I believe I have a virus

[Wofstar]

Howdy, My computer has been running slower and slower over the past week or so, and today I was trying to edit a video for class and the video lagged to a standstill. So I ran Malware-bytes and Avast and came up with nothing...but now every program I try and open lags, and several wont load at all. Even right-clicking on something locks the computer up and forces me to close the program. Please Help, I need to try and get this cleared up as soon as possible so that I can get back to class without issues. Cheers, wofstar

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by AngelsBaby at 13:00:20 on 2012-05-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4086.2476 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\system32\HPSIsvc.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

C:\Windows\RAVCpl64.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroDist.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\Explorer.exe

C:\Windows\system32\wbem\wmiprvse.exe

c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

uInternet Settings,ProxyOverride = <local>;*.local

uURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

uRun: [Facebook Update] "C:\Users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode

uRun: [AdobeBridge]

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"

mRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

mRun: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

mRun: [<NO NAME>]

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

StartupFolder: C:\Users\ANGELS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HUGHES~1.LNK - C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\2456C6B696E6E233638303 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\24573797C496F6E6 : DhcpNameServer = 67.142.162.12 67.142.162.13

TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\24573797C496F6E6D27657563747 : DhcpNameServer = 67.142.162.12 67.142.162.13

TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\642716E6B6C696E60205162796378602C4962627162797 : DhcpNameServer = 192.168.10.4 199.80.64.22

TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\65562796A7F6E602D494649443531303C4022423644302355636572756 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F8733702-2991-4A82-A09A-5C9627727867} : DhcpNameServer = 192.168.1.254

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO-X64: NCO 2.0 IE BHO - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun-x64: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun-x64: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"

mRun-x64: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

mRun-x64: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

mRun-x64: [(Default)]

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\AngelsBaby\AppData\Roaming\Mozilla\Firefox\Profiles\vren65jd.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\AngelsBaby\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-23 44768]

R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-5-11 362296]

R2 HPSIService;HP SI Service;C:\Windows\system32\HPSIsvc.exe --> C:\Windows\system32\HPSIsvc.exe [?]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-4-15 1038088]

S3 HP1210FAX;HP1210MFP FAX;C:\Windows\system32\Drivers\HPM1210FAX.sys --> C:\Windows\system32\Drivers\HPM1210FAX.sys [?]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 129976]

S3 mvusbews;USB EWS Device;C:\Windows\system32\Drivers\mvusbews.sys --> C:\Windows\system32\Drivers\mvusbews.sys [?]

S3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\system32\drivers\NMgamingms.sys --> C:\Windows\system32\drivers\NMgamingms.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

.

=============== Created Last 30 ================

.

2012-05-17 05:03:23 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\PACE Anti-Piracy

2012-05-17 05:03:23 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\PACE Anti-Piracy

2012-05-17 05:03:23 -------- d-----w- C:\ProgramData\PACE Anti-Piracy

2012-05-17 05:02:50 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\PDAppFlex

2012-05-17 05:02:08 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2012-05-17 04:58:02 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2012-05-17 04:58:02 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2012-05-17 04:58:02 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2012-05-17 04:58:02 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2012-05-17 04:58:01 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2012-05-17 04:57:56 -------- d-----w- C:\Program Files (x86)\My Company Name

2012-05-17 03:56:48 -------- d-----w- C:\Users\AngelsBaby\Adobe Premiere Pro CS6

2012-05-17 03:55:46 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-05-17 03:55:41 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2012-05-16 05:27:36 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BFBD76F6-95AC-48C9-B36C-B68F8C3B79C3}\mpengine.dll

2012-05-11 03:34:15 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{87AE94FD-08AC-44BD-AB4F-FA0C7FEEFBDA}

2012-05-11 03:34:02 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{3F5E7BBF-1B47-46A3-9ADC-ECA6D7EF470C}

2012-05-11 03:33:55 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{6C37D842-C0B2-40AD-BC46-AFE38A630255}

2012-05-11 03:33:36 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{93710D18-27E0-4162-91C4-A0B065506625}

2012-05-10 02:11:03 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-05-10 02:10:26 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-05-10 02:10:25 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-10 02:09:58 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-10 02:09:55 3146240 ----a-w- C:\Windows\System32\win32k.sys

2012-05-10 02:09:52 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-10 02:09:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-10 02:08:38 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2012-05-10 02:08:38 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-10 02:08:37 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-10 02:08:34 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2012-05-10 02:08:34 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2012-05-10 02:08:05 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-05-09 05:15:02 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\Magic Set Editor

2012-05-07 18:02:35 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{30BD16AE-D78F-434F-8316-12DB5D170502}

2012-05-07 18:02:19 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{9367D68D-A4D1-49BA-BEE8-65F77BED6DB1}

2012-05-06 05:20:02 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{24E45107-EE61-4852-82DA-891432A777EC}

2012-05-06 05:19:49 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{EDB5B7D3-9DFA-4272-8ABF-8908D36BF099}

2012-05-03 15:55:42 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-05-03 15:55:34 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-03 15:55:34 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-02 02:20:58 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{480E2017-074E-4BEA-8D0E-E30D809A8428}

2012-05-02 02:20:46 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{B3E61E5C-A5C7-439A-AD71-D75D433E9E4C}

2012-05-02 02:20:05 -------- d-----w- C:\Windows\en

2012-05-02 02:16:00 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DSETUP.dll

2012-05-02 02:16:00 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DXSETUP.exe

2012-05-02 02:16:00 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\dsetup32.dll

2012-05-02 02:16:00 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\848e79be1cd280902\MeshBetaRemover.exe

2012-05-02 02:15:22 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{808D5506-C084-4417-8915-A91A7F30224A}

2012-05-02 02:15:10 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{2779E0C1-BCB2-494E-93F0-5F5E33380E2D}

2012-05-02 02:00:07 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{E0001306-4527-4C0E-A1A6-EDC9DA51DAB2}

2012-05-02 01:59:44 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{660FCA22-3B9D-4FC8-9CE6-F4F0A5105968}

2012-04-24 15:13:51 -------- d-----w- C:\Program Files (x86)\VitalSource Bookshelf

2012-04-22 06:55:10 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\LogiShrd

2012-04-21 17:22:19 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\Logitech® Webcam Software

2012-04-21 16:58:46 53248 ----a-r- C:\Users\AngelsBaby\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2012-04-21 16:55:38 -------- d-----w- C:\Program Files (x86)\Common Files\LWS

2012-04-21 16:33:40 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll

2012-04-21 16:29:44 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2012-04-21 16:25:43 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

.

==================== Find3M ====================

.

2012-05-10 03:48:11 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-13 01:56:40 947472 ----a-w- C:\Windows\SysWow64\msjava.dll

2012-03-08 23:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-03-08 23:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR

2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr

2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-03-06 23:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-03-05 17:12:53 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-23 15:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 13:01:18.28 ===============

Attach.txt

DDS.txt

[MrCharlie]

Welcome to the forum.

Before we proceed further, please uninstall or disable BitTorrent and any other peer-to-peer filesharing app.

Continued use of filesharing or ill-advised downloads will surely re-infect your system.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

It's also against our policy:

http://forums.malwar...showtopic=97700

MrC

[Wofstar]

Oops! I thought I had already uninstalled that! I downloaded it to get the "Wedding March" for my cousins wedding and then deleted the desktop icons and such instead of actually uninstalling it. I haven't used that program in months. It is uninstalled now.

Cheers,

Wofstar

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

---------------------------------------

Then........

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

[Wofstar]

Alrighty, everything is done and attached below:

mbam-log-2012-05-19 (10-00-26).txt

RKreport1.txt

[MrCharlie]

Both of the logs look OK.

Please do this.............

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[Wofstar]

13:53:23.0484 5924 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57

13:53:25.0487 5924 ============================================================

13:53:25.0487 5924 Current date / time: 2012/05/20 13:53:25.0487

13:53:25.0487 5924 SystemInfo:

13:53:25.0487 5924

13:53:25.0487 5924 OS Version: 6.1.7601 ServicePack: 1.0

13:53:25.0487 5924 Product type: Workstation

13:53:25.0487 5924 ComputerName: ANGELSBABY-LT

13:53:25.0499 5924 UserName: AngelsBaby

13:53:25.0499 5924 Windows directory: C:\Windows

13:53:25.0499 5924 System windows directory: C:\Windows

13:53:25.0499 5924 Running under WOW64

13:53:25.0499 5924 Processor architecture: Intel x64

13:53:25.0499 5924 Number of processors: 2

13:53:25.0499 5924 Page size: 0x1000

13:53:25.0499 5924 Boot type: Normal boot

13:53:25.0499 5924 ============================================================

13:53:27.0306 5924 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:53:27.0314 5924 ============================================================

13:53:27.0314 5924 \Device\Harddisk0\DR0:

13:53:27.0314 5924 MBR partitions:

13:53:27.0314 5924 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B7FF530

13:53:27.0314 5924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B7FF56F, BlocksNum 0x19C5012

13:53:27.0314 5924 ============================================================

13:53:27.0365 5924 C: <-> \Device\Harddisk0\DR0\Partition0

13:53:27.0427 5924 D: <-> \Device\Harddisk0\DR0\Partition1

13:53:27.0427 5924 ============================================================

13:53:27.0427 5924 Initialize success

13:53:27.0427 5924 ============================================================

13:53:58.0827 4308 ============================================================

13:53:58.0827 4308 Scan started

13:53:58.0827 4308 Mode: Manual; SigCheck; TDLFS;

13:53:58.0827 4308 ============================================================

13:53:59.0670 4308 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:53:59.0820 4308 1394ohci - ok

13:53:59.0872 4308 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:53:59.0895 4308 ACPI - ok

13:53:59.0983 4308 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:54:00.0020 4308 AcpiPmi - ok

13:54:00.0081 4308 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

13:54:00.0246 4308 adfs - ok

13:54:00.0401 4308 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

13:54:00.0419 4308 Adobe Version Cue CS4 - ok

13:54:00.0512 4308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:54:00.0539 4308 adp94xx - ok

13:54:00.0580 4308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:54:00.0603 4308 adpahci - ok

13:54:00.0622 4308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:54:00.0642 4308 adpu320 - ok

13:54:00.0688 4308 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:54:00.0746 4308 AeLookupSvc - ok

13:54:00.0817 4308 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:54:00.0872 4308 AFD - ok

13:54:00.0926 4308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:54:00.0944 4308 agp440 - ok

13:54:00.0984 4308 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:54:01.0025 4308 ALG - ok

13:54:01.0074 4308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:54:01.0097 4308 aliide - ok

13:54:01.0123 4308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:54:01.0140 4308 amdide - ok

13:54:01.0198 4308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:54:01.0233 4308 AmdK8 - ok

13:54:01.0252 4308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:54:01.0295 4308 AmdPPM - ok

13:54:01.0348 4308 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:54:01.0367 4308 amdsata - ok

13:54:01.0428 4308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:54:01.0449 4308 amdsbs - ok

13:54:01.0467 4308 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:54:01.0483 4308 amdxata - ok

13:54:01.0538 4308 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:54:01.0604 4308 AppID - ok

13:54:01.0643 4308 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:54:01.0698 4308 AppIDSvc - ok

13:54:01.0736 4308 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:54:01.0800 4308 Appinfo - ok

13:54:02.0005 4308 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:54:02.0020 4308 Apple Mobile Device - ok

13:54:02.0098 4308 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:54:02.0119 4308 arc - ok

13:54:02.0153 4308 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:54:02.0172 4308 arcsas - ok

13:54:02.0239 4308 aspnet_state - ok

13:54:02.0322 4308 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys

13:54:02.0339 4308 aswFsBlk - ok

13:54:02.0416 4308 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys

13:54:02.0432 4308 aswMonFlt - ok

13:54:02.0498 4308 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys

13:54:02.0514 4308 aswRdr - ok

13:54:02.0588 4308 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys

13:54:02.0621 4308 aswSnx - ok

13:54:02.0679 4308 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys

13:54:02.0701 4308 aswSP - ok

13:54:02.0753 4308 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys

13:54:02.0769 4308 aswTdi - ok

13:54:02.0831 4308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:54:02.0896 4308 AsyncMac - ok

13:54:02.0950 4308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:54:02.0968 4308 atapi - ok

13:54:03.0042 4308 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:54:03.0128 4308 AudioEndpointBuilder - ok

13:54:03.0142 4308 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:54:03.0194 4308 AudioSrv - ok

13:54:03.0314 4308 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

13:54:03.0328 4308 avast! Antivirus - ok

13:54:03.0392 4308 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:54:03.0436 4308 AxInstSV - ok

13:54:03.0513 4308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:54:03.0556 4308 b06bdrv - ok

13:54:03.0596 4308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:54:03.0642 4308 b57nd60a - ok

13:54:03.0699 4308 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:54:03.0726 4308 BDESVC - ok

13:54:03.0755 4308 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:54:03.0824 4308 Beep - ok

13:54:03.0921 4308 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

13:54:03.0988 4308 BFE - ok

13:54:04.0038 4308 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

13:54:04.0140 4308 BITS - ok

13:54:04.0245 4308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:54:04.0278 4308 blbdrive - ok

13:54:04.0404 4308 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

13:54:04.0425 4308 Bonjour Service - ok

13:54:04.0484 4308 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:54:04.0502 4308 bowser - ok

13:54:04.0550 4308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:54:04.0585 4308 BrFiltLo - ok

13:54:04.0600 4308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:54:04.0621 4308 BrFiltUp - ok

13:54:04.0673 4308 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:54:04.0735 4308 Browser - ok

13:54:04.0762 4308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:54:04.0823 4308 Brserid - ok

13:54:04.0837 4308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:54:04.0875 4308 BrSerWdm - ok

13:54:04.0898 4308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:54:04.0933 4308 BrUsbMdm - ok

13:54:04.0948 4308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:54:04.0972 4308 BrUsbSer - ok

13:54:05.0021 4308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:54:05.0051 4308 BTHMODEM - ok

13:54:05.0099 4308 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:54:05.0154 4308 bthserv - ok

13:54:05.0168 4308 catchme - ok

13:54:05.0211 4308 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:54:05.0265 4308 cdfs - ok

13:54:05.0339 4308 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:54:05.0373 4308 cdrom - ok

13:54:05.0451 4308 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:54:05.0514 4308 CertPropSvc - ok

13:54:05.0574 4308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:54:05.0617 4308 circlass - ok

13:54:05.0665 4308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:54:05.0689 4308 CLFS - ok

13:54:05.0787 4308 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:54:05.0803 4308 clr_optimization_v2.0.50727_32 - ok

13:54:05.0879 4308 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:54:05.0895 4308 clr_optimization_v2.0.50727_64 - ok

13:54:06.0011 4308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:54:06.0028 4308 clr_optimization_v4.0.30319_32 - ok

13:54:06.0051 4308 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:54:06.0067 4308 clr_optimization_v4.0.30319_64 - ok

13:54:06.0123 4308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:54:06.0160 4308 CmBatt - ok

13:54:06.0196 4308 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:54:06.0213 4308 cmdide - ok

13:54:06.0269 4308 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:54:06.0302 4308 CNG - ok

13:54:06.0469 4308 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

13:54:06.0493 4308 Com4Qlb ( UnsignedFile.Multi.Generic ) - warning

13:54:06.0493 4308 Com4Qlb - detected UnsignedFile.Multi.Generic (1)

13:54:06.0548 4308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:54:06.0564 4308 Compbatt - ok

13:54:06.0614 4308 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:54:06.0647 4308 CompositeBus - ok

13:54:06.0662 4308 COMSysApp - ok

13:54:06.0687 4308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:54:06.0703 4308 crcdisk - ok

13:54:06.0753 4308 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

13:54:06.0815 4308 CryptSvc - ok

13:54:06.0886 4308 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:54:06.0978 4308 DcomLaunch - ok

13:54:07.0032 4308 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:54:07.0116 4308 defragsvc - ok

13:54:07.0196 4308 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:54:07.0254 4308 DfsC - ok

13:54:07.0347 4308 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:54:07.0404 4308 Dhcp - ok

13:54:07.0445 4308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:54:07.0525 4308 discache - ok

13:54:07.0572 4308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:54:07.0590 4308 Disk - ok

13:54:07.0638 4308 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:54:07.0676 4308 Dnscache - ok

13:54:07.0729 4308 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:54:07.0783 4308 dot3svc - ok

13:54:07.0844 4308 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

13:54:07.0890 4308 Dot4 - ok

13:54:07.0905 4308 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys

13:54:07.0938 4308 Dot4Print - ok

13:54:07.0954 4308 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

13:54:07.0991 4308 dot4usb - ok

13:54:08.0029 4308 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:54:08.0079 4308 DPS - ok

13:54:08.0120 4308 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:54:08.0154 4308 drmkaud - ok

13:54:08.0238 4308 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:54:08.0275 4308 DXGKrnl - ok

13:54:08.0331 4308 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:54:08.0391 4308 EapHost - ok

13:54:08.0561 4308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:54:08.0719 4308 ebdrv - ok

13:54:08.0857 4308 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:54:08.0897 4308 EFS - ok

13:54:08.0999 4308 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:54:09.0044 4308 ehRecvr - ok

13:54:09.0084 4308 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:54:09.0105 4308 ehSched - ok

13:54:09.0233 4308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:54:09.0260 4308 elxstor - ok

13:54:09.0296 4308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:54:09.0333 4308 ErrDev - ok

13:54:09.0405 4308 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:54:09.0470 4308 EventSystem - ok

13:54:09.0514 4308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:54:09.0560 4308 exfat - ok

13:54:09.0589 4308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:54:09.0648 4308 fastfat - ok

13:54:09.0729 4308 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:54:09.0775 4308 Fax - ok

13:54:09.0827 4308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:54:09.0863 4308 fdc - ok

13:54:09.0906 4308 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:54:09.0972 4308 fdPHost - ok

13:54:09.0985 4308 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:54:10.0042 4308 FDResPub - ok

13:54:10.0058 4308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:54:10.0076 4308 FileInfo - ok

13:54:10.0085 4308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:54:10.0138 4308 Filetrace - ok

13:54:10.0276 4308 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

13:54:10.0302 4308 FLEXnet Licensing Service - ok

13:54:10.0432 4308 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

13:54:10.0466 4308 FLEXnet Licensing Service 64 - ok

13:54:10.0673 4308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:54:10.0692 4308 flpydisk - ok

13:54:10.0767 4308 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:54:10.0789 4308 FltMgr - ok

13:54:10.0873 4308 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:54:10.0911 4308 FontCache - ok

13:54:10.0994 4308 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:54:11.0008 4308 FontCache3.0.0.0 - ok

13:54:11.0097 4308 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:54:11.0114 4308 FsDepends - ok

13:54:11.0156 4308 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

13:54:11.0172 4308 Fs_Rec - ok

13:54:11.0234 4308 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:54:11.0257 4308 fvevol - ok

13:54:11.0291 4308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:54:11.0308 4308 gagp30kx - ok

13:54:11.0396 4308 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:54:11.0410 4308 GEARAspiWDM - ok

13:54:11.0490 4308 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:54:11.0554 4308 gpsvc - ok

13:54:11.0590 4308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:54:11.0621 4308 hcw85cir - ok

13:54:11.0672 4308 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:54:11.0701 4308 HDAudBus - ok

13:54:11.0717 4308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:54:11.0753 4308 HidBatt - ok

13:54:11.0779 4308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:54:11.0802 4308 HidBth - ok

13:54:11.0822 4308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:54:11.0873 4308 HidIr - ok

13:54:11.0909 4308 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

13:54:11.0966 4308 hidserv - ok

13:54:12.0047 4308 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:54:12.0066 4308 HidUsb - ok

13:54:12.0106 4308 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:54:12.0177 4308 hkmsvc - ok

13:54:12.0232 4308 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:54:12.0283 4308 HomeGroupListener - ok

13:54:12.0322 4308 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:54:12.0372 4308 HomeGroupProvider - ok

13:54:12.0538 4308 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

13:54:12.0556 4308 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

13:54:12.0556 4308 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

13:54:12.0602 4308 HP1210FAX (0570a17a2e5001b97e20c15b4fc516ae) C:\Windows\system32\Drivers\HPM1210FAX.sys

13:54:12.0625 4308 HP1210FAX - ok

13:54:12.0787 4308 HPM1210RcvFaxSrvc (f8f686d62121549377d9e1cdf6bc3441) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

13:54:12.0809 4308 HPM1210RcvFaxSrvc - ok

13:54:12.0924 4308 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

13:54:20.0670 4308 hpqcxs08 - ok

13:54:20.0763 4308 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

13:54:20.0781 4308 hpqddsvc - ok

13:54:20.0829 4308 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

13:54:20.0856 4308 HpqKbFiltr - ok

13:54:20.0877 4308 HpqRemHid (e53d53d66d61794af8160741946d0b43) C:\Windows\system32\DRIVERS\HpqRemHid.sys

13:54:20.0912 4308 HpqRemHid - ok

13:54:20.0958 4308 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

13:54:20.0974 4308 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning

13:54:20.0974 4308 hpqwmiex - detected UnsignedFile.Multi.Generic (1)

13:54:21.0028 4308 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:54:21.0048 4308 HpSAMD - ok

13:54:21.0104 4308 HPSIService (4e9cae3200a46135de01ce22baf832be) C:\Windows\system32\HPSIsvc.exe

13:54:21.0122 4308 HPSIService - ok

13:54:21.0219 4308 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

13:54:21.0246 4308 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

13:54:21.0246 4308 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

13:54:21.0393 4308 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:54:21.0456 4308 HTTP - ok

13:54:21.0503 4308 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:54:21.0519 4308 hwpolicy - ok

13:54:21.0569 4308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

13:54:21.0590 4308 i8042prt - ok

13:54:21.0710 4308 IAANTMON (681ef6e0cc7bbaa0c09acabeb91f669e) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

13:54:21.0731 4308 IAANTMON - ok

13:54:21.0793 4308 iaStor (16a4671255cfb842225f0fdb6dbdb414) C:\Windows\system32\DRIVERS\iaStor.sys

13:54:21.0811 4308 iaStor - ok

13:54:21.0877 4308 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:54:21.0901 4308 iaStorV - ok

13:54:21.0990 4308 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

13:54:22.0012 4308 IDriverT ( UnsignedFile.Multi.Generic ) - warning

13:54:22.0012 4308 IDriverT - detected UnsignedFile.Multi.Generic (1)

13:54:22.0135 4308 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:54:22.0170 4308 idsvc - ok

13:54:22.0659 4308 igfx (24cc43ecdeefd4c19fbbee4951b647f1) C:\Windows\system32\DRIVERS\igdkmd64.sys

13:54:22.0896 4308 igfx - ok

13:54:23.0124 4308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:54:23.0142 4308 iirsp - ok

13:54:23.0215 4308 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:54:23.0286 4308 IKEEXT - ok

13:54:23.0398 4308 IntcAzAudAddService (04c6489a44e340574daae64a6062541c) C:\Windows\system32\drivers\RTKVHD64.sys

13:54:23.0453 4308 IntcAzAudAddService - ok

13:54:23.0640 4308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:54:23.0657 4308 intelide - ok

13:54:23.0713 4308 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:54:23.0742 4308 intelppm - ok

13:54:23.0786 4308 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:54:23.0832 4308 IPBusEnum - ok

13:54:23.0875 4308 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:54:23.0929 4308 IpFilterDriver - ok

13:54:23.0965 4308 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

13:54:24.0031 4308 iphlpsvc - ok

13:54:24.0069 4308 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:54:24.0107 4308 IPMIDRV - ok

13:54:24.0147 4308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:54:24.0204 4308 IPNAT - ok

13:54:24.0332 4308 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe

13:54:24.0365 4308 iPod Service - ok

13:54:24.0431 4308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:54:24.0468 4308 IRENUM - ok

13:54:24.0516 4308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:54:24.0533 4308 isapnp - ok

13:54:24.0557 4308 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:54:24.0578 4308 iScsiPrt - ok

13:54:24.0615 4308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:54:24.0631 4308 kbdclass - ok

13:54:24.0661 4308 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:54:24.0690 4308 kbdhid - ok

13:54:24.0738 4308 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:54:24.0757 4308 KeyIso - ok

13:54:24.0771 4308 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:54:24.0789 4308 KSecDD - ok

13:54:24.0815 4308 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:54:24.0834 4308 KSecPkg - ok

13:54:24.0888 4308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:54:24.0941 4308 ksthunk - ok

13:54:24.0988 4308 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:54:25.0059 4308 KtmRm - ok

13:54:25.0137 4308 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

13:54:25.0202 4308 LanmanServer - ok

13:54:25.0249 4308 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:54:25.0307 4308 LanmanWorkstation - ok

13:54:25.0438 4308 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

13:54:25.0453 4308 LightScribeService - ok

13:54:25.0498 4308 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:54:25.0550 4308 lltdio - ok

13:54:25.0605 4308 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:54:25.0667 4308 lltdsvc - ok

13:54:25.0688 4308 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:54:25.0735 4308 lmhosts - ok

13:54:25.0776 4308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:54:25.0794 4308 LSI_FC - ok

13:54:25.0832 4308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:54:25.0850 4308 LSI_SAS - ok

13:54:25.0873 4308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:54:25.0890 4308 LSI_SAS2 - ok

13:54:25.0919 4308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:54:25.0937 4308 LSI_SCSI - ok

13:54:25.0959 4308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:54:26.0018 4308 luafv - ok

13:54:26.0085 4308 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys

13:54:26.0107 4308 LVRS64 - ok

13:54:26.0355 4308 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys

13:54:26.0536 4308 LVUVC64 - ok

13:54:26.0680 4308 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:54:26.0720 4308 Mcx2Svc - ok

13:54:26.0798 4308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:54:26.0815 4308 megasas - ok

13:54:26.0850 4308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:54:26.0871 4308 MegaSR - ok

13:54:26.0916 4308 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:54:26.0976 4308 MMCSS - ok

13:54:26.0997 4308 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:54:27.0053 4308 Modem - ok

13:54:27.0113 4308 MODEMCSA (e38aef079cd3bcfa19f2072a214f829d) C:\Windows\system32\drivers\MODEMCSA.sys

13:54:27.0160 4308 MODEMCSA - ok

13:54:27.0203 4308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:54:27.0235 4308 monitor - ok

13:54:27.0326 4308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:54:27.0343 4308 mouclass - ok

13:54:27.0372 4308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:54:27.0391 4308 mouhid - ok

13:54:27.0433 4308 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:54:27.0451 4308 mountmgr - ok

13:54:27.0586 4308 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

13:54:27.0603 4308 MozillaMaintenance - ok

13:54:27.0639 4308 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:54:27.0658 4308 mpio - ok

13:54:27.0707 4308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:54:27.0751 4308 mpsdrv - ok

13:54:27.0830 4308 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

13:54:27.0902 4308 MpsSvc - ok

13:54:27.0946 4308 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:54:27.0991 4308 MRxDAV - ok

13:54:28.0029 4308 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:54:28.0064 4308 mrxsmb - ok

13:54:28.0118 4308 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:54:28.0155 4308 mrxsmb10 - ok

13:54:28.0177 4308 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:54:28.0198 4308 mrxsmb20 - ok

13:54:28.0241 4308 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:54:28.0258 4308 msahci - ok

13:54:28.0299 4308 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:54:28.0318 4308 msdsm - ok

13:54:28.0359 4308 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:54:28.0396 4308 MSDTC - ok

13:54:28.0461 4308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:54:28.0505 4308 Msfs - ok

13:54:28.0527 4308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:54:28.0570 4308 mshidkmdf - ok

13:54:28.0576 4308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:54:28.0615 4308 msisadrv - ok

13:54:28.0656 4308 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:54:28.0717 4308 MSiSCSI - ok

13:54:28.0722 4308 msiserver - ok

13:54:28.0760 4308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:54:28.0821 4308 MSKSSRV - ok

13:54:28.0840 4308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:54:28.0897 4308 MSPCLOCK - ok

13:54:28.0916 4308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:54:28.0970 4308 MSPQM - ok

13:54:29.0038 4308 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:54:29.0063 4308 MsRPC - ok

13:54:29.0107 4308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:54:29.0124 4308 mssmbios - ok

13:54:29.0169 4308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:54:29.0232 4308 MSTEE - ok

13:54:29.0255 4308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:54:29.0273 4308 MTConfig - ok

13:54:29.0308 4308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:54:29.0325 4308 Mup - ok

13:54:29.0372 4308 mvusbews (09818558c2579b45d78ab18a759b0ca8) C:\Windows\system32\Drivers\mvusbews.sys

13:54:29.0395 4308 mvusbews - ok

13:54:29.0450 4308 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:54:29.0503 4308 napagent - ok

13:54:29.0555 4308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:54:29.0596 4308 NativeWifiP - ok

13:54:29.0656 4308 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:54:29.0687 4308 NDIS - ok

13:54:29.0729 4308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:54:29.0772 4308 NdisCap - ok

13:54:29.0799 4308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:54:29.0842 4308 NdisTapi - ok

13:54:29.0901 4308 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:54:29.0955 4308 Ndisuio - ok

13:54:29.0993 4308 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:54:30.0049 4308 NdisWan - ok

13:54:30.0092 4308 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:54:30.0134 4308 NDProxy - ok

13:54:30.0194 4308 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll

13:54:30.0217 4308 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:54:30.0217 4308 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:54:30.0276 4308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:54:30.0319 4308 NetBIOS - ok

13:54:30.0364 4308 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:54:30.0421 4308 NetBT - ok

13:54:30.0462 4308 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:54:30.0481 4308 Netlogon - ok

13:54:30.0547 4308 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:54:30.0612 4308 Netman - ok

13:54:30.0662 4308 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:54:30.0721 4308 netprofm - ok

13:54:30.0821 4308 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:54:30.0837 4308 NetTcpPortSharing - ok

13:54:31.0104 4308 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

13:54:31.0296 4308 netw5v64 - ok

13:54:31.0509 4308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:54:31.0527 4308 nfrd960 - ok

13:54:31.0604 4308 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:54:31.0652 4308 NlaSvc - ok

13:54:31.0721 4308 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys

13:54:31.0746 4308 NMgamingmsFltr - ok

13:54:31.0779 4308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:54:31.0823 4308 Npfs - ok

13:54:31.0874 4308 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:54:31.0919 4308 nsi - ok

13:54:31.0954 4308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:54:32.0013 4308 nsiproxy - ok

13:54:32.0127 4308 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:54:32.0179 4308 Ntfs - ok

13:54:32.0360 4308 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:54:32.0402 4308 Null - ok

13:54:32.0464 4308 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:54:32.0483 4308 nvraid - ok

13:54:32.0505 4308 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:54:32.0525 4308 nvstor - ok

13:54:32.0587 4308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:54:32.0605 4308 nv_agp - ok

13:54:32.0756 4308 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

13:54:32.0780 4308 odserv - ok

13:54:32.0815 4308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:54:32.0845 4308 ohci1394 - ok

13:54:32.0886 4308 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:54:32.0902 4308 ose - ok

13:54:32.0952 4308 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:54:32.0985 4308 p2pimsvc - ok

13:54:33.0039 4308 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:54:33.0068 4308 p2psvc - ok

13:54:33.0116 4308 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:54:33.0136 4308 Parport - ok

13:54:33.0189 4308 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

13:54:33.0206 4308 partmgr - ok

13:54:33.0232 4308 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:54:33.0276 4308 PcaSvc - ok

13:54:33.0331 4308 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:54:33.0351 4308 pci - ok

13:54:33.0372 4308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:54:33.0388 4308 pciide - ok

13:54:33.0435 4308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:54:33.0456 4308 pcmcia - ok

13:54:33.0484 4308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:54:33.0501 4308 pcw - ok

13:54:33.0545 4308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:54:33.0614 4308 PEAUTH - ok

13:54:33.0716 4308 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:54:33.0755 4308 PerfHost - ok

13:54:33.0926 4308 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:54:34.0002 4308 pla - ok

13:54:34.0058 4308 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:54:34.0094 4308 PlugPlay - ok

13:54:34.0186 4308 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll

13:54:34.0203 4308 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:54:34.0203 4308 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:54:34.0252 4308 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:54:34.0287 4308 PNRPAutoReg - ok

13:54:34.0319 4308 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:54:34.0343 4308 PNRPsvc - ok

13:54:34.0402 4308 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:54:34.0461 4308 PolicyAgent - ok

13:54:34.0508 4308 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:54:34.0566 4308 Power - ok

13:54:34.0648 4308 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:54:34.0701 4308 PptpMiniport - ok

13:54:34.0736 4308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:54:34.0776 4308 Processor - ok

13:54:34.0847 4308 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

13:54:34.0909 4308 ProfSvc - ok

13:54:34.0951 4308 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:54:34.0969 4308 ProtectedStorage - ok

13:54:35.0038 4308 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:54:35.0085 4308 Psched - ok

13:54:35.0154 4308 PxHlpa64 (bc08f7f3c53cbee68670ed1314e290fd) C:\Windows\system32\Drivers\PxHlpa64.sys

13:54:35.0169 4308 PxHlpa64 - ok

13:54:35.0252 4308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:54:35.0301 4308 ql2300 - ok

13:54:35.0486 4308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:54:35.0505 4308 ql40xx - ok

13:54:35.0707 4308 QPCapSvc (ba396d1c71934e22679d3f4dac17e7ab) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

13:54:35.0725 4308 QPCapSvc - ok

13:54:35.0745 4308 QPSched (4b455e8c41cad3219ccf53024dcad604) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe

13:54:35.0760 4308 QPSched - ok

13:54:35.0817 4308 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:54:35.0845 4308 QWAVE - ok

13:54:35.0866 4308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:54:35.0901 4308 QWAVEdrv - ok

13:54:35.0925 4308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:54:35.0985 4308 RasAcd - ok

13:54:36.0042 4308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:54:36.0085 4308 RasAgileVpn - ok

13:54:36.0135 4308 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:54:36.0195 4308 RasAuto - ok

13:54:36.0241 4308 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:54:36.0298 4308 Rasl2tp - ok

13:54:36.0347 4308 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:54:36.0397 4308 RasMan - ok

13:54:36.0445 4308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:54:36.0507 4308 RasPppoe - ok

13:54:36.0540 4308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:54:36.0593 4308 RasSstp - ok

13:54:36.0647 4308 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:54:36.0709 4308 rdbss - ok

13:54:36.0749 4308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:54:36.0786 4308 rdpbus - ok

13:54:36.0803 4308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:54:36.0846 4308 RDPCDD - ok

13:54:36.0876 4308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:54:36.0932 4308 RDPENCDD - ok

13:54:36.0941 4308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:54:36.0984 4308 RDPREFMP - ok

13:54:37.0038 4308 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

13:54:37.0068 4308 RDPWD - ok

13:54:37.0141 4308 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:54:37.0161 4308 rdyboost - ok

13:54:37.0206 4308 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:54:37.0260 4308 RemoteAccess - ok

13:54:37.0297 4308 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:54:37.0362 4308 RemoteRegistry - ok

13:54:37.0411 4308 rimmptsk (e31960692cbb3a8bcdf300bc1d889e1f) C:\Windows\system32\DRIVERS\rimmpx64.sys

13:54:37.0438 4308 rimmptsk - ok

13:54:37.0456 4308 rimsptsk (82356915157ab59064a24993ae5be8aa) C:\Windows\system32\DRIVERS\rimspx64.sys

13:54:37.0478 4308 rimsptsk - ok

13:54:37.0496 4308 rismxdp (c01a92a546854a3e34103b642f0f94a1) C:\Windows\system32\DRIVERS\rixdpx64.sys

13:54:37.0519 4308 rismxdp - ok

13:54:37.0566 4308 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:54:37.0626 4308 RpcEptMapper - ok

13:54:37.0676 4308 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:54:37.0711 4308 RpcLocator - ok

13:54:37.0781 4308 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:54:37.0832 4308 RpcSs - ok

13:54:37.0874 4308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:54:37.0919 4308 rspndr - ok

13:54:37.0982 4308 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:54:38.0014 4308 RTL8167 - ok

13:54:38.0062 4308 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:54:38.0081 4308 SamSs - ok

13:54:38.0117 4308 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:54:38.0135 4308 sbp2port - ok

13:54:38.0183 4308 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:54:38.0244 4308 SCardSvr - ok

13:54:38.0285 4308 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:54:38.0340 4308 scfilter - ok

13:54:38.0440 4308 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:54:38.0503 4308 Schedule - ok

13:54:38.0556 4308 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:54:38.0598 4308 SCPolicySvc - ok

13:54:38.0653 4308 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

13:54:38.0676 4308 sdbus - ok

13:54:38.0693 4308 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:54:38.0716 4308 SDRSVC - ok

13:54:38.0767 4308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:54:38.0811 4308 secdrv - ok

13:54:38.0853 4308 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:54:38.0908 4308 seclogon - ok

13:54:38.0956 4308 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

13:54:39.0014 4308 SENS - ok

13:54:39.0037 4308 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:54:39.0066 4308 SensrSvc - ok

13:54:39.0111 4308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:54:39.0148 4308 Serenum - ok

13:54:39.0214 4308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:54:39.0234 4308 Serial - ok

13:54:39.0292 4308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:54:39.0331 4308 sermouse - ok

13:54:39.0384 4308 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:54:39.0444 4308 SessionEnv - ok

13:54:39.0486 4308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

13:54:39.0524 4308 sffdisk - ok

13:54:39.0549 4308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:54:39.0586 4308 sffp_mmc - ok

13:54:39.0609 4308 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys

13:54:39.0649 4308 sffp_sd - ok

13:54:39.0694 4308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:54:39.0734 4308 sfloppy - ok

13:54:39.0791 4308 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:54:39.0856 4308 SharedAccess - ok

13:54:39.0919 4308 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:54:39.0982 4308 ShellHWDetection - ok

13:54:40.0042 4308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:54:40.0059 4308 SiSRaid2 - ok

13:54:40.0082 4308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:54:40.0100 4308 SiSRaid4 - ok

13:54:40.0133 4308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:54:40.0178 4308 Smb - ok

13:54:40.0284 4308 smserial (22631aaf0ac9e9881ce76beac27d8030) C:\Windows\system32\DRIVERS\smserial.sys

13:54:40.0332 4308 smserial - ok

13:54:40.0397 4308 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:54:40.0437 4308 SNMPTRAP - ok

13:54:40.0487 4308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:54:40.0504 4308 spldr - ok

13:54:40.0575 4308 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:54:40.0628 4308 Spooler - ok

13:54:40.0815 4308 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:54:40.0924 4308 sppsvc - ok

13:54:41.0077 4308 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:54:41.0124 4308 sppuinotify - ok

13:54:41.0232 4308 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:54:41.0269 4308 srv - ok

13:54:41.0298 4308 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:54:41.0333 4308 srv2 - ok

13:54:41.0360 4308 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:54:41.0388 4308 srvnet - ok

13:54:41.0444 4308 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:54:41.0506 4308 SSDPSRV - ok

13:54:41.0528 4308 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:54:41.0575 4308 SstpSvc - ok

13:54:41.0670 4308 Steam Client Service - ok

13:54:41.0709 4308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:54:41.0726 4308 stexstor - ok

13:54:41.0767 4308 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

13:54:41.0799 4308 StillCam - ok

13:54:41.0880 4308 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:54:41.0933 4308 stisvc - ok

13:54:41.0977 4308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:54:41.0993 4308 swenum - ok

13:54:42.0108 4308 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:54:42.0154 4308 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

13:54:42.0154 4308 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

13:54:42.0227 4308 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:54:42.0281 4308 swprv - ok

13:54:42.0350 4308 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys

13:54:42.0372 4308 SynTP - ok

13:54:42.0484 4308 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:54:42.0552 4308 SysMain - ok

13:54:42.0695 4308 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:54:42.0739 4308 TabletInputService - ok

13:54:42.0767 4308 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:54:42.0829 4308 TapiSrv - ok

13:54:42.0868 4308 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:54:42.0915 4308 TBS - ok

13:54:43.0099 4308 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

13:54:43.0156 4308 Tcpip - ok

13:54:43.0432 4308 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

13:54:43.0480 4308 TCPIP6 - ok

13:54:43.0675 4308 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:54:43.0725 4308 tcpipreg - ok

13:54:43.0785 4308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:54:43.0821 4308 TDPIPE - ok

13:54:43.0862 4308 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:54:43.0889 4308 TDTCP - ok

13:54:43.0950 4308 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:54:43.0992 4308 tdx - ok

13:54:44.0032 4308 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:54:44.0050 4308 TermDD - ok

13:54:44.0092 4308 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:54:44.0157 4308 TermService - ok

13:54:44.0192 4308 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:54:44.0230 4308 Themes - ok

13:54:44.0275 4308 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:54:44.0322 4308 THREADORDER - ok

13:54:44.0336 4308 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:54:44.0397 4308 TrkWks - ok

13:54:44.0473 4308 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:54:44.0533 4308 TrustedInstaller - ok

13:54:44.0575 4308 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:54:44.0630 4308 tssecsrv - ok

13:54:44.0692 4308 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:54:44.0710 4308 TsUsbFlt - ok

13:54:44.0778 4308 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:54:44.0833 4308 tunnel - ok

13:54:44.0868 4308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:54:44.0886 4308 uagp35 - ok

13:54:44.0940 4308 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:54:45.0001 4308 udfs - ok

13:54:45.0046 4308 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:54:45.0070 4308 UI0Detect - ok

13:54:45.0116 4308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:54:45.0134 4308 uliagpkx - ok

13:54:45.0186 4308 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

13:54:45.0219 4308 umbus - ok

13:54:45.0254 4308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:54:45.0292 4308 UmPass - ok

13:54:45.0410 4308 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

13:54:45.0433 4308 UMVPFSrv - ok

13:54:45.0486 4308 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:54:45.0552 4308 upnphost - ok

13:54:45.0604 4308 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

13:54:45.0632 4308 USBAAPL64 - ok

13:54:45.0687 4308 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

13:54:45.0726 4308 usbaudio - ok

13:54:45.0772 4308 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:54:45.0791 4308 usbccgp - ok

13:54:45.0831 4308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:54:45.0853 4308 usbcir - ok

13:54:45.0894 4308 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

13:54:45.0929 4308 usbehci - ok

13:54:45.0966 4308 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:54:46.0005 4308 usbhub - ok

13:54:46.0054 4308 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

13:54:46.0074 4308 usbohci - ok

13:54:46.0108 4308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:54:46.0143 4308 usbprint - ok

13:54:46.0186 4308 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

13:54:46.0216 4308 usbscan - ok

13:54:46.0263 4308 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:54:46.0291 4308 USBSTOR - ok

13:54:46.0326 4308 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

13:54:46.0357 4308 usbuhci - ok

13:54:46.0416 4308 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

13:54:46.0440 4308 usbvideo - ok

13:54:46.0490 4308 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:54:46.0549 4308 UxSms - ok

13:54:46.0597 4308 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:54:46.0615 4308 VaultSvc - ok

13:54:46.0637 4308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:54:46.0654 4308 vdrvroot - ok

13:54:46.0721 4308 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:54:46.0771 4308 vds - ok

13:54:46.0831 4308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:54:46.0852 4308 vga - ok

13:54:46.0867 4308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:54:46.0921 4308 VgaSave - ok

13:54:46.0972 4308 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:54:46.0993 4308 vhdmp - ok

13:54:47.0014 4308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:54:47.0031 4308 viaide - ok

13:54:47.0047 4308 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:54:47.0067 4308 volmgr - ok

13:54:47.0119 4308 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:54:47.0140 4308 volmgrx - ok

13:54:47.0174 4308 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:54:47.0196 4308 volsnap - ok

13:54:47.0262 4308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:54:47.0281 4308 vsmraid - ok

13:54:47.0410 4308 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:54:47.0497 4308 VSS - ok

13:54:47.0699 4308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

13:54:47.0730 4308 vwifibus - ok

13:54:47.0801 4308 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:54:47.0851 4308 W32Time - ok

13:54:47.0871 4308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:54:47.0890 4308 WacomPen - ok

13:54:47.0958 4308 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:54:48.0011 4308 WANARP - ok

13:54:48.0015 4308 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:54:48.0057 4308 Wanarpv6 - ok

13:54:48.0160 4308 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

13:54:48.0203 4308 WatAdminSvc - ok

13:54:48.0314 4308 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:54:48.0360 4308 wbengine - ok

13:54:48.0513 4308 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:54:48.0543 4308 WbioSrvc - ok

13:54:48.0601 4308 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:54:48.0641 4308 wcncsvc - ok

13:54:48.0664 4308 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:54:48.0685 4308 WcsPlugInService - ok

13:54:48.0773 4308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:54:48.0789 4308 Wd - ok

13:54:48.0847 4308 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

13:54:48.0861 4308 WDC_SAM - ok

13:54:48.0906 4308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:54:48.0935 4308 Wdf01000 - ok

13:54:48.0960 4308 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:54:48.0999 4308 WdiServiceHost - ok

13:54:49.0003 4308 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:54:49.0031 4308 WdiSystemHost - ok

13:54:49.0079 4308 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:54:49.0126 4308 WebClient - ok

13:54:49.0169 4308 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:54:49.0235 4308 Wecsvc - ok

13:54:49.0255 4308 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:54:49.0308 4308 wercplsupport - ok

13:54:49.0348 4308 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:54:49.0395 4308 WerSvc - ok

13:54:49.0504 4308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:54:49.0547 4308 WfpLwf - ok

13:54:49.0565 4308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:54:49.0582 4308 WIMMount - ok

13:54:49.0640 4308 WinDefend - ok

13:54:49.0649 4308 WinHttpAutoProxySvc - ok

13:54:49.0730 4308 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:54:49.0785 4308 Winmgmt - ok

13:54:49.0915 4308 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:54:50.0000 4308 WinRM - ok

13:54:50.0199 4308 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:54:50.0235 4308 WinUsb - ok

13:54:50.0325 4308 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:54:50.0376 4308 Wlansvc - ok

13:54:50.0472 4308 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

13:54:50.0486 4308 wlcrasvc - ok

13:54:50.0663 4308 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:54:50.0725 4308 wlidsvc - ok

13:54:50.0936 4308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:54:50.0970 4308 WmiAcpi - ok

13:54:51.0066 4308 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:54:51.0122 4308 wmiApSrv - ok

13:54:51.0199 4308 WMPNetworkSvc - ok

13:54:51.0261 4308 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:54:51.0282 4308 WPCSvc - ok

13:54:51.0326 4308 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:54:51.0351 4308 WPDBusEnum - ok

13:54:51.0387 4308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:54:51.0438 4308 ws2ifsl - ok

13:54:51.0464 4308 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

13:54:51.0508 4308 wscsvc - ok

13:54:51.0513 4308 WSearch - ok

13:54:51.0657 4308 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

13:54:51.0731 4308 wuauserv - ok

13:54:51.0925 4308 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:54:51.0981 4308 WudfPf - ok

13:54:52.0034 4308 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:54:52.0079 4308 WUDFRd - ok

13:54:52.0123 4308 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:54:52.0188 4308 wudfsvc - ok

13:54:52.0232 4308 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:54:52.0270 4308 WwanSvc - ok

13:54:52.0309 4308 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:54:53.0361 4308 \Device\Harddisk0\DR0 - ok

13:54:53.0365 4308 Boot (0x1200) (38768062373580b9042743b433655c45) \Device\Harddisk0\DR0\Partition0

13:54:53.0367 4308 \Device\Harddisk0\DR0\Partition0 - ok

13:54:53.0386 4308 Boot (0x1200) (0c01b14effef159d4bedb13ac952d81a) \Device\Harddisk0\DR0\Partition1

13:54:53.0388 4308 \Device\Harddisk0\DR0\Partition1 - ok

13:54:53.0388 4308 ============================================================

13:54:53.0388 4308 Scan finished

13:54:53.0388 4308 ============================================================

13:54:53.0453 1684 Detected object count: 8

13:54:53.0453 1684 Actual detected object count: 8

13:57:42.0702 1684 Com4Qlb ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0702 1684 Com4Qlb ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0706 1684 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0706 1684 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0712 1684 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0712 1684 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0721 1684 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0721 1684 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0725 1684 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0725 1684 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0730 1684 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0730 1684 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0731 1684 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0731 1684 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:42.0733 1684 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

13:57:42.0734 1684 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:57:54.0563 2824 Deinitialize success

mbam-log-2012-05-19 (10-00-26).txt

[MrCharlie]

That looks OK.....

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[Wofstar]

ComboFix 12-05-20.09 - AngelsBaby 05/20/2012 19:42:53.2.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4086.2523 [GMT -5:00]

Running from: c:\users\AngelsBaby\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\SETC16F.tmp

c:\windows\setupact.log

.

.

((((((((((((((((((((((((( Files Created from 2012-04-21 to 2012-05-21 )))))))))))))))))))))))))))))))

.

.

2012-05-21 00:54 . 2012-05-21 00:54 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-05-21 00:54 . 2012-05-21 00:54 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-19 15:24 . 2012-05-19 15:24 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D51315D-8798-40A9-BB35-E9D0E86A1A18}\offreg.dll

2012-05-19 14:45 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D51315D-8798-40A9-BB35-E9D0E86A1A18}\mpengine.dll

2012-05-17 21:31 . 2012-05-17 21:36 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\HandBrake

2012-05-17 21:31 . 2012-05-17 21:31 -------- d-----w- c:\program files\Handbrake

2012-05-17 05:03 . 2012-05-17 05:03 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\PACE Anti-Piracy

2012-05-17 05:03 . 2012-05-17 05:03 -------- d-----w- c:\users\AngelsBaby\AppData\Local\PACE Anti-Piracy

2012-05-17 05:03 . 2012-05-17 05:03 -------- d-----w- c:\programdata\PACE Anti-Piracy

2012-05-17 05:02 . 2012-05-17 05:02 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\PDAppFlex

2012-05-17 05:02 . 2012-05-17 05:02 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2012-05-17 04:58 . 2012-05-17 04:58 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2012-05-17 04:58 . 2011-11-03 08:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys

2012-05-17 04:58 . 2011-10-17 08:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys

2012-05-17 04:58 . 2011-10-17 08:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2012-05-17 04:58 . 2012-05-17 04:58 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared

2012-05-17 04:57 . 2012-05-17 04:57 -------- d-----w- c:\program files (x86)\My Company Name

2012-05-17 03:56 . 2012-05-17 04:29 -------- d-----w- c:\users\AngelsBaby\Adobe Premiere Pro CS6

2012-05-17 03:55 . 2012-05-17 03:55 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-05-17 03:55 . 2012-05-17 03:55 -------- d-----w- c:\program files (x86)\Adobe Download Assistant

2012-05-13 17:11 . 2012-05-13 17:11 -------- d-----w- c:\program files\Microsoft Silverlight

2012-05-13 17:11 . 2012-05-13 17:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-05-10 02:11 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-10 02:10 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll

2012-05-10 02:10 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-05-10 02:09 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-10 02:09 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys

2012-05-10 02:09 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-05-10 02:09 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-10 02:08 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2012-05-10 02:08 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-10 02:08 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-10 02:08 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2012-05-10 02:08 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-05-10 02:08 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-09 05:15 . 2012-05-09 05:55 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\Magic Set Editor

2012-05-03 15:55 . 2012-05-03 15:55 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-05-03 15:55 . 2012-05-03 15:55 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-03 15:55 . 2012-05-03 15:55 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-02 02:38 . 2012-05-03 21:52 -------- d-----w- c:\programdata\Yahoo!

2012-05-02 02:20 . 2012-05-02 02:20 -------- d-----w- c:\windows\en

2012-05-02 02:16 . 2012-05-02 02:16 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DSETUP.dll

2012-05-02 02:16 . 2012-05-02 02:16 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DXSETUP.exe

2012-05-02 02:16 . 2012-05-02 02:16 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\dsetup32.dll

2012-05-02 02:16 . 2012-05-02 02:16 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\848e79be1cd280902\MeshBetaRemover.exe

2012-04-24 15:13 . 2012-04-24 15:13 -------- d-----w- c:\program files (x86)\VitalSource Bookshelf

2012-04-22 06:55 . 2012-04-22 06:55 -------- d-----w- c:\users\AngelsBaby\AppData\Local\LogiShrd

2012-04-21 17:22 . 2012-04-21 17:22 -------- d-----w- c:\users\AngelsBaby\AppData\Local\Logitech® Webcam Software

2012-04-21 16:58 . 2012-04-21 16:58 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\Leadertech

2012-04-21 16:58 . 2012-04-21 16:58 53248 ----a-r- c:\users\AngelsBaby\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2012-04-21 16:55 . 2012-04-21 16:55 -------- d-----w- c:\programdata\Logitech

2012-04-21 16:55 . 2012-04-21 16:55 -------- d-----w- c:\program files (x86)\Common Files\LWS

2012-04-21 16:54 . 2012-04-21 16:54 -------- d-----w- c:\programdata\LogiShrd

2012-04-21 16:54 . 2012-04-21 16:59 -------- d-----w- c:\program files (x86)\Logitech

2012-04-21 16:42 . 2012-04-21 16:42 -------- d-----w- c:\program files\Real

2012-04-21 16:33 . 2009-08-20 04:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll

2012-04-21 16:29 . 2012-03-26 13:41 103864 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2012-04-21 16:27 . 2012-04-21 17:01 -------- d-----w- c:\program files (x86)\Common Files\logishrd

2012-04-21 16:27 . 2012-04-21 16:58 -------- d-----w- c:\program files\Common Files\logishrd

2012-04-21 16:25 . 2012-05-10 03:48 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-10 03:48 . 2011-06-18 16:04 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-04 20:56 . 2011-01-08 04:09 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-13 01:56 . 2008-07-31 15:16 947472 ----a-w- c:\windows\SysWow64\msjava.dll

2012-03-08 23:50 . 2012-03-08 23:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll

2012-03-08 23:37 . 2012-03-08 23:37 302448 ----a-w- c:\windows\WLXPGSS.SCR

2012-03-06 23:15 . 2011-06-16 06:41 41184 ----a-w- c:\windows\avastSS.scr

2012-03-06 23:15 . 2011-06-16 06:41 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-03-06 23:15 . 2011-06-16 06:42 258520 ----a-w- c:\windows\system32\aswBoot.exe

2012-03-06 23:04 . 2011-06-16 06:42 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-03-06 23:04 . 2011-06-16 06:42 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-03-06 23:02 . 2012-02-25 15:15 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-03-06 23:01 . 2011-06-16 06:42 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-03-06 23:01 . 2011-06-16 06:42 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-03-06 23:01 . 2011-06-16 06:42 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-03-05 17:12 . 2011-02-02 07:47 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-03-01 06:46 . 2012-04-10 20:12 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-03-01 06:38 . 2012-04-10 20:12 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-03-01 06:33 . 2012-04-10 20:12 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-03-01 06:28 . 2012-04-10 20:12 5120 ----a-w- c:\windows\system32\wmi.dll

2012-03-01 05:37 . 2012-04-10 20:12 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-03-01 05:33 . 2012-04-10 20:12 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-03-01 05:29 . 2012-04-10 20:12 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-02-28 06:56 . 2012-04-10 20:14 2311168 ----a-w- c:\windows\system32\jscript9.dll

2012-02-28 06:49 . 2012-04-10 20:14 1390080 ----a-w- c:\windows\system32\wininet.dll

2012-02-28 06:48 . 2012-04-10 20:14 1493504 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-28 06:42 . 2012-04-10 20:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-02-28 01:18 . 2012-04-10 20:14 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-02-28 01:11 . 2012-04-10 20:14 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-02-28 01:11 . 2012-04-10 20:14 1127424 ----a-w- c:\windows\SysWow64\wininet.dll

2012-02-28 01:03 . 2012-04-10 20:15 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-02-23 15:18 . 2010-12-13 07:20 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]

"Facebook Update"="c:\users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-11-13 137536]

"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-23 80896]

"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]

"QPService"="c:\program files (x86)\HP\QuickPlay\QPService.exe" [2007-12-20 468264]

"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]

"WAWifiMessage"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]

"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

.

c:\users\AngelsBaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

HughesNetStatusMeter.lnk - c:\program files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe [N/A]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-15 1038088]

R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys [x]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]

R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [x]

R3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]

S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [x]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-765764038-2876004717-2175413507-1000Core.job

- c:\users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 08:36]

.

2012-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-765764038-2876004717-2175413507-1000UA.job

- c:\users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 08:36]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RAVCpl64.exe" [2007-10-09 5429760]

"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1702400]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-24 178712]

"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 701440]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 165912]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 385560]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 363544]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>;*.local

IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 67.142.162.12 67.142.162.13

FF - ProfilePath - c:\users\AngelsBaby\AppData\Roaming\Mozilla\Firefox\Profiles\vren65jd.default\

FF - prefs.js: network.proxy.type - 0

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-765764038-2876004717-2175413507-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-765764038-2876004717-2175413507-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000001

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe

.

**************************************************************************

.

Completion time: 2012-05-20 20:03:02 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-21 01:03

ComboFix2.txt 2011-02-23 07:40

.

Pre-Run: 106,643,369,984 bytes free

Post-Run: 107,604,111,360 bytes free

.

- - End Of File - - 94DE6008F96765671959940627354AB1

ComboFix.txt

[MrCharlie]

That looked OK....please do this:

Download aswMBR to your desktop.

http://public.avast....erek/aswMBR.exe

Double click the aswMBR.exe to run it.

If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".

Click the "Scan" button to start scan.

On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

Please zip it up and attach it to your next post.

MrC

[Wofstar]

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-05-22 01:41:36

-----------------------------

01:41:36.200 OS Version: Windows x64 6.1.7601 Service Pack 1

01:41:36.200 Number of processors: 2 586 0xF0D

01:41:36.202 ComputerName: ANGELSBABY-LT UserName: AngelsBaby

01:41:37.664 Initialize success

01:41:38.128 AVAST engine defs: 12052101

01:41:46.210 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

01:41:46.212 Disk 0 Vendor: TOSHIBA_ LV01 Size: 238475MB BusType: 3

01:41:46.253 Disk 0 MBR read successfully

01:41:46.256 Disk 0 MBR scan

01:41:46.260 Disk 0 Windows 7 default MBR code

01:41:46.263 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 225278 MB offset 63

01:41:46.296 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13194 MB offset 461370735

01:41:46.334 Disk 0 scanning C:\Windows\system32\drivers

01:41:57.011 Service scanning

01:42:29.786 Modules scanning

01:42:29.794 Disk 0 trace - called modules:

01:42:29.837 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll

01:42:29.841 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004888060]

01:42:29.848 3 CLASSPNP.SYS[fffff88001b8e43f] -> nt!IofCallDriver -> [0xfffffa80046eaa10]

01:42:29.853 5 ACPI.sys[fffff88000faf7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa80046eb050]

01:42:30.662 AVAST engine scan C:\Windows

01:42:33.929 AVAST engine scan C:\Windows\system32

01:45:10.365 AVAST engine scan C:\Windows\system32\drivers

01:45:23.912 AVAST engine scan C:\Users\AngelsBaby

01:53:31.065 Disk 0 MBR has been saved successfully to "C:\Users\AngelsBaby\Desktop\MBR.dat"

01:53:31.094 The log file has been saved successfully to "C:\Users\AngelsBaby\Desktop\aswMBR.txt"

[MrCharlie]

Not much showing so far.........

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

[Wofstar]

Here's the logs:

OTL.Txt

Extras.Txt

[MrCharlie]

Not much showing....

Please do this:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  
  :OTL
  IE - HKU\S-1-5-21-765764038-2876004717-2175413507-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
  :Commands
  [EMPTYJAVA]
  [emptytemp]
  

  
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  
• Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
  

MrC

[Wofstar]

All processes killed

========== OTL ==========

Registry value HKEY_USERS\S-1-5-21-765764038-2876004717-2175413507-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.

========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: AngelsBaby

->Java cache emptied: 77072248 bytes

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 74.00 mb

[EMPTYTEMP]

User: All Users

User: AngelsBaby

->Temp folder emptied: 18217756 bytes

->Temporary Internet Files folder emptied: 15412078 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 1073519875 bytes

->Flash cache emptied: 252321890 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 56466 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Public

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 36864 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 47582 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,297.00 mb

OTL by OldTimer - Version 3.2.43.1 log created on 05222012_185359

Files\Folders moved on Reboot...

C:\Users\AngelsBaby\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please update and run a scan with your avast! Antivirus

Please let me know how it is, MrC

[Wofstar]

Both found no threats, would you like the reports?

[MrCharlie]

No if nothing was found, I don't need to see them.

How is the computer running now?? MrC

[Wofstar]

Its running a lot faster, and I haven't encountered any programs that "blah..is not responding" thus far.

[MrCharlie]

Great

A little clean up to do....

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-------------------------------

You have out date Java on the system, older versions are vulnerable to malware.

Please go to your control panels add/remove programs and uninstall these:

Java Auto Updater

Java™ 6 Update 31

Then download and install the latest version Java™ 7 Update 4.

http://www.java.com/...load/manual.jsp <---latest version

http://www.java.com/...d/installed.jsp <---verify your Java

-----------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!