BANCROFT162 Posted July 1, 2012 ID:565950 Share Posted July 1, 2012 Don't know how to do this:Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.I did run unhide program and now can see my programs and filesBut music still starts upMy settings seem to be gone (screeen) etc.What to do next? Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 2, 2012 Author ID:566065 Share Posted July 2, 2012 I was able to 'unhide' my stuffhave run malwarebytes but don't know if it was successful...now I'm getting some kind of gaming site pop up even when I'm offthe internet.random audio is gone...my taskbar is not the same, my screen background is not the same (black)but I can access my email and calendar which I freaked about!hope you can helpAttach.txtDDS.txt Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 2, 2012 Staff ID:566093 Share Posted July 2, 2012 Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so. We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. [*]Please do not attach logs or use code boxes, just copy and paste the text. Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post. [*]Please read every post completely before doing anything. Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process. [*]Please provide feedback about your experience as we go. A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post. NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster. NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.DeFogger:Please download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Security CheckDownload Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:Download DDS and save it to your desktopLink1Link2Link3Please disable any anti-malware program that will block scripts from running before running DDS.Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear: DDS.txt Attach.txt[*]A window will open instructing you save & post the logs[*]Save the logs to a convenient place such as your desktop[*]Copy the contents of both logs & post in your next replyinformation and logs:In your next post I need the following.logs from DDSlet me know of any problems you may have hadGringo Link to post Share on other sites More sharing options...
LDTate Posted July 2, 2012 ID:566157 Share Posted July 2, 2012 BANCROFT162, please stay in this topic. Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 2, 2012 Staff ID:566324 Share Posted July 2, 2012 HelloI Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566351 Share Posted July 3, 2012 couldn't download combofix Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566354 Share Posted July 3, 2012 couldn't download defogger_exe Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 3, 2012 Staff ID:566366 Share Posted July 3, 2012 Greetingsalittle bit more information pleasewhat happens when you try to download the programs?have you tried from another computer to download the tools?gringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566387 Share Posted July 3, 2012 I'm sorry, you have to lead me a little bit further.If I load the tools from another computer, then how do I use it on the infected one?when I tried to load the programs, I would get an error box across the bottom which told me'unable to download'when I tried to go on the internet, it takes me all over the place except where I asked to go!Thanks so much for trying to help me. Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 3, 2012 Staff ID:566390 Share Posted July 3, 2012 Hellodownload these tools from a good computer and transfer them to the infected computer by a flashdrive, pen drive or a usb drivegringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566468 Share Posted July 3, 2012 txt from Security check Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2012 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.61.0.1400 AVG PC Tuneup Java 6 Update 30 Java version out of Date! Adobe Reader X (10.1.3)````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgtray.exe`````````````````System Health check````````````````` Total Fragmentation on Drive C: 1%````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 3, 2012 Staff ID:566470 Share Posted July 3, 2012 very good now do the same thing for combofixgringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566480 Share Posted July 3, 2012 i'll do combofix next.DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421Run by Pat at 7:05:36 on 2012-07-03Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3993.1622 [GMT -5:00].AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\Fingerprint Sensor\ATService.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Windows\system32\WLANExt.exeC:\Program Files\Common Files\SPBA\upeksvr.exeC:\Windows\system32\conhost.exeC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exeC:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exeC:\Program Files (x86)\LogMeIn\x64\RaMaint.exeC:\Program Files (x86)\LogMeIn\x64\LogMeIn.exeC:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\DRIVERS\o2flash.exec:\Windows\SysWOW64\srvany.exeC:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exec:\Windows\sysWOW64\SDIOAssist.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEc:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\DellTPad\Apoint.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exeC:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exeC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exeC:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeC:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exeC:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exeC:\Windows\Samsung\PanelMgr\SSMMgr.exeC:\Windows\Samsung\PanelMgr\caller64.exeC:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEC:\Program Files\Microsoft IntelliPoint\dpupdchk.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\Apntex.exeC:\Windows\system32\conhost.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\AVG\AVG2012\avgtray.exeC:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exeC:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exeC:\Windows\system32\DllHost.exeC:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Windows\SysWOW64\RunDll32.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\AVG\AVG2012\avgcfgex.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Windows\system32\igfxsrvc.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\REGSVR32.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403uInternet Settings,ProxyServer = 172.17.1.1:8080uURLSearchHooks: Crawler Toolbar: {9234f5e0-56cc-4f0b-aae4-0d4bd5032180} - C:\PROGRA~2\CRAWLE~1\Crawler.dlluURLSearchHooks: N/A: {f4c28532-b9d0-4950-a2df-e83f9929242b} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dllBHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dllBHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Crawler Toolbar: {9234f5e0-56cc-4f0b-aae4-0d4bd5032180} - C:\PROGRA~2\CRAWLE~1\Crawler.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"TB: &Crawler Toolbar: {c4d78c72-08db-4a3f-9175-b265157283f3} - C:\PROGRA~2\CRAWLE~1\Crawler.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startupuRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exemRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"mRun: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorunmRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startupmRun: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [MyFunCards_5m Browser Plugin Loader] C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbrmon.exemRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startupStartupFolder: C:\Users\Pat\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEStartupFolder: C:\Users\Pat\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTS~1.LNK - C:\Program Files (x86)\Dell\Feature Enhancement Pack\SmartSettings.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exemPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: DisableCAD = 1 (0x1)IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CABDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928TCP: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42} : DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42}\16D6472716B6F5368696F5D65647 : DhcpNameServer = 10.0.0.1TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42}\2375942554431363 : DhcpNameServer = 192.168.1.254TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42}\259647A7F575966496 : DhcpNameServer = 4.2.2.1TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42}\259647A7F5D456564796E676 : DhcpNameServer = 4.2.2.1TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42}\3547A4F65684F6473507F647 : DhcpNameServer = 208.67.222.222 208.67.220.220 68.115.71.53TCP: Interfaces\{D068D6CE-CD2D-41F7-A63C-0452518D1C42}\D436445667964747 : DhcpNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{EB708D89-C989-4381-A404-31345192A053} : DhcpNameServer = 172.103.132.4Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLLHandler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - C:\PROGRA~2\CRAWLE~1\Crawler.dllHandler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dllHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dllHandler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dllHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllBHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO-X64: 0x1 - No FileBHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO-X64: HP Print Enhancer - No FileBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dllBHO-X64: Trend Micro NSC BHO - No FileBHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dllBHO-X64: AVG Do Not Track - No FileBHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dllBHO-X64: WormRadar.com IESiteBlocker.NavFilter - No FileBHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllBHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Crawler Toolbar: {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - C:\PROGRA~2\CRAWLE~1\Crawler.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO-X64: URLRedirectionBHO - No FileBHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dllBHO-X64: WeCareReminder - No FileBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllBHO-X64: HP Smart BHO Class - No FileTB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"TB-X64: &Crawler Toolbar: {C4D78C72-08DB-4A3F-9175-B265157283F3} - C:\PROGRA~2\CRAWLE~1\Crawler.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No FilemRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"mRun-x64: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorunmRun-x64: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startupmRun-x64: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun-x64: [MyFunCards_5m Browser Plugin Loader] C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbrmon.exemRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startupIE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-3 89600]R2 ATService;AuthenTec Fingerprint Service;C:\Program Files\Fingerprint Sensor\ATService.exe [2010-5-10 2683712]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288]R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-6-29 158720]R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-6-19 173056]R2 DFEPService;Dell Feature Enhancement Pack Service;C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-8-24 2279320]R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-8-10 32336]R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-6-24 136704]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-7 375176]R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]R2 MyFunCards_5mService;MyFunCardsService;C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [2012-5-6 42528]R2 O2SDIOAssist;O2SDIOAssist;C:\Windows\SysWOW64\srvany.exe [2011-11-3 8192]R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-7-2 1153368]R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-3 2656280]R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-7-1 1600000]R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\accelern.sys --> C:\Windows\system32\DRIVERS\accelern.sys [?]R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]R3 BTHprint;Microsoft Bluetooth Printer Class;C:\Windows\system32\DRIVERS\bthprint.sys --> C:\Windows\system32\DRIVERS\bthprint.sys [?]R3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]R3 O2MDRRDR;O2MDRRDR;C:\Windows\system32\DRIVERS\O2MDRw7x64.sys --> C:\Windows\system32\DRIVERS\O2MDRw7x64.sys [?]R3 O2SDJRDR;O2SDJRDR;C:\Windows\system32\DRIVERS\o2sdjw7x64.sys --> C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [?]R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-6-13 5161080]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-2 136176]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-30 654408]S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 257224]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-2 136176]S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?]S3 O2MDFRDR;O2MDFRDR;C:\Windows\system32\drivers\O2MDFw7x64.sys --> C:\Windows\system32\drivers\O2MDFw7x64.sys [?]S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]S3 SIUSBXP;SIUSBXP;C:\Windows\system32\drivers\SiUSBXp.sys --> C:\Windows\system32\drivers\SiUSBXp.sys [?]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== File Associations ===============.inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*.=============== Created Last 30 ================.2012-07-03 11:42:16 -------- d-sh--w- C:\$RECYCLE.BIN2012-07-02 21:46:58 98816 ----a-w- C:\Windows\sed.exe2012-07-02 21:46:58 518144 ----a-w- C:\Windows\SWREG.exe2012-07-02 21:46:58 256000 ----a-w- C:\Windows\PEV.exe2012-07-02 21:46:58 208896 ----a-w- C:\Windows\MBR.exe2012-07-02 21:45:59 -------- d-s---w- C:\ComboFix2012-07-02 15:05:34 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy2012-07-02 15:05:34 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy2012-06-30 19:08:48 -------- d-----w- C:\Users\Pat\AppData\Roaming\Malwarebytes2012-06-30 19:08:36 -------- d-----w- C:\ProgramData\Malwarebytes2012-06-30 19:08:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-06-29 00:33:11 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery2012-06-22 23:25:59 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-22 23:25:48 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-22 23:25:38 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-22 23:25:38 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-13 03:30:15 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe2012-06-13 03:30:15 77312 ----a-w- C:\Windows\System32\rdpwsx.dll2012-06-13 03:30:15 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2012-06-13 03:30:06 209920 ----a-w- C:\Windows\System32\profsvc.dll2012-06-13 03:30:03 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-06-13 03:30:01 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-06-13 03:30:00 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-06-13 03:29:59 3146752 ----a-w- C:\Windows\System32\win32k.sys2012-06-13 03:29:54 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2012-06-13 03:29:51 3216384 ----a-w- C:\Windows\System32\msi.dll2012-06-13 03:29:51 2342400 ----a-w- C:\Windows\SysWow64\msi.dll2012-06-13 03:29:40 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2012-06-13 03:29:40 1462272 ----a-w- C:\Windows\System32\crypt32.dll2012-06-13 03:29:40 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2012-06-13 03:29:40 140288 ----a-w- C:\Windows\System32\cryptnet.dll2012-06-13 03:29:40 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll2012-06-13 03:29:40 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll.==================== Find3M ====================.2012-06-14 17:20:01 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-06-14 17:20:01 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-05-21 15:16:35 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll2012-05-21 15:16:35 80768 ----a-w- C:\Windows\System32\LMIinit.dll2012-05-21 15:16:35 34688 ----a-w- C:\Windows\System32\LMIport.dll2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-05-04 19:42:05 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2012-04-19 09:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys.============= FINISH: 7:15:08.16 =============== Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566481 Share Posted July 3, 2012 i ran combofix but it did not produce a reportnow what do i do Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566489 Share Posted July 3, 2012 re-ran combo fix...will send report Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 3, 2012 Staff ID:566490 Share Posted July 3, 2012 GreetingsI want you to run these next,tdsskiller:Please read carefully and follow these steps.Download TDSSKiller and save it to your Desktop.doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.Please download aswMBR to your desktop.Double click the aswMBR.exe icon to run it it will ask to download extra definitions - ALLOW ITClick the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.If you have any problems running either one come back and let me knowplease reply with the reports from TDSSKiller and aswMBRGringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566522 Share Posted July 3, 2012 ComboFix 12-07-02.01 - Pat 07/03/2012 8:08.2.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3993.1728 [GMT -5:00]Running from: f:\repair files\ComboFix.exeAV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\Pat\AppData\Local\assembly\tmp.---- Previous Run -------.C:\prefs.jsc:\programdata\DfRgCzbHFHU7xBc:\programdata\DfRgCzbHFHU7xB.exec:\users\Pat\AppData\Local\assembly\tmp\1PELRII2\__AssemblyInfo__.inic:\users\Pat\AppData\Local\assembly\tmp\1PELRII2\DYMO.DLS.DLLc:\users\Pat\g2mdlhlpx.exec:\windows\SysWow64\instsrv.exe..((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 )))))))))))))))))))))))))))))))..2012-07-03 13:39 . 2012-07-03 13:39 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp2012-07-03 13:39 . 2012-07-03 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp2012-07-02 15:05 . 2012-07-02 21:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy2012-07-02 15:05 . 2012-07-02 20:08 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\users\Pat\AppData\Roaming\Malwarebytes2012-06-30 19:08 . 2012-07-01 14:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\programdata\Malwarebytes2012-06-29 00:33 . 2012-06-29 00:33 -------- d-----w- c:\program files (x86)\Dell Digital Delivery2012-06-22 23:25 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-06-22 23:25 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-06-22 23:25 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll2012-06-22 23:25 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-06-22 23:25 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll2012-06-22 23:25 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll2012-06-22 23:25 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll2012-06-22 23:25 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-06-22 23:25 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe2012-06-13 03:30 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll2012-06-13 03:30 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll2012-06-13 03:30 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe2012-06-13 03:30 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll2012-06-13 03:30 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe2012-06-13 03:30 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2012-06-13 03:30 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2012-06-13 03:29 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys2012-06-13 03:29 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-06-13 03:29 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll2012-06-13 03:29 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll2012-06-13 03:29 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll2012-06-13 03:29 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll2012-06-13 03:29 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll2012-06-13 03:29 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll2012-06-13 03:29 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll2012-06-13 03:29 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-06-14 17:20 . 2012-04-11 11:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-06-14 17:20 . 2011-11-03 12:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-05-21 15:16 . 2011-12-21 00:35 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll2012-05-21 15:16 . 2011-12-21 00:35 34688 ----a-w- c:\windows\system32\LMIport.dll2012-05-21 15:16 . 2011-12-21 00:35 80768 ----a-w- c:\windows\system32\LMIinit.dll2012-05-04 19:42 . 2012-04-14 15:42 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208].[HKEY_CLASSES_ROOT\clsid\{9234f5e0-56cc-4f0b-aae4-0d4bd5032180}].[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}]2012-02-01 07:41 1134208 ----a-w- c:\progra~2\CRAWLE~1\Crawler.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{C4D78C72-08DB-4A3F-9175-B265157283F3}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208].[HKEY_CLASSES_ROOT\clsid\{c4d78c72-08db-4a3f-9175-b265157283f3}][HKEY_CLASSES_ROOT\Crawler.Toolbar].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-08-10 1865808]"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472]"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2011-04-15 536576]"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-06-15 1532760]"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264]"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"MyFunCards_5m Browser Plugin Loader"="c:\progra~2\MYFUNC~2\bar\1.bin\5mbrmon.exe" [2012-05-06 30096]"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264].c:\users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928]Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2011-11-3 50688]HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-22 984936].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"DisableCAD"= 1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-06-13 5161080]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]R2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe [2003-04-19 8192]R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224]R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176]R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-03 33736]R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2011-12-01 26856]R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1255736]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe [2010-05-10 2683712]S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 158720]S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056]S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 2279320]S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-08-10 32336]S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-21 375176]S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]S2 MyFunCards_5mService;MyFunCardsService;c:\progra~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [2012-05-06 42528]S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-04 11576]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-03 2656280]S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 1600000]S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-11-03 349736]S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-11-03 39464]S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-29 52584]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984]S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560]S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 17:20].2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06].2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 611192]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 167704]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 392472]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 416024]"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-15 6492672]"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704]"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 7077272]"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 257392]"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x0.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403mLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyServer = 172.17.1.1:8080IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - c:\progra~2\CRAWLE~1\Crawler.dll.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{f4c28532-b9d0-4950-a2df-e83f9929242b} - c:\program files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dllToolbar-Locked - (no file)Wow6432Node-HKLM-Run-DLSService - c:\program files (x86)\DYMO\DYMO Label Software\DLSService.exeToolbar-Locked - (no file)WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file)HKLM-Run-combofix - c:\combofix\CF8411.3XEAddRemove-FITBIT&10C4&84C4 - c:\program files (x86)\Fitbit\Base Station\DriverUninstaller.exe USBXpress\FITBIT&10C4&84C4...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2012-07-03 09:02:51ComboFix-quarantined-files.txt 2012-07-03 14:02.Pre-Run: 244,803,928,064 bytes freePost-Run: 246,053,842,944 bytes free.- - End Of File - - 92D0B62297E004EECD974D0838EFA070 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 3, 2012 Staff ID:566543 Share Posted July 3, 2012 GreetingsI want you to run these next,tdsskiller:Please read carefully and follow these steps.Download TDSSKiller and save it to your Desktop.doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.Please download aswMBR to your desktop.Double click the aswMBR.exe icon to run it it will ask to download extra definitions - ALLOW ITClick the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.If you have any problems running either one come back and let me knowplease reply with the reports from TDSSKiller and aswMBRGringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566618 Share Posted July 3, 2012 15:34:54.0136 5684 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:0815:34:56.0180 5684 ============================================================15:34:56.0180 5684 Current date / time: 2012/07/03 15:34:56.018015:34:56.0180 5684 SystemInfo:15:34:56.0180 5684 15:34:56.0180 5684 OS Version: 6.1.7601 ServicePack: 1.015:34:56.0180 5684 Product type: Workstation15:34:56.0180 5684 ComputerName: PATS-LATITUDE15:34:56.0180 5684 UserName: Pat15:34:56.0180 5684 Windows directory: C:\Windows15:34:56.0180 5684 System windows directory: C:\Windows15:34:56.0180 5684 Running under WOW6415:34:56.0180 5684 Processor architecture: Intel x6415:34:56.0180 5684 Number of processors: 415:34:56.0180 5684 Page size: 0x100015:34:56.0180 5684 Boot type: Normal boot15:34:56.0180 5684 ============================================================15:34:57.0147 5684 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004015:34:57.0163 5684 Drive \Device\Harddisk2\DR4 - Size: 0x1F000000 (0.48 Gb), SectorSize: 0x200, Cylinders: 0x3F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'15:34:57.0178 5684 ============================================================15:34:57.0178 5684 \Device\Harddisk0\DR0:15:34:57.0178 5684 MBR partitions:15:34:57.0178 5684 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x204E00015:34:57.0178 5684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2062000, BlocksNum 0x233C7AB015:34:57.0178 5684 \Device\Harddisk2\DR4:15:34:57.0178 5684 MBR partitions:15:34:57.0178 5684 ============================================================15:34:57.0210 5684 C: <-> \Device\Harddisk0\DR0\Partition115:34:57.0210 5684 ============================================================15:34:57.0210 5684 Initialize success15:34:57.0210 5684 ============================================================15:35:02.0607 7500 ============================================================15:35:02.0607 7500 Scan started15:35:02.0607 7500 Mode: Manual;15:35:02.0607 7500 ============================================================15:35:06.0492 7500 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys15:35:06.0492 7500 1394ohci - ok15:35:06.0554 7500 Acceler (1575a815c27789061f34b4f55ae0b5c3) C:\Windows\system32\DRIVERS\accelern.sys15:35:06.0554 7500 Acceler - ok15:35:06.0601 7500 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys15:35:06.0601 7500 ACPI - ok15:35:06.0648 7500 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys15:35:06.0648 7500 AcpiPmi - ok15:35:06.0772 7500 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe15:35:06.0772 7500 AdobeARMservice - ok15:35:06.0897 7500 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe15:35:06.0913 7500 AdobeFlashPlayerUpdateSvc - ok15:35:06.0975 7500 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys15:35:06.0975 7500 adp94xx - ok15:35:07.0022 7500 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys15:35:07.0038 7500 adpahci - ok15:35:07.0053 7500 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys15:35:07.0053 7500 adpu320 - ok15:35:07.0084 7500 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll15:35:07.0084 7500 AeLookupSvc - ok15:35:07.0194 7500 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe15:35:07.0194 7500 AESTFilters - ok15:35:07.0272 7500 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys15:35:07.0287 7500 AFD - ok15:35:07.0334 7500 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys15:35:07.0334 7500 agp440 - ok15:35:07.0365 7500 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe15:35:07.0365 7500 ALG - ok15:35:07.0396 7500 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys15:35:07.0396 7500 aliide - ok15:35:07.0412 7500 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys15:35:07.0412 7500 amdide - ok15:35:07.0428 7500 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys15:35:07.0428 7500 AmdK8 - ok15:35:07.0428 7500 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys15:35:07.0428 7500 AmdPPM - ok15:35:07.0459 7500 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys15:35:07.0459 7500 amdsata - ok15:35:07.0459 7500 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys15:35:07.0474 7500 amdsbs - ok15:35:07.0490 7500 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys15:35:07.0490 7500 amdxata - ok15:35:07.0552 7500 ApfiltrService (6d4cb1f46a0ac05326f834fd6b822479) C:\Windows\system32\DRIVERS\Apfiltr.sys15:35:07.0552 7500 ApfiltrService - ok15:35:07.0599 7500 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys15:35:07.0615 7500 AppID - ok15:35:07.0630 7500 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll15:35:07.0630 7500 AppIDSvc - ok15:35:07.0646 7500 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll15:35:07.0662 7500 Appinfo - ok15:35:07.0724 7500 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll15:35:07.0724 7500 AppMgmt - ok15:35:07.0755 7500 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys15:35:07.0755 7500 arc - ok15:35:07.0771 7500 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys15:35:07.0771 7500 arcsas - ok15:35:07.0880 7500 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe15:35:07.0880 7500 aspnet_state - ok15:35:07.0896 7500 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys15:35:07.0896 7500 AsyncMac - ok15:35:07.0927 7500 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys15:35:07.0927 7500 atapi - ok15:35:08.0114 7500 ATService (e604f606d37b153b32bddececb024f81) C:\Program Files\Fingerprint Sensor\ATService.exe15:35:08.0130 7500 ATService - ok15:35:08.0254 7500 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll15:35:08.0270 7500 AudioEndpointBuilder - ok15:35:08.0286 7500 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll15:35:08.0286 7500 AudioSrv - ok15:35:08.0582 7500 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe15:35:08.0613 7500 AVGIDSAgent - ok15:35:08.0722 7500 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys15:35:08.0722 7500 AVGIDSDriver - ok15:35:08.0754 7500 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys15:35:08.0754 7500 AVGIDSFilter - ok15:35:08.0800 7500 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys15:35:08.0816 7500 AVGIDSHA - ok15:35:08.0847 7500 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys15:35:08.0863 7500 Avgldx64 - ok15:35:08.0878 7500 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys15:35:08.0878 7500 Avgmfx64 - ok15:35:08.0925 7500 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys15:35:08.0925 7500 Avgrkx64 - ok15:35:08.0956 7500 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys15:35:08.0972 7500 Avgtdia - ok15:35:09.0050 7500 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe15:35:09.0050 7500 avgwd - ok15:35:09.0097 7500 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll15:35:09.0112 7500 AxInstSV - ok15:35:09.0190 7500 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys15:35:09.0206 7500 b06bdrv - ok15:35:09.0268 7500 b57nd60a (00e4fd35ce3e817f19d6bc2b6f97fd90) C:\Windows\system32\DRIVERS\b57nd60a.sys15:35:09.0268 7500 b57nd60a - ok15:35:09.0331 7500 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE15:35:09.0346 7500 BBSvc - ok15:35:09.0378 7500 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE15:35:09.0378 7500 BBUpdate - ok15:35:09.0409 7500 BCM42RLY (c3d8920a5aaf10a72cedb57d3339280a) C:\Windows\system32\drivers\BCM42RLY.sys15:35:09.0424 7500 BCM42RLY - ok15:35:09.0658 7500 BCM43XX (d20ee58c13ff343b90550861ebcd9ddd) C:\Windows\system32\DRIVERS\bcmwl664.sys15:35:09.0705 7500 BCM43XX - ok15:35:09.0814 7500 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll15:35:09.0814 7500 BDESVC - ok15:35:09.0877 7500 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys15:35:09.0877 7500 Beep - ok15:35:09.0939 7500 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll15:35:09.0955 7500 BFE - ok15:35:10.0017 7500 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll15:35:10.0033 7500 BITS - ok15:35:10.0095 7500 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys15:35:10.0095 7500 blbdrive - ok15:35:10.0142 7500 Blfp (228086f7ed08e8f1f8622e8f0ded7b6e) C:\Windows\system32\DRIVERS\basp.sys15:35:10.0142 7500 Blfp - ok15:35:10.0173 7500 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys15:35:10.0173 7500 bowser - ok15:35:10.0236 7500 BrcmMgmtAgent (96afb6d33247fe90421a5b2e76f4ed59) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe15:35:10.0236 7500 BrcmMgmtAgent - ok15:35:10.0282 7500 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys15:35:10.0282 7500 BrFiltLo - ok15:35:10.0282 7500 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys15:35:10.0282 7500 BrFiltUp - ok15:35:10.0314 7500 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys15:35:10.0314 7500 BridgeMP - ok15:35:10.0360 7500 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll15:35:10.0360 7500 Browser - ok15:35:10.0376 7500 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys15:35:10.0392 7500 Brserid - ok15:35:10.0407 7500 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys15:35:10.0407 7500 BrSerWdm - ok15:35:10.0423 7500 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys15:35:10.0423 7500 BrUsbMdm - ok15:35:10.0423 7500 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys15:35:10.0423 7500 BrUsbSer - ok15:35:10.0470 7500 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys15:35:10.0470 7500 BthEnum - ok15:35:10.0485 7500 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys15:35:10.0485 7500 BTHMODEM - ok15:35:10.0532 7500 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys15:35:10.0532 7500 BthPan - ok15:35:10.0579 7500 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys15:35:10.0579 7500 BTHPORT - ok15:35:10.0610 7500 BTHprint (fbebe2a6469efb281ea143530a553f38) C:\Windows\system32\DRIVERS\bthprint.sys15:35:10.0610 7500 BTHprint - ok15:35:10.0672 7500 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll15:35:10.0672 7500 bthserv - ok15:35:10.0704 7500 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys15:35:10.0704 7500 BTHUSB - ok15:35:10.0782 7500 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys15:35:10.0797 7500 BTWAMPFL - ok15:35:10.0828 7500 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys15:35:10.0828 7500 btwaudio - ok15:35:10.0891 7500 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys15:35:10.0891 7500 btwavdt - ok15:35:11.0000 7500 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe15:35:11.0016 7500 btwdins - ok15:35:11.0062 7500 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys15:35:11.0062 7500 btwl2cap - ok15:35:11.0094 7500 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys15:35:11.0094 7500 btwrchid - ok15:35:11.0265 7500 catchme - ok15:35:11.0312 7500 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys15:35:11.0312 7500 cdfs - ok15:35:11.0359 7500 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys15:35:11.0359 7500 cdrom - ok15:35:11.0421 7500 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll15:35:11.0421 7500 CertPropSvc - ok15:35:11.0437 7500 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys15:35:11.0437 7500 circlass - ok15:35:11.0468 7500 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys15:35:11.0484 7500 CLFS - ok15:35:11.0562 7500 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe15:35:11.0562 7500 clr_optimization_v2.0.50727_32 - ok15:35:11.0624 7500 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe15:35:11.0624 7500 clr_optimization_v2.0.50727_64 - ok15:35:11.0686 7500 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe15:35:11.0686 7500 clr_optimization_v4.0.30319_32 - ok15:35:11.0718 7500 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe15:35:11.0733 7500 clr_optimization_v4.0.30319_64 - ok15:35:11.0780 7500 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys15:35:11.0780 7500 CmBatt - ok15:35:11.0796 7500 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys15:35:11.0796 7500 cmdide - ok15:35:11.0858 7500 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys15:35:11.0874 7500 CNG - ok15:35:11.0905 7500 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys15:35:11.0905 7500 Compbatt - ok15:35:11.0936 7500 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys15:35:11.0936 7500 CompositeBus - ok15:35:11.0952 7500 COMSysApp - ok15:35:11.0967 7500 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys15:35:11.0967 7500 crcdisk - ok15:35:12.0030 7500 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll15:35:12.0030 7500 CryptSvc - ok15:35:12.0076 7500 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys15:35:12.0092 7500 CSC - ok15:35:12.0139 7500 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll15:35:12.0154 7500 CscService - ok15:35:12.0201 7500 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys15:35:12.0201 7500 dc3d - ok15:35:12.0279 7500 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll15:35:12.0295 7500 DcomLaunch - ok15:35:12.0357 7500 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll15:35:12.0357 7500 defragsvc - ok15:35:12.0451 7500 DellDigitalDelivery (18b5c959cbe24d4d4c2381efb87611de) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe15:35:12.0451 7500 DellDigitalDelivery - ok15:35:12.0638 7500 DFEPService (b85201f1aae97cd58fde0db18120f924) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe15:35:12.0654 7500 DFEPService - ok15:35:12.0763 7500 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys15:35:12.0763 7500 DfsC - ok15:35:12.0810 7500 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys15:35:12.0810 7500 DgiVecp - ok15:35:12.0856 7500 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll15:35:12.0872 7500 Dhcp - ok15:35:12.0903 7500 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys15:35:12.0903 7500 discache - ok15:35:12.0950 7500 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys15:35:12.0966 7500 Disk - ok15:35:12.0997 7500 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys15:35:12.0997 7500 dmvsc - ok15:35:13.0044 7500 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll15:35:13.0044 7500 Dnscache - ok15:35:13.0090 7500 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll15:35:13.0090 7500 dot3svc - ok15:35:13.0168 7500 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys15:35:13.0184 7500 Dot4 - ok15:35:13.0215 7500 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys15:35:13.0215 7500 Dot4Print - ok15:35:13.0262 7500 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys15:35:13.0262 7500 dot4usb - ok15:35:13.0309 7500 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll15:35:13.0309 7500 DPS - ok15:35:13.0356 7500 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys15:35:13.0356 7500 drmkaud - ok15:35:13.0434 7500 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys15:35:13.0449 7500 DXGKrnl - ok15:35:13.0496 7500 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe15:35:13.0496 7500 DymoPnpService - ok15:35:13.0543 7500 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll15:35:13.0543 7500 EapHost - ok15:35:13.0714 7500 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys15:35:13.0746 7500 ebdrv - ok15:35:13.0855 7500 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe15:35:13.0855 7500 EFS - ok15:35:13.0933 7500 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe15:35:13.0948 7500 ehRecvr - ok15:35:13.0980 7500 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe15:35:13.0980 7500 ehSched - ok15:35:14.0058 7500 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys15:35:14.0058 7500 elxstor - ok15:35:14.0073 7500 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys15:35:14.0073 7500 ErrDev - ok15:35:14.0136 7500 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll15:35:14.0136 7500 EventSystem - ok15:35:14.0182 7500 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys15:35:14.0198 7500 exfat - ok15:35:14.0214 7500 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys15:35:14.0229 7500 fastfat - ok15:35:14.0292 7500 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe15:35:14.0307 7500 Fax - ok15:35:14.0338 7500 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys15:35:14.0338 7500 fdc - ok15:35:14.0354 7500 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll15:35:14.0354 7500 fdPHost - ok15:35:14.0385 7500 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll15:35:14.0385 7500 FDResPub - ok15:35:14.0448 7500 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys15:35:14.0448 7500 FileInfo - ok15:35:14.0448 7500 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys15:35:14.0448 7500 Filetrace - ok15:35:14.0494 7500 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys15:35:14.0494 7500 flpydisk - ok15:35:14.0510 7500 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys15:35:14.0526 7500 FltMgr - ok15:35:14.0604 7500 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll15:35:14.0619 7500 FontCache - ok15:35:14.0697 7500 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe15:35:14.0697 7500 FontCache3.0.0.0 - ok15:35:14.0744 7500 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys15:35:14.0744 7500 FsDepends - ok15:35:14.0775 7500 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys15:35:14.0791 7500 Fs_Rec - ok15:35:14.0838 7500 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys15:35:14.0838 7500 fvevol - ok15:35:14.0884 7500 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys15:35:14.0884 7500 gagp30kx - ok15:35:14.0947 7500 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll15:35:14.0962 7500 gpsvc - ok15:35:15.0087 7500 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe15:35:15.0087 7500 gupdate - ok15:35:15.0103 7500 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe15:35:15.0103 7500 gupdatem - ok15:35:15.0150 7500 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe15:35:15.0165 7500 gusvc - ok15:35:15.0196 7500 HBtnKey (0e485f2c759f155170da9f35354034e9) C:\Windows\system32\drivers\HBtnKey.sys15:35:15.0212 7500 HBtnKey - ok15:35:15.0228 7500 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys15:35:15.0228 7500 hcw85cir - ok15:35:15.0274 7500 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys15:35:15.0274 7500 HDAudBus - ok15:35:15.0290 7500 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys15:35:15.0306 7500 HidBatt - ok15:35:15.0321 7500 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys15:35:15.0321 7500 HidBth - ok15:35:15.0368 7500 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys15:35:15.0368 7500 HidIr - ok15:35:15.0399 7500 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll15:35:15.0399 7500 hidserv - ok15:35:15.0446 7500 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys15:35:15.0446 7500 HidUsb - ok15:35:15.0493 7500 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll15:35:15.0493 7500 hkmsvc - ok15:35:15.0524 7500 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll15:35:15.0524 7500 HomeGroupListener - ok15:35:15.0555 7500 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll15:35:15.0555 7500 HomeGroupProvider - ok15:35:15.0633 7500 HP LaserJet Service (53dca61931847e35c950504bfb7559c6) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe15:35:15.0633 7500 HP LaserJet Service - ok15:35:15.0711 7500 hpqcxs08 (08457d8f8149757c70cea59c71ec5d27) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll15:35:15.0727 7500 hpqcxs08 - ok15:35:15.0742 7500 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll15:35:15.0758 7500 hpqddsvc - ok15:35:15.0805 7500 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys15:35:15.0805 7500 HpSAMD - ok15:35:15.0914 7500 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL15:35:15.0930 7500 HPSLPSVC - ok15:35:15.0945 7500 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys15:35:15.0945 7500 HTCAND64 - ok15:35:15.0992 7500 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys15:35:15.0992 7500 htcnprot - ok15:35:16.0070 7500 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys15:35:16.0070 7500 HTTP - ok15:35:16.0101 7500 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys15:35:16.0101 7500 hwpolicy - ok15:35:16.0164 7500 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys15:35:16.0164 7500 i8042prt - ok15:35:16.0210 7500 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys15:35:16.0226 7500 iaStor - ok15:35:16.0273 7500 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys15:35:16.0288 7500 iaStorV - ok15:35:16.0398 7500 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe15:35:16.0413 7500 idsvc - ok15:35:16.0928 7500 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys15:35:17.0115 7500 igfx - ok15:35:17.0240 7500 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys15:35:17.0240 7500 iirsp - ok15:35:17.0318 7500 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll15:35:17.0334 7500 IKEEXT - ok15:35:17.0380 7500 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys15:35:17.0380 7500 Impcd - ok15:35:17.0443 7500 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys15:35:17.0443 7500 IntcDAud - ok15:35:17.0490 7500 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys15:35:17.0490 7500 intelide - ok15:35:17.0521 7500 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys15:35:17.0521 7500 intelppm - ok15:35:17.0568 7500 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll15:35:17.0583 7500 IPBusEnum - ok15:35:17.0614 7500 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys15:35:17.0614 7500 IpFilterDriver - ok15:35:17.0661 7500 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll15:35:17.0677 7500 iphlpsvc - ok15:35:17.0692 7500 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys15:35:17.0692 7500 IPMIDRV - ok15:35:17.0692 7500 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys15:35:17.0708 7500 IPNAT - ok15:35:17.0739 7500 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys15:35:17.0739 7500 IRENUM - ok15:35:17.0755 7500 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys15:35:17.0755 7500 isapnp - ok15:35:17.0786 7500 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys15:35:17.0802 7500 iScsiPrt - ok15:35:17.0864 7500 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe15:35:17.0864 7500 jhi_service - ok15:35:17.0911 7500 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys15:35:17.0911 7500 kbdclass - ok15:35:17.0942 7500 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys15:35:17.0942 7500 kbdhid - ok15:35:17.0989 7500 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:35:17.0989 7500 KeyIso - ok15:35:18.0004 7500 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys15:35:18.0004 7500 KSecDD - ok15:35:18.0036 7500 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys15:35:18.0036 7500 KSecPkg - ok15:35:18.0051 7500 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys15:35:18.0051 7500 ksthunk - ok15:35:18.0098 7500 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll15:35:18.0114 7500 KtmRm - ok15:35:18.0160 7500 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll15:35:18.0176 7500 LanmanServer - ok15:35:18.0223 7500 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll15:35:18.0223 7500 LanmanWorkstation - ok15:35:18.0254 7500 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys15:35:18.0270 7500 lltdio - ok15:35:18.0316 7500 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll15:35:18.0316 7500 lltdsvc - ok15:35:18.0348 7500 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll15:35:18.0363 7500 lmhosts - ok15:35:18.0472 7500 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe15:35:18.0472 7500 LMIGuardianSvc - ok15:35:18.0519 7500 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys15:35:18.0519 7500 LMIInfo - ok15:35:18.0566 7500 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe15:35:18.0566 7500 LMIMaint - ok15:35:18.0597 7500 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys15:35:18.0597 7500 lmimirr - ok15:35:18.0597 7500 LMIRfsClientNP - ok15:35:18.0628 7500 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys15:35:18.0628 7500 LMIRfsDriver - ok15:35:18.0691 7500 LMS (5f5899711df18a02162b6d518c17b0d7) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe15:35:18.0691 7500 LMS - ok15:35:18.0738 7500 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe15:35:18.0738 7500 LogMeIn - ok15:35:18.0784 7500 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys15:35:18.0800 7500 LSI_FC - ok15:35:18.0816 7500 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys15:35:18.0816 7500 LSI_SAS - ok15:35:18.0816 7500 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys15:35:18.0831 7500 LSI_SAS2 - ok15:35:18.0831 7500 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys15:35:18.0831 7500 LSI_SCSI - ok15:35:18.0847 7500 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys15:35:18.0847 7500 luafv - ok15:35:18.0878 7500 MBAMProtector - ok15:35:18.0956 7500 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe15:35:18.0956 7500 MBAMService - ok15:35:19.0003 7500 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll15:35:19.0003 7500 Mcx2Svc - ok15:35:19.0018 7500 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys15:35:19.0018 7500 megasas - ok15:35:19.0050 7500 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys15:35:19.0065 7500 MegaSR - ok15:35:19.0128 7500 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys15:35:19.0128 7500 MEIx64 - ok15:35:19.0174 7500 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll15:35:19.0190 7500 MMCSS - ok15:35:19.0190 7500 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys15:35:19.0190 7500 Modem - ok15:35:19.0237 7500 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys15:35:19.0237 7500 monitor - ok15:35:19.0284 7500 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys15:35:19.0284 7500 mouclass - ok15:35:19.0330 7500 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys15:35:19.0330 7500 mouhid - ok15:35:19.0393 7500 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys15:35:19.0393 7500 mountmgr - ok15:35:19.0408 7500 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys15:35:19.0408 7500 mpio - ok15:35:19.0424 7500 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys15:35:19.0424 7500 mpsdrv - ok15:35:19.0486 7500 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll15:35:19.0502 7500 MpsSvc - ok15:35:19.0518 7500 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys15:35:19.0518 7500 MRxDAV - ok15:35:19.0549 7500 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys15:35:19.0564 7500 mrxsmb - ok15:35:19.0596 7500 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys15:35:19.0596 7500 mrxsmb10 - ok15:35:19.0611 7500 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys15:35:19.0627 7500 mrxsmb20 - ok15:35:19.0642 7500 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys15:35:19.0642 7500 msahci - ok15:35:19.0689 7500 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys15:35:19.0689 7500 msdsm - ok15:35:19.0720 7500 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe15:35:19.0736 7500 MSDTC - ok15:35:19.0783 7500 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys15:35:19.0783 7500 Msfs - ok15:35:19.0814 7500 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys15:35:19.0814 7500 mshidkmdf - ok15:35:19.0830 7500 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys15:35:19.0830 7500 msisadrv - ok15:35:19.0861 7500 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll15:35:19.0861 7500 MSiSCSI - ok15:35:19.0876 7500 msiserver - ok15:35:19.0908 7500 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys15:35:19.0908 7500 MSKSSRV - ok15:35:19.0923 7500 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys15:35:19.0923 7500 MSPCLOCK - ok15:35:19.0923 7500 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys15:35:19.0923 7500 MSPQM - ok15:35:19.0954 7500 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys15:35:19.0954 7500 MsRPC - ok15:35:19.0970 7500 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys15:35:19.0970 7500 mssmbios - ok15:35:19.0970 7500 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys15:35:19.0970 7500 MSTEE - ok15:35:19.0986 7500 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys15:35:19.0986 7500 MTConfig - ok15:35:20.0001 7500 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys15:35:20.0001 7500 Mup - ok15:35:20.0079 7500 MyFunCards_5mService (72f8c1568a56c7059cb1074a7e529dc6) C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe15:35:20.0079 7500 MyFunCards_5mService - ok15:35:20.0142 7500 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll15:35:20.0157 7500 napagent - ok15:35:20.0220 7500 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys15:35:20.0235 7500 NativeWifiP - ok15:35:20.0329 7500 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys15:35:20.0344 7500 NDIS - ok15:35:20.0360 7500 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys15:35:20.0360 7500 NdisCap - ok15:35:20.0391 7500 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys15:35:20.0391 7500 NdisTapi - ok15:35:20.0407 7500 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys15:35:20.0407 7500 Ndisuio - ok15:35:20.0438 7500 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys15:35:20.0438 7500 NdisWan - ok15:35:20.0469 7500 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys15:35:20.0469 7500 NDProxy - ok15:35:20.0516 7500 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll15:35:20.0532 7500 Net Driver HPZ12 - ok15:35:20.0547 7500 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys15:35:20.0547 7500 NetBIOS - ok15:35:20.0578 7500 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys15:35:20.0578 7500 NetBT - ok15:35:20.0610 7500 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:35:20.0610 7500 Netlogon - ok15:35:20.0656 7500 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll15:35:20.0672 7500 Netman - ok15:35:20.0781 7500 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:35:20.0781 7500 NetMsmqActivator - ok15:35:20.0797 7500 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:35:20.0797 7500 NetPipeActivator - ok15:35:20.0828 7500 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll15:35:20.0828 7500 netprofm - ok15:35:20.0844 7500 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:35:20.0844 7500 NetTcpActivator - ok15:35:20.0859 7500 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:35:20.0859 7500 NetTcpPortSharing - ok15:35:20.0922 7500 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys15:35:20.0922 7500 netvsc - ok15:35:20.0953 7500 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys15:35:20.0953 7500 nfrd960 - ok15:35:21.0015 7500 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll15:35:21.0031 7500 NlaSvc - ok15:35:21.0046 7500 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys15:35:21.0046 7500 Npfs - ok15:35:21.0046 7500 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll15:35:21.0062 7500 nsi - ok15:35:21.0062 7500 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys15:35:21.0062 7500 nsiproxy - ok15:35:21.0249 7500 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys15:35:21.0280 7500 Ntfs - ok15:35:21.0390 7500 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys15:35:21.0390 7500 Null - ok15:35:21.0436 7500 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys15:35:21.0436 7500 nvraid - ok15:35:21.0452 7500 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys15:35:21.0468 7500 nvstor - ok15:35:21.0499 7500 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys15:35:21.0499 7500 nv_agp - ok15:35:21.0530 7500 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe15:35:21.0546 7500 O2FLASH - ok15:35:21.0577 7500 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\drivers\O2MDFw7x64.sys15:35:21.0577 7500 O2MDFRDR - ok15:35:21.0608 7500 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\DRIVERS\O2MDRw7x64.sys15:35:21.0608 7500 O2MDRRDR - ok15:35:21.0686 7500 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe15:35:21.0686 7500 O2SDIOAssist - ok15:35:21.0717 7500 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys15:35:21.0717 7500 O2SDJRDR - ok15:35:21.0748 7500 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys15:35:21.0748 7500 ohci1394 - ok15:35:21.0826 7500 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE15:35:21.0826 7500 ose - ok15:35:22.0138 7500 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE15:35:22.0170 7500 osppsvc - ok15:35:22.0263 7500 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll15:35:22.0279 7500 p2pimsvc - ok15:35:22.0310 7500 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll15:35:22.0326 7500 p2psvc - ok15:35:22.0388 7500 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys15:35:22.0388 7500 Parport - ok15:35:22.0419 7500 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys15:35:22.0419 7500 partmgr - ok15:35:22.0513 7500 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe15:35:22.0513 7500 PassThru Service - ok15:35:22.0560 7500 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys15:35:22.0560 7500 PBADRV - ok15:35:22.0591 7500 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll15:35:22.0606 7500 PcaSvc - ok15:35:22.0638 7500 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys15:35:22.0638 7500 pci - ok15:35:22.0653 7500 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys15:35:22.0653 7500 pciide - ok15:35:22.0700 7500 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys15:35:22.0700 7500 pcmcia - ok15:35:22.0731 7500 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys15:35:22.0731 7500 pcw - ok15:35:22.0762 7500 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys15:35:22.0778 7500 PEAUTH - ok15:35:22.0872 7500 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll15:35:22.0887 7500 PeerDistSvc - ok15:35:22.0965 7500 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe15:35:22.0965 7500 PerfHost - ok15:35:23.0137 7500 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll15:35:23.0168 7500 pla - ok15:35:23.0230 7500 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll15:35:23.0230 7500 PlugPlay - ok15:35:23.0277 7500 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll15:35:23.0293 7500 Pml Driver HPZ12 - ok15:35:23.0308 7500 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll15:35:23.0308 7500 PNRPAutoReg - ok15:35:23.0324 7500 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll15:35:23.0340 7500 PNRPsvc - ok15:35:23.0386 7500 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys15:35:23.0402 7500 Point64 - ok15:35:23.0449 7500 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll15:35:23.0464 7500 PolicyAgent - ok15:35:23.0496 7500 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll15:35:23.0511 7500 Power - ok15:35:23.0558 7500 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys15:35:23.0558 7500 PptpMiniport - ok15:35:23.0589 7500 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys15:35:23.0589 7500 Processor - ok15:35:23.0620 7500 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll15:35:23.0620 7500 ProfSvc - ok15:35:23.0652 7500 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:35:23.0652 7500 ProtectedStorage - ok15:35:23.0698 7500 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys15:35:23.0698 7500 Psched - ok15:35:23.0745 7500 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys15:35:23.0745 7500 PxHlpa64 - ok15:35:23.0854 7500 QBCFMonitorService (e69cfdbcf71b95ab663d67280d763999) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe15:35:23.0854 7500 QBCFMonitorService - ok15:35:23.0901 7500 QBFCService (2241eaf40e472c471cb80cf6b97cca11) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe15:35:23.0901 7500 QBFCService - ok15:35:24.0010 7500 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys15:35:24.0026 7500 ql2300 - ok15:35:24.0120 7500 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys15:35:24.0120 7500 ql40xx - ok15:35:24.0151 7500 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll15:35:24.0151 7500 QWAVE - ok15:35:24.0166 7500 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys15:35:24.0166 7500 QWAVEdrv - ok15:35:24.0182 7500 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys15:35:24.0182 7500 RasAcd - ok15:35:24.0213 7500 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys15:35:24.0213 7500 RasAgileVpn - ok15:35:24.0229 7500 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll15:35:24.0229 7500 RasAuto - ok15:35:24.0260 7500 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys15:35:24.0260 7500 Rasl2tp - ok15:35:24.0291 7500 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll15:35:24.0291 7500 RasMan - ok15:35:24.0307 7500 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys15:35:24.0322 7500 RasPppoe - ok15:35:24.0354 7500 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys15:35:24.0354 7500 RasSstp - ok15:35:24.0369 7500 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys15:35:24.0369 7500 rdbss - ok15:35:24.0385 7500 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys15:35:24.0385 7500 rdpbus - ok15:35:24.0416 7500 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys15:35:24.0416 7500 RDPCDD - ok15:35:24.0447 7500 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys15:35:24.0447 7500 RDPDR - ok15:35:24.0478 7500 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys15:35:24.0478 7500 RDPENCDD - ok15:35:24.0494 7500 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys15:35:24.0494 7500 RDPREFMP - ok15:35:24.0525 7500 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys15:35:24.0525 7500 RDPWD - ok15:35:24.0556 7500 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys15:35:24.0556 7500 rdyboost - ok15:35:24.0588 7500 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll15:35:24.0588 7500 RemoteAccess - ok15:35:24.0619 7500 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll15:35:24.0619 7500 RemoteRegistry - ok15:35:24.0667 7500 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys15:35:24.0669 7500 RFCOMM - ok15:35:24.0825 7500 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe15:35:24.0842 7500 RoxMediaDB12OEM - ok15:35:24.0875 7500 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe15:35:24.0879 7500 RoxWatch12 - ok15:35:24.0971 7500 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll15:35:24.0976 7500 RpcEptMapper - ok15:35:25.0004 7500 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe15:35:25.0007 7500 RpcLocator - ok15:35:25.0038 7500 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll15:35:25.0042 7500 RpcSs - ok15:35:25.0081 7500 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys15:35:25.0084 7500 rspndr - ok15:35:25.0122 7500 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys15:35:25.0123 7500 s3cap - ok15:35:25.0148 7500 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:35:25.0149 7500 SamSs - ok15:35:25.0175 7500 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys15:35:25.0178 7500 sbp2port - ok15:35:25.0336 7500 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe15:35:25.0350 7500 SBSDWSCService - ok15:35:25.0386 7500 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll15:35:25.0390 7500 SCardSvr - ok15:35:25.0440 7500 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys15:35:25.0441 7500 scfilter - ok15:35:25.0494 7500 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll15:35:25.0506 7500 Schedule - ok15:35:25.0535 7500 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll15:35:25.0536 7500 SCPolicySvc - ok15:35:25.0557 7500 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll15:35:25.0560 7500 SDRSVC - ok15:35:25.0594 7500 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys15:35:25.0595 7500 secdrv - ok15:35:25.0620 7500 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll15:35:25.0622 7500 seclogon - ok15:35:25.0904 7500 SecureStorageService (8365191d0fe7df5972b889821adbe62b) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe15:35:25.0923 7500 SecureStorageService - ok15:35:26.0009 7500 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll15:35:26.0014 7500 SENS - ok15:35:26.0033 7500 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll15:35:26.0036 7500 SensrSvc - ok15:35:26.0098 7500 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys15:35:26.0099 7500 Serenum - ok15:35:26.0108 7500 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys15:35:26.0110 7500 Serial - ok15:35:26.0128 7500 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys15:35:26.0129 7500 sermouse - ok15:35:26.0162 7500 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll15:35:26.0165 7500 SessionEnv - ok15:35:26.0172 7500 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys15:35:26.0173 7500 sffdisk - ok15:35:26.0183 7500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys15:35:26.0184 7500 sffp_mmc - ok15:35:26.0191 7500 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys15:35:26.0192 7500 sffp_sd - ok15:35:26.0204 7500 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys15:35:26.0204 7500 sfloppy - ok15:35:26.0265 7500 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll15:35:26.0270 7500 SharedAccess - ok15:35:26.0314 7500 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll15:35:26.0324 7500 ShellHWDetection - ok15:35:26.0361 7500 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys15:35:26.0362 7500 SiSRaid2 - ok15:35:26.0381 7500 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys15:35:26.0384 7500 SiSRaid4 - ok15:35:26.0528 7500 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys15:35:26.0550 7500 SIUSBXP - ok15:35:26.0636 7500 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys15:35:26.0639 7500 Smb - ok15:35:26.0680 7500 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe15:35:26.0681 7500 SNMPTRAP - ok15:35:26.0688 7500 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys15:35:26.0689 7500 spldr - ok15:35:26.0736 7500 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe15:35:26.0748 7500 Spooler - ok15:35:26.0886 7500 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe15:35:26.0920 7500 sppsvc - ok15:35:26.0995 7500 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll15:35:26.0997 7500 sppuinotify - ok15:35:27.0060 7500 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys15:35:27.0072 7500 srv - ok15:35:27.0107 7500 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys15:35:27.0111 7500 srv2 - ok15:35:27.0137 7500 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys15:35:27.0141 7500 srvnet - ok15:35:27.0208 7500 Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566619 Share Posted July 3, 2012 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll15:35:27.0215 7500 SSDPSRV - ok15:35:27.0250 7500 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys15:35:27.0251 7500 SSPORT - ok15:35:27.0275 7500 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll15:35:27.0280 7500 SstpSvc - ok15:35:27.0370 7500 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe15:35:27.0371 7500 STacSV - ok15:35:27.0416 7500 stdcfltn (e4ea2412fb1b8aee33667a9cc6d456a4) C:\Windows\system32\DRIVERS\stdcfltn.sys15:35:27.0417 7500 stdcfltn - ok15:35:27.0446 7500 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys15:35:27.0448 7500 stexstor - ok15:35:27.0508 7500 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys15:35:27.0519 7500 STHDA - ok15:35:27.0556 7500 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys15:35:27.0558 7500 StillCam - ok15:35:27.0612 7500 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll15:35:27.0619 7500 stisvc - ok15:35:27.0705 7500 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe15:35:27.0707 7500 stllssvr - ok15:35:27.0741 7500 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll15:35:27.0743 7500 StorSvc - ok15:35:27.0790 7500 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys15:35:27.0793 7500 storvsc - ok15:35:27.0825 7500 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys15:35:27.0826 7500 swenum - ok15:35:27.0863 7500 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll15:35:27.0870 7500 swprv - ok15:35:27.0881 7500 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys15:35:27.0882 7500 SynthVid - ok15:35:27.0953 7500 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll15:35:27.0971 7500 SysMain - ok15:35:28.0038 7500 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll15:35:28.0041 7500 TabletInputService - ok15:35:28.0066 7500 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll15:35:28.0072 7500 TapiSrv - ok15:35:28.0098 7500 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll15:35:28.0099 7500 TBS - ok15:35:28.0197 7500 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys15:35:28.0215 7500 Tcpip - ok15:35:28.0351 7500 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys15:35:28.0362 7500 TCPIP6 - ok15:35:28.0414 7500 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys15:35:28.0415 7500 tcpipreg - ok15:35:28.0550 7500 tcsd_win32.exe (3d52b206d9f6f3ecfdb5d676614e47b6) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe15:35:28.0566 7500 tcsd_win32.exe - ok15:35:28.0831 7500 TdmService (e2f626e4a23e12de31d8820ff143a456) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe15:35:28.0846 7500 TdmService - ok15:35:28.0940 7500 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys15:35:28.0940 7500 TDPIPE - ok15:35:28.0971 7500 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys15:35:28.0971 7500 TDTCP - ok15:35:29.0018 7500 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys15:35:29.0018 7500 tdx - ok15:35:29.0049 7500 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys15:35:29.0049 7500 TermDD - ok15:35:29.0127 7500 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll15:35:29.0158 7500 TermService - ok15:35:29.0190 7500 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll15:35:29.0205 7500 Themes - ok15:35:29.0221 7500 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll15:35:29.0221 7500 THREADORDER - ok15:35:29.0283 7500 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll15:35:29.0283 7500 TrkWks - ok15:35:29.0346 7500 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe15:35:29.0346 7500 TrustedInstaller - ok15:35:29.0392 7500 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys15:35:29.0392 7500 tssecsrv - ok15:35:29.0424 7500 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys15:35:29.0424 7500 TsUsbFlt - ok15:35:29.0439 7500 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys15:35:29.0439 7500 TsUsbGD - ok15:35:29.0486 7500 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys15:35:29.0486 7500 tunnel - ok15:35:29.0502 7500 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys15:35:29.0502 7500 uagp35 - ok15:35:29.0533 7500 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys15:35:29.0533 7500 udfs - ok15:35:29.0564 7500 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe15:35:29.0564 7500 UI0Detect - ok15:35:29.0595 7500 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys15:35:29.0595 7500 uliagpkx - ok15:35:29.0642 7500 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys15:35:29.0642 7500 umbus - ok15:35:29.0658 7500 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys15:35:29.0658 7500 UmPass - ok15:35:29.0704 7500 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll15:35:29.0720 7500 UmRdpService - ok15:35:29.0892 7500 UNS (f7a1f83f28b125aa3737bc06eabb0cd5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe15:35:29.0907 7500 UNS - ok15:35:30.0016 7500 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll15:35:30.0016 7500 upnphost - ok15:35:30.0079 7500 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys15:35:30.0079 7500 usbccgp - ok15:35:30.0126 7500 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys15:35:30.0126 7500 usbcir - ok15:35:30.0157 7500 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys15:35:30.0157 7500 usbehci - ok15:35:30.0204 7500 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys15:35:30.0219 7500 usbhub - ok15:35:30.0250 7500 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys15:35:30.0250 7500 usbohci - ok15:35:30.0282 7500 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys15:35:30.0282 7500 usbprint - ok15:35:30.0328 7500 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys15:35:30.0328 7500 usbscan - ok15:35:30.0344 7500 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS15:35:30.0360 7500 USBSTOR - ok15:35:30.0360 7500 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys15:35:30.0360 7500 usbuhci - ok15:35:30.0391 7500 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll15:35:30.0406 7500 UxSms - ok15:35:30.0438 7500 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:35:30.0438 7500 VaultSvc - ok15:35:30.0484 7500 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys15:35:30.0484 7500 vdrvroot - ok15:35:30.0531 7500 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe15:35:30.0547 7500 vds - ok15:35:30.0562 7500 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys15:35:30.0562 7500 vga - ok15:35:30.0578 7500 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys15:35:30.0578 7500 VgaSave - ok15:35:30.0609 7500 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys15:35:30.0609 7500 vhdmp - ok15:35:30.0625 7500 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys15:35:30.0625 7500 viaide - ok15:35:30.0640 7500 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys15:35:30.0640 7500 VMBusHID - ok15:35:30.0672 7500 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys15:35:30.0672 7500 volmgr - ok15:35:30.0703 7500 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys15:35:30.0718 7500 volmgrx - ok15:35:30.0750 7500 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys15:35:30.0765 7500 volsnap - ok15:35:30.0828 7500 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys15:35:30.0828 7500 vpcbus - ok15:35:30.0859 7500 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys15:35:30.0874 7500 vpcnfltr - ok15:35:30.0906 7500 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys15:35:30.0906 7500 vpcusb - ok15:35:30.0937 7500 vpcvmm (30d4243726a15a14f5c5e45898d14394) C:\Windows\system32\drivers\vpcvmm.sys15:35:30.0937 7500 vpcvmm - ok15:35:30.0984 7500 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys15:35:30.0984 7500 vsmraid - ok15:35:31.0093 7500 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe15:35:31.0108 7500 VSS - ok15:35:31.0327 7500 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys15:35:31.0327 7500 vwifibus - ok15:35:31.0358 7500 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys15:35:31.0374 7500 vwififlt - ok15:35:31.0405 7500 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys15:35:31.0405 7500 vwifimp - ok15:35:31.0530 7500 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll15:35:31.0545 7500 W32Time - ok15:35:31.0592 7500 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys15:35:31.0592 7500 WacomPen - ok15:35:31.0639 7500 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys15:35:31.0639 7500 WANARP - ok15:35:31.0654 7500 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys15:35:31.0654 7500 Wanarpv6 - ok15:35:31.0748 7500 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe15:35:31.0779 7500 WatAdminSvc - ok15:35:32.0154 7500 Wave Authentication Manager Service (e45bce01f15eeb240fe9db83b9d86be3) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe15:35:32.0169 7500 Wave Authentication Manager Service - ok15:35:32.0310 7500 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe15:35:32.0341 7500 wbengine - ok15:35:32.0403 7500 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll15:35:32.0403 7500 WbioSrvc - ok15:35:32.0434 7500 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll15:35:32.0434 7500 wcncsvc - ok15:35:32.0450 7500 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll15:35:32.0450 7500 WcsPlugInService - ok15:35:32.0497 7500 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys15:35:32.0497 7500 Wd - ok15:35:32.0544 7500 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys15:35:32.0559 7500 Wdf01000 - ok15:35:32.0590 7500 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll15:35:32.0590 7500 WdiServiceHost - ok15:35:32.0590 7500 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll15:35:32.0590 7500 WdiSystemHost - ok15:35:32.0622 7500 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll15:35:32.0622 7500 WebClient - ok15:35:32.0653 7500 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll15:35:32.0653 7500 Wecsvc - ok15:35:32.0668 7500 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll15:35:32.0668 7500 wercplsupport - ok15:35:32.0715 7500 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll15:35:32.0715 7500 WerSvc - ok15:35:32.0778 7500 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys15:35:32.0778 7500 WfpLwf - ok15:35:32.0793 7500 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys15:35:32.0793 7500 WIMMount - ok15:35:32.0840 7500 WinDefend - ok15:35:32.0856 7500 WinHttpAutoProxySvc - ok15:35:32.0934 7500 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll15:35:32.0934 7500 Winmgmt - ok15:35:33.0058 7500 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll15:35:33.0074 7500 WinRM - ok15:35:33.0339 7500 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll15:35:33.0355 7500 Wlansvc - ok15:35:33.0448 7500 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe15:35:33.0448 7500 wlcrasvc - ok15:35:33.0620 7500 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE15:35:33.0636 7500 wlidsvc - ok15:35:33.0698 7500 wltrysvc (55dbb16fdc57808615323389241fdc99) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE15:35:33.0698 7500 wltrysvc - ok15:35:33.0823 7500 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys15:35:33.0823 7500 WmiAcpi - ok15:35:33.0901 7500 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe15:35:33.0901 7500 wmiApSrv - ok15:35:33.0932 7500 WMPNetworkSvc - ok15:35:33.0963 7500 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll15:35:33.0979 7500 WPCSvc - ok15:35:33.0994 7500 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll15:35:34.0010 7500 WPDBusEnum - ok15:35:34.0026 7500 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys15:35:34.0026 7500 ws2ifsl - ok15:35:34.0041 7500 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll15:35:34.0041 7500 wscsvc - ok15:35:34.0088 7500 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys15:35:34.0088 7500 WSDPrintDevice - ok15:35:34.0088 7500 WSearch - ok15:35:34.0244 7500 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll15:35:34.0275 7500 wuauserv - ok15:35:34.0384 7500 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys15:35:34.0384 7500 WudfPf - ok15:35:34.0431 7500 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys15:35:34.0431 7500 WUDFRd - ok15:35:34.0462 7500 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll15:35:34.0462 7500 wudfsvc - ok15:35:34.0494 7500 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll15:35:34.0494 7500 WwanSvc - ok15:35:34.0556 7500 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR015:35:34.0587 7500 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected15:35:34.0587 7500 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)15:35:34.0603 7500 MBR (0x1B8) (fcb1fc5713d6b7dbf460028a65fdc118) \Device\Harddisk2\DR415:35:41.0248 7500 \Device\Harddisk2\DR4 - ok15:35:41.0264 7500 Boot (0x1200) (ded67a679aaf8f9efe7f94c1ca28ab62) \Device\Harddisk0\DR0\Partition015:35:41.0264 7500 \Device\Harddisk0\DR0\Partition0 - ok15:35:41.0280 7500 Boot (0x1200) (959ff6459805ff1b6911e5a1f73751b3) \Device\Harddisk0\DR0\Partition115:35:41.0280 7500 \Device\Harddisk0\DR0\Partition1 - ok15:35:41.0280 7500 ============================================================15:35:41.0280 7500 Scan finished15:35:41.0280 7500 ============================================================15:35:41.0295 5208 Detected object count: 115:35:41.0311 5208 Actual detected object count: 115:36:13.0525 5208 \Device\Harddisk0\DR0\# - copied to quarantine15:36:13.0525 5208 \Device\Harddisk0\DR0 - copied to quarantine15:36:13.0587 5208 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine15:36:13.0587 5208 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine15:36:13.0587 5208 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine15:36:13.0603 5208 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine15:36:13.0650 5208 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine15:36:13.0650 5208 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine15:36:13.0650 5208 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine15:36:13.0665 5208 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine15:36:13.0696 5208 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine15:36:13.0696 5208 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine15:36:13.0728 5208 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine15:36:13.0743 5208 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine15:36:13.0790 5208 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine15:36:13.0806 5208 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine15:36:13.0962 5208 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine15:36:13.0962 5208 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Quarantine15:37:05.0863 6988 ============================================================15:37:05.0863 6988 Scan started15:37:05.0863 6988 Mode: Manual;15:37:05.0863 6988 ============================================================15:37:06.0331 6988 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys15:37:06.0331 6988 1394ohci - ok15:37:06.0362 6988 Acceler (1575a815c27789061f34b4f55ae0b5c3) C:\Windows\system32\DRIVERS\accelern.sys15:37:06.0362 6988 Acceler - ok15:37:06.0393 6988 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys15:37:06.0393 6988 ACPI - ok15:37:06.0409 6988 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys15:37:06.0409 6988 AcpiPmi - ok15:37:06.0487 6988 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe15:37:06.0503 6988 AdobeARMservice - ok15:37:06.0596 6988 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe15:37:06.0596 6988 AdobeFlashPlayerUpdateSvc - ok15:37:06.0643 6988 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys15:37:06.0659 6988 adp94xx - ok15:37:06.0690 6988 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys15:37:06.0690 6988 adpahci - ok15:37:06.0705 6988 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys15:37:06.0705 6988 adpu320 - ok15:37:06.0737 6988 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll15:37:06.0737 6988 AeLookupSvc - ok15:37:06.0799 6988 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe15:37:06.0799 6988 AESTFilters - ok15:37:06.0846 6988 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys15:37:06.0861 6988 AFD - ok15:37:06.0877 6988 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys15:37:06.0877 6988 agp440 - ok15:37:06.0908 6988 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe15:37:06.0908 6988 ALG - ok15:37:06.0908 6988 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys15:37:06.0908 6988 aliide - ok15:37:06.0924 6988 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys15:37:06.0924 6988 amdide - ok15:37:06.0939 6988 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys15:37:06.0939 6988 AmdK8 - ok15:37:06.0939 6988 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys15:37:06.0939 6988 AmdPPM - ok15:37:06.0955 6988 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys15:37:06.0955 6988 amdsata - ok15:37:06.0986 6988 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys15:37:07.0002 6988 amdsbs - ok15:37:07.0017 6988 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys15:37:07.0017 6988 amdxata - ok15:37:07.0064 6988 ApfiltrService (6d4cb1f46a0ac05326f834fd6b822479) C:\Windows\system32\DRIVERS\Apfiltr.sys15:37:07.0064 6988 ApfiltrService - ok15:37:07.0080 6988 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys15:37:07.0080 6988 AppID - ok15:37:07.0111 6988 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll15:37:07.0111 6988 AppIDSvc - ok15:37:07.0142 6988 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll15:37:07.0142 6988 Appinfo - ok15:37:07.0173 6988 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll15:37:07.0173 6988 AppMgmt - ok15:37:07.0189 6988 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys15:37:07.0189 6988 arc - ok15:37:07.0205 6988 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys15:37:07.0205 6988 arcsas - ok15:37:07.0283 6988 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe15:37:07.0283 6988 aspnet_state - ok15:37:07.0298 6988 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys15:37:07.0298 6988 AsyncMac - ok15:37:07.0329 6988 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys15:37:07.0329 6988 atapi - ok15:37:07.0501 6988 ATService (e604f606d37b153b32bddececb024f81) C:\Program Files\Fingerprint Sensor\ATService.exe15:37:07.0517 6988 ATService - ok15:37:07.0626 6988 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll15:37:07.0626 6988 AudioEndpointBuilder - ok15:37:07.0641 6988 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll15:37:07.0657 6988 AudioSrv - ok15:37:07.0922 6988 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe15:37:07.0953 6988 AVGIDSAgent - ok15:37:08.0063 6988 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys15:37:08.0063 6988 AVGIDSDriver - ok15:37:08.0094 6988 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys15:37:08.0094 6988 AVGIDSFilter - ok15:37:08.0125 6988 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys15:37:08.0125 6988 AVGIDSHA - ok15:37:08.0156 6988 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys15:37:08.0156 6988 Avgldx64 - ok15:37:08.0172 6988 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys15:37:08.0172 6988 Avgmfx64 - ok15:37:08.0187 6988 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys15:37:08.0187 6988 Avgrkx64 - ok15:37:08.0219 6988 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys15:37:08.0219 6988 Avgtdia - ok15:37:08.0297 6988 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe15:37:08.0312 6988 avgwd - ok15:37:08.0343 6988 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll15:37:08.0343 6988 AxInstSV - ok15:37:08.0390 6988 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys15:37:08.0406 6988 b06bdrv - ok15:37:08.0453 6988 b57nd60a (00e4fd35ce3e817f19d6bc2b6f97fd90) C:\Windows\system32\DRIVERS\b57nd60a.sys15:37:08.0453 6988 b57nd60a - ok15:37:08.0499 6988 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE15:37:08.0515 6988 BBSvc - ok15:37:08.0531 6988 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE15:37:08.0531 6988 BBUpdate - ok15:37:08.0562 6988 BCM42RLY (c3d8920a5aaf10a72cedb57d3339280a) C:\Windows\system32\drivers\BCM42RLY.sys15:37:08.0577 6988 BCM42RLY - ok15:37:08.0765 6988 BCM43XX (d20ee58c13ff343b90550861ebcd9ddd) C:\Windows\system32\DRIVERS\bcmwl664.sys15:37:08.0796 6988 BCM43XX - ok15:37:08.0889 6988 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll15:37:08.0889 6988 BDESVC - ok15:37:08.0921 6988 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys15:37:08.0921 6988 Beep - ok15:37:08.0967 6988 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll15:37:08.0983 6988 BFE - ok15:37:09.0045 6988 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll15:37:09.0061 6988 BITS - ok15:37:09.0092 6988 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys15:37:09.0092 6988 blbdrive - ok15:37:09.0123 6988 Blfp (228086f7ed08e8f1f8622e8f0ded7b6e) C:\Windows\system32\DRIVERS\basp.sys15:37:09.0123 6988 Blfp - ok15:37:09.0155 6988 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys15:37:09.0155 6988 bowser - ok15:37:09.0201 6988 BrcmMgmtAgent (96afb6d33247fe90421a5b2e76f4ed59) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe15:37:09.0217 6988 BrcmMgmtAgent - ok15:37:09.0233 6988 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys15:37:09.0233 6988 BrFiltLo - ok15:37:09.0248 6988 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys15:37:09.0248 6988 BrFiltUp - ok15:37:09.0264 6988 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys15:37:09.0264 6988 BridgeMP - ok15:37:09.0295 6988 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll15:37:09.0295 6988 Browser - ok15:37:09.0326 6988 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys15:37:09.0326 6988 Brserid - ok15:37:09.0342 6988 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys15:37:09.0342 6988 BrSerWdm - ok15:37:09.0342 6988 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys15:37:09.0342 6988 BrUsbMdm - ok15:37:09.0342 6988 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys15:37:09.0357 6988 BrUsbSer - ok15:37:09.0373 6988 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys15:37:09.0373 6988 BthEnum - ok15:37:09.0404 6988 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys15:37:09.0404 6988 BTHMODEM - ok15:37:09.0435 6988 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys15:37:09.0435 6988 BthPan - ok15:37:09.0482 6988 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys15:37:09.0482 6988 BTHPORT - ok15:37:09.0498 6988 BTHprint (fbebe2a6469efb281ea143530a553f38) C:\Windows\system32\DRIVERS\bthprint.sys15:37:09.0498 6988 BTHprint - ok15:37:09.0529 6988 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll15:37:09.0529 6988 bthserv - ok15:37:09.0529 6988 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys15:37:09.0529 6988 BTHUSB - ok15:37:09.0576 6988 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys15:37:09.0576 6988 BTWAMPFL - ok15:37:09.0591 6988 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys15:37:09.0591 6988 btwaudio - ok15:37:09.0623 6988 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys15:37:09.0623 6988 btwavdt - ok15:37:09.0716 6988 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe15:37:09.0732 6988 btwdins - ok15:37:09.0747 6988 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys15:37:09.0747 6988 btwl2cap - ok15:37:09.0779 6988 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys15:37:09.0779 6988 btwrchid - ok15:37:09.0919 6988 catchme - ok15:37:09.0950 6988 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys15:37:09.0950 6988 cdfs - ok15:37:09.0981 6988 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys15:37:09.0981 6988 cdrom - ok15:37:10.0013 6988 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll15:37:10.0028 6988 CertPropSvc - ok15:37:10.0044 6988 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys15:37:10.0044 6988 circlass - ok15:37:10.0075 6988 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys15:37:10.0091 6988 CLFS - ok15:37:10.0169 6988 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe15:37:10.0169 6988 clr_optimization_v2.0.50727_32 - ok15:37:10.0231 6988 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe15:37:10.0231 6988 clr_optimization_v2.0.50727_64 - ok15:37:10.0278 6988 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe15:37:10.0293 6988 clr_optimization_v4.0.30319_32 - ok15:37:10.0325 6988 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe15:37:10.0340 6988 clr_optimization_v4.0.30319_64 - ok15:37:10.0356 6988 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys15:37:10.0356 6988 CmBatt - ok15:37:10.0371 6988 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys15:37:10.0371 6988 cmdide - ok15:37:10.0434 6988 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys15:37:10.0434 6988 CNG - ok15:37:10.0449 6988 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys15:37:10.0449 6988 Compbatt - ok15:37:10.0465 6988 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys15:37:10.0465 6988 CompositeBus - ok15:37:10.0465 6988 COMSysApp - ok15:37:10.0481 6988 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys15:37:10.0481 6988 crcdisk - ok15:37:10.0512 6988 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll15:37:10.0512 6988 CryptSvc - ok15:37:10.0559 6988 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys15:37:10.0559 6988 CSC - ok15:37:10.0605 6988 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll15:37:10.0605 6988 CscService - ok15:37:10.0637 6988 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys15:37:10.0637 6988 dc3d - ok15:37:10.0683 6988 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll15:37:10.0699 6988 DcomLaunch - ok15:37:10.0730 6988 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll15:37:10.0730 6988 defragsvc - ok15:37:10.0793 6988 DellDigitalDelivery (18b5c959cbe24d4d4c2381efb87611de) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe15:37:10.0808 6988 DellDigitalDelivery - ok15:37:10.0980 6988 DFEPService (b85201f1aae97cd58fde0db18120f924) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe15:37:10.0995 6988 DFEPService - ok15:37:11.0089 6988 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys15:37:11.0089 6988 DfsC - ok15:37:11.0120 6988 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys15:37:11.0120 6988 DgiVecp - ok15:37:11.0167 6988 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll15:37:11.0183 6988 Dhcp - ok15:37:11.0183 6988 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys15:37:11.0198 6988 discache - ok15:37:11.0214 6988 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys15:37:11.0214 6988 Disk - ok15:37:11.0245 6988 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys15:37:11.0245 6988 dmvsc - ok15:37:11.0292 6988 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll15:37:11.0292 6988 Dnscache - ok15:37:11.0323 6988 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll15:37:11.0323 6988 dot3svc - ok15:37:11.0354 6988 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys15:37:11.0354 6988 Dot4 - ok15:37:11.0370 6988 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys15:37:11.0370 6988 Dot4Print - ok15:37:11.0401 6988 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys15:37:11.0401 6988 dot4usb - ok15:37:11.0432 6988 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll15:37:11.0448 6988 DPS - ok15:37:11.0479 6988 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys15:37:11.0479 6988 drmkaud - ok15:37:11.0541 6988 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys15:37:11.0557 6988 DXGKrnl - ok15:37:11.0604 6988 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe15:37:11.0604 6988 DymoPnpService - ok15:37:11.0619 6988 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll15:37:11.0635 6988 EapHost - ok15:37:11.0791 6988 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys15:37:11.0807 6988 ebdrv - ok15:37:11.0885 6988 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe15:37:11.0885 6988 EFS - ok15:37:11.0963 6988 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe15:37:11.0978 6988 ehRecvr - ok15:37:11.0994 6988 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe15:37:11.0994 6988 ehSched - ok15:37:12.0056 6988 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys15:37:12.0056 6988 elxstor - ok15:37:12.0072 6988 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys15:37:12.0072 6988 ErrDev - ok15:37:12.0119 6988 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll15:37:12.0134 6988 EventSystem - ok15:37:12.0150 6988 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys15:37:12.0150 6988 exfat - ok15:37:12.0181 6988 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys15:37:12.0181 6988 fastfat - ok15:37:12.0228 6988 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe15:37:12.0243 6988 Fax - ok15:37:12.0259 6988 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys15:37:12.0259 6988 fdc - ok15:37:12.0275 6988 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll15:37:12.0275 6988 fdPHost - ok15:37:12.0290 6988 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll15:37:12.0290 6988 FDResPub - ok15:37:12.0321 6988 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys15:37:12.0321 6988 FileInfo - ok15:37:12.0337 6988 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys15:37:12.0337 6988 Filetrace - ok15:37:12.0353 6988 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys15:37:12.0353 6988 flpydisk - ok15:37:12.0384 6988 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys15:37:12.0384 6988 FltMgr - ok15:37:12.0462 6988 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll15:37:12.0477 6988 FontCache - ok15:37:12.0555 6988 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe15:37:12.0555 6988 FontCache3.0.0.0 - ok15:37:12.0602 6988 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys15:37:12.0602 6988 FsDepends - ok15:37:12.0633 6988 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys15:37:12.0633 6988 Fs_Rec - ok15:37:12.0649 6988 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys15:37:12.0665 6988 fvevol - ok15:37:12.0680 6988 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys15:37:12.0680 6988 gagp30kx - ok15:37:12.0743 6988 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll15:37:12.0758 6988 gpsvc - ok15:37:12.0867 6988 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe15:37:12.0867 6988 gupdate - ok15:37:12.0867 6988 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe15:37:12.0883 6988 gupdatem - ok15:37:12.0899 6988 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe15:37:12.0914 6988 gusvc - ok15:37:12.0930 6988 HBtnKey (0e485f2c759f155170da9f35354034e9) C:\Windows\system32\drivers\HBtnKey.sys15:37:12.0930 6988 HBtnKey - ok15:37:12.0961 6988 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys15:37:12.0961 6988 hcw85cir - ok15:37:12.0992 6988 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys15:37:12.0992 6988 HDAudBus - ok15:37:13.0008 6988 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys15:37:13.0008 6988 HidBatt - ok15:37:13.0039 6988 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys15:37:13.0039 6988 HidBth - ok15:37:13.0055 6988 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys15:37:13.0055 6988 HidIr - ok15:37:13.0086 6988 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll15:37:13.0086 6988 hidserv - ok15:37:13.0101 6988 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys15:37:13.0101 6988 HidUsb - ok15:37:13.0117 6988 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll15:37:13.0117 6988 hkmsvc - ok15:37:13.0148 6988 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll15:37:13.0148 6988 HomeGroupListener - ok15:37:13.0195 6988 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll15:37:13.0195 6988 HomeGroupProvider - ok15:37:13.0242 6988 HP LaserJet Service (53dca61931847e35c950504bfb7559c6) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe15:37:13.0242 6988 HP LaserJet Service - ok15:37:13.0304 6988 hpqcxs08 (08457d8f8149757c70cea59c71ec5d27) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll15:37:13.0304 6988 hpqcxs08 - ok15:37:13.0335 6988 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll15:37:13.0335 6988 hpqddsvc - ok15:37:13.0367 6988 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys15:37:13.0367 6988 HpSAMD - ok15:37:13.0445 6988 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL15:37:13.0460 6988 HPSLPSVC - ok15:37:13.0491 6988 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys15:37:13.0491 6988 HTCAND64 - ok15:37:13.0507 6988 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys15:37:13.0507 6988 htcnprot - ok15:37:13.0554 6988 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys15:37:13.0569 6988 HTTP - ok15:37:13.0569 6988 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys15:37:13.0569 6988 hwpolicy - ok15:37:13.0601 6988 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys15:37:13.0601 6988 i8042prt - ok15:37:13.0647 6988 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys15:37:13.0663 6988 iaStor - ok15:37:13.0694 6988 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys15:37:13.0694 6988 iaStorV - ok15:37:13.0819 6988 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe15:37:13.0819 6988 idsvc - ok15:37:14.0318 6988 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys15:37:14.0381 6988 igfx - ok15:37:14.0505 6988 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys15:37:14.0505 6988 iirsp - ok15:37:14.0568 6988 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll15:37:14.0583 6988 IKEEXT - ok15:37:14.0630 6988 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys15:37:14.0630 6988 Impcd - ok15:37:14.0661 6988 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys15:37:14.0677 6988 IntcDAud - ok15:37:14.0708 6988 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys15:37:14.0708 6988 intelide - ok15:37:14.0739 6988 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys15:37:14.0739 6988 intelppm - ok15:37:14.0771 6988 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll15:37:14.0786 6988 IPBusEnum - ok15:37:14.0802 6988 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys15:37:14.0802 6988 IpFilterDriver - ok15:37:14.0849 6988 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll15:37:14.0864 6988 iphlpsvc - ok15:37:14.0880 6988 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys15:37:14.0880 6988 IPMIDRV - ok15:37:14.0880 6988 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys15:37:14.0880 6988 IPNAT - ok15:37:14.0895 6988 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys15:37:14.0895 6988 IRENUM - ok15:37:14.0911 6988 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys15:37:14.0911 6988 isapnp - ok15:37:14.0927 6988 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys15:37:14.0942 6988 iScsiPrt - ok15:37:15.0005 6988 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe15:37:15.0005 6988 jhi_service - ok15:37:15.0036 6988 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys15:37:15.0036 6988 kbdclass - ok15:37:15.0067 6988 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys15:37:15.0067 6988 kbdhid - ok15:37:15.0083 6988 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:37:15.0083 6988 KeyIso - ok15:37:15.0129 6988 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys15:37:15.0129 6988 KSecDD - ok15:37:15.0161 6988 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys15:37:15.0161 6988 KSecPkg - ok15:37:15.0161 6988 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys15:37:15.0161 6988 ksthunk - ok15:37:15.0207 6988 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll15:37:15.0207 6988 KtmRm - ok15:37:15.0239 6988 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll15:37:15.0239 6988 LanmanServer - ok15:37:15.0270 6988 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll15:37:15.0285 6988 LanmanWorkstation - ok15:37:15.0285 6988 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys15:37:15.0285 6988 lltdio - ok15:37:15.0348 6988 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll15:37:15.0348 6988 lltdsvc - ok15:37:15.0363 6988 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll15:37:15.0363 6988 lmhosts - ok15:37:15.0441 6988 LMIGuardianSvc (d55a7d0553c7102f63872936c7a9d9db) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe15:37:15.0441 6988 LMIGuardianSvc - ok15:37:15.0457 6988 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys15:37:15.0457 6988 LMIInfo - ok15:37:15.0488 6988 LMIMaint (a7d256c8847df6e88bddb55f87e54f46) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe15:37:15.0488 6988 LMIMaint - ok15:37:15.0504 6988 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys15:37:15.0504 6988 lmimirr - ok15:37:15.0504 6988 LMIRfsClientNP - ok15:37:15.0519 6988 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys15:37:15.0519 6988 LMIRfsDriver - ok15:37:15.0566 6988 LMS (5f5899711df18a02162b6d518c17b0d7) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe15:37:15.0566 6988 LMS - ok15:37:15.0613 6988 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe15:37:15.0629 6988 LogMeIn - ok15:37:15.0660 6988 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys15:37:15.0660 6988 LSI_FC - ok15:37:15.0691 6988 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys15:37:15.0691 6988 LSI_SAS - ok15:37:15.0691 6988 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys15:37:15.0707 6988 LSI_SAS2 - ok15:37:15.0722 6988 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys15:37:15.0722 6988 LSI_SCSI - ok15:37:15.0738 6988 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys15:37:15.0738 6988 luafv - ok15:37:15.0738 6988 MBAMProtector - ok15:37:15.0800 6988 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe15:37:15.0800 6988 MBAMService - ok15:37:15.0847 6988 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll15:37:15.0847 6988 Mcx2Svc - ok15:37:15.0847 6988 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys15:37:15.0847 6988 megasas - ok15:37:15.0878 6988 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys15:37:15.0878 6988 MegaSR - ok15:37:15.0909 6988 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys15:37:15.0909 6988 MEIx64 - ok15:37:15.0941 6988 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll15:37:15.0941 6988 MMCSS - ok15:37:15.0956 6988 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys15:37:15.0956 6988 Modem - ok15:37:15.0972 6988 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys15:37:15.0972 6988 monitor - ok15:37:15.0987 6988 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys15:37:15.0987 6988 mouclass - ok15:37:16.0003 6988 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys15:37:16.0019 6988 mouhid - ok15:37:16.0034 6988 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys15:37:16.0034 6988 mountmgr - ok15:37:16.0050 6988 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys15:37:16.0050 6988 mpio - ok15:37:16.0065 6988 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys15:37:16.0065 6988 mpsdrv - ok15:37:16.0112 6988 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll15:37:16.0128 6988 MpsSvc - ok15:37:16.0159 6988 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys15:37:16.0159 6988 MRxDAV - ok15:37:16.0190 6988 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys15:37:16.0190 6988 mrxsmb - ok15:37:16.0221 6988 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys15:37:16.0237 6988 mrxsmb10 - ok15:37:16.0253 6988 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys15:37:16.0253 6988 mrxsmb20 - ok15:37:16.0284 6988 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys15:37:16.0284 6988 msahci - ok15:37:16.0315 6988 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys15:37:16.0315 6988 msdsm - ok15:37:16.0362 6988 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe15:37:16.0362 6988 MSDTC - ok15:37:16.0393 6988 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys15:37:16.0393 6988 Msfs - ok15:37:16.0409 6988 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys15:37:16.0409 6988 mshidkmdf - ok15:37:16.0424 6988 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys15:37:16.0424 6988 msisadrv - ok15:37:16.0455 6988 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll15:37:16.0471 6988 MSiSCSI - ok15:37:16.0471 6988 msiserver - ok15:37:16.0471 6988 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys15:37:16.0471 6988 MSKSSRV - ok15:37:16.0487 6988 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys15:37:16.0487 6988 MSPCLOCK - ok15:37:16.0487 6988 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys15:37:16.0487 6988 MSPQM - ok15:37:16.0518 6988 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys15:37:16.0518 6988 MsRPC - ok15:37:16.0533 6988 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys15:37:16.0533 6988 mssmbios - ok15:37:16.0565 6988 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys15:37:16.0565 6988 MSTEE - ok15:37:16.0565 6988 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys15:37:16.0565 6988 MTConfig - ok15:37:16.0580 6988 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys15:37:16.0580 6988 Mup - ok15:37:16.0643 6988 MyFunCards_5mService (72f8c1568a56c7059cb1074a7e529dc6) C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe15:37:16.0643 6988 MyFunCards_5mService - ok15:37:16.0705 6988 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll15:37:16.0705 6988 napagent - ok15:37:16.0736 6988 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys15:37:16.0736 6988 NativeWifiP - ok15:37:16.0814 6988 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys15:37:16.0830 6988 NDIS - ok15:37:16.0845 6988 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys15:37:16.0845 6988 NdisCap - ok15:37:16.0861 6988 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys15:37:16.0861 6988 NdisTapi - ok15:37:16.0877 6988 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys15:37:16.0877 6988 Ndisuio - ok15:37:16.0908 6988 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys15:37:16.0908 6988 NdisWan - ok15:37:16.0923 6988 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys15:37:16.0923 6988 NDProxy - ok15:37:16.0955 6988 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll15:37:16.0955 6988 Net Driver HPZ12 - ok15:37:16.0955 6988 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys15:37:16.0970 6988 NetBIOS - ok15:37:16.0986 6988 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys15:37:16.0986 6988 NetBT - ok15:37:17.0017 6988 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:37:17.0017 6988 Netlogon - ok15:37:17.0048 6988 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll15:37:17.0064 6988 Netman - ok15:37:17.0157 6988 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:37:17.0157 6988 NetMsmqActivator - ok15:37:17.0173 6988 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:37:17.0173 6988 NetPipeActivator - ok15:37:17.0204 6988 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll15:37:17.0204 6988 netprofm - ok15:37:17.0204 6988 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:37:17.0220 6988 NetTcpActivator - ok15:37:17.0220 6988 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe15:37:17.0220 6988 NetTcpPortSharing - ok15:37:17.0282 6988 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys15:37:17.0282 6988 netvsc - ok15:37:17.0313 6988 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys15:37:17.0313 6988 nfrd960 - ok15:37:17.0360 6988 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll15:37:17.0360 6988 NlaSvc - ok15:37:17.0376 6988 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys15:37:17.0376 6988 Npfs - ok15:37:17.0391 6988 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll15:37:17.0391 6988 nsi - ok15:37:17.0391 6988 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys15:37:17.0391 6988 nsiproxy - ok15:37:17.0501 6988 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys15:37:17.0516 6988 Ntfs - ok15:37:17.0610 6988 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys15:37:17.0610 6988 Null - ok15:37:17.0625 6988 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys15:37:17.0641 6988 nvraid - ok15:37:17.0672 6988 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys15:37:17.0672 6988 nvstor - ok15:37:17.0703 6988 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys15:37:17.0703 6988 nv_agp - ok15:37:17.0735 6988 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe15:37:17.0735 6988 O2FLASH - ok15:37:17.0750 6988 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\drivers\O2MDFw7x64.sys15:37:17.0750 6988 O2MDFRDR - ok15:37:17.0781 6988 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\DRIVERS\O2MDRw7x64.sys15:37:17.0781 6988 O2MDRRDR - ok15:37:17.0844 6988 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe15:37:17.0844 6988 O2SDIOAssist - ok15:37:17.0875 6988 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys15:37:17.0875 6988 O2SDJRDR - ok15:37:17.0906 6988 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys15:37:17.0906 6988 ohci1394 - ok15:37:17.0969 6988 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE15:37:17.0969 6988 ose - ok15:37:18.0249 6988 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE15:37:18.0281 6988 osppsvc - ok15:37:18.0374 6988 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll15:37:18.0390 6988 p2pimsvc - ok15:37:18.0421 6988 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll15:37:18.0437 6988 p2psvc - ok15:37:18.0483 6988 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys15:37:18.0483 6988 Parport - ok15:37:18.0499 6988 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys15:37:18.0515 6988 partmgr - ok15:37:18.0593 6988 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe15:37:18.0593 6988 PassThru Service - ok15:37:18.0624 6988 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys15:37:18.0624 6988 PBADRV - ok15:37:18.0671 6988 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll15:37:18.0671 6988 PcaSvc - ok15:37:18.0702 6988 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys15:37:18.0702 6988 pci - ok15:37:18.0733 6988 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys15:37:18.0733 6988 pciide - ok15:37:18.0764 6988 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys15:37:18.0780 6988 pcmcia - ok15:37:18.0795 6988 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys15:37:18.0795 6988 pcw - ok15:37:18.0842 6988 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys15:37:18.0842 6988 PEAUTH - ok15:37:18.0936 6988 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll15:37:18.0967 6988 PeerDistSvc - ok15:37:19.0029 6988 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe15:37:19.0029 6988 PerfHost - ok15:37:19.0201 6988 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll15:37:19.0217 6988 pla - ok15:37:19.0263 6988 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll15:37:19.0263 6988 PlugPlay - ok15:37:19.0295 6988 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll15:37:19.0295 6988 Pml Driver HPZ12 - ok15:37:19.0310 6988 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll15:37:19.0310 6988 PNRPAutoReg - ok15:37:19.0341 6988 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll15:37:19.0341 6988 PNRPsvc - ok15:37:19.0404 6988 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys15:37:19.0404 6988 Point64 - ok15:37:19.0466 6988 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll15:37:19.0466 6988 PolicyAgent - ok15:37:19.0513 6988 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll15:37:19.0513 6988 Power - ok15:37:19.0544 6988 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys15:37:19.0544 6988 PptpMiniport - ok15:37:19.0575 6988 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys15:37:19.0575 6988 Processor - ok15:37:19.0607 6988 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll15:37:19.0622 6988 ProfSvc - ok15:37:19.0638 6988 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:37:19.0653 6988 ProtectedStorage - ok15:37:19.0669 6988 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys15:37:19.0669 6988 Psched - ok15:37:19.0700 6988 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys15:37:19.0700 6988 PxHlpa64 - ok15:37:19.0794 6988 QBCFMonitorService (e69cfdbcf71b95ab663d67280d763999) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe15:37:19.0794 6988 QBCFMonitorService - ok15:37:19.0841 6988 QBFCService (2241eaf40e472c471cb80cf6b97cca11) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe15:37:19.0841 6988 QBFCService - ok15:37:19.0934 6988 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys15:37:19.0965 6988 ql2300 - ok15:37:20.0043 6988 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys15:37:20.0059 6988 ql40xx - ok15:37:20.0090 6988 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll15:37:20.0106 6988 QWAVE - ok15:37:20.0121 6988 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys15:37:20.0121 6988 QWAVEdrv - ok15:37:20.0121 6988 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys15:37:20.0121 6988 RasAcd - ok15:37:20.0153 6988 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys15:37:20.0153 6988 RasAgileVpn - ok15:37:20.0168 6988 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll15:37:20.0184 6988 RasAuto - ok15:37:20.0215 6988 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys15:37:20.0231 6988 Rasl2tp - ok15:37:20.0262 6988 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll15:37:20.0262 6988 RasMan - ok15:37:20.0277 6988 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys15:37:20.0277 6988 RasPppoe - ok15:37:20.0293 6988 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys15:37:20.0293 6988 RasSstp - ok15:37:20.0324 6988 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys15:37:20.0324 6988 rdbss - ok15:37:20.0340 6988 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys15:37:20.0340 6988 rdpbus - ok15:37:20.0355 6988 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys15:37:20.0355 6988 RDPCDD - ok15:37:20.0402 6988 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys15:37:20.0402 6988 RDPDR - ok15:37:20.0418 6988 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys15:37:20.0418 6988 RDPENCDD - ok15:37:20.0433 6988 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys15:37:20.0433 6988 RDPREFMP - ok15:37:20.0480 6988 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys15:37:20.0480 6988 RDPWD - ok15:37:20.0511 6988 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys15:37:20.0511 6988 rdyboost - ok15:37:20.0558 6988 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll15:37:20.0558 6988 RemoteAccess - ok15:37:20.0574 6988 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll15:37:20.0589 6988 RemoteRegistry - ok15:37:20.0621 6988 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys15:37:20.0621 6988 RFCOMM - ok15:37:20.0792 6988 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe15:37:20.0808 6988 RoxMediaDB12OEM - ok15:37:20.0839 6988 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe15:37:20.0839 6988 RoxWatch12 - ok15:37:20.0933 6988 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll15:37:20.0933 6988 RpcEptMapper - ok15:37:20.0964 6988 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe15:37:20.0964 6988 RpcLocator - ok15:37:21.0011 6988 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll15:37:21.0011 6988 RpcSs - ok15:37:21.0042 6988 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys15:37:21.0042 6988 rspndr - ok15:37:21.0073 6988 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys15:37:21.0073 6988 s3cap - ok15:37:21.0104 6988 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:37:21.0104 6988 SamSs - ok15:37:21.0135 6988 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys15:37:21.0135 6988 sbp2port - ok15:37:21.0245 6988 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe15:37:21.0260 6988 SBSDWSCService - ok15:37:21.0291 6988 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll15:37:21.0307 6988 SCardSvr - ok15:37:21.0369 6988 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys15:37:21.0369 6988 scfilter - ok15:37:21.0432 6988 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll15:37:21.0447 6988 Schedule - ok15:37:21.0463 6988 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll15:37:21.0463 6988 SCPolicySvc - ok15:37:21.0494 6988 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll15:37:21.0494 6988 SDRSVC - ok15:37:21.0510 6988 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys15:37:21.0510 6988 secdrv - ok15:37:21.0541 6988 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll15:37:21.0541 6988 seclogon - ok15:37:21.0744 6988 SecureStorageService (8365191d0fe7df5972b889821adbe62b) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe15:37:21.0759 6988 SecureStorageService - ok15:37:21.0837 6988 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll15:37:21.0837 6988 SENS - ok15:37:21.0869 6988 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll15:37:21.0869 6988 SensrSvc - ok15:37:21.0900 6988 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys15:37:21.0900 6988 Serenum - ok15:37:21.0900 6988 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys15:37:21.0915 6988 Serial - ok15:37:21.0915 6988 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys15:37:21.0915 6988 sermouse - ok15:37:21.0947 6988 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll15:37:21.0947 6988 SessionEnv - ok15:37:21.0947 6988 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys15:37:21.0947 6988 sffdisk - ok15:37:21.0962 6988 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys15:37:21.0962 6988 sffp_mmc - ok15:37:21.0962 6988 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys15:37:21.0962 6988 sffp_sd - ok15:37:21.0962 6988 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys15:37:21.0962 6988 sfloppy - ok15:37:22.0009 6988 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll15:37:22.0025 6988 SharedAccess - ok15:37:22.0056 6988 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll15:37:22.0056 6988 ShellHWDetection - ok15:37:22.0056 6988 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys15:37:22.0056 6988 SiSRaid2 - ok15:37:22.0071 6988 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys15:37:22.0071 6988 SiSRaid4 - ok15:37:22.0103 6988 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys15:37:22.0103 6988 SIUSBXP - ok15:37:22.0134 6988 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys15:37:22.0134 6988 Smb - ok15:37:22.0165 6988 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe15:37:22.0165 6988 SNMPTRAP - ok15:37:22.0181 6988 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys15:37:22.0181 6988 spldr - ok15:37:22.0227 6988 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe15:37:22.0227 6988 Spooler - ok15:37:22.0415 6988 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe15:37:22.0430 6988 sppsvc - ok15:37:22.0524 6988 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll15:37:22.0524 6988 sppuinotify - ok15:37:22.0586 6988 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys15:37:22.0602 6988 srv - ok15:37:22.0633 6988 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys15:37:22.0633 6988 srv2 - ok15:37:22.0649 6988 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys15:37:22.0664 6988 srvnet - ok15:37:22.0680 6988 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll15:37:22.0695 6988 SSDPSRV - ok15:37:22.0711 6988 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys15:37:22.0711 6988 SSPORT - ok15:37:22.0742 6988 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll15:37:22.0758 6988 SstpSvc - ok15:37:22.0851 6988 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe15:37:22.0851 6988 STacSV - ok15:37:22.0883 6988 stdcfltn (e4ea2412fb1b8aee33667a9cc6d456a4) C:\Windows\system32\DRIVERS\stdcfltn.sys15:37:22.0883 6988 stdcfltn - ok15:37:22.0914 6988 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys15:37:22.0914 6988 stexstor - ok15:37:22.0945 6988 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys15:37:22.0945 6988 STHDA - ok15:37:22.0976 6988 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys15:37:22.0976 6988 StillCam - ok15:37:23.0023 6988 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll15:37:23.0039 6988 stisvc - ok15:37:23.0101 6988 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe15:37:23.0101 6988 stllssvr - ok15:37:23.0132 6988 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll15:37:23.0132 6988 StorSvc - ok15:37:23.0163 6988 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys15:37:23.0163 6988 storvsc - ok15:37:23.0195 6988 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys15:37:23.0195 6988 swenum - ok15:37:23.0257 6988 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll15:37:23.0273 6988 swprv - ok15:37:23.0288 6988 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys15:37:23.0288 6988 SynthVid - ok15:37:23.0382 6988 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll15:37:23.0397 6988 SysMain - ok15:37:23.0475 6988 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll15:37:23.0491 6988 TabletInputService - ok15:37:23.0507 6988 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll15:37:23.0522 6988 TapiSrv - ok15:37:23.0553 6988 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll15:37:23.0553 6988 TBS - ok15:37:23.0678 6988 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys15:37:23.0678 6988 Tcpip - ok15:37:23.0834 6988 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys15:37:23.0850 6988 TCPIP6 - ok15:37:23.0912 6988 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys15:37:23.0912 6988 tcpipreg - ok15:37:24.0068 6988 tcsd_win32.exe (3d52b206d9f6f3ecfdb5d676614e47b6) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe15:37:24.0068 6988 tcsd_win32.exe - ok15:37:24.0443 6988 TdmService (e2f626e4a23e12de31d8820ff143a456) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe15:37:24.0458 6988 TdmService - ok15:37:24.0536 6988 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys15:37:24.0536 6988 TDPIPE - ok15:37:24.0567 6988 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys15:37:24.0567 6988 TDTCP - ok15:37:24.0583 6988 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys15:37:24.0583 6988 tdx - ok15:37:24.0599 6988 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys15:37:24.0599 6988 TermDD - ok15:37:24.0645 6988 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll15:37:24.0661 6988 TermService - ok15:37:24.0661 6988 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll15:37:24.0661 6988 Themes - ok15:37:24.0692 6988 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll15:37:24.0692 6988 THREADORDER - ok15:37:24.0708 6988 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll15:37:24.0723 6988 TrkWks - ok15:37:24.0786 6988 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe15:37:24.0801 6988 TrustedInstaller - ok15:37:24.0848 6988 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys15:37:24.0848 6988 tssecsrv - ok15:37:24.0864 6988 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys15:37:24.0864 6988 TsUsbFlt - ok15:37:24.0879 6988 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys15:37:24.0879 6988 TsUsbGD - ok15:37:24.0895 6988 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys15:37:24.0895 6988 tunnel - ok15:37:24.0911 6988 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys15:37:24.0911 6988 uagp35 - ok15:37:24.0942 6988 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys15:37:24.0942 6988 udfs - ok15:37:24.0973 6988 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe15:37:24.0973 6988 UI0Detect - ok15:37:24.0989 6988 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys15:37:25.0004 6988 uliagpkx - ok15:37:25.0020 6988 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys15:37:25.0020 6988 umbus - ok15:37:25.0035 6988 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys15:37:25.0035 6988 UmPass - ok15:37:25.0082 6988 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll15:37:25.0082 6988 UmRdpService - ok15:37:25.0285 6988 UNS (f7a1f83f28b125aa3737bc06eabb0cd5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe15:37:25.0301 6988 UNS - ok15:37:25.0394 6988 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll15:37:25.0410 6988 upnphost - ok15:37:25.0457 6988 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys15:37:25.0457 6988 usbccgp - ok15:37:25.0488 6988 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys15:37:25.0503 6988 usbcir - ok15:37:25.0519 6988 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys15:37:25.0519 6988 usbehci - ok15:37:25.0566 6988 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys15:37:25.0581 6988 usbhub - ok15:37:25.0613 6988 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys15:37:25.0613 6988 usbohci - ok15:37:25.0644 6988 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys15:37:25.0644 6988 usbprint - ok15:37:25.0659 6988 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys15:37:25.0659 6988 usbscan - ok15:37:25.0691 6988 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS15:37:25.0691 6988 USBSTOR - ok15:37:25.0706 6988 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys15:37:25.0706 6988 usbuhci - ok15:37:25.0737 6988 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll15:37:25.0737 6988 UxSms - ok15:37:25.0753 6988 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe15:37:25.0753 6988 VaultSvc - ok15:37:25.0784 6988 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys15:37:25.0784 6988 vdrvroot - ok15:37:25.0815 6988 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe15:37:25.0815 6988 vds - ok15:37:25.0831 6988 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys15:37:25.0831 6988 vga - ok15:37:25.0847 6988 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys15:37:25.0847 6988 VgaSave - ok15:37:25.0862 6988 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys15:37:25.0862 6988 vhdmp - ok15:37:25.0893 6988 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys15:37:25.0893 6988 viaide - ok15:37:25.0909 6988 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys15:37:25.0909 6988 VMBusHID - ok15:37:25.0940 6988 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys15:37:25.0940 6988 volmgr - ok15:37:25.0971 6988 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys15:37:25.0971 6988 volmgrx - ok15:37:26.0003 6988 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys15:37:26.0003 6988 volsnap - ok15:37:26.0049 6988 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys15:37:26.0049 6988 vpcbus - ok15:37:26.0081 6988 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys15:37:26.0081 6988 vpcnfltr - ok15:37:26.0112 6988 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys15:37:26.0112 6988 vpcusb - ok15:37:26.0159 6988 vpcvmm (30d4243726a15a14f5c5e45898d14394) C:\Windows\system32\drivers\vpcvmm.sys15:37:26.0159 6988 vpcvmm - ok15:37:26.0190 6988 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys15:37:26.0190 6988 vsmraid - ok15:37:26.0283 6988 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe15:37:26.0283 6988 VSS - ok15:37:26.0393 6988 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys15:37:26.0408 6988 vwifibus - ok15:37:26.0408 6988 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys15:37:26.0408 6988 vwififlt - ok15:37:26.0439 6988 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys15:37:26.0439 6988 vwifimp - ok15:37:26.0471 6988 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll15:37:26.0486 6988 W32Time - ok15:37:26.0502 6988 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys15:37:26.0502 6988 WacomPen - ok15:37:26.0517 6988 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys15:37:26.0533 6988 WANARP - ok15:37:26.0533 6988 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys15:37:26.0533 6988 Wanarpv6 - ok15:37:26.0611 6988 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe15:37:26.0642 6988 WatAdminSvc - ok15:37:26.0798 6988 Wave Authentication Manager Service (e45bce01f15eeb240fe9db83b9d86be3) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe15:37:26.0829 6988 Wave Authentication Manager Service - ok15:37:26.0970 6988 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe15:37:27.0001 6988 wbengine - ok15:37:27.0048 6988 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll15:37:27.0063 6988 WbioSrvc - ok15:37:27.0095 6988 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll15:37:27.0095 6988 wcncsvc - ok15:37:27.0126 6988 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll15:37:27.0126 6988 WcsPlugInService - ok15:37:27.0188 6988 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys15:37:27.0188 6988 Wd - ok15:37:27.0235 6988 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys15:37:27.0251 6988 Wdf01000 - ok15:37:27.0282 6988 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll15:37:27.0282 6988 WdiServiceHost - ok15:37:27.0282 6988 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll15:37:27.0282 6988 WdiSystemHost - ok15:37:27.0297 6988 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll15:37:27.0313 6988 WebClient - ok15:37:27.0344 6988 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll15:37:27.0344 6988 Wecsvc - ok15:37:27.0360 6988 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll15:37:27.0360 6988 wercplsupport - ok15:37:27.0375 6988 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll15:37:27.0375 6988 WerSvc - ok15:37:27.0422 6988 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys15:37:27.0422 6988 WfpLwf - ok15:37:27.0453 6988 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys15:37:27.0453 6988 WIMMount - ok15:37:27.0485 6988 WinDefend - ok15:37:27.0500 6988 WinHttpAutoProxySvc - ok15:37:27.0578 6988 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll15:37:27.0578 6988 Winmgmt - ok15:37:27.0703 6988 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll15:37:27.0734 6988 WinRM - ok15:37:27.0875 6988 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll15:37:27.0890 6988 Wlansvc - ok15:37:27.0953 6988 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe15:37:27.0953 6988 wlcrasvc - ok15:37:28.0077 6988 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE15:37:28.0093 6988 wlidsvc - ok15:37:28.0140 6988 wltrysvc (55dbb16fdc57808615323389241fdc99) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE15:37:28.0155 6988 wltrysvc - ok15:37:28.0249 6988 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys15:37:28.0249 6988 WmiAcpi - ok15:37:28.0327 6988 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe15:37:28.0327 6988 wmiApSrv - ok15:37:28.0358 6988 WMPNetworkSvc - ok15:37:28.0389 6988 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll15:37:28.0389 6988 WPCSvc - ok15:37:28.0405 6988 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll15:37:28.0405 6988 WPDBusEnum - ok15:37:28.0421 6988 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys15:37:28.0421 6988 ws2ifsl - ok15:37:28.0436 6988 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll15:37:28.0436 6988 wscsvc - ok15:37:28.0467 6988 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys15:37:28.0467 6988 WSDPrintDevice - ok15:37:28.0467 6988 WSearch - ok15:37:28.0608 6988 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll15:37:28.0623 6988 wuauserv - ok15:37:28.0733 6988 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys15:37:28.0748 6988 WudfPf - ok15:37:28.0764 6988 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys15:37:28.0764 6988 WUDFRd - ok15:37:28.0795 6988 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll15:37:28.0795 6988 wudfsvc - ok15:37:28.0826 6988 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll15:37:28.0842 6988 WwanSvc - ok15:37:28.0873 6988 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR015:37:28.0904 6988 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected15:37:28.0904 6988 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)15:37:28.0904 6988 MBR (0x1B8) (fcb1fc5713d6b7dbf460028a65fdc118) \Device\Harddisk2\DR415:37:35.0799 6988 \Device\Harddisk2\DR4 - ok15:37:35.0831 6988 Boot (0x1200) (ded67a679aaf8f9efe7f94c1ca28ab62) \Device\Harddisk0\DR0\Partition015:37:35.0846 6988 \Device\Harddisk0\DR0\Partition0 - ok15:37:35.0862 6988 Boot (0x1200) (959ff6459805ff1b6911e5a1f73751b3) \Device\Harddisk0\DR0\Partition115:37:35.0862 6988 \Device\Harddisk0\DR0\Partition1 - ok15:37:35.0862 6988 ============================================================15:37:35.0862 6988 Scan finished15:37:35.0862 6988 ============================================================15:37:35.0877 4052 Detected object count: 115:37:35.0877 4052 Actual detected object count: 115:38:20.0759 4052 \Device\Harddisk0\DR0\# - copied to quarantine15:38:20.0759 4052 \Device\Harddisk0\DR0 - copied to quarantine15:38:20.0821 4052 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine15:38:20.0821 4052 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine15:38:20.0837 4052 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine15:38:20.0852 4052 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine15:38:20.0883 4052 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine15:38:20.0883 4052 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine15:38:20.0899 4052 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine15:38:20.0915 4052 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine15:38:20.0930 4052 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine15:38:20.0930 4052 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine15:38:20.0961 4052 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine15:38:21.0008 4052 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine15:38:21.0024 4052 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine15:38:21.0039 4052 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine15:38:21.0258 4052 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine15:38:21.0351 4052 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot15:38:21.0429 4052 \Device\Harddisk0\DR0 - ok15:38:21.0663 4052 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure15:38:27.0623 3668 Deinitialize success Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566625 Share Posted July 3, 2012 Following just appeared Malwareabytes Anti-Malware (error message)Open event: failed to perform desired action. Error code 2 Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566631 Share Posted July 3, 2012 aswMBR version 0.9.9.1665 Copyright© 2011 AVAST SoftwareRun date: 2012-07-03 15:51:57-----------------------------15:51:57.516 OS Version: Windows x64 6.1.7601 Service Pack 115:51:57.516 Number of processors: 4 586 0x2A0715:51:57.516 ComputerName: PATS-LATITUDE UserName: Pat15:51:58.576 Initialize success15:53:01.818 AVAST engine defs: 1207030115:53:48.384 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-115:53:48.400 Disk 0 Vendor: TOSHIBA_ MH00 Size: 305245MB BusType: 315:53:48.415 Disk 0 MBR read successfully15:53:48.415 Disk 0 MBR scan15:53:48.431 Disk 0 Windows VISTA default MBR code15:53:48.431 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 6315:53:48.431 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 16540 MB offset 8192015:53:48.462 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 288655 MB offset 3395584015:53:48.493 Disk 0 scanning C:\Windows\system32\drivers15:53:57.916 Service scanning15:54:27.384 Modules scanning15:54:27.384 Disk 0 trace - called modules:15:54:27.447 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStor.sys hal.dll15:54:27.961 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800630b060]15:54:27.961 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80061aa930]15:54:27.977 5 stdcfltn.sys[fffff88001b85d12] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80050b4050]15:54:29.880 AVAST engine scan C:\Windows15:54:33.156 AVAST engine scan C:\Windows\system3215:57:32.260 AVAST engine scan C:\Windows\system32\drivers15:57:45.458 AVAST engine scan C:\Users\Pat16:00:13.970 Disk 0 MBR has been saved successfully to "C:\Users\Pat\Desktop\MBR.dat"16:00:13.970 The log file has been saved successfully to "C:\Users\Pat\Desktop\aswMBR.txt" Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 3, 2012 Staff ID:566637 Share Posted July 3, 2012 GreetingsAt this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.:Run CFScript:Open Notepad and copy/paste the text in the box into the window: ClearJavaCache:: Save it to your desktop as CFScript.txtRefering to the picture above, drag CFScript.txt into ComboFix.exeThis will let ComboFix run again.Restart if you have to.Save the produced logfile to your desktop.Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stallNote 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingreport from Combofixlet me know of any problems you may have hadHow is the computer doing now after running the script?Gringo Link to post Share on other sites More sharing options...
BANCROFT162 Posted July 3, 2012 Author ID:566680 Share Posted July 3, 2012 ComboFix 12-07-02.01 - Pat 07/03/2012 16:44:21.3.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3993.2100 [GMT -5:00]Running from: f:\repair files\ComboFix.exeCommand switches used :: c:\users\Pat\Desktop\CFScript.txtAV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\Pat\AppData\Local\assembly\tmp..((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 )))))))))))))))))))))))))))))))..2012-07-03 21:48 . 2012-07-03 21:48 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp2012-07-03 21:48 . 2012-07-03 21:48 -------- d-----w- c:\users\Default\AppData\Local\temp2012-07-03 20:36 . 2012-07-03 20:36 -------- d-----w- C:\TDSSKiller_Quarantine2012-07-02 15:05 . 2012-07-02 21:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy2012-07-02 15:05 . 2012-07-02 20:08 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\users\Pat\AppData\Roaming\Malwarebytes2012-06-30 19:08 . 2012-07-01 14:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-06-30 19:08 . 2012-06-30 19:08 -------- d-----w- c:\programdata\Malwarebytes2012-06-29 00:33 . 2012-06-29 00:33 -------- d-----w- c:\program files (x86)\Dell Digital Delivery2012-06-22 23:25 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-06-22 23:25 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-06-22 23:25 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll2012-06-22 23:25 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-06-22 23:25 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll2012-06-22 23:25 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll2012-06-22 23:25 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll2012-06-22 23:25 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-06-22 23:25 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe2012-06-13 03:30 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll2012-06-13 03:30 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll2012-06-13 03:30 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe2012-06-13 03:30 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll2012-06-13 03:30 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe2012-06-13 03:30 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2012-06-13 03:30 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2012-06-13 03:29 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys2012-06-13 03:29 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-06-13 03:29 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll2012-06-13 03:29 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll2012-06-13 03:29 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll2012-06-13 03:29 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll2012-06-13 03:29 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll2012-06-13 03:29 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll2012-06-13 03:29 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll2012-06-13 03:29 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-06-14 17:20 . 2012-04-11 11:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-06-14 17:20 . 2011-11-03 12:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-05-21 15:16 . 2011-12-21 00:35 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll2012-05-21 15:16 . 2011-12-21 00:35 34688 ----a-w- c:\windows\system32\LMIport.dll2012-05-21 15:16 . 2011-12-21 00:35 80768 ----a-w- c:\windows\system32\LMIinit.dll2012-05-04 19:42 . 2012-04-14 15:42 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys..((((((((((((((((((((((((((((( SnapShot@2012-07-03_13.41.32 ))))))))))))))))))))))))))))))))))))))))).+ 2009-07-14 04:54 . 2012-07-03 20:42 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2009-07-14 04:54 . 2012-07-03 11:43 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2009-07-14 04:54 . 2012-07-03 11:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat+ 2009-07-14 04:54 . 2012-07-03 20:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2009-07-14 04:54 . 2012-07-03 11:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2009-07-14 04:54 . 2012-07-03 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2010-11-21 03:09 . 2012-07-03 20:42 61230 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin+ 2009-07-14 05:10 . 2012-07-03 20:42 41210 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin- 2011-12-20 19:28 . 2012-07-03 11:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2011-12-20 19:28 . 2012-07-03 20:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2011-12-20 19:28 . 2012-07-03 20:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2011-12-20 19:28 . 2012-07-03 11:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2009-07-14 04:54 . 2012-07-03 11:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2009-07-14 04:54 . 2012-07-03 20:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2011-12-20 19:33 . 2012-07-03 20:42 9072 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3340855346-1305387913-2722154820-1001_UserData.bin+ 2012-07-03 20:40 . 2012-07-03 20:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat- 2012-07-03 11:40 . 2012-07-03 11:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat- 2012-07-03 11:40 . 2012-07-03 11:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat+ 2012-07-03 20:40 . 2012-07-03 20:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat- 2009-07-14 02:36 . 2012-07-03 11:44 675968 c:\windows\system32\perfh009.dat+ 2009-07-14 02:36 . 2012-07-03 20:45 675968 c:\windows\system32\perfh009.dat+ 2009-07-14 02:36 . 2012-07-03 20:45 126282 c:\windows\system32\perfc009.dat- 2009-07-14 02:36 . 2012-07-03 11:44 126282 c:\windows\system32\perfc009.dat- 2009-07-14 05:01 . 2012-07-03 01:08 372120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat+ 2009-07-14 05:01 . 2012-07-03 20:39 372120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat+ 2011-12-20 19:30 . 2012-07-03 20:39 21732304 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3340855346-1305387913-2722154820-1001-8192.dat.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208].[HKEY_CLASSES_ROOT\clsid\{9234f5e0-56cc-4f0b-aae4-0d4bd5032180}].[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9234F5E0-56CC-4F0B-AAE4-0D4BD5032180}]2012-02-01 07:41 1134208 ----a-w- c:\progra~2\CRAWLE~1\Crawler.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{C4D78C72-08DB-4A3F-9175-B265157283F3}"= "c:\progra~2\CRAWLE~1\Crawler.dll" [2012-02-01 1134208].[HKEY_CLASSES_ROOT\clsid\{c4d78c72-08db-4a3f-9175-b265157283f3}][HKEY_CLASSES_ROOT\Crawler.Toolbar].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-08-10 1865808]"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472]"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2011-04-15 536576]"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-06-15 1532760]"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264]"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"MyFunCards_5m Browser Plugin Loader"="c:\progra~2\MYFUNC~2\bar\1.bin\5mbrmon.exe" [2012-05-06 30096]"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264].c:\users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928]Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2011-11-3 50688]HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-22 984936].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"DisableCAD"= 1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-06-13 5161080]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]R2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe [2003-04-19 8192]R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224]R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 136176]R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-03 33736]R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2011-12-01 26856]R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1255736]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe [2010-05-10 2683712]S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 158720]S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056]S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 2279320]S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-08-10 32336]S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-21 375176]S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]S2 MyFunCards_5mService;MyFunCardsService;c:\progra~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [2012-05-06 42528]S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-04 11576]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-03 2656280]S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 1600000]S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-11-03 349736]S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-11-03 39464]S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-29 52584]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984]S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560]S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - ASWMBR*Deregistered* - aswMBR.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 17:20].2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06].2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-02 07:06]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]2011-05-27 22:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 611192]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 167704]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 392472]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 416024]"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-15 6492672]"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704]"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 7077272]"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 257392]"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403mLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyServer = 172.17.1.1:8080IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - c:\progra~2\CRAWLE~1\Crawler.dll.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2012-07-03 16:50:53ComboFix-quarantined-files.txt 2012-07-03 21:50ComboFix2.txt 2012-07-03 14:03.Pre-Run: 245,863,346,176 bytes freePost-Run: 245,813,989,376 bytes free.- - End Of File - - 3D2D3FE8640E06821351BA7128773EA6 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted July 4, 2012 Staff ID:566745 Share Posted July 4, 2012 greetingsI would like a status update on how the computer is doing at this timegringo Link to post Share on other sites More sharing options...
Recommended Posts