58:17.0807 1652 WacomPen - ok 17:58:17.0847 1652 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 17:58:17.0847 1652 Wanarp - ok 17:58:17.0857 1652 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:58:17.0857 1652 Wanarpv6 - ok 17:58:17.0897 1652 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:58:17.0927 1652 wcncsvc - ok 17:58:17.0977 1652 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:58:17.0977 1652 WcsPlugInService - ok 17:58:18.0038 1652 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys 17:58:18.0054 1652 Wd - ok 17:58:18.0148 1652 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:58:18.0179 1652 Wdf01000 - ok 17:58:18.0219 1652 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:58:18.0219 1652 WdiServiceHost - ok 17:58:18.0229 1652 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:58:18.0239 1652 WdiSystemHost - ok 17:58:18.0309 1652 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 17:58:18.0319 1652 WebClient - ok 17:58:18.0359 1652 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:58:18.0369 1652 Wecsvc - ok 17:58:18.0399 1652 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:58:18.0409 1652 wercplsupport - ok 17:58:18.0479 1652 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 17:58:18.0479 1652 WerSvc - ok 17:58:18.0569 1652 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 17:58:18.0579 1652 WinDefend - ok 17:58:18.0589 1652 WinHttpAutoProxySvc - ok 17:58:18.0729 1652 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:58:18.0729 1652 Winmgmt - ok 17:58:18.0799 1652 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll 17:58:18.0849 1652 WinRM - ok 17:58:18.0939 1652 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 17:58:18.0949 1652 Wlansvc - ok 17:58:19.0119 1652 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:58:19.0139 1652 wlidsvc - ok 17:58:19.0179 1652 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 17:58:19.0179 1652 WmiAcpi - ok 17:58:19.0239 1652 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:58:19.0249 1652 wmiApSrv - ok 17:58:19.0339 1652 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 17:58:19.0359 1652 WMPNetworkSvc - ok 17:58:19.0429 1652 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:58:19.0439 1652 WPCSvc - ok 17:58:19.0449 1652 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:58:19.0459 1652 WPDBusEnum - ok 17:58:19.0499 1652 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 17:58:19.0499 1652 WpdUsb - ok 17:58:19.0569 1652 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:58:19.0579 1652 ws2ifsl - ok 17:58:19.0629 1652 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll 17:58:19.0639 1652 wscsvc - ok 17:58:19.0639 1652 WSearch - ok 17:58:19.0769 1652 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 17:58:19.0849 1652 wuauserv - ok 17:58:19.0889 1652 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:58:19.0899 1652 WUDFRd - ok 17:58:19.0929 1652 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:58:19.0939 1652 wudfsvc - ok 17:58:19.0959 1652 ================ Scan global =============================== 17:58:20.0029 1652 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 17:58:20.0099 1652 [ 40864DA48A14EBC68A0D6BFD08BA21EB ] C:\Windows\system32\winsrv.dll 17:58:20.0119 1652 [ 40864DA48A14EBC68A0D6BFD08BA21EB ] C:\Windows\system32\winsrv.dll 17:58:20.0179 1652 [ 8737764F4FD36D6808EE80578409C843 ] C:\Windows\system32\services.exe 17:58:20.0189 1652 C:\Windows\system32\services.exe ( Virus.Win32.ZAccess.m ) - infected 17:58:20.0189 1652 C:\Windows\system32\services.exe - detected Virus.Win32.ZAccess.m (0) 17:58:20.0189 1652 ================ Scan MBR ================================== 17:58:20.0219 1652 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0 17:58:21.0012 1652 \Device\Harddisk0\DR0 - ok 17:58:21.0012 1652 ================ Scan VBR ================================== 17:58:21.0012 1652 [ 11BDF00FBCC8339B1709AF6089A9C9A1 ] \Device\Harddisk0\DR0\Partition1 17:58:21.0022 1652 \Device\Harddisk0\DR0\Partition1 - ok 17:58:21.0082 1652 [ E46E1BE5C2222A78FA6E9446F9B20CC4 ] \Device\Harddisk0\DR0\Partition2 17:58:21.0082 1652 \Device\Harddisk0\DR0\Partition2 - ok 17:58:21.0082 1652 ============================================================ 17:58:21.0082 1652 Scan finished 17:58:21.0082 1652 ============================================================ 17:58:21.0102 4768 Detected object count: 1 17:58:21.0102 4768 Actual detected object count: 1 17:58:40.0893 4768 C:\Windows\system32\services.exe - copied to quarantine 17:58:43.0494 4768 C:\Windows\assembly\GAC\desktop.ini - copied to quarantine 17:58:43.0824 4768 C:\Users\Luc Duranleau\AppData\Local\{ac18af58-bb7f-db54-bb76-9f0345e14f3c}\@ - copied to quarantine 17:58:58.0737 4768 Backup copy found, using it.. 17:58:58.0897 4768 C:\Windows\assembly\GAC\desktop.ini - will be deleted on reboot 17:58:59.0137 4768 C:\Users\Luc Duranleau\AppData\Local\{ac18af58-bb7f-db54-bb76-9f0345e14f3c}\@ - will be deleted on reboot 17:58:59.0197 4768 C:\Windows\system32\services.exe - will be cured on reboot 17:58:59.0197 4768 C:\Windows\system32\services.exe ( Virus.Win32.ZAccess.m ) - User select action: Cure 17:59:36.0837 5296 Deinitialize success ======================================================================== C:\ProgramData\netdislw.js JS/Agent.NID trojan C:\Users\All Users\netdislw.js JS/Agent.NID trojan C:\Windows\System32\DBBK\6D5483DA06CB7B45F205C51D87EB6D1A Win32/Sirefef.FA trojan C:\Windows\System32\DBBK\6E71F4274113197AD75262AF24FB1B09 Win32/Conedex.E trojan C:\Windows\System32\DBBK\85C5DEC9B6B5D6B9DE2C0331A102AD71 Win32/Sirefef.EZ trojan C:\Windows\System32\DBBK\8737764F4FD36D6808EE80578409C843 Win32/Sirefef.FB.Gen trojan C:\Windows\System32\DBBK\D30CEF5730C307FC524F11F228C6E8B8 a variant of Win32/Sirefef.FD trojan C:\Windows\System32\DBBK\FE2EB24E6BD36B8BE3869ECE85AA72BC Win32/Conedex.D trojan ============================================================================ RogueKiller V8.4.2 [Dec 31 2012] par Tigzy mail : tigzyRK<at>gmail<dot>com Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html Site Web : http://www.sur-la-toile.com/RogueKiller/ Blog : http://tigzyrk.blogspot.com/ Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Demarrage : Mode normal Utilisateur : Luc Duranleau [Droits d'admin] Mode : Recherche -- Date : 04/01/2013 02:58:19 ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 1 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (fpro.rtss.qc.ca:8080) -> TROUVÉ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHX2250BT +++++ --- User --- [MBR] 0c3f8c5caf4d0fcc079e4155977e3ab0 [bSP] 87042bb57fab562d2f4fd0a527263a3f : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 225483 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 464863232 | Size: 6023 Mo 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 477198336 | Size: 5468 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[5]_S_04012013_025819.txt >> RKreport[1]_S_04012013_025407.txt ; RKreport[2]_D_04012013_025507.txt ; RKreport[3]_PR_04012013_025727.txt ; RKreport[4]_PR_04012013_025735.txt ; RKreport[5]_S_04012013_025819.txt
  6. LucDuran
    Hi, One last thing, do I have to uninstall and reinstall ComboFix before proceeding? Luc
  7. LucDuran
    Hi, I ran the complete of MBAM and things run fine now. Here is the log. I checked QooBox and those 2 log files can't be found. Also a folder called BadEnv which I cannot access. It is denied. I will get going on executing ComboFix with your script. Also, I did scan with RegServo but did not change anything in the registry. Just wanted to see what it gave me. I am generally quite cautious about having software fiddle around with the registry. Luc ============================================================= Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.07.10 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18943 Luc Duranleau :: LEONIDAS [administrator] Protection: Disabled 2013-01-07 20:00:52 mbam-log-2013-01-07 (20-00-52).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 443850 Time elapsed: 2 hour(s), 57 minute(s), 59 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ============================================================
  8. LucDuran
    Hi, Here is the ComboFix log. By the way, I needed to reboot as none of my apps could start. An error saying that access was denied because a registry entry was to be deleted. ComboFix 13-01-06.01 - Luc Duranleau 2013-01-07 19:26:44.3.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.2.1036.18.2046.1160 [GMT -5:00] Lancé depuis: c:\users\Luc Duranleau\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-12-08 au 2013-01-08 )))))))))))))))))))))))))))))))))))) . . 2013-01-08 00:40 . 2013-01-08 00:41 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\temp 2013-01-08 00:40 . 2013-01-08 00:40 -------- d-----w- c:\users\Invité\AppData\Local\temp 2013-01-08 00:40 . 2013-01-08 00:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-07 19:49 . 2013-01-07 19:49 -------- d-----w- c:\programdata\Apple Computer 2013-01-07 18:59 . 2013-01-07 18:59 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\Secunia PSI 2013-01-07 18:58 . 2013-01-07 18:58 -------- d-----w- c:\program files\Secunia 2013-01-07 18:44 . 2013-01-07 18:44 -------- d-----w- c:\program files\FileHippo.com 2013-01-05 19:50 . 2013-01-05 19:50 -------- d-----w- C:\found.000 2013-01-05 19:21 . 2013-01-06 18:11 -------- d-----w- C:\MGADiagToolOutput 2013-01-05 19:11 . 2013-01-05 19:11 -------- d-----w- c:\programdata\Office Genuine Advantage 2013-01-05 16:42 . 2013-01-05 16:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-01-05 16:42 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-05 14:21 . 2013-01-05 14:21 -------- d-----w- c:\programdata\RegSERVO 2013-01-04 20:32 . 2013-01-07 18:21 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\LogMeIn Rescue Applet 2013-01-04 19:05 . 2013-01-04 19:05 -------- d-----w- c:\users\Luc Duranleau\AppData\Roaming\PC Cleaners 2013-01-04 19:05 . 2013-01-04 19:05 4729224 ----a-w- c:\windows\uninst.exe 2013-01-04 19:05 . 2013-01-04 19:17 -------- d-----w- c:\programdata\PC1Data 2013-01-04 19:05 . 2013-01-04 19:05 -------- d-----w- c:\users\Luc Duranleau\AppData\Roaming\PCPro 2013-01-04 16:37 . 2013-01-04 16:37 -------- d-----w- c:\users\Luc Duranleau\AppData\Local\Macromedia 2013-01-04 16:36 . 2013-01-04 16:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-04 16:25 . 2012-11-28 15:35 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-01-03 22:58 . 2013-01-03 22:58 -------- d-----w- C:\TDSSKiller_Quarantine 2013-01-03 21:13 . 2013-01-03 21:13 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe 2013-01-03 21:13 . 2013-01-03 21:13 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe 2012-12-25 07:53 . 2012-12-25 07:53 -------- d-----w- c:\users\Luc Duranleau\dwhelper . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-07 19:47 . 2011-09-11 20:32 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-07 09:58 . 2010-08-25 23:14 56680 ----a-w- c:\windows\system32\rpcnet.dll 2013-01-03 23:00 . 2010-08-29 03:54 279552 ----a-w- c:\windows\system32\services.exe 2012-10-25 08:12 . 2012-10-25 08:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 08:12 . 2012-10-25 08:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2013-01-03 21:13 . 2012-04-12 20:05 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . <pre> c:\program files\Camera Assistant Software for Toshiba\traybar .exe c:\program files\ltmoh\Ltmoh .exe c:\program files\Synaptics\SynTP\SynTPStart .exe c:\program files\TOSHIBA\Utilities\KeNotify .exe </pre> . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "toscdspd"="TOSCDSPD.EXE" [N/A] "reminder"="c:\program files\TOSHIBA\reminder\reminder.exe" [2007-05-16 407672] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [N/A] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2005-10-17 81920] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "MaxtorOneTouch"="c:\program files\Maxtor\OneTouch\utils\Onetouch.exe" [2006-03-27 712704] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [N/A] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-13 113664] Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-11-26 573024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - PSI . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' . 2013-01-07 c:\windows\Tasks\User_Feed_Synchronization-{74AEAE6A-923F-4414-A6C1-ABCC0714A59C}.job - c:\windows\system32\msfeedssync.exe [2010-08-29 04:24] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.iciwave.com/ uInternet Settings,ProxyServer = fpro.rtss.qc.ca:8080 uInternet Settings,ProxyOverride = *.rtss;*.gmf.qc.ca;*.mtl.rtss.qc.ca;*.rtss.qc.ca*;10.*;<local> IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: desjardins.com\accesd.affaires TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Luc Duranleau\AppData\Roaming\Mozilla\Firefox\Profiles\h1myzu6n.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: network.proxy.ftp - fpro.rtss.qc.ca FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - fpro.rtss.qc.ca FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - fpro.rtss.qc.ca FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - fpro.rtss.qc.ca FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - fpro.rtss.qc.ca FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-12-25 02:50; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Luc Duranleau\AppData\Roaming\Mozilla\Firefox\Profiles\h1myzu6n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} . - - - - ORPHELINS SUPPRIMES - - - - . SafeBoot-27012286.sys SafeBoot-75658422.sys SafeBoot-klmdb.sys AddRemove-RecoveryFix For Windows(Demo)_is1 - d:\recoveryfix for windows(demo)\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-01-07 19:41 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\system\ControlSet003\control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Heure de fin: 2013-01-07 19:46:03 ComboFix-quarantined-files.txt 2013-01-08 00:46 . Avant-CF: 34 005 401 600 octets libres Après-CF: 34 037 583 872 octets libres . - - End Of File - - C526C874539490441DD84E9F7D995C62
  9. LucDuran
    Hi, Also, the retailer never gave an installation disc. How can I check if the recovery console is installed? If not, would it be located on my computer already? Luc
  10. LucDuran
    Hi, One question. Must I also disable Internet security and UAC? Luc
  11. LucDuran
    Hi again, Here is MBAM log. I will continue with ComboFix now. Luc ===================================================================== Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.07.10 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18943 Luc Duranleau :: LEONIDAS [administrator] Protection: Disabled 2013-01-07 17:11:14 mbam-log-2013-01-07 (17-11-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 229201 Time elapsed: 8 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  12. LucDuran
    Hi, Ok. I have updated the database and I am performing the scan. I will then go forward with ComboFix as detailed in your previous post. Thanks for your patience, Luc
  13. LucDuran
    Hello, If you check my first entry, you will find the log output for MBAM 1.7 which is the version I updated to. The log indicates nothing abnormal. The log from MBAM 1.4 was the one used at the time of the disinfection that caused or indirectly caused the authentication problem. Luc
  14. LucDuran
    Hi, Here are the results. FileHippo & PSI All installations updated except those I don't use at all. Microsoft Safety Scanner The tool scanned and found no infections. Luc
  15. LucDuran
    Hello, Thanks for you reply. To finish up on the issues you mentionned. 4) LogMeIn - This seems to be an applet that was downloaded. Nothing is installed and there are no services attached. I deleted the executable. If there is anything else that needs to be done to get rid of it, let me know. 6) Proxy - this proxy was setup by one of my clients (government health agency). I thought it was de-activated. Please let me know how to completely remove it. 7) The system asks to reactivate the product key. The background is black and at the bottom right hand corner is a label indicating Windows Vista 6002 (copy not genuine). I tried entering the COA product key on sticker on the back of my computer. To no avail. Tried the telephone activation method through Microsoft support. The 9 sets of 6 digits. To no avail. Tried system restore. System restore fails with error code 0x8000FFFF. Microsoft support tried reloading and rearming licensing components (slsvc and slmgr). To no avail. The Tamper Time Stamp indicates a «T» type tamper and I guess it will not accept anything until that state is resolved. Updates - I did a Vista update last night. No affect on licensing problem. I will complete your instructions and get back to you with the results. Thanks, Luc
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.