Help with dss.scr results

rrr10 · June 28, 2012

Hi,

I have been having trouble with Google redirects for few weeks now. I have Norton Internet security 2012, but it finds nothing.

I ran the Malwarebytes' Anti-Malware Quick Scan. It found a couple of things, but the redirects are still happening. Following the advice on your website, I ran the dss.scr tool, and below are the dss.txt results.

Thanks for having a place to go for help on this obscure stuff!!

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Rod at 11:57:16 on 2012-06-28

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8151.5560 [GMT -7:00]

.

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\taskeng.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\wuauclt.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe

C:\Windows\explorer.exe

C:\Users\Rod\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://us4.hpwis.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = 127.0.0.1;*.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "C:\Users\Rod\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Apple] rundll32.exe "C:\Users\Rod\AppData\Local\Apple Computer\Apple\vpcqypvt.dll",CreateInstance

mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\Rod\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Rod\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Rod\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1 192.168.1.1

TCP: Interfaces\{8D748199-6B6D-4285-9BE6-539F745BAC0B} : DhcpNameServer = 192.168.0.1 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll

BHO-X64: Norton Identity Protection - No File

BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-6-18 1161376]

R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20120627.001\IDSviA64.sys [2012-6-28 509088]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-1-25 13336]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-25 654408]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]

R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe [2011-4-29 177080]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [2011-4-29 126392]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-31 138912]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-27 136176]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-27 136176]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-16 23536]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-06-26 04:54:20 -------- d-----w- C:\Users\Rod\AppData\Roaming\Malwarebytes

2012-06-26 04:54:09 -------- d-----w- C:\ProgramData\Malwarebytes

2012-06-26 04:54:08 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-26 04:54:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-06-22 17:08:22 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-22 17:08:03 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-22 17:07:49 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-22 17:07:49 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-21 20:54:49 -------- d-----w- C:\Program Files (x86)\Cisco Systems

2012-06-17 23:09:22 -------- d-----w- C:\Program Files\iTunes

2012-06-17 23:09:22 -------- d-----w- C:\Program Files\iPod

2012-06-17 23:09:22 -------- d-----w- C:\Program Files (x86)\iTunes

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-06-17 22:52:08 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-06-17 22:44:24 -------- d-----w- C:\Program Files\Bonjour

2012-06-17 22:44:24 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-06-16 00:15:58 -------- d-----w- C:\Users\Rod\AppData\Local\{0891D2EB-C51D-4153-BB9C-72F1D276EDA3}

2012-06-13 15:05:03 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-13 15:05:03 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-13 15:05:03 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-13 15:05:01 208896 ----a-w- C:\Windows\System32\profsvc.dll

2012-06-13 15:05:00 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-06-13 15:05:00 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-06-13 15:04:59 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-06-13 15:04:38 3144192 ----a-w- C:\Windows\System32\win32k.sys

2012-06-13 15:04:33 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-06-13 15:04:32 3213824 ----a-w- C:\Windows\System32\msi.dll

2012-06-13 15:04:32 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-06-13 15:04:30 182272 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-06-13 15:04:30 1460224 ----a-w- C:\Windows\System32\crypt32.dll

2012-06-13 15:04:30 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-06-13 15:04:30 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-06-13 15:04:30 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-06-13 15:04:30 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-06-08 04:42:36 -------- d-----r- C:\Users\Rod\Dropbox

2012-06-08 04:37:01 -------- d-----w- C:\Users\Rod\AppData\Roaming\Dropbox

.

==================== Find3M ====================

.

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-03 15:34:38 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-04-25 19:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-04-25 19:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

.

============= FINISH: 11:57:47.51 ===============

LDTate · June 28, 2012

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

rrr10 · June 29, 2012

Thanks for the help.

Presently, I get google redirects 1/2 the time I do a search.

I got the latest MBAM update, and ran the quick scan. It said nothing was detected. Here are the scan results:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.28.13

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Rod :: ROD-PC [administrator]

Protection: Enabled

6/28/2012 5:05:03 PM

mbam-log-2012-06-28 (17-05-03).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 208849

Time elapsed: 2 minute(s), 21 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

LDTate · June 29, 2012

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If Malicious objects are found then ensure Cure is selected
If TDLFS File System is found then ensure Delete is selected
Then click Continue Reboot now to finish the cleaning process.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

rrr10 · June 29, 2012

Thanks again for your help.

I followed your instructions. It found 2 'suspicious files'.

It did not ask to reboot the computer after the scan...hopefully this is correct.

I then tried to paste the contents of the 'TDSSKiller.2.7.42.0_28.06.2012_20.59.56_log' file here, but got a msg of 'post_too_long'.

What do I do now? Probably not a good sign, eh?

LDTate · June 29, 2012

The main part I need to see is the bottom 1/2.

Can you open it with Notepad and highlite the bottom 1/2 or 1/3 and copy / paste it here?

rrr10 · June 29, 2012

thanks

Here's the bottom 1/2 of the log:

21:02:30.0910 2124 MRxDAV - ok

21:02:30.0942 2124 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:02:30.0973 2124 mrxsmb - ok

21:02:31.0020 2124 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:02:31.0051 2124 mrxsmb10 - ok

21:02:31.0066 2124 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:02:31.0082 2124 mrxsmb20 - ok

21:02:31.0098 2124 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

21:02:31.0113 2124 msahci - ok

21:02:31.0144 2124 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

21:02:31.0160 2124 msdsm - ok

21:02:31.0176 2124 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

21:02:31.0191 2124 MSDTC - ok

21:02:31.0222 2124 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

21:02:31.0238 2124 Msfs - ok

21:02:31.0254 2124 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

21:02:31.0269 2124 mshidkmdf - ok

21:02:31.0285 2124 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

21:02:31.0300 2124 msisadrv - ok

21:02:31.0332 2124 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

21:02:31.0378 2124 MSiSCSI - ok

21:02:31.0378 2124 msiserver - ok

21:02:31.0410 2124 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

21:02:31.0441 2124 MSKSSRV - ok

21:02:31.0456 2124 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

21:02:31.0472 2124 MSPCLOCK - ok

21:02:31.0488 2124 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

21:02:31.0503 2124 MSPQM - ok

21:02:31.0550 2124 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

21:02:31.0581 2124 MsRPC - ok

21:02:31.0581 2124 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

21:02:31.0597 2124 mssmbios - ok

21:02:31.0612 2124 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

21:02:31.0628 2124 MSTEE - ok

21:02:31.0644 2124 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

21:02:31.0659 2124 MTConfig - ok

21:02:31.0675 2124 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

21:02:31.0690 2124 Mup - ok

21:02:31.0737 2124 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

21:02:31.0784 2124 napagent - ok

21:02:31.0831 2124 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

21:02:31.0862 2124 NativeWifiP - ok

21:02:32.0049 2124 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20120628.004\ENG64.SYS

21:02:32.0065 2124 NAVENG - ok

21:02:32.0236 2124 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20120628.004\EX64.SYS

21:02:32.0283 2124 NAVEX15 - ok

21:02:32.0455 2124 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

21:02:32.0502 2124 NDIS - ok

21:02:32.0502 2124 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

21:02:32.0533 2124 NdisCap - ok

21:02:32.0548 2124 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

21:02:32.0564 2124 NdisTapi - ok

21:02:32.0595 2124 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

21:02:32.0611 2124 Ndisuio - ok

21:02:32.0642 2124 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

21:02:32.0673 2124 NdisWan - ok

21:02:32.0689 2124 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

21:02:32.0720 2124 NDProxy - ok

21:02:32.0720 2124 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

21:02:32.0751 2124 NetBIOS - ok

21:02:32.0782 2124 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

21:02:32.0798 2124 NetBT - ok

21:02:32.0829 2124 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:02:32.0845 2124 Netlogon - ok

21:02:32.0892 2124 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

21:02:32.0923 2124 Netman - ok

21:02:32.0970 2124 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

21:02:33.0001 2124 netprofm - ok

21:02:33.0063 2124 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:02:33.0094 2124 NetTcpPortSharing - ok

21:02:33.0110 2124 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

21:02:33.0126 2124 nfrd960 - ok

21:02:33.0235 2124 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe

21:02:33.0250 2124 NIS - ok

21:02:33.0282 2124 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

21:02:33.0328 2124 NlaSvc - ok

21:02:33.0360 2124 Norton PC Checkup Application Launcher - ok

21:02:33.0375 2124 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

21:02:33.0391 2124 Npfs - ok

21:02:33.0406 2124 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

21:02:33.0422 2124 nsi - ok

21:02:33.0438 2124 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

21:02:33.0453 2124 nsiproxy - ok

21:02:33.0609 2124 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

21:02:33.0656 2124 Ntfs - ok

21:02:33.0781 2124 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

21:02:33.0796 2124 NuidFltr - ok

21:02:33.0812 2124 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

21:02:33.0843 2124 Null - ok

21:02:33.0890 2124 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

21:02:33.0921 2124 nvraid - ok

21:02:33.0968 2124 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

21:02:33.0984 2124 nvstor - ok

21:02:34.0015 2124 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

21:02:34.0046 2124 nv_agp - ok

21:02:34.0062 2124 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

21:02:34.0077 2124 ohci1394 - ok

21:02:34.0140 2124 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:02:34.0155 2124 ose - ok

21:02:34.0592 2124 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:02:34.0654 2124 osppsvc - ok

21:02:34.0779 2124 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:02:34.0810 2124 p2pimsvc - ok

21:02:34.0842 2124 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

21:02:34.0873 2124 p2psvc - ok

21:02:34.0920 2124 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

21:02:34.0935 2124 Parport - ok

21:02:34.0966 2124 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

21:02:34.0982 2124 partmgr - ok

21:02:35.0013 2124 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

21:02:35.0029 2124 PcaSvc - ok

21:02:35.0091 2124 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

21:02:35.0107 2124 PCCUJobMgr - ok

21:02:35.0278 2124 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 (51209fbdb13a46e05c1b0077a9310264) c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms

21:02:35.0294 2124 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok

21:02:35.0403 2124 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

21:02:35.0419 2124 pci - ok

21:02:35.0450 2124 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

21:02:35.0466 2124 pciide - ok

21:02:35.0497 2124 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

21:02:35.0528 2124 pcmcia - ok

21:02:35.0544 2124 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

21:02:35.0544 2124 pcw - ok

21:02:35.0606 2124 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

21:02:35.0668 2124 PEAUTH - ok

21:02:35.0746 2124 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

21:02:35.0762 2124 PerfHost - ok

21:02:35.0902 2124 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

21:02:35.0949 2124 pla - ok

21:02:35.0996 2124 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

21:02:36.0027 2124 PlugPlay - ok

21:02:36.0027 2124 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

21:02:36.0043 2124 PNRPAutoReg - ok

21:02:36.0074 2124 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:02:36.0090 2124 PNRPsvc - ok

21:02:36.0152 2124 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

21:02:36.0183 2124 PolicyAgent - ok

21:02:36.0230 2124 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

21:02:36.0261 2124 Power - ok

21:02:36.0292 2124 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

21:02:36.0308 2124 PptpMiniport - ok

21:02:36.0324 2124 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

21:02:36.0339 2124 Processor - ok

21:02:36.0386 2124 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll

21:02:36.0386 2124 ProfSvc - ok

21:02:36.0417 2124 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:02:36.0448 2124 ProtectedStorage - ok

21:02:36.0464 2124 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

21:02:36.0495 2124 Psched - ok

21:02:36.0636 2124 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

21:02:36.0667 2124 ql2300 - ok

21:02:36.0776 2124 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

21:02:36.0792 2124 ql40xx - ok

21:02:36.0838 2124 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

21:02:36.0870 2124 QWAVE - ok

21:02:36.0885 2124 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

21:02:36.0901 2124 QWAVEdrv - ok

21:02:36.0916 2124 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

21:02:36.0963 2124 RasAcd - ok

21:02:36.0994 2124 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:02:37.0010 2124 RasAgileVpn - ok

21:02:37.0026 2124 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

21:02:37.0057 2124 RasAuto - ok

21:02:37.0072 2124 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:02:37.0104 2124 Rasl2tp - ok

21:02:37.0135 2124 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

21:02:37.0166 2124 RasMan - ok

21:02:37.0166 2124 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

21:02:37.0197 2124 RasPppoe - ok

21:02:37.0213 2124 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

21:02:37.0244 2124 RasSstp - ok

21:02:37.0260 2124 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

21:02:37.0291 2124 rdbss - ok

21:02:37.0306 2124 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

21:02:37.0322 2124 rdpbus - ok

21:02:37.0322 2124 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:02:37.0353 2124 RDPCDD - ok

21:02:37.0353 2124 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

21:02:37.0384 2124 RDPENCDD - ok

21:02:37.0400 2124 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

21:02:37.0416 2124 RDPREFMP - ok

21:02:37.0462 2124 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys

21:02:37.0478 2124 RDPWD - ok

21:02:37.0509 2124 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

21:02:37.0525 2124 rdyboost - ok

21:02:37.0540 2124 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

21:02:37.0572 2124 RemoteAccess - ok

21:02:37.0603 2124 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

21:02:37.0634 2124 RemoteRegistry - ok

21:02:37.0634 2124 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

21:02:37.0681 2124 RpcEptMapper - ok

21:02:37.0696 2124 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

21:02:37.0696 2124 RpcLocator - ok

21:02:37.0759 2124 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

21:02:37.0790 2124 RpcSs - ok

21:02:37.0806 2124 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

21:02:37.0837 2124 rspndr - ok

21:02:37.0884 2124 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys

21:02:37.0884 2124 RTL8167 - ok

21:02:37.0915 2124 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:02:37.0930 2124 SamSs - ok

21:02:37.0946 2124 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

21:02:37.0962 2124 sbp2port - ok

21:02:38.0008 2124 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

21:02:38.0040 2124 SCardSvr - ok

21:02:38.0040 2124 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

21:02:38.0071 2124 scfilter - ok

21:02:38.0196 2124 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

21:02:38.0211 2124 Schedule - ok

21:02:38.0242 2124 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

21:02:38.0289 2124 SCPolicySvc - ok

21:02:38.0305 2124 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

21:02:38.0320 2124 SDRSVC - ok

21:02:38.0352 2124 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

21:02:38.0383 2124 secdrv - ok

21:02:38.0398 2124 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

21:02:38.0414 2124 seclogon - ok

21:02:38.0430 2124 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

21:02:38.0461 2124 SENS - ok

21:02:38.0476 2124 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

21:02:38.0492 2124 SensrSvc - ok

21:02:38.0523 2124 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

21:02:38.0523 2124 Serenum - ok

21:02:38.0554 2124 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

21:02:38.0570 2124 Serial - ok

21:02:38.0586 2124 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

21:02:38.0601 2124 sermouse - ok

21:02:38.0617 2124 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

21:02:38.0648 2124 SessionEnv - ok

21:02:38.0664 2124 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

21:02:38.0679 2124 sffdisk - ok

21:02:38.0679 2124 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

21:02:38.0695 2124 sffp_mmc - ok

21:02:38.0710 2124 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

21:02:38.0726 2124 sffp_sd - ok

21:02:38.0742 2124 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

21:02:38.0742 2124 sfloppy - ok

21:02:38.0804 2124 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

21:02:38.0851 2124 SharedAccess - ok

21:02:38.0898 2124 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

21:02:38.0929 2124 ShellHWDetection - ok

21:02:38.0944 2124 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:02:38.0944 2124 SiSRaid2 - ok

21:02:38.0976 2124 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

21:02:38.0976 2124 SiSRaid4 - ok

21:02:38.0991 2124 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

21:02:39.0038 2124 Smb - ok

21:02:39.0054 2124 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

21:02:39.0069 2124 SNMPTRAP - ok

21:02:39.0069 2124 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

21:02:39.0085 2124 spldr - ok

21:02:39.0163 2124 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

21:02:39.0194 2124 Spooler - ok

21:02:39.0459 2124 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

21:02:39.0537 2124 sppsvc - ok

21:02:39.0631 2124 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

21:02:39.0678 2124 sppuinotify - ok

21:02:39.0818 2124 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS

21:02:39.0849 2124 SRTSP - ok

21:02:39.0865 2124 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS

21:02:39.0865 2124 SRTSPX - ok

21:02:39.0927 2124 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

21:02:39.0943 2124 srv - ok

21:02:39.0990 2124 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

21:02:40.0005 2124 srv2 - ok

21:02:40.0052 2124 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

21:02:40.0068 2124 srvnet - ok

21:02:40.0083 2124 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

21:02:40.0114 2124 SSDPSRV - ok

21:02:40.0130 2124 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

21:02:40.0161 2124 SstpSvc - ok

21:02:40.0177 2124 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

21:02:40.0192 2124 stexstor - ok

21:02:40.0255 2124 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

21:02:40.0286 2124 stisvc - ok

21:02:40.0302 2124 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

21:02:40.0317 2124 swenum - ok

21:02:40.0473 2124 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

21:02:40.0489 2124 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

21:02:40.0489 2124 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

21:02:40.0536 2124 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

21:02:40.0582 2124 swprv - ok

21:02:40.0629 2124 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS

21:02:40.0660 2124 SymDS - ok

21:02:40.0754 2124 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS

21:02:40.0785 2124 SymEFA - ok

21:02:40.0832 2124 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

21:02:40.0848 2124 SymEvent - ok

21:02:40.0894 2124 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS

21:02:40.0910 2124 SymIRON - ok

21:02:40.0972 2124 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS

21:02:40.0988 2124 SymNetS - ok

21:02:41.0144 2124 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

21:02:41.0191 2124 SysMain - ok

21:02:41.0300 2124 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

21:02:41.0331 2124 TabletInputService - ok

21:02:41.0362 2124 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

21:02:41.0394 2124 TapiSrv - ok

21:02:41.0409 2124 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

21:02:41.0440 2124 TBS - ok

21:02:41.0628 2124 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

21:02:41.0659 2124 Tcpip - ok

21:02:41.0877 2124 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

21:02:41.0924 2124 TCPIP6 - ok

21:02:42.0002 2124 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

21:02:42.0064 2124 tcpipreg - ok

21:02:42.0080 2124 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

21:02:42.0096 2124 TDPIPE - ok

21:02:42.0127 2124 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

21:02:42.0142 2124 TDTCP - ok

21:02:42.0158 2124 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

21:02:42.0205 2124 tdx - ok

21:02:42.0220 2124 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

21:02:42.0220 2124 TermDD - ok

21:02:42.0298 2124 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

21:02:42.0345 2124 TermService - ok

21:02:42.0361 2124 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

21:02:42.0376 2124 Themes - ok

21:02:42.0408 2124 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:02:42.0439 2124 THREADORDER - ok

21:02:42.0454 2124 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

21:02:42.0501 2124 TrkWks - ok

21:02:42.0532 2124 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

21:02:42.0564 2124 TrustedInstaller - ok

21:02:42.0564 2124 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:02:42.0595 2124 tssecsrv - ok

21:02:42.0610 2124 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

21:02:42.0642 2124 tunnel - ok

21:02:42.0657 2124 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

21:02:42.0657 2124 uagp35 - ok

21:02:42.0704 2124 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

21:02:42.0735 2124 udfs - ok

21:02:42.0751 2124 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

21:02:42.0766 2124 UI0Detect - ok

21:02:42.0782 2124 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

21:02:42.0782 2124 uliagpkx - ok

21:02:42.0813 2124 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

21:02:42.0813 2124 umbus - ok

21:02:42.0829 2124 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

21:02:42.0829 2124 UmPass - ok

21:02:42.0876 2124 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

21:02:42.0891 2124 upnphost - ok

21:02:42.0922 2124 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

21:02:42.0938 2124 USBAAPL64 - ok

21:02:42.0954 2124 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

21:02:42.0969 2124 usbccgp - ok

21:02:42.0985 2124 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

21:02:43.0000 2124 usbcir - ok

21:02:43.0032 2124 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys

21:02:43.0032 2124 usbehci - ok

21:02:43.0063 2124 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

21:02:43.0078 2124 usbhub - ok

21:02:43.0110 2124 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

21:02:43.0125 2124 usbohci - ok

21:02:43.0141 2124 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

21:02:43.0156 2124 usbprint - ok

21:02:43.0172 2124 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

21:02:43.0188 2124 usbscan - ok

21:02:43.0219 2124 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:02:43.0219 2124 USBSTOR - ok

21:02:43.0250 2124 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys

21:02:43.0266 2124 usbuhci - ok

21:02:43.0281 2124 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

21:02:43.0312 2124 UxSms - ok

21:02:43.0328 2124 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:02:43.0344 2124 VaultSvc - ok

21:02:43.0359 2124 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

21:02:43.0359 2124 vdrvroot - ok

21:02:43.0406 2124 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

21:02:43.0437 2124 vds - ok

21:02:43.0453 2124 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

21:02:43.0468 2124 vga - ok

21:02:43.0484 2124 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

21:02:43.0515 2124 VgaSave - ok

21:02:43.0546 2124 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

21:02:43.0578 2124 vhdmp - ok

21:02:43.0578 2124 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

21:02:43.0593 2124 viaide - ok

21:02:43.0624 2124 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

21:02:43.0640 2124 volmgr - ok

21:02:43.0671 2124 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

21:02:43.0687 2124 volmgrx - ok

21:02:43.0734 2124 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

21:02:43.0749 2124 volsnap - ok

21:02:43.0765 2124 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

21:02:43.0796 2124 vsmraid - ok

21:02:43.0936 2124 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

21:02:43.0968 2124 VSS - ok

21:02:44.0077 2124 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

21:02:44.0108 2124 vwifibus - ok

21:02:44.0139 2124 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

21:02:44.0186 2124 W32Time - ok

21:02:44.0186 2124 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

21:02:44.0202 2124 WacomPen - ok

21:02:44.0217 2124 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

21:02:44.0233 2124 WANARP - ok

21:02:44.0233 2124 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

21:02:44.0264 2124 Wanarpv6 - ok

21:02:44.0404 2124 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

21:02:44.0436 2124 WatAdminSvc - ok

21:02:44.0560 2124 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

21:02:44.0592 2124 wbengine - ok

21:02:44.0670 2124 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

21:02:44.0701 2124 WbioSrvc - ok

21:02:44.0763 2124 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

21:02:44.0779 2124 wcncsvc - ok

21:02:44.0794 2124 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

21:02:44.0810 2124 WcsPlugInService - ok

21:02:44.0841 2124 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

21:02:44.0857 2124 Wd - ok

21:02:44.0919 2124 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

21:02:44.0950 2124 Wdf01000 - ok

21:02:44.0966 2124 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:02:44.0997 2124 WdiServiceHost - ok

21:02:44.0997 2124 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:02:45.0013 2124 WdiSystemHost - ok

21:02:45.0060 2124 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

21:02:45.0075 2124 WebClient - ok

21:02:45.0106 2124 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

21:02:45.0138 2124 Wecsvc - ok

21:02:45.0153 2124 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

21:02:45.0184 2124 wercplsupport - ok

21:02:45.0200 2124 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

21:02:45.0216 2124 WerSvc - ok

21:02:45.0247 2124 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

21:02:45.0294 2124 WfpLwf - ok

21:02:45.0309 2124 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

21:02:45.0309 2124 WIMMount - ok

21:02:45.0340 2124 WinDefend - ok

21:02:45.0340 2124 WinHttpAutoProxySvc - ok

21:02:45.0418 2124 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

21:02:45.0465 2124 Winmgmt - ok

21:02:45.0637 2124 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

21:02:45.0684 2124 WinRM - ok

21:02:45.0777 2124 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

21:02:45.0808 2124 WinUsb - ok

21:02:45.0902 2124 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

21:02:45.0933 2124 Wlansvc - ok

21:02:45.0996 2124 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:02:46.0011 2124 wlcrasvc - ok

21:02:46.0230 2124 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:02:46.0261 2124 wlidsvc - ok

21:02:46.0339 2124 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

21:02:46.0354 2124 WmiAcpi - ok

21:02:46.0417 2124 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

21:02:46.0448 2124 wmiApSrv - ok

21:02:46.0464 2124 WMPNetworkSvc - ok

21:02:46.0495 2124 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

21:02:46.0510 2124 WPCSvc - ok

21:02:46.0542 2124 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

21:02:46.0557 2124 WPDBusEnum - ok

21:02:46.0573 2124 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

21:02:46.0604 2124 ws2ifsl - ok

21:02:46.0635 2124 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

21:02:46.0651 2124 wscsvc - ok

21:02:46.0651 2124 WSearch - ok

21:02:46.0854 2124 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

21:02:46.0885 2124 wuauserv - ok

21:02:47.0010 2124 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

21:02:47.0072 2124 WudfPf - ok

21:02:47.0119 2124 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:02:47.0166 2124 WUDFRd - ok

21:02:47.0197 2124 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

21:02:47.0228 2124 wudfsvc - ok

21:02:47.0259 2124 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

21:02:47.0275 2124 WwanSvc - ok

21:02:47.0290 2124 MBR (0x1B8) (a8ed7a471985bafd441c2b52f3f4109f) \Device\Harddisk0\DR0

21:02:47.0602 2124 \Device\Harddisk0\DR0 - ok

21:02:47.0618 2124 Boot (0x1200) (ded680b37e1872ad1e1b9d74a0d6ae0a) \Device\Harddisk0\DR0\Partition0

21:02:47.0618 2124 \Device\Harddisk0\DR0\Partition0 - ok

21:02:47.0634 2124 Boot (0x1200) (5cf5f34694c8b9a836392b999c956a0d) \Device\Harddisk0\DR0\Partition1

21:02:47.0649 2124 \Device\Harddisk0\DR0\Partition1 - ok

21:02:47.0680 2124 Boot (0x1200) (495af5d9a1398fe1ea9febb05d119e03) \Device\Harddisk0\DR0\Partition2

21:02:47.0680 2124 \Device\Harddisk0\DR0\Partition2 - ok

21:02:47.0680 2124 ============================================================

21:02:47.0680 2124 Scan finished

21:02:47.0680 2124 ============================================================

21:02:47.0680 1092 Detected object count: 2

21:02:47.0680 1092 Actual detected object count: 2

21:03:23.0670 1092 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:23.0670 1092 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:23.0670 1092 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:23.0670 1092 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:15:19.0075 7456 ============================================================

21:15:19.0075 7456 Scan started

21:15:19.0075 7456 Mode: Manual; SigCheck; TDLFS;

21:15:19.0075 7456 ============================================================

21:15:19.0559 7456 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

21:15:19.0590 7456 1394ohci - ok

21:15:19.0637 7456 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

21:15:19.0668 7456 ACPI - ok

21:15:19.0684 7456 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

21:15:19.0699 7456 AcpiPmi - ok

21:15:19.0762 7456 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

21:15:19.0793 7456 adp94xx - ok

21:15:19.0840 7456 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

21:15:19.0871 7456 adpahci - ok

21:15:19.0902 7456 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

21:15:19.0918 7456 adpu320 - ok

21:15:19.0949 7456 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

21:15:19.0980 7456 AeLookupSvc - ok

21:15:20.0058 7456 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

21:15:20.0089 7456 AFD - ok

21:15:20.0121 7456 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

21:15:20.0152 7456 agp440 - ok

21:15:20.0183 7456 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

21:15:20.0245 7456 ALG - ok

21:15:20.0261 7456 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

21:15:20.0277 7456 aliide - ok

21:15:20.0339 7456 AMD External Events Utility (0de7bf2a2e64a841f9abf9558870d9c4) C:\Windows\system32\atiesrxx.exe

21:15:20.0355 7456 AMD External Events Utility - ok

21:15:20.0386 7456 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

21:15:20.0401 7456 amdide - ok

21:15:20.0433 7456 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

21:15:20.0448 7456 AmdK8 - ok

21:15:21.0103 7456 amdkmdag (f284da3156166b45d02acc3c228ade1e) C:\Windows\system32\DRIVERS\atipmdag.sys

21:15:21.0197 7456 amdkmdag - ok

21:15:21.0353 7456 amdkmdap (91e1daf0193bd2ab90b1b35c987237fe) C:\Windows\system32\DRIVERS\atikmpag.sys

21:15:21.0369 7456 amdkmdap - ok

21:15:21.0384 7456 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

21:15:21.0415 7456 AmdPPM - ok

21:15:21.0447 7456 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

21:15:21.0478 7456 amdsata - ok

21:15:21.0509 7456 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

21:15:21.0525 7456 amdsbs - ok

21:15:21.0556 7456 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

21:15:21.0571 7456 amdxata - ok

21:15:21.0603 7456 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

21:15:21.0618 7456 AppID - ok

21:15:21.0649 7456 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

21:15:21.0696 7456 AppIDSvc - ok

21:15:21.0712 7456 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

21:15:21.0712 7456 Appinfo - ok

21:15:21.0821 7456 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:15:21.0837 7456 Apple Mobile Device - ok

21:15:21.0852 7456 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

21:15:21.0868 7456 arc - ok

21:15:21.0899 7456 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

21:15:21.0899 7456 arcsas - ok

21:15:21.0930 7456 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

21:15:21.0961 7456 AsyncMac - ok

21:15:21.0961 7456 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

21:15:21.0977 7456 atapi - ok

21:15:22.0008 7456 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys

21:15:22.0008 7456 AtiHdmiService - ok

21:15:22.0632 7456 atikmdag (f284da3156166b45d02acc3c228ade1e) C:\Windows\system32\DRIVERS\atikmdag.sys

21:15:22.0679 7456 atikmdag - ok

21:15:22.0882 7456 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

21:15:22.0929 7456 AudioEndpointBuilder - ok

21:15:22.0929 7456 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

21:15:22.0960 7456 AudioSrv - ok

21:15:22.0975 7456 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

21:15:22.0991 7456 AxInstSV - ok

21:15:23.0069 7456 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

21:15:23.0100 7456 b06bdrv - ok

21:15:23.0147 7456 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

21:15:23.0178 7456 b57nd60a - ok

21:15:23.0194 7456 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

21:15:23.0225 7456 BDESVC - ok

21:15:23.0241 7456 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

21:15:23.0272 7456 Beep - ok

21:15:23.0334 7456 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

21:15:23.0412 7456 BFE - ok

21:15:23.0755 7456 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20120619.001\BHDrvx64.sys

21:15:23.0771 7456 BHDrvx64 - ok

21:15:23.0974 7456 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

21:15:24.0021 7456 BITS - ok

21:15:24.0067 7456 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

21:15:24.0083 7456 blbdrive - ok

21:15:24.0192 7456 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

21:15:24.0208 7456 Bonjour Service - ok

21:15:24.0239 7456 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

21:15:24.0255 7456 bowser - ok

21:15:24.0270 7456 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:15:24.0301 7456 BrFiltLo - ok

21:15:24.0317 7456 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:15:24.0333 7456 BrFiltUp - ok

21:15:24.0364 7456 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

21:15:24.0395 7456 Browser - ok

21:15:24.0442 7456 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

21:15:24.0457 7456 Brserid - ok

21:15:24.0473 7456 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

21:15:24.0489 7456 BrSerWdm - ok

21:15:24.0504 7456 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:15:24.0520 7456 BrUsbMdm - ok

21:15:24.0535 7456 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

21:15:24.0551 7456 BrUsbSer - ok

21:15:24.0567 7456 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

21:15:24.0582 7456 BTHMODEM - ok

21:15:24.0598 7456 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

21:15:24.0645 7456 bthserv - ok

21:15:24.0723 7456 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys

21:15:24.0738 7456 ccSet_NIS - ok

21:15:24.0769 7456 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

21:15:24.0801 7456 cdfs - ok

21:15:24.0832 7456 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

21:15:24.0832 7456 cdrom - ok

21:15:24.0847 7456 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

21:15:24.0879 7456 CertPropSvc - ok

21:15:24.0894 7456 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

21:15:24.0910 7456 circlass - ok

21:15:24.0957 7456 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

21:15:24.0972 7456 CLFS - ok

21:15:25.0035 7456 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:15:25.0066 7456 clr_optimization_v2.0.50727_32 - ok

21:15:25.0113 7456 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:15:25.0128 7456 clr_optimization_v2.0.50727_64 - ok

21:15:25.0206 7456 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:15:25.0222 7456 clr_optimization_v4.0.30319_32 - ok

21:15:25.0269 7456 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:15:25.0284 7456 clr_optimization_v4.0.30319_64 - ok

21:15:25.0300 7456 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

21:15:25.0315 7456 CmBatt - ok

21:15:25.0347 7456 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

21:15:25.0362 7456 cmdide - ok

21:15:25.0425 7456 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

21:15:25.0471 7456 CNG - ok

21:15:25.0487 7456 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

21:15:25.0503 7456 Compbatt - ok

21:15:25.0518 7456 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

21:15:25.0534 7456 CompositeBus - ok

21:15:25.0534 7456 COMSysApp - ok

21:15:25.0565 7456 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

21:15:25.0565 7456 crcdisk - ok

21:15:25.0612 7456 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll

21:15:25.0643 7456 CryptSvc - ok

21:15:25.0705 7456 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

21:15:25.0752 7456 DcomLaunch - ok

21:15:25.0799 7456 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

21:15:25.0815 7456 defragsvc - ok

21:15:25.0861 7456 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

21:15:25.0861 7456 DfsC - ok

21:15:25.0908 7456 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

21:15:25.0939 7456 Dhcp - ok

21:15:25.0955 7456 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

21:15:25.0986 7456 discache - ok

21:15:26.0002 7456 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

21:15:26.0017 7456 Disk - ok

21:15:26.0064 7456 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

21:15:26.0080 7456 Dnscache - ok

21:15:26.0111 7456 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

21:15:26.0158 7456 dot3svc - ok

21:15:26.0173 7456 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

21:15:26.0205 7456 DPS - ok

21:15:26.0236 7456 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

21:15:26.0251 7456 drmkaud - ok

21:15:26.0376 7456 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

21:15:26.0392 7456 DXGKrnl - ok

21:15:26.0423 7456 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

21:15:26.0454 7456 EapHost - ok

21:15:26.0766 7456 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

21:15:26.0797 7456 ebdrv - ok

21:15:26.0891 7456 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

21:15:26.0922 7456 eeCtrl - ok

21:15:27.0031 7456 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

21:15:27.0047 7456 EFS - ok

21:15:27.0156 7456 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

21:15:27.0187 7456 ehRecvr - ok

21:15:27.0203 7456 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

21:15:27.0234 7456 ehSched - ok

21:15:27.0312 7456 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

21:15:27.0343 7456 elxstor - ok

21:15:27.0390 7456 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

21:15:27.0406 7456 EraserUtilRebootDrv - ok

21:15:27.0421 7456 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

21:15:27.0453 7456 ErrDev - ok

21:15:27.0515 7456 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

21:15:27.0546 7456 EventSystem - ok

21:15:27.0577 7456 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

21:15:27.0609 7456 exfat - ok

21:15:27.0655 7456 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

21:15:27.0671 7456 fastfat - ok

21:15:27.0749 7456 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

21:15:27.0780 7456 Fax - ok

21:15:27.0796 7456 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

21:15:27.0811 7456 fdc - ok

21:15:27.0827 7456 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

21:15:27.0858 7456 fdPHost - ok

21:15:27.0889 7456 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

21:15:27.0921 7456 FDResPub - ok

21:15:27.0936 7456 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

21:15:27.0952 7456 FileInfo - ok

21:15:27.0967 7456 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

21:15:27.0999 7456 Filetrace - ok

21:15:28.0014 7456 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

21:15:28.0030 7456 flpydisk - ok

21:15:28.0061 7456 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

21:15:28.0077 7456 FltMgr - ok

21:15:28.0217 7456 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

21:15:28.0248 7456 FontCache - ok

21:15:28.0295 7456 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:15:28.0311 7456 FontCache3.0.0.0 - ok

21:15:28.0342 7456 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

21:15:28.0357 7456 FsDepends - ok

21:15:28.0389 7456 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

21:15:28.0404 7456 fssfltr - ok

21:15:28.0623 7456 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

21:15:28.0669 7456 fsssvc - ok

21:15:28.0779 7456 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

21:15:28.0810 7456 Fs_Rec - ok

21:15:28.0857 7456 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

21:15:28.0888 7456 fvevol - ok

21:15:28.0903 7456 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:15:28.0919 7456 gagp30kx - ok

21:15:28.0997 7456 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

21:15:29.0013 7456 GameConsoleService - ok

21:15:29.0028 7456 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:15:29.0044 7456 GEARAspiWDM - ok

21:15:29.0153 7456 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

21:15:29.0200 7456 gpsvc - ok

21:15:29.0278 7456 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:15:29.0293 7456 gupdate - ok

21:15:29.0309 7456 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:15:29.0325 7456 gupdatem - ok

21:15:29.0371 7456 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

21:15:29.0387 7456 gusvc - ok

21:15:29.0403 7456 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

21:15:29.0418 7456 hcw85cir - ok

21:15:29.0449 7456 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

21:15:29.0465 7456 HDAudBus - ok

21:15:29.0481 7456 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

21:15:29.0496 7456 HECIx64 - ok

21:15:29.0512 7456 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

21:15:29.0527 7456 HidBatt - ok

21:15:29.0543 7456 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

21:15:29.0559 7456 HidBth - ok

21:15:29.0574 7456 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

21:15:29.0590 7456 HidIr - ok

21:15:29.0605 7456 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

21:15:29.0652 7456 hidserv - ok

21:15:29.0668 7456 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

21:15:29.0668 7456 HidUsb - ok

21:15:29.0683 7456 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

21:15:29.0715 7456 hkmsvc - ok

21:15:29.0746 7456 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

21:15:29.0761 7456 HomeGroupListener - ok

21:15:29.0808 7456 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

21:15:29.0839 7456 HomeGroupProvider - ok

21:15:29.0886 7456 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

21:15:29.0902 7456 HP Support Assistant Service - ok

21:15:29.0964 7456 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

21:15:29.0980 7456 HPDrvMntSvc.exe - ok

21:15:30.0105 7456 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

21:15:30.0136 7456 hpqwmiex - ok

21:15:30.0183 7456 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

21:15:30.0198 7456 HpSAMD - ok

21:15:30.0292 7456 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

21:15:30.0339 7456 HTTP - ok

21:15:30.0370 7456 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

21:15:30.0385 7456 hwpolicy - ok

21:15:30.0417 7456 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

21:15:30.0432 7456 i8042prt - ok

21:15:30.0510 7456 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys

21:15:30.0526 7456 iaStor - ok

21:15:30.0619 7456 IAStorDataMgrSvc (7493ea4de41348f7d3edbf9db298f56a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

21:15:30.0635 7456 IAStorDataMgrSvc - ok

21:15:30.0697 7456 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

21:15:30.0729 7456 iaStorV - ok

21:15:30.0869 7456 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:15:30.0900 7456 idsvc - ok

21:15:31.0524 7456 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20120628.001\IDSvia64.sys

21:15:31.0555 7456 IDSVia64 - ok

21:15:31.0665 7456 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

21:15:31.0696 7456 iirsp - ok

21:15:31.0805 7456 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

21:15:31.0852 7456 IKEEXT - ok

21:15:32.0055 7456 IntcAzAudAddService (ef75c94792187a143871fbb87611b0b7) C:\Windows\system32\drivers\RTKVHD64.sys

21:15:32.0101 7456 IntcAzAudAddService - ok

21:15:32.0211 7456 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

21:15:32.0242 7456 intelide - ok

21:15:32.0257 7456 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

21:15:32.0273 7456 intelppm - ok

21:15:32.0367 7456 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

21:15:32.0382 7456 IntuitUpdateService - ok

21:15:32.0429 7456 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

21:15:32.0445 7456 IntuitUpdateServiceV4 - ok

21:15:32.0476 7456 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

21:15:32.0538 7456 IPBusEnum - ok

21:15:32.0554 7456 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:15:32.0585 7456 IpFilterDriver - ok

21:15:32.0647 7456 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

21:15:32.0710 7456 iphlpsvc - ok

21:15:32.0725 7456 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

21:15:32.0725 7456 IPMIDRV - ok

21:15:32.0741 7456 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

21:15:32.0772 7456 IPNAT - ok

21:15:32.0897 7456 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe

21:15:32.0928 7456 iPod Service - ok

21:15:32.0959 7456 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

21:15:32.0975 7456 IRENUM - ok

21:15:32.0975 7456 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

21:15:32.0991 7456 isapnp - ok

21:15:33.0022 7456 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

21:15:33.0037 7456 iScsiPrt - ok

21:15:33.0053 7456 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

21:15:33.0069 7456 kbdclass - ok

21:15:33.0084 7456 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

21:15:33.0100 7456 kbdhid - ok

21:15:33.0131 7456 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:15:33.0147 7456 KeyIso - ok

21:15:33.0147 7456 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

21:15:33.0162 7456 KSecDD - ok

21:15:33.0193 7456 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

21:15:33.0209 7456 KSecPkg - ok

21:15:33.0225 7456 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

21:15:33.0256 7456 ksthunk - ok

21:15:33.0318 7456 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

21:15:33.0381 7456 KtmRm - ok

21:15:33.0427 7456 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

21:15:33.0443 7456 LanmanServer - ok

21:15:33.0474 7456 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

21:15:33.0521 7456 LanmanWorkstation - ok

21:15:33.0615 7456 LightScribeService (0ee66bdf485c6828aa65c0ef5d591133) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

21:15:33.0615 7456 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

21:15:33.0615 7456 LightScribeService - detected UnsignedFile.Multi.Generic (1)

21:15:33.0630 7456 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

21:15:33.0677 7456 lltdio - ok

21:15:33.0724 7456 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

21:15:33.0755 7456 lltdsvc - ok

21:15:33.0771 7456 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

21:15:33.0786 7456 lmhosts - ok

21:15:33.0817 7456 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:15:33.0817 7456 LSI_FC - ok

21:15:33.0833 7456 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:15:33.0849 7456 LSI_SAS - ok

21:15:33.0864 7456 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:15:33.0895 7456 LSI_SAS2 - ok

21:15:33.0911 7456 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:15:33.0927 7456 LSI_SCSI - ok

21:15:33.0958 7456 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

21:15:34.0005 7456 luafv - ok

21:15:34.0020 7456 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

21:15:34.0051 7456 MBAMProtector - ok

21:15:34.0161 7456 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

21:15:34.0176 7456 MBAMService - ok

21:15:34.0207 7456 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

21:15:34.0223 7456 Mcx2Svc - ok

21:15:34.0239 7456 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

21:15:34.0270 7456 megasas - ok

21:15:34.0285 7456 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

21:15:34.0317 7456 MegaSR - ok

21:15:34.0363 7456 Microsoft SharePoint Workspace Audit Service - ok

21:15:34.0395 7456 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:15:34.0457 7456 MMCSS - ok

21:15:34.0473 7456 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

21:15:34.0488 7456 Modem - ok

21:15:34.0519 7456 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

21:15:34.0535 7456 monitor - ok

21:15:34.0551 7456 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

21:15:34.0566 7456 mouclass - ok

21:15:34.0566 7456 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

21:15:34.0582 7456 mouhid - ok

21:15:34.0597 7456 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

21:15:34.0613 7456 mountmgr - ok

21:15:34.0629 7456 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

21:15:34.0644 7456 mpio - ok

21:15:34.0660 7456 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

21:15:34.0691 7456 mpsdrv - ok

21:15:34.0800 7456 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

21:15:34.0847 7456 MpsSvc - ok

21:15:34.0878 7456 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

21:15:34.0894 7456 MRxDAV - ok

21:15:34.0925 7456 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:15:34.0956 7456 mrxsmb - ok

21:15:35.0003 7456 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:15:35.0019 7456 mrxsmb10 - ok

21:15:35.0050 7456 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:15:35.0065 7456 mrxsmb20 - ok

21:15:35.0097 7456 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

21:15:35.0112 7456 msahci - ok

21:15:35.0128 7456 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

21:15:35.0143 7456 msdsm - ok

21:15:35.0175 7456 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

21:15:35.0190 7456 MSDTC - ok

21:15:35.0206 7456 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

21:15:35.0253 7456 Msfs - ok

21:15:35.0268 7456 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

21:15:35.0299 7456 mshidkmdf - ok

21:15:35.0299 7456 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

21:15:35.0315 7456 msisadrv - ok

21:15:35.0362 7456 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

21:15:35.0409 7456 MSiSCSI - ok

21:15:35.0409 7456 msiserver - ok

21:15:35.0424 7456 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

21:15:35.0455 7456 MSKSSRV - ok

21:15:35.0455 7456 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

21:15:35.0471 7456 MSPCLOCK - ok

21:15:35.0487 7456 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

21:15:35.0518 7456 MSPQM - ok

21:15:35.0533 7456 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

21:15:35.0549 7456 MsRPC - ok

21:15:35.0565 7456 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

21:15:35.0565 7456 mssmbios - ok

21:15:35.0580 7456 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

21:15:35.0611 7456 MSTEE - ok

21:15:35.0627 7456 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

21:15:35.0627 7456 MTConfig - ok

21:15:35.0658 7456 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

21:15:35.0658 7456 Mup - ok

21:15:35.0721 7456 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

21:15:35.0783 7456 napagent - ok

21:15:35.0830 7456 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

21:15:35.0861 7456 NativeWifiP - ok

21:15:36.0048 7456 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20120628.004\ENG64.SYS

21:15:36.0064 7456 NAVENG - ok

21:15:36.0267 7456 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20120628.004\EX64.SYS

21:15:36.0298 7456 NAVEX15 - ok

21:15:36.0516 7456 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

21:15:36.0547 7456 NDIS - ok

21:15:36.0563 7456 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

21:15:36.0610 7456 NdisCap - ok

21:15:36.0625 7456 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

21:15:36.0657 7456 NdisTapi - ok

21:15:36.0672 7456 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

21:15:36.0703 7456 Ndisuio - ok

21:15:36.0735 7456 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

21:15:36.0750 7456 NdisWan - ok

21:15:36.0766 7456 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

21:15:36.0797 7456 NDProxy - ok

21:15:36.0813 7456 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

21:15:36.0844 7456 NetBIOS - ok

21:15:36.0875 7456 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

21:15:36.0891 7456 NetBT - ok

21:15:36.0922 7456 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:15:36.0937 7456 Netlogon - ok

21:15:37.0000 7456 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

21:15:37.0062 7456 Netman - ok

21:15:37.0109 7456 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

21:15:37.0171 7456 netprofm - ok

21:15:37.0234 7456 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:15:37.0249 7456 NetTcpPortSharing - ok

21:15:37.0265 7456 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

21:15:37.0296 7456 nfrd960 - ok

21:15:37.0405 7456 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe

21:15:37.0421 7456 NIS - ok

21:15:37.0452 7456 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

21:15:37.0515 7456 NlaSvc - ok

21:15:37.0530 7456 Norton PC Checkup Application Launcher - ok

21:15:37.0546 7456 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

21:15:37.0577 7456 Npfs - ok

21:15:37.0577 7456 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

21:15:37.0608 7456 nsi - ok

21:15:37.0608 7456 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

21:15:37.0639 7456 nsiproxy - ok

21:15:37.0811 7456 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

21:15:37.0858 7456 Ntfs - ok

21:15:37.0983 7456 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

21:15:37.0998 7456 NuidFltr - ok

21:15:38.0014 7456 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

21:15:38.0061 7456 Null - ok

21:15:38.0107 7456 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

21:15:38.0139 7456 nvraid - ok

21:15:38.0185 7456 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

21:15:38.0201 7456 nvstor - ok

21:15:38.0217 7456 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

21:15:38.0248 7456 nv_agp - ok

21:15:38.0263 7456 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

21:15:38.0279 7456 ohci1394 - ok

21:15:38.0341 7456 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:15:38.0357 7456 ose - ok

21:15:38.0841 7456 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:15:38.0903 7456 osppsvc - ok

21:15:39.0043 7456 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:15:39.0059 7456 p2pimsvc - ok

21:15:39.0121 7456 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

21:15:39.0153 7456 p2psvc - ok

21:15:39.0199 7456 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

21:15:39.0215 7456 Parport - ok

21:15:39.0262 7456 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

21:15:39.0277 7456 partmgr - ok

21:15:39.0309 7456 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

21:15:39.0340 7456 PcaSvc - ok

21:15:39.0402 7456 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

21:15:39.0433 7456 PCCUJobMgr - ok

21:15:39.0621 7456 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 (51209fbdb13a46e05c1b0077a9310264) c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms

21:15:39.0636 7456 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok

21:15:39.0777 7456 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

21:15:39.0792 7456 pci - ok

21:15:39.0823 7456 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

21:15:39.0823 7456 pciide - ok

21:15:39.0870 7456 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

21:15:39.0886 7456 pcmcia - ok

21:15:39.0901 7456 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

21:15:39.0917 7456 pcw - ok

21:15:39.0979 7456 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

21:15:40.0026 7456 PEAUTH - ok

21:15:40.0104 7456 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

21:15:40.0135 7456 PerfHost - ok

21:15:40.0307 7456 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

21:15:40.0354 7456 pla - ok

21:15:40.0416 7456 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

21:15:40.0447 7456 PlugPlay - ok

21:15:40.0463 7456 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

21:15:40.0479 7456 PNRPAutoReg - ok

21:15:40.0510 7456 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:15:40.0525 7456 PNRPsvc - ok

21:15:40.0603 7456 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

21:15:40.0650 7456 PolicyAgent - ok

21:15:40.0681 7456 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

21:15:40.0713 7456 Power - ok

21:15:40.0759 7456 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

21:15:40.0806 7456 PptpMiniport - ok

21:15:40.0822 7456 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

21:15:40.0822 7456 Processor - ok

21:15:40.0869 7456 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll

21:15:40.0900 7456 ProfSvc - ok

21:15:40.0931 7456 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:15:40.0947 7456 ProtectedStorage - ok

21:15:40.0978 7456 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

21:15:41.0040 7456 Psched - ok

21:15:41.0181 7456 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

21:15:41.0212 7456 ql2300 - ok

21:15:41.0337 7456 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

21:15:41.0352 7456 ql40xx - ok

21:15:41.0399 7456 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

21:15:41.0430 7456 QWAVE - ok

21:15:41.0446 7456 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

21:15:41.0461 7456 QWAVEdrv - ok

21:15:41.0477 7456 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

21:15:41.0508 7456 RasAcd - ok

21:15:41.0539 7456 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:15:41.0555 7456 RasAgileVpn - ok

21:15:41.0571 7456 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

21:15:41.0617 7456 RasAuto - ok

21:15:41.0633 7456 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:15:41.0680 7456 Rasl2tp - ok

21:15:41.0711 7456 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

21:15:41.0742 7456 RasMan - ok

21:15:41.0758 7456 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

21:15:41.0789 7456 RasPppoe - ok

21:15:41.0805 7456 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

21:15:41.0820 7456 RasSstp - ok

21:15:41.0867 7456 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

21:15:41.0898 7456 rdbss - ok

21:15:41.0914 7456 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

21:15:41.0929 7456 rdpbus - ok

21:15:41.0929 7456 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:15:41.0961 7456 RDPCDD - ok

21:15:41.0961 7456 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

21:15:41.0992 7456 RDPENCDD - ok

21:15:42.0007 7456 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

21:15:42.0023 7456 RDPREFMP - ok

21:15:42.0070 7456 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys

21:15:42.0101 7456 RDPWD - ok

21:15:42.0132 7456 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

21:15:42.0148 7456 rdyboost - ok

21:15:42.0179 7456 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

21:15:42.0210 7456 RemoteAccess - ok

21:15:42.0241 7456 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

21:15:42.0288 7456 RemoteRegistry - ok

21:15:42.0288 7456 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

21:15:42.0319 7456 RpcEptMapper - ok

21:15:42.0335 7456 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

21:15:42.0351 7456 RpcLocator - ok

21:15:42.0397 7456 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

21:15:42.0460 7456 RpcSs - ok

21:15:42.0475 7456 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

21:15:42.0491 7456 rspndr - ok

21:15:42.0538 7456 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys

21:15:42.0553 7456 RTL8167 - ok

21:15:42.0585 7456 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:15:42.0600 7456 SamSs - ok

21:15:42.0631 7456 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

21:15:42.0631 7456 sbp2port - ok

21:15:42.0678 7456 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

21:15:42.0709 7456 SCardSvr - ok

21:15:42.0725 7456 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

21:15:42.0756 7456 scfilter - ok

21:15:42.0897 7456 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

21:15:42.0928 7456 Schedule - ok

21:15:42.0943 7456 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

21:15:42.0975 7456 SCPolicySvc - ok

21:15:43.0006 7456 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

21:15:43.0021 7456 SDRSVC - ok

21:15:43.0053 7456 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

21:15:43.0084 7456 secdrv - ok

21:15:43.0099 7456 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

21:15:43.0131 7456 seclogon - ok

21:15:43.0162 7456 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

21:15:43.0193 7456 SENS - ok

21:15:43.0209 7456 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

21:15:43.0209 7456 SensrSvc - ok

21:15:43.0224 7456 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

21:15:43.0240 7456 Serenum - ok

21:15:43.0271 7456 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

21:15:43.0271 7456 Serial - ok

21:15:43.0287 7456 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

21:15:43.0302 7456 sermouse - ok

21:15:43.0333 7456 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

21:15:43.0365 7456 SessionEnv - ok

21:15:43.0380 7456 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

21:15:43.0396 7456 sffdisk - ok

21:15:43.0411 7456 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

21:15:43.0411 7456 sffp_mmc - ok

21:15:43.0427 7456 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

21:15:43.0443 7456 sffp_sd - ok

21:15:43.0458 7456 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

21:15:43.0474 7456 sfloppy - ok

21:15:43.0521 7456 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

21:15:43.0567 7456 SharedAccess - ok

21:15:43.0614 7456 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

21:15:43.0630 7456 ShellHWDetection - ok

21:15:43.0645 7456 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:15:43.0661 7456 SiSRaid2 - ok

21:15:43.0677 7456 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

21:15:43.0692 7456 SiSRaid4 - ok

21:15:43.0708 7456 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

21:15:43.0739 7456 Smb - ok

21:15:43.0755 7456 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

21:15:43.0770 7456 SNMPTRAP - ok

21:15:43.0786 7456 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

21:15:43.0786 7456 spldr - ok

21:15:43.0864 7456 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

21:15:43.0879 7456 Spooler - ok

21:15:44.0238 7456 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

21:15:44.0269 7456 sppsvc - ok

21:15:44.0379 7456 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

21:15:44.0441 7456 sppuinotify - ok

21:15:44.0581 7456 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS

21:15:44.0613 7456 SRTSP - ok

21:15:44.0628 7456 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS

21:15:44.0644 7456 SRTSPX - ok

21:15:44.0706 7456 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

21:15:44.0737 7456 srv - ok

21:15:44.0784 7456 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

21:15:44.0815 7456 srv2 - ok

21:15:44.0847 7456 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

21:15:44.0878 7456 srvnet - ok

21:15:44.0893 7456 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

21:15:44.0925 7456 SSDPSRV - ok

21:15:44.0956 7456 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

21:15:44.0987 7456 SstpSvc - ok

21:15:45.0003 7456 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

21:15:45.0018 7456 stexstor - ok

21:15:45.0096 7456 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

21:15:45.0127 7456 stisvc - ok

21:15:45.0127 7456 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

21:15:45.0143 7456 swenum - ok

21:15:45.0299 7456 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

21:15:45.0330 7456 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

21:15:45.0330 7456 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

21:15:45.0393 7456 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

21:15:45.0439 7456 swprv - ok

21:15:45.0517 7456 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS

21:15:45.0533 7456 SymDS - ok

21:15:45.0642 7456 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS

21:15:45.0673 7456 SymEFA - ok

21:15:45.0720 7456 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

21:15:45.0736 7456 SymEvent - ok

21:15:45.0783 7456 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS

21:15:45.0798 7456 SymIRON - ok

21:15:45.0861 7456 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS

21:15:45.0876 7456 SymNetS - ok

21:15:46.0048 7456 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

21:15:46.0079 7456 SysMain - ok

21:15:46.0188 7456 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

21:15:46.0219 7456 TabletInputService - ok

21:15:46.0251 7456 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

21:15:46.0297 7456 TapiSrv - ok

21:15:46.0313 7456 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

21:15:46.0329 7456 TBS - ok

21:15:46.0547 7456 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

21:15:46.0578 7456 Tcpip - ok

21:15:46.0828 7456 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

21:15:46.0875 7456 TCPIP6 - ok

21:15:46.0968 7456 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

21:15:46.0999 7456 tcpipreg - ok

21:15:47.0015 7456 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

21:15:47.0031 7456 TDPIPE - ok

21:15:47.0062 7456 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

21:15:47.0077 7456 TDTCP - ok

21:15:47.0093 7456 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

21:15:47.0124 7456 tdx - ok

21:15:47.0140 7456 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

21:15:47.0155 7456 TermDD - ok

21:15:47.0233 7456 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

21:15:47.0280 7456 TermService - ok

21:15:47.0296 7456 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

21:15:47.0311 7456 Themes - ok

21:15:47.0343 7456 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:15:47.0358 7456 THREADORDER - ok

21:15:47.0389 7456 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

21:15:47.0421 7456 TrkWks - ok

21:15:47.0467 7456 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

21:15:47.0499 7456 TrustedInstaller - ok

21:15:47.0499 7456 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:15:47.0545 7456 tssecsrv - ok

21:15:47.0561 7456 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

21:15:47.0592 7456 tunnel - ok

21:15:47.0639 7456 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

21:15:47.0655 7456 uagp35 - ok

21:15:47.0701 7456 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

21:15:47.0748 7456 udfs - ok

21:15:47.0764 7456 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

21:15:47.0779 7456 UI0Detect - ok

21:15:47.0795 7456 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

21:15:47.0811 7456 uliagpkx - ok

21:15:47.0826 7456 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

21:15:47.0842 7456 umbus - ok

21:15:47.0857 7456 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

21:15:47.0857 7456 UmPass - ok

21:15:47.0920 7456 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

21:15:47.0982 7456 upnphost - ok

21:15:47.0998 7456 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

21:15:48.0013 7456 USBAAPL64 - ok

21:15:48.0060 7456 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

21:15:48.0076 7456 usbccgp - ok

21:15:48.0107 7456 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

21:15:48.0123 7456 usbcir - ok

21:15:48.0138 7456 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys

21:15:48.0154 7456 usbehci - ok

21:15:48.0201 7456 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

21:15:48.0216 7456 usbhub - ok

21:15:48.0232 7456 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

21:15:48.0263 7456 usbohci - ok

21:15:48.0279 7456 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

21:15:48.0294 7456 usbprint - ok

21:15:48.0310 7456 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

21:15:48.0341 7456 usbscan - ok

21:15:48.0372 7456 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:15:48.0388 7456 USBSTOR - ok

21:15:48.0419 7456 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys

21:15:48.0435 7456 usbuhci - ok

21:15:48.0450 7456 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

21:15:48.0497 7456 UxSms - ok

21:15:48.0528 7456 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

21:15:48.0528 7456 VaultSvc - ok

21:15:48.0544 7456 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

21:15:48.0559 7456 vdrvroot - ok

21:15:48.0622 7456 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

21:15:48.0637 7456 vds - ok

21:15:48.0653 7456 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

21:15:48.0669 7456 vga - ok

21:15:48.0684 7456 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

21:15:48.0715 7456 VgaSave - ok

21:15:48.0747 7456 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

21:15:48.0778 7456 vhdmp - ok

21:15:48.0793 7456 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

21:15:48.0809 7456 viaide - ok

21:15:48.0840 7456 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

21:15:48.0856 7456 volmgr - ok

21:15:48.0887 7456 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

21:15:48.0918 7456 volmgrx - ok

21:15:48.0949 7456 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

21:15:48.0965 7456 volsnap - ok

21:15:48.0996 7456 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

21:15:49.0027 7456 vsmraid - ok

21:15:49.0199 7456 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

21:15:49.0230 7456 VSS - ok

21:15:49.0355 7456 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

21:15:49.0386 7456 vwifibus - ok

21:15:49.0433 7456 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

21:15:49.0480 7456 W32Time - ok

21:15:49.0480 7456 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

21:15:49.0495 7456 WacomPen - ok

21:15:49.0511 7456 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

21:15:49.0542 7456 WANARP - ok

21:15:49.0542 7456 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

21:15:49.0573 7456 Wanarpv6 - ok

21:15:49.0729 7456 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

21:15:49.0776 7456 WatAdminSvc - ok

21:15:49.0917 7456 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

21:15:49.0948 7456 wbengine - ok

21:15:50.0041 7456 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

21:15:50.0088 7456 WbioSrvc - ok

21:15:50.0135 7456 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

21:15:50.0166 7456 wcncsvc - ok

21:15:50.0166 7456 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

21:15:50.0182 7456 WcsPlugInService - ok

21:15:50.0213 7456 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

21:15:50.0229 7456 Wd - ok

21:15:50.0291 7456 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

21:15:50.0322 7456 Wdf01000 - ok

21:15:50.0338 7456 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:15:50.0353 7456 WdiServiceHost - ok

21:15:50.0353 7456 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:15:50.0369 7456 WdiSystemHost - ok

21:15:50.0416 7456 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

21:15:50.0431 7456 WebClient - ok

21:15:50.0463 7456 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

21:15:50.0509 7456 Wecsvc - ok

21:15:50.0525 7456 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

21:15:50.0556 7456 wercplsupport - ok

21:15:50.0572 7456 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

21:15:50.0603 7456 WerSvc - ok

21:15:50.0619 7456 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

21:15:50.0650 7456 WfpLwf - ok

21:15:50.0650 7456 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

21:15:50.0665 7456 WIMMount - ok

21:15:50.0697 7456 WinDefend - ok

21:15:50.0697 7456 WinHttpAutoProxySvc - ok

21:15:50.0759 7456 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

21:15:50.0806 7456 Winmgmt - ok

21:15:51.0040 7456 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

21:15:51.0087 7456 WinRM - ok

21:15:51.0211 7456 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

21:15:51.0243 7456 WinUsb - ok

21:15:51.0352 7456 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

21:15:51.0383 7456 Wlansvc - ok

21:15:51.0445 7456 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:15:51.0461 7456 wlcrasvc - ok

21:15:51.0742 7456 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:15:51.0789 7456 wlidsvc - ok

21:15:51.0882 7456 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

21:15:51.0898 7456 WmiAcpi - ok

21:15:51.0960 7456 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

21:15:51.0991 7456 wmiApSrv - ok

21:15:52.0007 7456 WMPNetworkSvc - ok

21:15:52.0038 7456 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

21:15:52.0069 7456 WPCSvc - ok

21:15:52.0085 7456 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

21:15:52.0116 7456 WPDBusEnum - ok

21:15:52.0116 7456 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

21:15:52.0147 7456 ws2ifsl - ok

21:15:52.0179 7456 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

21:15:52.0194 7456 wscsvc - ok

21:15:52.0194 7456 WSearch - ok

21:15:52.0459 7456 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

21:15:52.0506 7456 wuauserv - ok

21:15:52.0584 7456 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

21:15:52.0631 7456 WudfPf - ok

21:15:52.0647 7456 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:15:52.0678 7456 WUDFRd - ok

21:15:52.0693 7456 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

21:15:52.0725 7456 wudfsvc - ok

21:15:52.0756 7456 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

21:15:52.0771 7456 WwanSvc - ok

21:15:52.0787 7456 MBR (0x1B8) (a8ed7a471985bafd441c2b52f3f4109f) \Device\Harddisk0\DR0

21:15:53.0208 7456 \Device\Harddisk0\DR0 - ok

21:15:53.0208 7456 Boot (0x1200) (ded680b37e1872ad1e1b9d74a0d6ae0a) \Device\Harddisk0\DR0\Partition0

21:15:53.0224 7456 \Device\Harddisk0\DR0\Partition0 - ok

21:15:53.0239 7456 Boot (0x1200) (5cf5f34694c8b9a836392b999c956a0d) \Device\Harddisk0\DR0\Partition1

21:15:53.0239 7456 \Device\Harddisk0\DR0\Partition1 - ok

21:15:53.0286 7456 Boot (0x1200) (495af5d9a1398fe1ea9febb05d119e03) \Device\Harddisk0\DR0\Partition2

21:15:53.0286 7456 \Device\Harddisk0\DR0\Partition2 - ok

21:15:53.0286 7456 ============================================================

21:15:53.0286 7456 Scan finished

21:15:53.0286 7456 ============================================================

21:15:53.0302 5336 Detected object count: 2

21:15:53.0302 5336 Actual detected object count: 2

21:16:17.0295 5336 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

21:16:17.0295 5336 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:16:17.0295 5336 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

21:16:17.0295 5336 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

LDTate · June 29, 2012

That looks good.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
Double click on ComboFix.exe & follow the prompts.
Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
Note: If you have XP SP3, use the XP SP2 package.
If Vista or Windows 7, skip the Recovery Console part
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

rrr10 · June 29, 2012

Ran Combofix as directed. I have not seen any redirects after running Combofix (20-30 Google tries).

Below is the Combofix log file. From this log file can you see if there was something found/fixed?

thanks again

ComboFix 12-06-28.03 - Rod 06/29/2012 10:28:57.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8151.6016 [GMT -7:00]

Running from: c:\users\Rod\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Rod\AppData\Local\Apple Computer\Apple\vpcqypvt.dll

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome.manifest

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\background.html

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\browser.xul

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\crossrider.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\crossriderapi.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\dialog.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\lib\faye-browser-min.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\manage-apps-style.css

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\manage-apps.html

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\messaging.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\options.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\options.xul

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\push.html

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\search_dialog.xul

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\chrome\content\update.html

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\defaults\preferences\prefs.js

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\install.rdf

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\locale\en-US\translations.dtd

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\button1.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\button2.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\button3.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\button4.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\button5.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\crossrider_statusbar.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\icon128.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\icon16.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\icon24.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\icon48.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\panelarrow-up.png

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\popup.css

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\popup.html

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\popup_binding.xml

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\skin.css

c:\users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\pxw97tka.default\extensions\crossriderapp2258@crossrider.com\skin\update.css

c:\users\Rod\Documents\~WRL3478.tmp

.

((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-29 )))))))))))))))))))))))))))))))

.

2012-06-26 04:54 . 2012-06-26 04:54 -------- d-----w- c:\users\Rod\AppData\Roaming\Malwarebytes

2012-06-26 04:54 . 2012-06-26 04:54 -------- d-----w- c:\programdata\Malwarebytes

2012-06-26 04:54 . 2012-06-26 04:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-26 04:54 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-22 17:08 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-22 17:08 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-22 17:08 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-22 17:08 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-22 17:08 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-22 17:08 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-22 17:08 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-22 17:07 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-22 17:07 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-21 20:54 . 2012-06-21 20:54 -------- d-----w- c:\program files (x86)\Cisco Systems

2012-06-17 23:09 . 2012-06-17 23:09 -------- d-----w- c:\program files\iTunes

2012-06-17 23:09 . 2012-06-17 23:09 -------- d-----w- c:\program files (x86)\iTunes

2012-06-17 23:09 . 2012-06-17 23:09 -------- d-----w- c:\program files\iPod

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-06-17 22:52 . 2012-06-17 22:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-06-17 22:51 . 2012-06-17 22:52 -------- d-----w- c:\program files (x86)\QuickTime

2012-06-17 22:44 . 2012-06-17 22:44 -------- d-----w- c:\program files\Bonjour

2012-06-17 22:44 . 2012-06-17 22:44 -------- d-----w- c:\program files (x86)\Bonjour

2012-06-13 15:05 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-13 15:05 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-06-13 15:05 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-06-13 15:05 . 2012-05-02 05:32 208896 ----a-w- c:\windows\system32\profsvc.dll

2012-06-13 15:05 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-06-13 15:05 . 2012-05-04 10:08 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-06-13 15:04 . 2012-05-04 10:08 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-06-13 15:04 . 2012-05-15 01:32 3144192 ----a-w- c:\windows\system32\win32k.sys

2012-06-13 15:04 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-06-13 15:04 . 2012-04-07 12:18 3213824 ----a-w- c:\windows\system32\msi.dll

2012-06-13 15:04 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\SysWow64\msi.dll

2012-06-13 15:04 . 2012-04-24 05:59 182272 ----a-w- c:\windows\system32\cryptsvc.dll

2012-06-13 15:04 . 2012-04-24 05:59 1460224 ----a-w- c:\windows\system32\crypt32.dll

2012-06-13 15:04 . 2012-04-24 05:59 140288 ----a-w- c:\windows\system32\cryptnet.dll

2012-06-13 15:04 . 2012-04-24 04:47 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2012-06-13 15:04 . 2012-04-24 04:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2012-06-13 15:04 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll

2012-06-08 04:42 . 2012-06-28 03:34 -------- d-----r- c:\users\Rod\Dropbox

2012-06-08 04:37 . 2012-06-28 22:40 -------- d-----w- c:\users\Rod\AppData\Roaming\Dropbox

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-03 15:34 . 2011-04-28 02:55 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2012-04-25 19:11 . 2012-04-25 19:11 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys

2012-04-25 19:11 . 2012-04-25 19:11 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-04-19 03:56 . 2012-04-19 03:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2012-04-19 03:56 . 2012-04-19 03:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-01-27 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-11 98304]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-07-29 217256]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

c:\users\Rod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Rod\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-6-13 27595032]

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-27 136176]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-27 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-09-17 23536]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-05 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [2012-03-29 451192]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [2012-03-29 1092728]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-06-19 1161376]

S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [2011-11-29 167048]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20120628.001\IDSvia64.sys [2012-06-14 509088]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [2012-03-29 190072]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [2012-03-29 405624]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-11 202752]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]

S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-26 13672]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [2012-03-27 138232]

S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe [2011-12-16 177080]

S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [2009-08-24 126392]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-11 6403072]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-11 188928]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-27 22:07]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-27 22:07]

.

2012-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258491159-1904954851-485267930-1000Core.job

- c:\users\Rod\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-11 18:04]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258491159-1904954851-485267930-1000UA.job

- c:\users\Rod\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-11 18:04]

.

2012-06-19 c:\windows\Tasks\HPCeeScheduleForRod.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

2012-05-31 c:\windows\Tasks\PCDRScheduledMaintenance.job

- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 97792 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 97792 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 97792 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 97792 ----a-w- c:\users\Rod\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]

"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-16 499608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uLocal Page = c:\windows\system32\blank.htm

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = 127.0.0.1;*.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.0.1 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-Apple - c:\users\Rod\AppData\Local\Apple Computer\Apple\vpcqypvt.dll

AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]

"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.8.13\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]

"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

.

**************************************************************************

.

Completion time: 2012-06-29 10:41:09 - machine was rebooted

ComboFix-quarantined-files.txt 2012-06-29 17:41

.

Pre-Run: 541,084,131,328 bytes free

Post-Run: 542,415,908,864 bytes free

.

- - End Of File - - DFD6341AA8A59AEBECD2EB72DC7B3779

LDTate · June 29, 2012

Looks like it was an issue with FireFox Extensions..

I run FF with AdBlock and NoScript

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

Good job

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

Click START run
Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

For Vista / Windows 7

Click START Search
Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

Here's my usual final post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good

Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
(Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
Without a firewall your computer is succeptible to being hacked and taken over.
I am very serious about this and see it happen almost every day with my clients.
Simply using a Firewall in its default configuration can lower your risk greatly.
Securing Your Web Browser
This paper will help you configure your web browser for safer internet surfing.
Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.
•Free browser plug-in for Internet Explorer and Firefox
•Real-time safety ratings
•Ideal for Facebook, Twitter and LinkedIn
JAVA Click this link and click on the Free JAVA Download
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
This will ensure your computer has always the latest security updates available installed on your computer.
If there are new updates to install, install them immediately, reboot your computer, and revisit the site
until there are no more critical updates.

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.

We use different ways of protecting your computer(s):

Dynamically Blocks Malware Sites & Servers
Malware Execution Prevention

Save yourself the hassle and get protected.

rrr10 · June 30, 2012

Things still look good. No more redirects.

Thanks for your help! Glad there are folks like you that can stay 1 step ahead of the bad guys.... and are willing to help others.

Too bad some people see messing with someone else's computer as 'sport' these days....

Thanks again,

Rod

LDTate · June 30, 2012

You're more than welcome.

Glad we were able to help

Peace be with you

LDTate · June 30, 2012

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.

Help with dss.scr results

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information