duerrl Posted August 29, 2012 ID:591069 Share Posted August 29, 2012 Hi there -- I was in the PC help forum and they helped me with a bit of my problem, but suggested I open a topic here as there could be malware involved. I recently installed MS update KB2922913 and then I couldn't connect to IE. I tried to diagnose the problem, but it didn't come up with anything. If I uninstall the update, I can get IE with no problem.I have been uninstalling this update every day because my windows update settings keep defaulting back to automatically download, even though I have changed it several times to let me decide. I was finally able to "hide" the update until I can figure out what's really wrong.I ran a quick scan, the results are below.Malwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.08.28.07Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421lynne :: LYNNE-PC [administrator]8/28/2012 8:03:46 PMmbam-log-2012-08-28 (20-03-46).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 217400Time elapsed: 4 minute(s), 25 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
duerrl Posted August 30, 2012 Author ID:591810 Share Posted August 30, 2012 Have I stumped everyone? That's not good news for me. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 30, 2012 Staff ID:591831 Share Posted August 30, 2012 Hi and welcome to Malwarebytes. Please update MBAM, run a Quick Scan, and post its log. Next, download DDS by sUBs and save it to your Desktop. Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply. Link to post Share on other sites More sharing options...
duerrl Posted August 31, 2012 Author ID:592100 Share Posted August 31, 2012 Malwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.08.28.07Here are the results of the scans -- I gave the wrong update # -- it's 2722913. Thanks for your help.Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421lynne :: LYNNE-PC [administrator]8/31/2012 11:12:42 AMmbam-log-2012-08-31 (11-12-42).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 217251Time elapsed: 5 minute(s), 45 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end).DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1Run by lynne at 11:20:10 on 2012-08-31Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3036.1852 [GMT -4:00].AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\IObit\Advanced SystemCare 5\ASCService.exeC:\Program Files\Fingerprint Sensor\AtService.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV.exeC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\atieclxx.exeC:\Program Files\IDT\WDM\aestsrv.exeC:\Program Files\Microsoft\BingBar\BBSvc.EXEC:\Program Files\Microsoft\BingBar\SeaPort.EXEC:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exeC:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exeC:\Windows\system32\lxdicoms.exeC:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\TomTom HOME 2\TomTomHOMEService.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchIndexer.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\DriverUpdate\DriverUpdate.exeC:\Windows\system32\taskeng.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Program Files\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files\Lexmark 3500-4500 Series\lxdimon.exeC:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files\Microsoft IntelliType Pro\itype.exeC:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Microsoft IntelliType Pro\dpupdchk.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exeC:\Windows\system32\wuauclt.exeC:\Windows\notepad.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://swagbucks.com/BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dllBHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLLBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.12\AVG Secure Search_toolbar.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dllTB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.12\AVG Secure Search_toolbar.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileuRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [ehTray.exe] c:\windows\ehome\ehTray.exeuRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStartmRun: [Apoint] c:\program files\delltpad\Apoint.exemRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /mmRun: [lxdimon.exe] "c:\program files\lexmark 3500-4500 series\lxdimon.exe"mRun: [lxdiamon] "c:\program files\lexmark 3500-4500 series\lxdiamon.exe"mRun: [FaxCenterServer] "c:\program files\\lexmark fax solutions\fm3032.exe" /smRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exemRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exemRun: [HF_G_Jul] "c:\program files\avg secure search\HF_G_Jul.exe" /DoActionmRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"StartupFolder: c:\users\lynne\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exemPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.htmlIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00104-0000-0004-ABCDEFFEDCBC}IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLTrusted Zone: intuit.com\ttlcDPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cabDPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} - hxxp://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cabDPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cabDPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabDPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://meet-dbm.webex.com/client/T27L10NSP11EP5/webex/ieatgpc1.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.1.1 71.242.0.12TCP: Interfaces\{2ECC6046-01FD-413B-B74A-B9786EF7DA22} : DhcpNameServer = 192.168.1.1 71.242.0.12Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.2.0\ViProtocol.dllNotify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll.============= SERVICES / DRIVERS ===============.R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-17 340088]R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-17 905336]R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-17 132744]R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120731.001\IDSvix86.sys [2012-7-31 382624]R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-17 149624]R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys [2012-5-17 345208]R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-5-17 913792]R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2009-3-17 81920]R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-5-29 176128]R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-10-16 1668344]R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2010-6-29 127488]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-5-29 13336]R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-10-28 290832]R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-17 138232]R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-7-26 92632]R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\11.2.0\ToolbarUpdater.exe [2012-7-9 935008]R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-5-29 5586432]R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-5-29 209920]R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [1999-12-31 45288]R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2009-3-17 54784]R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-12-1 349224]R3 NETwNv32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwNv32.sys [2011-11-17 7346176]R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2012-5-29 133632]R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2012-5-29 280096]S1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120711.002\BHDrvx86.sys [2012-7-12 821920]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\docklogin.exe --> c:\program files\dell\delldock\DockLogin.exe [?]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]S2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdiserv.exe [2007-4-26 99248]S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2012-5-29 97296]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-8 106656]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]S3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2009-3-17 3663360]S3 PCDSRVC{E9D79540-57D5953E-06020200}_0;PCDSRVC{E9D79540-57D5953E-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2012-8-17 22640]S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-5-29 12984]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2012-08-25 12:43:20 -------- d-----w- c:\program files\Coupons2012-08-24 00:54:48 -------- d-----w- c:\programdata\PC-Doctor for Windows2012-08-19 02:46:24 2047488 ----a-w- c:\windows\system32\win32k.sys2012-08-19 02:43:42 623616 ----a-w- c:\windows\system32\localspl.dll2012-08-18 02:00:05 1852936 ----a-w- c:\programdata\SPL81CE.tmp2012-08-17 02:35:41 1224432 ----a-w- c:\programdata\SPL8DAE.tmp2012-08-17 00:26:38 1224432 ----a-w- c:\programdata\SPL5494.tmp2012-08-14 23:38:17 1224432 ----a-w- c:\programdata\SPLEBF3.tmp2012-08-13 23:32:07 1224432 ----a-w- c:\programdata\SPL2367.tmp2012-08-11 14:17:13 1224432 ----a-w- c:\programdata\SPL4F9D.tmp.==================== Find3M ====================.2012-08-31 15:07:45 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys2012-08-21 02:00:42 319456 ----a-w- c:\windows\DIFxAPI.dll2012-06-20 16:54:52 71104 ----a-w- c:\windows\CouponPrinter.ocx2012-06-07 00:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-06-05 16:47:28 1401856 ----a-w- c:\windows\system32\msxml6.dll2012-06-05 16:47:27 1248768 ----a-w- c:\windows\system32\msxml3.dll2012-06-04 15:26:04 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll2012-06-02 19:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 19:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe.============= FINISH: 11:21:08.71 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3Install Date: 3/17/2009 5:39:43 AMSystem Uptime: 8/31/2012 11:06:02 AM (0 hours ago).Motherboard: Dell Inc. | | 0P132HProcessor: Intel® Core2 Duo CPU T6400 @ 2.00GHz | U2E1 | 2000/533mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 283 GiB total, 197.848 GiB free.D: is FIXED (NTFS) - 15 GiB total, 8.425 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)ABBYY FineReader 6.0 SprintAcrobat.comAdobe Reader 9.5.2Advanced Audio FX EngineAdvanced SystemCare 5ATI AVIVO CodecsATI Catalyst Control CenterATI Catalyst Install ManagerAuthenTec Fingerprint SoftwareAVG Security ToolbarBanctec Service AgreementBing BarBroadcom NetXtreme-I Netlink Driver and Management InstallerCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization AllCatalyst Control Center Localization Chinese StandardCatalyst Control Center Localization Chinese TraditionalCatalyst Control Center Localization DanishCatalyst Control Center Localization DutchCatalyst Control Center Localization FinnishCatalyst Control Center Localization FrenchCatalyst Control Center Localization GermanCatalyst Control Center Localization ItalianCatalyst Control Center Localization JapaneseCatalyst Control Center Localization KoreanCatalyst Control Center Localization NorwegianCatalyst Control Center Localization PortugueseCatalyst Control Center Localization RussianCatalyst Control Center Localization SpanishCatalyst Control Center Localization Swedishccc-core-staticccc-utilityCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishChoice GuardCompatibility Pack for the 2007 Office systemCoupon Printer for WindowsDell-eBayDell DataSafe OnlineDell Driver Download ManagerDell Getting Started GuideDell Support CenterDell TouchpadDell Video Chat (remove only)Dell Webcam CentralDELL0604Docs Opener 0.1DriverUpdateEDocsGoogle Update HelperGoToAssist 8.0.0.514Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)IDT AudioIHA_MessageCenterIntegrated Webcam Driver (1.06.03.0309) Intel® Rapid Storage TechnologyITECIR DriverJava Auto UpdaterJava 7 Update 4JavaFX 2.1.0Junk Mail filter updateKeynote ConnectorLexmark 3500-4500 SeriesLexmark Fax SolutionsLive! Cam Avatar CreatorMalwarebytes Anti-Malware version 1.61.0.1400MediaDirectMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft IntelliPoint 8.2Microsoft IntelliType Pro 8.2Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMSVCRTNorton Internet SecurityNTREGOPT 1.1jOGA Notifier 2.0.0048.0QuickSetRealtek HDMI Audio Driver for ATIRICOH Media Driver ver.2.07.01.00Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition SkinsSpelling Dictionaries Support For Adobe Reader 9System Requirements Lab for IntelTomTom HOMETomTom HOME Visual Studio Merge ModulesTrusted Software AssistantTurboTax 2011TurboTax 2011 WinPerFedFormsetTurboTax 2011 WinPerReleaseEngineTurboTax 2011 WinPerTaxSupportTurboTax 2011 wpaiperTurboTax 2011 wrapperUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Vz In Home AgentWebExWildTangent GamesWindows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37)Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live MessengerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live Upload ToolWindows Live WriterYahoo! Software UpdateYahoo! Toolbar.==== Event Viewer Messages From Past Week ========.8/31/2012 11:07:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx868/31/2012 11:07:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.8/31/2012 11:07:27 AM, Error: Service Control Manager [7000] - The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.8/31/2012 11:07:27 AM, Error: Service Control Manager [7000] - The Dock Login Service service failed to start due to the following error: The system cannot find the file specified.8/30/2012 6:55:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2722913).8/30/2012 6:47:15 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process.8/29/2012 8:52:38 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user lynne-PC\lynne SID (S-1-5-21-2090007256-4178511077-60238046-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.8/29/2012 3:19:03 AM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.8/28/2012 7:31:59 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.8/25/2012 2:54:35 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document http://www.cookingchanneltv.com/cook/cda/recipe_print/0,1946,COOK_41503_509085_RECIPE-PRINT-FULL-PAGE-FORMATTER,00.html, owned by lynne, failed to print on printer Lexmark 3500-4500 Series (Copy 1). Try to print the document again, or restart the print spooler. Data type: LEMF. Size of the spool file in bytes: 749585. Number of bytes printed: 0. Total number of pages in the document: 2. Number of pages printed: 1. Client computer: \\LYNNE-PC. Win32 error code returned by the print processor: 0. The operation completed successfully.8/24/2012 11:08:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.8/24/2012 11:08:13 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.8/24/2012 11:00:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}.==== End Of File =========================== Link to post Share on other sites More sharing options...
Staff screen317 Posted September 3, 2012 Staff ID:593212 Share Posted September 3, 2012 Hi,Please visit this webpage for instructions for running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixWhen the tool is finished, it will produce a report for you.Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.If after ComboFix reboots you get a message about an "Invalid Option Registry Key Marked for Deletion," please reboot again and the error will go away.-screen317 Link to post Share on other sites More sharing options...
duerrl Posted September 5, 2012 Author ID:593618 Share Posted September 5, 2012 I can't run ComboFix because I can't turn off Norton; it's hidden somewhere -- i've looked in the c drive, but can't find anywhere to launch Norton to disable the firewall, etc. Any suggestions? Link to post Share on other sites More sharing options...
Staff screen317 Posted September 6, 2012 Staff ID:594133 Share Posted September 6, 2012 Hi,Run Norton's removal tool from here. Link to post Share on other sites More sharing options...
duerrl Posted September 6, 2012 Author ID:594253 Share Posted September 6, 2012 Here are the logs:ComboFix 12-09-06.02 - lynne 09/06/2012 19:23:58.3.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3036.1943 [GMT -4:00]Running from: c:\users\lynne\Desktop\ComboFix.exeSP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\SPL2367.tmpc:\programdata\SPL2584.tmpc:\programdata\SPL33FB.tmpc:\programdata\SPL4F9D.tmpc:\programdata\SPL5494.tmpc:\programdata\SPL6882.tmpc:\programdata\SPL6B69.tmpc:\programdata\SPL81CE.tmpc:\programdata\SPL8DAE.tmpc:\programdata\SPLEBF3.tmpc:\users\lynne\AppData\Local\temp\{1A037C5B-DC4D-4319-95EF-A60B07334EA0}\fpb.tmpc:\users\lynne\AppData\Roaming\result.db..((((((((((((((((((((((((( Files Created from 2012-08-06 to 2012-09-06 )))))))))))))))))))))))))))))))..2012-09-06 23:29 . 2012-09-06 23:31 -------- d-----w- c:\users\lynne\AppData\Local\temp2012-09-06 23:29 . 2012-09-06 23:29 -------- d-----w- c:\users\TEMP\AppData\Local\temp2012-09-06 23:29 . 2012-09-06 23:29 -------- d-----w- c:\users\Public\AppData\Local\temp2012-09-06 23:29 . 2012-09-06 23:29 -------- d-----w- c:\users\Default\AppData\Local\temp2012-09-06 23:01 . 2012-09-06 23:01 -------- d-----w- c:\program files\Reimage2012-09-06 23:01 . 2012-09-06 23:02 -------- d-----w- c:\programdata\Reimage Express2012-09-06 23:00 . 2012-09-06 23:00 -------- d-----w- c:\programdata\Babylon2012-09-06 23:00 . 2012-09-06 23:00 -------- d-----w- c:\users\lynne\AppData\Roaming\Babylon2012-09-05 00:53 . 2012-09-05 00:53 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys2012-09-02 03:36 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys2012-09-02 03:35 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll2012-08-25 02:59 . 2012-08-25 03:08 -------- d-----w- c:\program files\Common Files\Adobe(13)2012-08-21 02:00 . 2012-08-21 02:02 -------- d--h--w- c:\program files\Temp...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-09-06 23:30 . 2012-05-29 22:46 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys2012-07-26 23:48 . 2012-04-03 18:38 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-07-26 23:48 . 2011-05-22 00:55 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-06-20 16:54 . 2012-01-30 04:25 71104 ----a-w- c:\windows\CouponPrinter.ocx..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]2012-09-05 00:53 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-05 1734240].[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-17 196608]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]"lxdimon.exe"="c:\program files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 435120]"lxdiamon"="c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20480]"FaxCenterServer"="c:\program files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 312240]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-09-05 947808]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2000-01-01 495708]"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2000-01-01 1821576]"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2000-01-01 1313640]"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]"HF_G_Jul"="c:\program files\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]"ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-05 1022048].c:\users\lynne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [N/A].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorUser"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]2009-03-17 15:12 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [x]..[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache.Contents of the 'Scheduled Tasks' folder.2012-09-06 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 23:49].2012-09-06 c:\windows\Tasks\DriverUpdate Startup.job- c:\program files\DriverUpdate\DriverUpdate.exe [2012-05-16 18:06].2012-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 08:20].2012-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 08:20].2012-09-06 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 05:40].2012-09-06 c:\windows\Tasks\SystemToolsDailyTest.job- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 05:40]..------- Supplementary Scan -------.uStart Page = hxxp://swagbucks.com/IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.htmlTrusted Zone: intuit.com\ttlcTCP: DhcpNameServer = 192.168.1.1 71.242.0.12Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dllDPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab..**************************************************************************scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files:.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]@Denied: (2) (LocalSystem)"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=hex:51,66,7a,6c,4c,1d,38,12,81,47,e9, 25,5f,79,3d,08,e4,19,c9,c9,d6,7c,d4,7c"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a, eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54, 06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a, ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd"{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}"=hex:51,66,7a,6c,4c,1d,38,12,ae,8e,49, e5,24,cb,cf,07,fe,fc,9f,d4,e9,44,8b,04"{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}"=hex:51,66,7a,6c,4c,1d,38,12,e0,a3,9c, e7,58,bb,07,04,d4,e3,1f,31,e6,9f,17,b5"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be, f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13, 36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]@Denied: (2) (LocalSystem)"Timestamp"=hex:c6,43,6c,db,f3,ab,cc,01.------------------------ Other Running Processes ------------------------.c:\program files\Fingerprint Sensor\AtService.exec:\windows\system32\atiesrxx.exec:\program files\IDT\WDM\STacSV.exec:\program files\Microsoft\BingBar\BBSvc.EXEc:\program files\Microsoft\BingBar\SeaPort.EXEc:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exec:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exec:\windows\system32\atieclxx.exec:\windows\system32\lxdicoms.exec:\windows\system32\msiexec.exec:\program files\TomTom HOME 2\TomTomHOMEService.exec:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exec:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exec:\windows\system32\wbem\unsecapp.exec:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exec:\program files\Microsoft IntelliType Pro\dpupdchk.exec:\program files\DellTPad\ApMsgFwd.exec:\windows\ehome\ehmsas.exec:\program files\DellTPad\Apntex.exec:\program files\DellTPad\HidFind.exec:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exec:\program files\Windows Media Player\wmpnscfg.exec:\program files\Windows Media Player\wmpnetwk.exec:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exec:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exec:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe.**************************************************************************.Completion time: 2012-09-06 19:36:59 - machine was rebootedComboFix-quarantined-files.txt 2012-09-06 23:36.Pre-Run: 256,309,354,496 bytes freePost-Run: 256,059,432,960 bytes free.- - End Of File - - AA9D899CA8BF0CB6DD3CAC0E80D6F277.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1Run by lynne at 19:47:41 on 2012-09-06Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3036.1819 [GMT -4:00].SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\Fingerprint Sensor\AtService.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV.exeC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\aestsrv.exeC:\Program Files\Microsoft\BingBar\SeaPort.EXEC:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exeC:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\lxdicoms.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\TomTom HOME 2\TomTomHOMEService.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchIndexer.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Program Files\DriverUpdate\DriverUpdate.exeC:\Windows\system32\taskeng.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Program Files\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Lexmark 3500-4500 Series\lxdimon.exeC:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files\Microsoft IntelliType Pro\itype.exeC:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\TomTom HOME 2\TomTomHOMERunner.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Microsoft IntelliType Pro\dpupdchk.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exeC:\Windows\Explorer.exeC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Windows\servicing\TrustedInstaller.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://swagbucks.com/BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileTB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileuRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"uRun: [ehTray.exe] c:\windows\ehome\ehTray.exemRun: [Apoint] c:\program files\delltpad\Apoint.exemRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /mmRun: [lxdimon.exe] "c:\program files\lexmark 3500-4500 series\lxdimon.exe"mRun: [lxdiamon] "c:\program files\lexmark 3500-4500 series\lxdiamon.exe"mRun: [FaxCenterServer] "c:\program files\\lexmark fax solutions\fm3032.exe" /smRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exemRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exemRun: [HF_G_Jul] "c:\program files\avg secure search\HF_G_Jul.exe" /DoActionmRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1StartupFolder: c:\users\lynne\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exemPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.htmlIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLTrusted Zone: intuit.com\ttlcDPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cabDPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} - hxxp://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cabDPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cabDPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabDPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://meet-dbm.webex.com/client/T27L10NSP11EP5/webex/ieatgpc1.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.1.1 71.242.0.12TCP: Interfaces\{2ECC6046-01FD-413B-B74A-B9786EF7DA22} : DhcpNameServer = 192.168.1.1 71.242.0.12Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dllNotify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll.============= SERVICES / DRIVERS ===============.R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 27496]R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2009-3-17 81920]R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-5-29 176128]R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-10-16 1668344]R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2010-6-29 127488]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-5-29 13336]R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-10-28 290832]R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-23 92592]R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\common files\avg secure search\vtoolbarupdater\12.2.6\ToolbarUpdater.exe [2012-9-4 722528]R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-5-29 5586432]R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-5-29 209920]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2012-5-29 97296]R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [1999-12-31 45288]R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2009-3-17 54784]R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-12-1 349224]R3 NETwNv32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwNv32.sys [2011-11-17 7346176]R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2012-5-29 133632]R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2012-5-29 280096]S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\docklogin.exe --> c:\program files\dell\delldock\DockLogin.exe [?]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]S2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdiserv.exe [2007-4-26 99248]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-3 250056]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]S3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2009-3-17 3663360]S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-5-29 12984]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2012-09-06 23:37:01 -------- d-----w- c:\users\lynne\appdata\local\temp2012-09-06 23:30:56 -------- d-----w- C:\$RECYCLE.BIN2012-09-06 23:22:05 98816 ----a-w- c:\windows\sed.exe2012-09-06 23:22:05 518144 ----a-w- c:\windows\SWREG.exe2012-09-06 23:22:05 256000 ----a-w- c:\windows\PEV.exe2012-09-06 23:22:05 208896 ----a-w- c:\windows\MBR.exe2012-09-06 23:22:02 -------- d-----w- C:\ComboFix2012-09-06 23:01:19 -------- d-----w- c:\program files\Reimage2012-09-06 23:01:18 -------- d-----w- c:\programdata\Reimage Express2012-09-06 23:00:56 -------- d-----w- c:\programdata\Babylon2012-09-06 23:00:55 -------- d-----w- c:\users\lynne\appdata\roaming\Babylon2012-09-05 00:53:38 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys2012-09-02 03:36:21 2047488 ----a-w- c:\windows\system32\win32k.sys2012-09-02 03:35:38 623616 ----a-w- c:\windows\system32\localspl.dll2012-08-25 02:59:14 -------- d-----w- c:\program files\common files\Adobe(13)2012-08-21 02:00:32 -------- d--h--w- c:\program files\Temp.==================== Find3M ====================.2012-09-06 23:30:47 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys2012-07-26 23:48:36 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-26 23:48:36 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-06-20 16:54:52 71104 ----a-w- c:\windows\CouponPrinter.ocx.============= FINISH: 19:47:55.36 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft® Windows Vista™ Home PremiumBoot Device: \Device\HarddiskVolume3Install Date: 3/17/2009 5:39:43 AMSystem Uptime: 9/6/2012 7:30:10 PM (0 hours ago).Motherboard: Dell Inc. | | 0P132HProcessor: Intel® Core2 Duo CPU T6400 @ 2.00GHz | U2E1 | 1600/533mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 283 GiB total, 238.514 GiB free.D: is FIXED (NTFS) - 15 GiB total, 8.425 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP447: 9/4/2012 9:05:22 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148RP448: 9/5/2012 7:55:43 PM - Windows UpdateRP449: 9/6/2012 6:17:45 PM - Windows UpdateRP450: 9/6/2012 6:23:47 PM - Windows Modules InstallerRP452: 9/6/2012 7:05:37 PM - Reimage Express Restore Point.==== Installed Programs ======================.Adobe Flash Player 11 ActiveXAVG Security ToolbarCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization AllCatalyst Control Center Localization Chinese StandardCatalyst Control Center Localization Chinese TraditionalCatalyst Control Center Localization DanishCatalyst Control Center Localization DutchCatalyst Control Center Localization FinnishCatalyst Control Center Localization FrenchCatalyst Control Center Localization GermanCatalyst Control Center Localization ItalianCatalyst Control Center Localization JapaneseCatalyst Control Center Localization KoreanCatalyst Control Center Localization NorwegianCatalyst Control Center Localization PortugueseCatalyst Control Center Localization RussianCatalyst Control Center Localization SpanishCatalyst Control Center Localization Swedishccc-core-staticccc-utilityCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishDell Driver Download ManagerDell Support CenterDell TouchpadDell Video Chat (remove only)Docs Opener 0.1Google Toolbar for Internet ExplorerGoToAssist 8.0.0.514IDT AudioIntegrated Webcam Driver (1.06.03.0309) Intel® Rapid Storage TechnologyITECIR DriverJava Auto UpdaterKeynote ConnectorLexmark 3500-4500 SeriesLexmark Fax SolutionsLive! Cam Avatar CreatorMalwarebytes Anti-Malware version 1.61.0.1400MediaDirectMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office Home and Student 2007NTREGOPT 1.1jReimage ExpressRICOH Media Driver ver.2.07.01.00Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)SkinsTomTom HOME 2.8.3.2499Trusted Software AssistantUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)WebExWildTangent GamesWindows Live EssentialsYahoo! Software UpdateYahoo! Toolbar.==== Event Viewer Messages From Past Week ========.9/6/2012 7:37:22 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.9/6/2012 7:30:41 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.9/6/2012 7:30:41 PM, Error: Service Control Manager [7000] - The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.9/6/2012 7:30:41 PM, Error: Service Control Manager [7000] - The Dock Login Service service failed to start due to the following error: The system cannot find the file specified.9/6/2012 7:29:27 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.9/6/2012 6:54:14 PM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.9/6/2012 6:53:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user lynne-PC\lynne SID (S-1-5-21-2090007256-4178511077-60238046-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.9/6/2012 6:26:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx869/5/2012 10:43:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.9/4/2012 9:12:34 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.9/4/2012 9:02:53 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.9/1/2012 11:55:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.9/1/2012 11:55:12 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.9/1/2012 11:55:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}9/1/2012 11:55:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}9/1/2012 11:55:01 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.9/1/2012 11:55:01 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).9/1/2012 11:54:44 PM, Error: EventLog [6008] - The previous system shutdown at 11:52:24 PM on 9/1/2012 was unexpected.9/1/2012 11:24:57 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2722913).9/1/2012 10:04:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.8/30/2012 6:47:15 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process..==== End Of File =========================== Link to post Share on other sites More sharing options...
Staff screen317 Posted September 7, 2012 Staff ID:594562 Share Posted September 7, 2012 Run TFC by OldTimer to clear temporary files:Please download TFC from here and save it to your desktop.Close any open programs and Internet browsers.Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.Please be patient as clearing out temp files may take a while.Once it completes you may be prompted to restart your computer, please do so.Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.Download the file TDSSKiller.zip and extract it into a folder on the infected PC.Execute the file TDSSKiller.exe by double-clicking on it.Wait for the scan and disinfection process to be over.When its work is over, the utility prompts for a reboot to complete the disinfection.By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).The log is like UtilityName.Version_Date_Time_log.txt.for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.Please post that log here.Next, please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scan.Tick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick ScanWait for the scan to finishExport the threats found (if any), and post them here.Next, please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A logfile will automatically open after the scan has finished.Please post the content of that logfile in your reply.You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.Next, download my Security Check from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Let me know how things are running now and what issues remain.-screen317 Link to post Share on other sites More sharing options...
duerrl Posted September 8, 2012 Author ID:594644 Share Posted September 8, 2012 Here are three of the logs. I cannot run ESET because its detecting windows defender running, even though I uninstalled it, rebooted and confirmed it's turned off. The only weird thing I've experienced today is when I tried to connect wirelessly on my home computer -- I work out of town, so this is the first I've tried to connect this week. I got the "IE is not available" and I double-checked that the update had somehow reinstalled itself, which it didn't. I connected through a LAN connection and then it would allow me to connect wirelessly. That issues hasn't repeated itself. I was able to successfully hide the update that started this whole thing and it has not tried to reinstall itself. I assume I should not install it, correct?# AdwCleaner v2.000 - Logfile created 09/07/2012 at 20:55:25# Updated 30/08/2012 by Xplode# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)# User : lynne - LYNNE-PC# Boot Mode : Normal# Running from : C:\Users\lynne\Desktop\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****Folder Found : C:\ProgramData\BabylonFolder Found : C:\Users\lynne\AppData\Roaming\Babylon***** [Registry] *****Key Found : HKCU\Software\BrowserCompanionKey Found : HKCU\Software\IGearSettingsKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\Software\BabylonKey Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtilsKey Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}Key Found : HKLM\Software\Freeze.comKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcbKey Found : HKU\S-1-5-21-2090007256-4178511077-60238046-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Found : HKU\S-1-5-21-2090007256-4178511077-60238046-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16421[OK] Registry is clean.*************************AdwCleaner[R1].txt - [2485 octets] - [07/09/2012 20:55:25]########## EOF - C:\AdwCleaner[R1].txt - [2545 octets] ########## Results of screen317's Security Check version 0.99.50 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update.`````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 Java version out of Date!````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log``````````````````````20:13:30.0297 5276 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:4820:13:30.0547 5276 ============================================================20:13:30.0547 5276 Current date / time: 2012/09/07 20:13:30.054720:13:30.0547 5276 SystemInfo:20:13:30.0547 5276 20:13:30.0547 5276 OS Version: 6.0.6002 ServicePack: 2.020:13:30.0547 5276 Product type: Workstation20:13:30.0547 5276 ComputerName: LYNNE-PC20:13:30.0547 5276 UserName: lynne20:13:30.0547 5276 Windows directory: C:\Windows20:13:30.0547 5276 System windows directory: C:\Windows20:13:30.0547 5276 Processor architecture: Intel x8620:13:30.0547 5276 Number of processors: 220:13:30.0547 5276 Page size: 0x100020:13:30.0547 5276 Boot type: Normal boot20:13:30.0547 5276 ============================================================20:13:31.0639 5276 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005020:13:31.0639 5276 ============================================================20:13:31.0654 5276 \Device\Harddisk0\DR0:20:13:31.0654 5276 MBR partitions:20:13:31.0654 5276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C00020:13:31.0654 5276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB20:13:31.0654 5276 ============================================================20:13:31.0686 5276 C: <-> \Device\Harddisk0\DR0\Partition220:13:31.0748 5276 D: <-> \Device\Harddisk0\DR0\Partition120:13:31.0748 5276 ============================================================20:13:31.0748 5276 Initialize success20:13:31.0748 5276 ============================================================20:13:36.0522 4768 ============================================================20:13:36.0522 4768 Scan started20:13:36.0522 4768 Mode: Manual;20:13:36.0522 4768 ============================================================20:13:36.0865 4768 ================ Scan system memory ========================20:13:36.0865 4768 System memory - ok20:13:36.0865 4768 ================ Scan services =============================20:13:37.0083 4768 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys20:13:37.0083 4768 ACPI - ok20:13:37.0208 4768 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe20:13:37.0239 4768 AdobeARMservice - ok20:13:37.0302 4768 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe20:13:37.0302 4768 AdobeFlashPlayerUpdateSvc - ok20:13:37.0348 4768 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys20:13:37.0348 4768 adp94xx - ok20:13:37.0395 4768 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys20:13:37.0395 4768 adpahci - ok20:13:37.0411 4768 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys20:13:37.0411 4768 adpu160m - ok20:13:37.0442 4768 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys20:13:37.0442 4768 adpu320 - ok20:13:37.0489 4768 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll20:13:37.0489 4768 AeLookupSvc - ok20:13:37.0598 4768 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe20:13:37.0676 4768 AESTFilters - ok20:13:37.0723 4768 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys20:13:37.0723 4768 AFD - ok20:13:37.0738 4768 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys20:13:37.0738 4768 agp440 - ok20:13:37.0770 4768 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys20:13:37.0770 4768 aic78xx - ok20:13:37.0785 4768 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe20:13:37.0801 4768 ALG - ok20:13:37.0801 4768 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys20:13:37.0801 4768 aliide - ok20:13:37.0863 4768 [ 0E14C94693D39E6A5C26C014AC1C7A86 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe20:13:37.0879 4768 AMD External Events Utility - ok20:13:37.0894 4768 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys20:13:37.0894 4768 amdagp - ok20:13:37.0910 4768 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys20:13:37.0910 4768 amdide - ok20:13:37.0941 4768 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys20:13:37.0941 4768 AmdK7 - ok20:13:37.0957 4768 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys20:13:37.0957 4768 AmdK8 - ok20:13:38.0175 4768 [ F28C08FE2409294A3EDDDDD498439EE1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys20:13:38.0222 4768 amdkmdag - ok20:13:38.0253 4768 [ 651397AB2B547F95912259744053E503 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys20:13:38.0269 4768 amdkmdap - ok20:13:38.0300 4768 [ 1DE27858A431A5749E0F3DF54BA935B9 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys20:13:38.0300 4768 ApfiltrService - ok20:13:38.0347 4768 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll20:13:38.0347 4768 Appinfo - ok20:13:38.0378 4768 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys20:13:38.0378 4768 arc - ok20:13:38.0425 4768 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys20:13:38.0425 4768 arcsas - ok20:13:38.0440 4768 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys20:13:38.0456 4768 AsyncMac - ok20:13:38.0487 4768 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys20:13:38.0487 4768 atapi - ok20:13:38.0565 4768 [ 0C3C2E9136397E1AAA9033DCAE25CED2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys20:13:38.0565 4768 AtiHDAudioService - ok20:13:38.0721 4768 [ F28C08FE2409294A3EDDDDD498439EE1 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys20:13:38.0768 4768 atikmdag - ok20:13:38.0893 4768 [ F0DA6CC98AFBF6F4F65DBCADBD91BC7C ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe20:13:38.0908 4768 ATService - ok20:13:38.0955 4768 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll20:13:38.0955 4768 AudioEndpointBuilder - ok20:13:38.0971 4768 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll20:13:38.0971 4768 Audiosrv - ok20:13:39.0049 4768 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE20:13:39.0049 4768 BBSvc - ok20:13:39.0080 4768 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE20:13:39.0080 4768 BBUpdate - ok20:13:39.0111 4768 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys20:13:39.0111 4768 Beep - ok20:13:39.0142 4768 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll20:13:39.0142 4768 BFE - ok20:13:39.0220 4768 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll20:13:39.0236 4768 BITS - ok20:13:39.0252 4768 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys20:13:39.0252 4768 blbdrive - ok20:13:39.0283 4768 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys20:13:39.0283 4768 bowser - ok20:13:39.0361 4768 [ E7CA80FA5A7E82ED87E8140E0BDFA13B ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe20:13:39.0439 4768 BrcmMgmtAgent - ok20:13:39.0454 4768 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys20:13:39.0454 4768 BrFiltLo - ok20:13:39.0470 4768 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys20:13:39.0470 4768 BrFiltUp - ok20:13:39.0501 4768 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll20:13:39.0501 4768 Browser - ok20:13:39.0517 4768 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys20:13:39.0517 4768 Brserid - ok20:13:39.0548 4768 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys20:13:39.0548 4768 BrSerWdm - ok20:13:39.0564 4768 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys20:13:39.0564 4768 BrUsbMdm - ok20:13:39.0579 4768 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys20:13:39.0579 4768 BrUsbSer - ok20:13:39.0595 4768 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys20:13:39.0595 4768 BTHMODEM - ok20:13:39.0704 4768 catchme - ok20:13:39.0766 4768 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys20:13:39.0766 4768 cdfs - ok20:13:39.0782 4768 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys20:13:39.0782 4768 cdrom - ok20:13:39.0813 4768 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll20:13:39.0813 4768 CertPropSvc - ok20:13:39.0829 4768 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys20:13:39.0829 4768 circlass - ok20:13:39.0876 4768 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys20:13:39.0876 4768 CLFS - ok20:13:39.0938 4768 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe20:13:39.0938 4768 clr_optimization_v2.0.50727_32 - ok20:13:40.0016 4768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe20:13:40.0016 4768 clr_optimization_v4.0.30319_32 - ok20:13:40.0032 4768 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys20:13:40.0032 4768 CmBatt - ok20:13:40.0047 4768 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys20:13:40.0047 4768 cmdide - ok20:13:40.0078 4768 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys20:13:40.0078 4768 Compbatt - ok20:13:40.0078 4768 COMSysApp - ok20:13:40.0188 4768 cpuz134 - ok20:13:40.0203 4768 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys20:13:40.0203 4768 crcdisk - ok20:13:40.0219 4768 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys20:13:40.0219 4768 Crusoe - ok20:13:40.0266 4768 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll20:13:40.0266 4768 CryptSvc - ok20:13:40.0328 4768 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys20:13:40.0328 4768 dc3d - ok20:13:40.0375 4768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll20:13:40.0375 4768 DcomLaunch - ok20:13:40.0422 4768 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys20:13:40.0422 4768 DfsC - ok20:13:40.0500 4768 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe20:13:40.0546 4768 DFSR - ok20:13:40.0624 4768 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll20:13:40.0624 4768 Dhcp - ok20:13:40.0640 4768 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys20:13:40.0640 4768 disk - ok20:13:40.0671 4768 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll20:13:40.0687 4768 Dnscache - ok20:13:40.0749 4768 DockLoginService - ok20:13:40.0780 4768 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll20:13:40.0780 4768 dot3svc - ok20:13:40.0827 4768 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll20:13:40.0827 4768 DPS - ok20:13:40.0858 4768 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys20:13:40.0858 4768 drmkaud - ok20:13:40.0905 4768 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys20:13:40.0921 4768 DXGKrnl - ok20:13:40.0952 4768 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys20:13:41.0061 4768 e1express - ok20:13:41.0092 4768 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys20:13:41.0092 4768 E1G60 - ok20:13:41.0124 4768 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll20:13:41.0124 4768 EapHost - ok20:13:41.0155 4768 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys20:13:41.0155 4768 Ecache - ok20:13:41.0233 4768 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe20:13:41.0342 4768 ehRecvr - ok20:13:41.0389 4768 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe20:13:41.0436 4768 ehSched - ok20:13:41.0451 4768 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll20:13:41.0451 4768 ehstart - ok20:13:41.0467 4768 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys20:13:41.0482 4768 elxstor - ok20:13:41.0514 4768 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll20:13:41.0529 4768 EMDMgmt - ok20:13:41.0545 4768 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys20:13:41.0560 4768 ErrDev - ok20:13:41.0623 4768 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll20:13:41.0638 4768 EventSystem - ok20:13:41.0670 4768 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys20:13:41.0670 4768 exfat - ok20:13:41.0716 4768 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys20:13:41.0716 4768 fastfat - ok20:13:41.0732 4768 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys20:13:41.0732 4768 fdc - ok20:13:41.0763 4768 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll20:13:41.0763 4768 fdPHost - ok20:13:41.0779 4768 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll20:13:41.0779 4768 FDResPub - ok20:13:41.0794 4768 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys20:13:41.0794 4768 FileInfo - ok20:13:41.0810 4768 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys20:13:41.0810 4768 Filetrace - ok20:13:41.0826 4768 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys20:13:41.0826 4768 flpydisk - ok20:13:41.0857 4768 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys20:13:41.0857 4768 FltMgr - ok20:13:41.0888 4768 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll20:13:41.0935 4768 FontCache - ok20:13:41.0966 4768 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe20:13:41.0966 4768 FontCache3.0.0.0 - ok20:13:42.0028 4768 FreshIO - ok20:13:42.0075 4768 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys20:13:42.0075 4768 Fs_Rec - ok20:13:42.0091 4768 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys20:13:42.0091 4768 gagp30kx - ok20:13:42.0138 4768 [ 311ACFCDD2C9A99481E91FA4CB028D70 ] GameConsoleService C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe20:13:42.0262 4768 GameConsoleService - ok20:13:42.0294 4768 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe20:13:42.0309 4768 GoToAssist - ok20:13:42.0340 4768 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll20:13:42.0356 4768 gpsvc - ok20:13:42.0434 4768 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe20:13:42.0434 4768 gupdate - ok20:13:42.0450 4768 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe20:13:42.0450 4768 gupdatem - ok20:13:42.0496 4768 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys20:13:42.0528 4768 HdAudAddService - ok20:13:42.0574 4768 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys20:13:42.0574 4768 HDAudBus - ok20:13:42.0606 4768 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys20:13:42.0606 4768 HidBth - ok20:13:42.0637 4768 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys20:13:42.0637 4768 HidIr - ok20:13:42.0715 4768 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll20:13:42.0715 4768 hidserv - ok20:13:42.0746 4768 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys20:13:42.0746 4768 HidUsb - ok20:13:42.0777 4768 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll20:13:42.0777 4768 hkmsvc - ok20:13:42.0793 4768 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys20:13:42.0793 4768 HpCISSs - ok20:13:42.0824 4768 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys20:13:42.0840 4768 HTTP - ok20:13:42.0855 4768 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys20:13:42.0855 4768 i2omp - ok20:13:42.0886 4768 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys20:13:42.0886 4768 i8042prt - ok20:13:42.0918 4768 [ F989555F1662581032CCE1578A8FF28E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys20:13:42.0933 4768 iaStor - ok20:13:43.0011 4768 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe20:13:43.0011 4768 IAStorDataMgrSvc - ok20:13:43.0042 4768 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys20:13:43.0042 4768 iaStorV - ok20:13:43.0136 4768 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe20:13:43.0167 4768 idsvc - ok20:13:43.0261 4768 [ C135BFF15563592B8EA070EA109967F7 ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe20:13:43.0308 4768 IHA_MessageCenter - ok20:13:43.0339 4768 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys20:13:43.0339 4768 iirsp - ok20:13:43.0370 4768 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll20:13:43.0386 4768 IKEEXT - ok20:13:43.0401 4768 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys20:13:43.0401 4768 intelide - ok20:13:43.0417 4768 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys20:13:43.0417 4768 intelppm - ok20:13:43.0495 4768 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe20:13:43.0495 4768 IntuitUpdateServiceV4 - ok20:13:43.0526 4768 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll20:13:43.0526 4768 IPBusEnum - ok20:13:43.0542 4768 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys20:13:43.0542 4768 IpFilterDriver - ok20:13:43.0573 4768 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll20:13:43.0573 4768 iphlpsvc - ok20:13:43.0573 4768 IpInIp - ok20:13:43.0604 4768 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys20:13:43.0604 4768 IPMIDRV - ok20:13:43.0620 4768 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys20:13:43.0635 4768 IPNAT - ok20:13:43.0651 4768 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys20:13:43.0651 4768 IRENUM - ok20:13:43.0666 4768 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys20:13:43.0666 4768 isapnp - ok20:13:43.0713 4768 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys20:13:43.0713 4768 iScsiPrt - ok20:13:43.0729 4768 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys20:13:43.0729 4768 iteatapi - ok20:13:43.0760 4768 [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir C:\Windows\system32\DRIVERS\itecir.sys20:13:43.0760 4768 itecir - ok20:13:43.0776 4768 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys20:13:43.0776 4768 iteraid - ok20:13:43.0807 4768 [ 51B719F0BCE4430A6EAAD43FB9FF61A3 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys20:13:43.0822 4768 k57nd60x - ok20:13:43.0869 4768 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys20:13:43.0869 4768 kbdclass - ok20:13:43.0885 4768 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys20:13:43.0885 4768 kbdhid - ok20:13:43.0916 4768 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe20:13:43.0916 4768 KeyIso - ok20:13:43.0963 4768 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys20:13:43.0963 4768 KSecDD - ok20:13:43.0994 4768 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll20:13:44.0010 4768 KtmRm - ok20:13:44.0041 4768 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll20:13:44.0041 4768 LanmanServer - ok20:13:44.0072 4768 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll20:13:44.0088 4768 LanmanWorkstation - ok20:13:44.0103 4768 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys20:13:44.0103 4768 lltdio - ok20:13:44.0119 4768 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll20:13:44.0134 4768 lltdsvc - ok20:13:44.0181 4768 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll20:13:44.0181 4768 lmhosts - ok20:13:44.0212 4768 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys20:13:44.0212 4768 LSI_FC - ok20:13:44.0228 4768 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys20:13:44.0228 4768 LSI_SAS - ok20:13:44.0244 4768 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys20:13:44.0244 4768 LSI_SCSI - ok20:13:44.0275 4768 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys20:13:44.0275 4768 luafv - ok20:13:44.0337 4768 [ F385CB61BB29A55F31FC4C2DA698B785 ] lxdiCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe20:13:44.0353 4768 lxdiCATSCustConnectService - ok20:13:44.0353 4768 lxdi_device - ok20:13:44.0384 4768 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll20:13:44.0384 4768 Mcx2Svc - ok20:13:44.0400 4768 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys20:13:44.0400 4768 megasas - ok20:13:44.0431 4768 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys20:13:44.0431 4768 MegaSR - ok20:13:44.0478 4768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll20:13:44.0478 4768 MMCSS - ok20:13:44.0509 4768 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys20:13:44.0509 4768 Modem - ok20:13:44.0524 4768 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys20:13:44.0524 4768 monitor - ok20:13:44.0540 4768 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys20:13:44.0540 4768 mouclass - ok20:13:44.0556 4768 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys20:13:44.0556 4768 mouhid - ok20:13:44.0571 4768 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys20:13:44.0571 4768 MountMgr - ok20:13:44.0649 4768 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys20:13:44.0649 4768 MpFilter - ok20:13:44.0680 4768 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys20:13:44.0680 4768 mpio - ok20:13:44.0852 4768 [ A69630D039C38018689190234F866D77 ] MpKsl54d76eee c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{19033710-AB57-4ED6-BC89-C76035C4682D}\MpKsl54d76eee.sys20:13:44.0852 4768 MpKsl54d76eee - ok20:13:44.0868 4768 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys20:13:44.0868 4768 mpsdrv - ok20:13:44.0899 4768 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll20:13:44.0914 4768 MpsSvc - ok20:13:44.0930 4768 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys20:13:44.0930 4768 Mraid35x - ok20:13:44.0961 4768 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys20:13:44.0961 4768 MRxDAV - ok20:13:44.0992 4768 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys20:13:44.0992 4768 mrxsmb - ok20:13:45.0039 4768 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys20:13:45.0039 4768 mrxsmb10 - ok20:13:45.0055 4768 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys20:13:45.0055 4768 mrxsmb20 - ok20:13:45.0086 4768 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys20:13:45.0086 4768 msahci - ok20:13:45.0117 4768 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys20:13:45.0117 4768 msdsm - ok20:13:45.0133 4768 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe20:13:45.0133 4768 MSDTC - ok20:13:45.0164 4768 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys20:13:45.0164 4768 Msfs - ok20:13:45.0195 4768 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys20:13:45.0195 4768 msisadrv - ok20:13:45.0226 4768 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll20:13:45.0226 4768 MSiSCSI - ok20:13:45.0242 4768 msiserver - ok20:13:45.0258 4768 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys20:13:45.0258 4768 MSKSSRV - ok20:13:45.0382 4768 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe20:13:45.0382 4768 MsMpSvc - ok20:13:45.0414 4768 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys20:13:45.0414 4768 MSPCLOCK - ok20:13:45.0429 4768 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys20:13:45.0429 4768 MSPQM - ok20:13:45.0460 4768 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys20:13:45.0460 4768 MsRPC - ok20:13:45.0476 4768 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys20:13:45.0476 4768 mssmbios - ok20:13:45.0492 4768 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys20:13:45.0492 4768 MSTEE - ok20:13:45.0523 4768 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys20:13:45.0523 4768 Mup - ok20:13:45.0554 4768 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll20:13:45.0570 4768 napagent - ok20:13:45.0601 4768 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys20:13:45.0601 4768 NativeWifiP - ok20:13:45.0632 4768 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys20:13:45.0648 4768 NDIS - ok20:13:45.0663 4768 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys20:13:45.0663 4768 NdisTapi - ok20:13:45.0679 4768 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys20:13:45.0679 4768 Ndisuio - ok20:13:45.0710 4768 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys20:13:45.0710 4768 NdisWan - ok20:13:45.0726 4768 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys20:13:45.0726 4768 NDProxy - ok20:13:45.0741 4768 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys20:13:45.0741 4768 NetBIOS - ok20:13:45.0772 4768 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys20:13:45.0772 4768 netbt - ok20:13:45.0819 4768 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe20:13:45.0835 4768 Netlogon - ok20:13:45.0866 4768 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll20:13:45.0866 4768 Netman - ok20:13:45.0882 4768 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll20:13:45.0897 4768 netprofm - ok20:13:45.0913 4768 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe20:13:45.0913 4768 NetTcpPortSharing - ok20:13:46.0038 4768 [ 0B214C6A4728F085FB64A29ED9C4DE94 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys20:13:46.0069 4768 NETw5v32 - ok20:13:46.0287 4768 [ 383712AEC962B72BF6D368A4A64CFE09 ] NETwNv32 C:\Windows\system32\DRIVERS\NETwNv32.sys20:13:46.0459 4768 NETwNv32 - ok20:13:46.0490 4768 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys20:13:46.0490 4768 nfrd960 - ok20:13:46.0552 4768 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys20:13:46.0552 4768 NisDrv - ok20:13:46.0599 4768 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe20:13:46.0599 4768 NisSrv - ok20:13:46.0630 4768 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll20:13:46.0646 4768 NlaSvc - ok20:13:46.0677 4768 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys20:13:46.0677 4768 Npfs - ok20:13:46.0708 4768 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll20:13:46.0708 4768 nsi - ok20:13:46.0724 4768 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys20:13:46.0724 4768 nsiproxy - ok20:13:46.0786 4768 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys20:13:46.0818 4768 Ntfs - ok20:13:46.0849 4768 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys20:13:46.0849 4768 ntrigdigi - ok20:13:46.0864 4768 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys20:13:46.0864 4768 NuidFltr - ok20:13:46.0880 4768 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys20:13:46.0880 4768 Null - ok20:13:46.0896 4768 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys20:13:46.0896 4768 nvraid - ok20:13:46.0911 4768 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys20:13:46.0911 4768 nvstor - ok20:13:46.0942 4768 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys20:13:46.0942 4768 nv_agp - ok20:13:46.0942 4768 NwlnkFlt - ok20:13:46.0958 4768 NwlnkFwd - ok20:13:47.0020 4768 [ 2CF21D5F8F1B74BB1922135AC2B12DDB ] OA001Ufd C:\Windows\system32\DRIVERS\OA001Ufd.sys20:13:47.0083 4768 OA001Ufd - ok20:13:47.0145 4768 [ 4075063D25AF9DA64101769854B83787 ] OA001Vid C:\Windows\system32\DRIVERS\OA001Vid.sys20:13:47.0145 4768 OA001Vid - ok20:13:47.0223 4768 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE20:13:47.0239 4768 odserv - ok20:13:47.0270 4768 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys20:13:47.0270 4768 ohci1394 - ok20:13:47.0286 4768 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE20:13:47.0301 4768 ose - ok20:13:47.0348 4768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll20:13:47.0364 4768 p2pimsvc - ok20:13:47.0379 4768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll20:13:47.0379 4768 p2psvc - ok20:13:47.0410 4768 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys20:13:47.0410 4768 Parport - ok20:13:47.0457 4768 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys20:13:47.0457 4768 partmgr - ok20:13:47.0488 4768 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys20:13:47.0488 4768 Parvdm - ok20:13:47.0551 4768 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll20:13:47.0551 4768 PcaSvc - ok20:13:47.0582 4768 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys20:13:47.0582 4768 pci - ok20:13:47.0598 4768 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys20:13:47.0598 4768 pciide - ok20:13:47.0629 4768 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys20:13:47.0629 4768 pcmcia - ok20:13:47.0676 4768 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys20:13:47.0707 4768 PEAUTH - ok20:13:47.0769 4768 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll20:13:47.0816 4768 pla - ok20:13:47.0832 4768 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll20:13:47.0847 4768 PlugPlay - ok20:13:47.0878 4768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll20:13:47.0878 4768 PNRPAutoReg - ok20:13:47.0910 4768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll20:13:47.0925 4768 PNRPsvc - ok20:13:47.0988 4768 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys20:13:47.0988 4768 Point32 - ok20:13:48.0019 4768 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll20:13:48.0034 4768 PolicyAgent - ok20:13:48.0066 4768 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys20:13:48.0066 4768 PptpMiniport - ok20:13:48.0081 4768 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys20:13:48.0081 4768 Processor - ok20:13:48.0112 4768 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll20:13:48.0112 4768 ProfSvc - ok20:13:48.0128 4768 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe20:13:48.0128 4768 ProtectedStorage - ok20:13:48.0159 4768 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys20:13:48.0159 4768 PSched - ok20:13:48.0222 4768 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys20:13:48.0253 4768 ql2300 - ok20:13:48.0268 4768 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys20:13:48.0268 4768 ql40xx - ok20:13:48.0346 4768 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll20:13:48.0346 4768 QWAVE - ok20:13:48.0362 4768 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys20:13:48.0362 4768 QWAVEdrv - ok20:13:48.0534 4768 [ F28C08FE2409294A3EDDDDD498439EE1 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys20:13:48.0580 4768 R300 - ok20:13:48.0612 4768 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys20:13:48.0612 4768 RasAcd - ok20:13:48.0627 4768 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll20:13:48.0627 4768 RasAuto - ok20:13:48.0643 4768 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys20:13:48.0658 4768 Rasl2tp - ok20:13:48.0690 4768 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll20:13:48.0690 4768 RasMan - ok20:13:48.0721 4768 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys20:13:48.0721 4768 RasPppoe - ok20:13:48.0752 4768 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys20:13:48.0752 4768 RasSstp - ok20:13:48.0799 4768 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys20:13:48.0799 4768 rdbss - ok20:13:48.0814 4768 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys20:13:48.0814 4768 RDPCDD - ok20:13:48.0830 4768 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys20:13:48.0846 4768 rdpdr - ok20:13:48.0846 4768 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys20:13:48.0846 4768 RDPENCDD - ok20:13:48.0892 4768 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys20:13:48.0892 4768 RDPWD - ok20:13:48.0955 4768 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll20:13:48.0955 4768 RemoteAccess - ok20:13:48.0986 4768 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll20:13:48.0986 4768 RemoteRegistry - ok20:13:49.0017 4768 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys20:13:49.0017 4768 rimmptsk - ok20:13:49.0033 4768 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys20:13:49.0048 4768 rimsptsk - ok20:13:49.0064 4768 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys20:13:49.0080 4768 rismxdp - ok20:13:49.0095 4768 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe20:13:49.0095 4768 RpcLocator - ok20:13:49.0142 4768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll20:13:49.0158 4768 RpcSs - ok20:13:49.0158 4768 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys20:13:49.0173 4768 rspndr - ok20:13:49.0189 4768 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe20:13:49.0189 4768 SamSs - ok20:13:49.0204 4768 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys20:13:49.0204 4768 sbp2port - ok20:13:49.0236 4768 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll20:13:49.0236 4768 SCardSvr - ok20:13:49.0282 4768 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll20:13:49.0298 4768 Schedule - ok20:13:49.0314 4768 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll20:13:49.0314 4768 SCPolicySvc - ok20:13:49.0345 4768 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys20:13:49.0345 4768 sdbus - ok20:13:49.0376 4768 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll20:13:49.0376 4768 SDRSVC - ok20:13:49.0392 4768 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys20:13:49.0392 4768 secdrv - ok20:13:49.0407 4768 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll20:13:49.0423 4768 seclogon - ok20:13:49.0438 4768 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll20:13:49.0438 4768 SENS - ok20:13:49.0470 4768 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys20:13:49.0470 4768 Serenum - ok20:13:49.0485 4768 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys20:13:49.0485 4768 Serial - ok20:13:49.0501 4768 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys20:13:49.0516 4768 sermouse - ok20:13:49.0548 4768 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll20:13:49.0548 4768 SessionEnv - ok20:13:49.0563 4768 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys20:13:49.0579 4768 sffdisk - ok20:13:49.0594 4768 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys20:13:49.0594 4768 sffp_mmc - ok20:13:49.0610 4768 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys20:13:49.0610 4768 sffp_sd - ok20:13:49.0641 4768 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys20:13:49.0641 4768 sfloppy - ok20:13:49.0704 4768 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll20:13:49.0704 4768 SharedAccess - ok20:13:49.0782 4768 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll20:13:49.0797 4768 ShellHWDetection - ok20:13:49.0813 4768 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys20:13:49.0813 4768 sisagp - ok20:13:49.0844 4768 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys20:13:49.0844 4768 SiSRaid2 - ok20:13:49.0860 4768 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys20:13:49.0860 4768 SiSRaid4 - ok20:13:49.0984 4768 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe20:13:50.0062 4768 slsvc - ok20:13:50.0094 4768 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll20:13:50.0109 4768 SLUINotify - ok20:13:50.0125 4768 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys20:13:50.0140 4768 Smb - ok20:13:50.0172 4768 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe20:13:50.0187 4768 SNMPTRAP - ok20:13:50.0187 4768 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys20:13:50.0187 4768 spldr - ok20:13:50.0218 4768 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe20:13:50.0234 4768 Spooler - ok20:13:50.0265 4768 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys20:13:50.0265 4768 srv - ok20:13:50.0296 4768 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys20:13:50.0296 4768 srv2 - ok20:13:50.0343 4768 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys20:13:50.0343 4768 srvnet - ok20:13:50.0390 4768 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll20:13:50.0406 4768 SSDPSRV - ok20:13:50.0406 4768 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll20:13:50.0421 4768 SstpSvc - ok20:13:50.0499 4768 [ CD9A1716F037D0030AC7A5881944C3B2 ] STacSV C:\Program Files\IDT\WDM\STacSV.exe20:13:50.0577 4768 STacSV - ok20:13:50.0608 4768 [ CB39106E1E3364C80B6C6D7938CD7646 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys20:13:50.0624 4768 STHDA - ok20:13:50.0671 4768 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll20:13:50.0671 4768 stisvc - ok20:13:50.0749 4768 [ 13CBFE7E0FCEC33B0B79ACF9D0ABFD2A ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys20:13:50.0749 4768 SWDUMon - ok20:13:50.0796 4768 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys20:13:50.0796 4768 swenum - ok20:13:50.0842 4768 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll20:13:50.0842 4768 swprv - ok20:13:50.0858 4768 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys20:13:50.0858 4768 Symc8xx - ok20:13:50.0889 4768 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys20:13:50.0889 4768 Sym_hi - ok20:13:50.0905 4768 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys20:13:50.0905 4768 Sym_u3 - ok20:13:50.0952 4768 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll20:13:50.0967 4768 SysMain - ok20:13:50.0998 4768 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll20:13:50.0998 4768 TabletInputService - ok20:13:51.0030 4768 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll20:13:51.0030 4768 TapiSrv - ok20:13:51.0045 4768 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll20:13:51.0045 4768 TBS - ok20:13:51.0108 4768 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys20:13:51.0139 4768 Tcpip - ok20:13:51.0186 4768 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys20:13:51.0186 4768 Tcpip6 - ok20:13:51.0248 4768 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys20:13:51.0248 4768 tcpipreg - ok20:13:51.0264 4768 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys20:13:51.0264 4768 TDPIPE - ok20:13:51.0295 4768 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys20:13:51.0295 4768 TDTCP - ok20:13:51.0326 4768 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys20:13:51.0326 4768 tdx - ok20:13:51.0357 4768 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys20:13:51.0357 4768 TermDD - ok20:13:51.0373 4768 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll20:13:51.0388 4768 TermService - ok20:13:51.0404 4768 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll20:13:51.0404 4768 Themes - ok20:13:51.0420 4768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll20:13:51.0420 4768 THREADORDER - ok20:13:51.0482 4768 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe20:13:51.0482 4768 TomTomHOMEService - ok20:13:51.0513 4768 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll20:13:51.0513 4768 TrkWks - ok20:13:51.0576 4768 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe20:13:51.0576 4768 TrustedInstaller - ok20:13:51.0607 4768 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys20:13:51.0607 4768 tssecsrv - ok20:13:51.0622 4768 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys20:13:51.0622 4768 tunmp - ok20:13:51.0654 4768 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys20:13:51.0654 4768 tunnel - ok20:13:51.0669 4768 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys20:13:51.0669 4768 uagp35 - ok20:13:51.0700 4768 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys20:13:51.0700 4768 udfs - ok20:13:51.0732 4768 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe20:13:51.0747 4768 UI0Detect - ok20:13:51.0763 4768 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys20:13:51.0763 4768 uliagpkx - ok20:13:51.0794 4768 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys20:13:51.0794 4768 uliahci - ok20:13:51.0825 4768 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys20:13:51.0825 4768 UlSata - ok20:13:51.0841 4768 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys20:13:51.0841 4768 ulsata2 - ok20:13:51.0856 4768 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys20:13:51.0872 4768 umbus - ok20:13:51.0888 4768 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll20:13:51.0888 4768 upnphost - ok20:13:51.0919 4768 [ 922B2EBD5118B9AB120410807131A921 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys20:13:51.0934 4768 usbccgp - ok20:13:51.0950 4768 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys20:13:51.0950 4768 usbcir - ok20:13:51.0981 4768 [ 3D045EAA73414BE8F877F292A84ABBA2 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys20:13:51.0981 4768 usbehci - ok20:13:52.0012 4768 [ 1AE77A4C4E4F526EF9759C31A123F2B0 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys20:13:52.0012 4768 usbhub - ok20:13:52.0044 4768 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys20:13:52.0044 4768 usbohci - ok20:13:52.0059 4768 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys20:13:52.0059 4768 usbprint - ok20:13:52.0090 4768 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys20:13:52.0090 4768 usbscan - ok20:13:52.0106 4768 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS20:13:52.0122 4768 USBSTOR - ok20:13:52.0168 4768 [ F69C1AAD04F28415F3FBE99FBE56030B ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys20:13:52.0168 4768 usbuhci - ok20:13:52.0215 4768 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys20:13:52.0215 4768 usbvideo - ok20:13:52.0246 4768 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll20:13:52.0246 4768 UxSms - ok20:13:52.0293 4768 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe20:13:52.0309 4768 vds - ok20:13:52.0340 4768 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys20:13:52.0340 4768 vga - ok20:13:52.0356 4768 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys20:13:52.0356 4768 VgaSave - ok20:13:52.0402 4768 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys20:13:52.0402 4768 viaagp - ok20:13:52.0418 4768 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys20:13:52.0418 4768 ViaC7 - ok20:13:52.0449 4768 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys20:13:52.0449 4768 viaide - ok20:13:52.0465 4768 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys20:13:52.0465 4768 volmgr - ok20:13:52.0496 4768 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys20:13:52.0496 4768 volmgrx - ok20:13:52.0543 4768 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys20:13:52.0543 4768 volsnap - ok20:13:52.0574 4768 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys20:13:52.0574 4768 vsmraid - ok20:13:52.0636 4768 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe20:13:52.0652 4768 VSS - ok20:13:52.0683 4768 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll20:13:52.0699 4768 W32Time - ok20:13:52.0714 4768 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys20:13:52.0714 4768 WacomPen - ok20:13:52.0730 4768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys20:13:52.0746 4768 Wanarp - ok20:13:52.0746 4768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys20:13:52.0746 4768 Wanarpv6 - ok20:13:52.0777 4768 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll20:13:52.0777 4768 wcncsvc - ok20:13:52.0808 4768 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll20:13:52.0824 4768 WcsPlugInService - ok20:13:52.0839 4768 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys20:13:52.0839 4768 Wd - ok20:13:52.0870 4768 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys20:13:52.0902 4768 Wdf01000 - ok20:13:52.0917 4768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll20:13:52.0917 4768 WdiServiceHost - ok20:13:52.0933 4768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll20:13:52.0933 4768 WdiSystemHost - ok20:13:52.0995 4768 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll20:13:52.0995 4768 WebClient - ok20:13:53.0026 4768 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll20:13:53.0026 4768 Wecsvc - ok20:13:53.0042 4768 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll20:13:53.0042 4768 wercplsupport - ok20:13:53.0073 4768 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll20:13:53.0089 4768 WerSvc - ok20:13:53.0136 4768 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll20:13:53.0136 4768 WinDefend - ok20:13:53.0151 4768 WinHttpAutoProxySvc - ok20:13:53.0214 4768 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll20:13:53.0260 4768 Winmgmt - ok20:13:53.0323 4768 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll20:13:53.0370 4768 WinRM - ok20:13:53.0463 4768 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll20:13:53.0494 4768 Wlansvc - ok20:13:53.0510 4768 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys20:13:53.0510 4768 WmiAcpi - ok20:13:53.0541 4768 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe20:13:53.0588 4768 wmiApSrv - ok20:13:53.0666 4768 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe20:13:53.0682 4768 WMPNetworkSvc - ok20:13:53.0697 4768 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll20:13:53.0713 4768 WPCSvc - ok20:13:53.0744 4768 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll20:13:53.0744 4768 WPDBusEnum - ok20:13:53.0838 4768 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe20:13:53.0838 4768 WPFFontCache_v0400 - ok20:13:53.0869 4768 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys20:13:53.0869 4768 ws2ifsl - ok20:13:53.0900 4768 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll20:13:53.0900 4768 wscsvc - ok20:13:53.0916 4768 WSearch - ok20:13:53.0994 4768 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll20:13:54.0056 4768 wuauserv - ok20:13:54.0087 4768 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll20:13:54.0087 4768 wudfsvc - ok20:13:54.0150 4768 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe20:13:54.0165 4768 YahooAUService - ok20:13:54.0165 4768 ================ Scan global ===============================20:13:54.0243 4768 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll20:13:54.0274 4768 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll20:13:54.0306 4768 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll20:13:54.0337 4768 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe20:13:54.0352 4768 [Global] - ok20:13:54.0352 4768 ================ Scan MBR ==================================20:13:54.0368 4768 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR020:13:54.0711 4768 \Device\Harddisk0\DR0 - ok20:13:54.0711 4768 ================ Scan VBR ==================================20:13:54.0727 4768 [ DDCBE90AF3FFFF9D655D5629C126D754 ] \Device\Harddisk0\DR0\Partition120:13:54.0727 4768 \Device\Harddisk0\DR0\Partition1 - ok20:13:54.0727 4768 [ 253750EDD5200A13AA818452E5F2B306 ] \Device\Harddisk0\DR0\Partition220:13:54.0742 4768 \Device\Harddisk0\DR0\Partition2 - ok20:13:54.0742 4768 ============================================================20:13:54.0742 4768 Scan finished20:13:54.0742 4768 ============================================================20:13:54.0758 4796 Detected object count: 020:13:54.0758 4796 Actual detected object count: 020:27:17.0705 4556 Deinitialize success Link to post Share on other sites More sharing options...
Staff screen317 Posted September 12, 2012 Staff ID:596166 Share Posted September 12, 2012 Hi,Hiding the update appears to be fine, yes.Run TFC by OldTimer to clear temporary files:Open TFC.exe if you already have it. If not, please download TFC from here and save it to your desktop.Close any open programs and Internet browsers.Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.Please be patient as clearing out temp files may take a while.Once it completes you may be prompted to restart your computer, please do so.Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstallThis uninstalls all of ComboFix's components.Delete SecurityCheck and TDSSKiller.After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall Java (if present):Restart your computer.Get the latest version of Java, Adobe Reader, and Adobe Flash Player.Let me know what issues remain. Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 24, 2012 ID:600713 Share Posted September 24, 2012 @ duerrlDo you still need help? Are you still with us ? Link to post Share on other sites More sharing options...
Staff screen317 Posted September 25, 2012 Staff ID:601182 Share Posted September 25, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts