20 replies to this topic

[Wofstar]

Howdy, My computer has been running slower and slower over the past week or so, and today I was trying to edit a video for class and the video lagged to a standstill. So I ran Malware-bytes and Avast and came up with nothing...but now every program I try and open lags, and several wont load at all. Even right-clicking on something locks the computer up and forces me to close the program. Please Help, I need to try and get this cleared up as soon as possible so that I can get back to class without issues. Cheers, wofstar



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by AngelsBaby at 13:00:20 on 2012-05-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4086.2476 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\HPSIsvc.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroDist.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\Explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = <local>;*.local
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Facebook Update] "C:\Users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [AdobeBridge]
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
mRun: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
StartupFolder: C:\Users\ANGELS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HUGHES~1.LNK - C:\Program Files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\2456C6B696E6E233638303 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\24573797C496F6E6 : DhcpNameServer = 67.142.162.12 67.142.162.13
TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\24573797C496F6E6D27657563747 : DhcpNameServer = 67.142.162.12 67.142.162.13
TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\642716E6B6C696E60205162796378602C4962627162797 : DhcpNameServer = 192.168.10.4 199.80.64.22
TCP: Interfaces\{ACAE1D61-EC75-4842-8462-AC6187609F75}\65562796A7F6E602D494649443531303C4022423644302355636572756 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F8733702-2991-4A82-A09A-5C9627727867} : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO-X64: NCO 2.0 IE BHO - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
mRun-x64: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [(Default)]
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\AngelsBaby\AppData\Roaming\Mozilla\Firefox\Profiles\vren65jd.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\AngelsBaby\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-23 44768]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-5-11 362296]
R2 HPSIService;HP SI Service;C:\Windows\system32\HPSIsvc.exe --> C:\Windows\system32\HPSIsvc.exe [?]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-4-15 1038088]
S3 HP1210FAX;HP1210MFP FAX;C:\Windows\system32\Drivers\HPM1210FAX.sys --> C:\Windows\system32\Drivers\HPM1210FAX.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 129976]
S3 mvusbews;USB EWS Device;C:\Windows\system32\Drivers\mvusbews.sys --> C:\Windows\system32\Drivers\mvusbews.sys [?]
S3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\system32\drivers\NMgamingms.sys --> C:\Windows\system32\drivers\NMgamingms.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2012-05-17 05:03:23 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\PACE Anti-Piracy
2012-05-17 05:03:23 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\PACE Anti-Piracy
2012-05-17 05:03:23 -------- d-----w- C:\ProgramData\PACE Anti-Piracy
2012-05-17 05:02:50 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\PDAppFlex
2012-05-17 05:02:08 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-05-17 04:58:02 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2012-05-17 04:58:02 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2012-05-17 04:58:02 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2012-05-17 04:58:02 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-05-17 04:58:01 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2012-05-17 04:57:56 -------- d-----w- C:\Program Files (x86)\My Company Name
2012-05-17 03:56:48 -------- d-----w- C:\Users\AngelsBaby\Adobe Premiere Pro CS6
2012-05-17 03:55:46 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-05-17 03:55:41 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2012-05-16 05:27:36 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BFBD76F6-95AC-48C9-B36C-B68F8C3B79C3}\mpengine.dll
2012-05-11 03:34:15 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{87AE94FD-08AC-44BD-AB4F-FA0C7FEEFBDA}
2012-05-11 03:34:02 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{3F5E7BBF-1B47-46A3-9ADC-ECA6D7EF470C}
2012-05-11 03:33:55 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{6C37D842-C0B2-40AD-BC46-AFE38A630255}
2012-05-11 03:33:36 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{93710D18-27E0-4162-91C4-A0B065506625}
2012-05-10 02:11:03 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-10 02:10:26 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-10 02:10:25 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-10 02:09:58 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-10 02:09:55 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-10 02:09:52 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-10 02:09:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-10 02:08:38 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-10 02:08:38 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 02:08:37 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 02:08:34 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-10 02:08:34 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-10 02:08:05 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 05:15:02 -------- d-----w- C:\Users\AngelsBaby\AppData\Roaming\Magic Set Editor
2012-05-07 18:02:35 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{30BD16AE-D78F-434F-8316-12DB5D170502}
2012-05-07 18:02:19 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{9367D68D-A4D1-49BA-BEE8-65F77BED6DB1}
2012-05-06 05:20:02 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{24E45107-EE61-4852-82DA-891432A777EC}
2012-05-06 05:19:49 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{EDB5B7D3-9DFA-4272-8ABF-8908D36BF099}
2012-05-03 15:55:42 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-03 15:55:34 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-03 15:55:34 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-05-02 02:20:58 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{480E2017-074E-4BEA-8D0E-E30D809A8428}
2012-05-02 02:20:46 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{B3E61E5C-A5C7-439A-AD71-D75D433E9E4C}
2012-05-02 02:20:05 -------- d-----w- C:\Windows\en
2012-05-02 02:16:00 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DSETUP.dll
2012-05-02 02:16:00 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DXSETUP.exe
2012-05-02 02:16:00 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\dsetup32.dll
2012-05-02 02:16:00 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\848e79be1cd280902\MeshBetaRemover.exe
2012-05-02 02:15:22 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{808D5506-C084-4417-8915-A91A7F30224A}
2012-05-02 02:15:10 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{2779E0C1-BCB2-494E-93F0-5F5E33380E2D}
2012-05-02 02:00:07 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{E0001306-4527-4C0E-A1A6-EDC9DA51DAB2}
2012-05-02 01:59:44 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\{660FCA22-3B9D-4FC8-9CE6-F4F0A5105968}
2012-04-24 15:13:51 -------- d-----w- C:\Program Files (x86)\VitalSource Bookshelf
2012-04-22 06:55:10 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\LogiShrd
2012-04-21 17:22:19 -------- d-----w- C:\Users\AngelsBaby\AppData\Local\Logitech® Webcam Software
2012-04-21 16:58:46 53248 ----a-r- C:\Users\AngelsBaby\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-04-21 16:55:38 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2012-04-21 16:33:40 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2012-04-21 16:29:44 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-04-21 16:25:43 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-05-10 03:48:11 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-13 01:56:40 947472 ----a-w- C:\Windows\SysWow64\msjava.dll
2012-03-08 23:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 23:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr
2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-03-06 23:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-03-05 17:12:53 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-23 15:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 13:01:18.28 ===============

Attached Files

•  Attach.txt   11.54K   9 downloads
•  DDS.txt   28.1K   7 downloads

[MrCharlie]

Welcome to the forum.

Before we proceed further, please uninstall or disable BitTorrent and any other peer-to-peer filesharing app.
Continued use of filesharing or ill-advised downloads will surely re-infect your system.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

It's also against our policy:
http://forums.malwar...showtopic=97700

MrC

[Wofstar]

Oops! I thought I had already uninstalled that! I downloaded it to get the "Wedding March" for my cousins wedding and then deleted the desktop icons and such instead of actually uninstalling it. I haven't used that program in months. It is uninstalled now.

Cheers,
Wofstar

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

---------------------------------------

Then........

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)
Post back the report.

MrC

[Wofstar]

Alrighty, everything is done and attached below:

Attached Files

•  mbam-log-2012-05-19 (10-00-26).txt   1.83K   8 downloads
•  RKreport1.txt   1.23K   10 downloads

[MrCharlie]

Both of the logs look OK.

Please do this.............


Please make sure system restore is running and create a new restore point before continuing.
XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.



-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.



----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:


If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[Wofstar]

13:53:23.0484 5924 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
13:53:25.0487 5924 ============================================================
13:53:25.0487 5924 Current date / time: 2012/05/20 13:53:25.0487
13:53:25.0487 5924 SystemInfo:
13:53:25.0487 5924
13:53:25.0487 5924 OS Version: 6.1.7601 ServicePack: 1.0
13:53:25.0487 5924 Product type: Workstation
13:53:25.0487 5924 ComputerName: ANGELSBABY-LT
13:53:25.0499 5924 UserName: AngelsBaby
13:53:25.0499 5924 Windows directory: C:\Windows
13:53:25.0499 5924 System windows directory: C:\Windows
13:53:25.0499 5924 Running under WOW64
13:53:25.0499 5924 Processor architecture: Intel x64
13:53:25.0499 5924 Number of processors: 2
13:53:25.0499 5924 Page size: 0x1000
13:53:25.0499 5924 Boot type: Normal boot
13:53:25.0499 5924 ============================================================
13:53:27.0306 5924 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:53:27.0314 5924 ============================================================
13:53:27.0314 5924 \Device\Harddisk0\DR0:
13:53:27.0314 5924 MBR partitions:
13:53:27.0314 5924 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B7FF530
13:53:27.0314 5924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B7FF56F, BlocksNum 0x19C5012
13:53:27.0314 5924 ============================================================
13:53:27.0365 5924 C: <-> \Device\Harddisk0\DR0\Partition0
13:53:27.0427 5924 D: <-> \Device\Harddisk0\DR0\Partition1
13:53:27.0427 5924 ============================================================
13:53:27.0427 5924 Initialize success
13:53:27.0427 5924 ============================================================
13:53:58.0827 4308 ============================================================
13:53:58.0827 4308 Scan started
13:53:58.0827 4308 Mode: Manual; SigCheck; TDLFS;
13:53:58.0827 4308 ============================================================
13:53:59.0670 4308 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:53:59.0820 4308 1394ohci - ok
13:53:59.0872 4308 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:53:59.0895 4308 ACPI - ok
13:53:59.0983 4308 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:54:00.0020 4308 AcpiPmi - ok
13:54:00.0081 4308 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
13:54:00.0246 4308 adfs - ok
13:54:00.0401 4308 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
13:54:00.0419 4308 Adobe Version Cue CS4 - ok
13:54:00.0512 4308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:54:00.0539 4308 adp94xx - ok
13:54:00.0580 4308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:54:00.0603 4308 adpahci - ok
13:54:00.0622 4308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:54:00.0642 4308 adpu320 - ok
13:54:00.0688 4308 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:54:00.0746 4308 AeLookupSvc - ok
13:54:00.0817 4308 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:54:00.0872 4308 AFD - ok
13:54:00.0926 4308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:54:00.0944 4308 agp440 - ok
13:54:00.0984 4308 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:54:01.0025 4308 ALG - ok
13:54:01.0074 4308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:54:01.0097 4308 aliide - ok
13:54:01.0123 4308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:54:01.0140 4308 amdide - ok
13:54:01.0198 4308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:54:01.0233 4308 AmdK8 - ok
13:54:01.0252 4308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:54:01.0295 4308 AmdPPM - ok
13:54:01.0348 4308 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:54:01.0367 4308 amdsata - ok
13:54:01.0428 4308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:54:01.0449 4308 amdsbs - ok
13:54:01.0467 4308 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:54:01.0483 4308 amdxata - ok
13:54:01.0538 4308 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:54:01.0604 4308 AppID - ok
13:54:01.0643 4308 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:54:01.0698 4308 AppIDSvc - ok
13:54:01.0736 4308 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:54:01.0800 4308 Appinfo - ok
13:54:02.0005 4308 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:54:02.0020 4308 Apple Mobile Device - ok
13:54:02.0098 4308 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:54:02.0119 4308 arc - ok
13:54:02.0153 4308 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:54:02.0172 4308 arcsas - ok
13:54:02.0239 4308 aspnet_state - ok
13:54:02.0322 4308 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
13:54:02.0339 4308 aswFsBlk - ok
13:54:02.0416 4308 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
13:54:02.0432 4308 aswMonFlt - ok
13:54:02.0498 4308 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
13:54:02.0514 4308 aswRdr - ok
13:54:02.0588 4308 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
13:54:02.0621 4308 aswSnx - ok
13:54:02.0679 4308 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
13:54:02.0701 4308 aswSP - ok
13:54:02.0753 4308 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
13:54:02.0769 4308 aswTdi - ok
13:54:02.0831 4308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:54:02.0896 4308 AsyncMac - ok
13:54:02.0950 4308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:54:02.0968 4308 atapi - ok
13:54:03.0042 4308 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:54:03.0128 4308 AudioEndpointBuilder - ok
13:54:03.0142 4308 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:54:03.0194 4308 AudioSrv - ok
13:54:03.0314 4308 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:54:03.0328 4308 avast! Antivirus - ok
13:54:03.0392 4308 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:54:03.0436 4308 AxInstSV - ok
13:54:03.0513 4308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:54:03.0556 4308 b06bdrv - ok
13:54:03.0596 4308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:54:03.0642 4308 b57nd60a - ok
13:54:03.0699 4308 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:54:03.0726 4308 BDESVC - ok
13:54:03.0755 4308 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:54:03.0824 4308 Beep - ok
13:54:03.0921 4308 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:54:03.0988 4308 BFE - ok
13:54:04.0038 4308 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
13:54:04.0140 4308 BITS - ok
13:54:04.0245 4308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:54:04.0278 4308 blbdrive - ok
13:54:04.0404 4308 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:54:04.0425 4308 Bonjour Service - ok
13:54:04.0484 4308 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:54:04.0502 4308 bowser - ok
13:54:04.0550 4308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:54:04.0585 4308 BrFiltLo - ok
13:54:04.0600 4308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:54:04.0621 4308 BrFiltUp - ok
13:54:04.0673 4308 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:54:04.0735 4308 Browser - ok
13:54:04.0762 4308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:54:04.0823 4308 Brserid - ok
13:54:04.0837 4308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:54:04.0875 4308 BrSerWdm - ok
13:54:04.0898 4308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:54:04.0933 4308 BrUsbMdm - ok
13:54:04.0948 4308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:54:04.0972 4308 BrUsbSer - ok
13:54:05.0021 4308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:54:05.0051 4308 BTHMODEM - ok
13:54:05.0099 4308 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:54:05.0154 4308 bthserv - ok
13:54:05.0168 4308 catchme - ok
13:54:05.0211 4308 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:54:05.0265 4308 cdfs - ok
13:54:05.0339 4308 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:54:05.0373 4308 cdrom - ok
13:54:05.0451 4308 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:54:05.0514 4308 CertPropSvc - ok
13:54:05.0574 4308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:54:05.0617 4308 circlass - ok
13:54:05.0665 4308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:54:05.0689 4308 CLFS - ok
13:54:05.0787 4308 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:54:05.0803 4308 clr_optimization_v2.0.50727_32 - ok
13:54:05.0879 4308 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:54:05.0895 4308 clr_optimization_v2.0.50727_64 - ok
13:54:06.0011 4308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:54:06.0028 4308 clr_optimization_v4.0.30319_32 - ok
13:54:06.0051 4308 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:54:06.0067 4308 clr_optimization_v4.0.30319_64 - ok
13:54:06.0123 4308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:54:06.0160 4308 CmBatt - ok
13:54:06.0196 4308 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:54:06.0213 4308 cmdide - ok
13:54:06.0269 4308 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:54:06.0302 4308 CNG - ok
13:54:06.0469 4308 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
13:54:06.0493 4308 Com4Qlb ( UnsignedFile.Multi.Generic ) - warning
13:54:06.0493 4308 Com4Qlb - detected UnsignedFile.Multi.Generic (1)
13:54:06.0548 4308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:54:06.0564 4308 Compbatt - ok
13:54:06.0614 4308 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:54:06.0647 4308 CompositeBus - ok
13:54:06.0662 4308 COMSysApp - ok
13:54:06.0687 4308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:54:06.0703 4308 crcdisk - ok
13:54:06.0753 4308 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
13:54:06.0815 4308 CryptSvc - ok
13:54:06.0886 4308 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:54:06.0978 4308 DcomLaunch - ok
13:54:07.0032 4308 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:54:07.0116 4308 defragsvc - ok
13:54:07.0196 4308 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:54:07.0254 4308 DfsC - ok
13:54:07.0347 4308 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:54:07.0404 4308 Dhcp - ok
13:54:07.0445 4308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:54:07.0525 4308 discache - ok
13:54:07.0572 4308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:54:07.0590 4308 Disk - ok
13:54:07.0638 4308 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:54:07.0676 4308 Dnscache - ok
13:54:07.0729 4308 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:54:07.0783 4308 dot3svc - ok
13:54:07.0844 4308 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
13:54:07.0890 4308 Dot4 - ok
13:54:07.0905 4308 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:54:07.0938 4308 Dot4Print - ok
13:54:07.0954 4308 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
13:54:07.0991 4308 dot4usb - ok
13:54:08.0029 4308 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:54:08.0079 4308 DPS - ok
13:54:08.0120 4308 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:54:08.0154 4308 drmkaud - ok
13:54:08.0238 4308 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:54:08.0275 4308 DXGKrnl - ok
13:54:08.0331 4308 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:54:08.0391 4308 EapHost - ok
13:54:08.0561 4308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:54:08.0719 4308 ebdrv - ok
13:54:08.0857 4308 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:54:08.0897 4308 EFS - ok
13:54:08.0999 4308 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:54:09.0044 4308 ehRecvr - ok
13:54:09.0084 4308 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:54:09.0105 4308 ehSched - ok
13:54:09.0233 4308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:54:09.0260 4308 elxstor - ok
13:54:09.0296 4308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:54:09.0333 4308 ErrDev - ok
13:54:09.0405 4308 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:54:09.0470 4308 EventSystem - ok
13:54:09.0514 4308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:54:09.0560 4308 exfat - ok
13:54:09.0589 4308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:54:09.0648 4308 fastfat - ok
13:54:09.0729 4308 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:54:09.0775 4308 Fax - ok
13:54:09.0827 4308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:54:09.0863 4308 fdc - ok
13:54:09.0906 4308 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:54:09.0972 4308 fdPHost - ok
13:54:09.0985 4308 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:54:10.0042 4308 FDResPub - ok
13:54:10.0058 4308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:54:10.0076 4308 FileInfo - ok
13:54:10.0085 4308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:54:10.0138 4308 Filetrace - ok
13:54:10.0276 4308 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:54:10.0302 4308 FLEXnet Licensing Service - ok
13:54:10.0432 4308 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:54:10.0466 4308 FLEXnet Licensing Service 64 - ok
13:54:10.0673 4308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:54:10.0692 4308 flpydisk - ok
13:54:10.0767 4308 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:54:10.0789 4308 FltMgr - ok
13:54:10.0873 4308 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:54:10.0911 4308 FontCache - ok
13:54:10.0994 4308 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:54:11.0008 4308 FontCache3.0.0.0 - ok
13:54:11.0097 4308 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:54:11.0114 4308 FsDepends - ok
13:54:11.0156 4308 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:54:11.0172 4308 Fs_Rec - ok
13:54:11.0234 4308 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:54:11.0257 4308 fvevol - ok
13:54:11.0291 4308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:54:11.0308 4308 gagp30kx - ok
13:54:11.0396 4308 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:54:11.0410 4308 GEARAspiWDM - ok
13:54:11.0490 4308 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:54:11.0554 4308 gpsvc - ok
13:54:11.0590 4308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:54:11.0621 4308 hcw85cir - ok
13:54:11.0672 4308 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:54:11.0701 4308 HDAudBus - ok
13:54:11.0717 4308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:54:11.0753 4308 HidBatt - ok
13:54:11.0779 4308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:54:11.0802 4308 HidBth - ok
13:54:11.0822 4308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:54:11.0873 4308 HidIr - ok
13:54:11.0909 4308 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:54:11.0966 4308 hidserv - ok
13:54:12.0047 4308 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:54:12.0066 4308 HidUsb - ok
13:54:12.0106 4308 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:54:12.0177 4308 hkmsvc - ok
13:54:12.0232 4308 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:54:12.0283 4308 HomeGroupListener - ok
13:54:12.0322 4308 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:54:12.0372 4308 HomeGroupProvider - ok
13:54:12.0538 4308 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:54:12.0556 4308 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
13:54:12.0556 4308 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
13:54:12.0602 4308 HP1210FAX (0570a17a2e5001b97e20c15b4fc516ae) C:\Windows\system32\Drivers\HPM1210FAX.sys
13:54:12.0625 4308 HP1210FAX - ok
13:54:12.0787 4308 HPM1210RcvFaxSrvc (f8f686d62121549377d9e1cdf6bc3441) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
13:54:12.0809 4308 HPM1210RcvFaxSrvc - ok
13:54:12.0924 4308 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:54:20.0670 4308 hpqcxs08 - ok
13:54:20.0763 4308 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:54:20.0781 4308 hpqddsvc - ok
13:54:20.0829 4308 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:54:20.0856 4308 HpqKbFiltr - ok
13:54:20.0877 4308 HpqRemHid (e53d53d66d61794af8160741946d0b43) C:\Windows\system32\DRIVERS\HpqRemHid.sys
13:54:20.0912 4308 HpqRemHid - ok
13:54:20.0958 4308 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:54:20.0974 4308 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
13:54:20.0974 4308 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
13:54:21.0028 4308 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:54:21.0048 4308 HpSAMD - ok
13:54:21.0104 4308 HPSIService (4e9cae3200a46135de01ce22baf832be) C:\Windows\system32\HPSIsvc.exe
13:54:21.0122 4308 HPSIService - ok
13:54:21.0219 4308 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:54:21.0246 4308 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:54:21.0246 4308 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:54:21.0393 4308 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:54:21.0456 4308 HTTP - ok
13:54:21.0503 4308 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:54:21.0519 4308 hwpolicy - ok
13:54:21.0569 4308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:54:21.0590 4308 i8042prt - ok
13:54:21.0710 4308 IAANTMON (681ef6e0cc7bbaa0c09acabeb91f669e) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:54:21.0731 4308 IAANTMON - ok
13:54:21.0793 4308 iaStor (16a4671255cfb842225f0fdb6dbdb414) C:\Windows\system32\DRIVERS\iaStor.sys
13:54:21.0811 4308 iaStor - ok
13:54:21.0877 4308 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:54:21.0901 4308 iaStorV - ok
13:54:21.0990 4308 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:54:22.0012 4308 IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:54:22.0012 4308 IDriverT - detected UnsignedFile.Multi.Generic (1)
13:54:22.0135 4308 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:54:22.0170 4308 idsvc - ok
13:54:22.0659 4308 igfx (24cc43ecdeefd4c19fbbee4951b647f1) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:54:22.0896 4308 igfx - ok
13:54:23.0124 4308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:54:23.0142 4308 iirsp - ok
13:54:23.0215 4308 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:54:23.0286 4308 IKEEXT - ok
13:54:23.0398 4308 IntcAzAudAddService (04c6489a44e340574daae64a6062541c) C:\Windows\system32\drivers\RTKVHD64.sys
13:54:23.0453 4308 IntcAzAudAddService - ok
13:54:23.0640 4308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:54:23.0657 4308 intelide - ok
13:54:23.0713 4308 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:54:23.0742 4308 intelppm - ok
13:54:23.0786 4308 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:54:23.0832 4308 IPBusEnum - ok
13:54:23.0875 4308 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:54:23.0929 4308 IpFilterDriver - ok
13:54:23.0965 4308 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:54:24.0031 4308 iphlpsvc - ok
13:54:24.0069 4308 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:54:24.0107 4308 IPMIDRV - ok
13:54:24.0147 4308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:54:24.0204 4308 IPNAT - ok
13:54:24.0332 4308 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
13:54:24.0365 4308 iPod Service - ok
13:54:24.0431 4308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:54:24.0468 4308 IRENUM - ok
13:54:24.0516 4308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:54:24.0533 4308 isapnp - ok
13:54:24.0557 4308 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:54:24.0578 4308 iScsiPrt - ok
13:54:24.0615 4308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:54:24.0631 4308 kbdclass - ok
13:54:24.0661 4308 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:54:24.0690 4308 kbdhid - ok
13:54:24.0738 4308 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:54:24.0757 4308 KeyIso - ok
13:54:24.0771 4308 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:54:24.0789 4308 KSecDD - ok
13:54:24.0815 4308 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:54:24.0834 4308 KSecPkg - ok
13:54:24.0888 4308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:54:24.0941 4308 ksthunk - ok
13:54:24.0988 4308 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:54:25.0059 4308 KtmRm - ok
13:54:25.0137 4308 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
13:54:25.0202 4308 LanmanServer - ok
13:54:25.0249 4308 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:54:25.0307 4308 LanmanWorkstation - ok
13:54:25.0438 4308 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:54:25.0453 4308 LightScribeService - ok
13:54:25.0498 4308 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:54:25.0550 4308 lltdio - ok
13:54:25.0605 4308 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:54:25.0667 4308 lltdsvc - ok
13:54:25.0688 4308 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:54:25.0735 4308 lmhosts - ok
13:54:25.0776 4308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:54:25.0794 4308 LSI_FC - ok
13:54:25.0832 4308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:54:25.0850 4308 LSI_SAS - ok
13:54:25.0873 4308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:54:25.0890 4308 LSI_SAS2 - ok
13:54:25.0919 4308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:54:25.0937 4308 LSI_SCSI - ok
13:54:25.0959 4308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:54:26.0018 4308 luafv - ok
13:54:26.0085 4308 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
13:54:26.0107 4308 LVRS64 - ok
13:54:26.0355 4308 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
13:54:26.0536 4308 LVUVC64 - ok
13:54:26.0680 4308 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:54:26.0720 4308 Mcx2Svc - ok
13:54:26.0798 4308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:54:26.0815 4308 megasas - ok
13:54:26.0850 4308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:54:26.0871 4308 MegaSR - ok
13:54:26.0916 4308 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:54:26.0976 4308 MMCSS - ok
13:54:26.0997 4308 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:54:27.0053 4308 Modem - ok
13:54:27.0113 4308 MODEMCSA (e38aef079cd3bcfa19f2072a214f829d) C:\Windows\system32\drivers\MODEMCSA.sys
13:54:27.0160 4308 MODEMCSA - ok
13:54:27.0203 4308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:54:27.0235 4308 monitor - ok
13:54:27.0326 4308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:54:27.0343 4308 mouclass - ok
13:54:27.0372 4308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:54:27.0391 4308 mouhid - ok
13:54:27.0433 4308 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:54:27.0451 4308 mountmgr - ok
13:54:27.0586 4308 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:54:27.0603 4308 MozillaMaintenance - ok
13:54:27.0639 4308 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:54:27.0658 4308 mpio - ok
13:54:27.0707 4308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:54:27.0751 4308 mpsdrv - ok
13:54:27.0830 4308 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:54:27.0902 4308 MpsSvc - ok
13:54:27.0946 4308 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:54:27.0991 4308 MRxDAV - ok
13:54:28.0029 4308 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:54:28.0064 4308 mrxsmb - ok
13:54:28.0118 4308 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:54:28.0155 4308 mrxsmb10 - ok
13:54:28.0177 4308 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:54:28.0198 4308 mrxsmb20 - ok
13:54:28.0241 4308 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:54:28.0258 4308 msahci - ok
13:54:28.0299 4308 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:54:28.0318 4308 msdsm - ok
13:54:28.0359 4308 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:54:28.0396 4308 MSDTC - ok
13:54:28.0461 4308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:54:28.0505 4308 Msfs - ok
13:54:28.0527 4308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:54:28.0570 4308 mshidkmdf - ok
13:54:28.0576 4308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:54:28.0615 4308 msisadrv - ok
13:54:28.0656 4308 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:54:28.0717 4308 MSiSCSI - ok
13:54:28.0722 4308 msiserver - ok
13:54:28.0760 4308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:54:28.0821 4308 MSKSSRV - ok
13:54:28.0840 4308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:54:28.0897 4308 MSPCLOCK - ok
13:54:28.0916 4308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:54:28.0970 4308 MSPQM - ok
13:54:29.0038 4308 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:54:29.0063 4308 MsRPC - ok
13:54:29.0107 4308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:54:29.0124 4308 mssmbios - ok
13:54:29.0169 4308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:54:29.0232 4308 MSTEE - ok
13:54:29.0255 4308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:54:29.0273 4308 MTConfig - ok
13:54:29.0308 4308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:54:29.0325 4308 Mup - ok
13:54:29.0372 4308 mvusbews (09818558c2579b45d78ab18a759b0ca8) C:\Windows\system32\Drivers\mvusbews.sys
13:54:29.0395 4308 mvusbews - ok
13:54:29.0450 4308 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:54:29.0503 4308 napagent - ok
13:54:29.0555 4308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:54:29.0596 4308 NativeWifiP - ok
13:54:29.0656 4308 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:54:29.0687 4308 NDIS - ok
13:54:29.0729 4308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:54:29.0772 4308 NdisCap - ok
13:54:29.0799 4308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:54:29.0842 4308 NdisTapi - ok
13:54:29.0901 4308 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:54:29.0955 4308 Ndisuio - ok
13:54:29.0993 4308 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:54:30.0049 4308 NdisWan - ok
13:54:30.0092 4308 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:54:30.0134 4308 NDProxy - ok
13:54:30.0194 4308 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
13:54:30.0217 4308 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:54:30.0217 4308 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:54:30.0276 4308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:54:30.0319 4308 NetBIOS - ok
13:54:30.0364 4308 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:54:30.0421 4308 NetBT - ok
13:54:30.0462 4308 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:54:30.0481 4308 Netlogon - ok
13:54:30.0547 4308 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:54:30.0612 4308 Netman - ok
13:54:30.0662 4308 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:54:30.0721 4308 netprofm - ok
13:54:30.0821 4308 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:54:30.0837 4308 NetTcpPortSharing - ok
13:54:31.0104 4308 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
13:54:31.0296 4308 netw5v64 - ok
13:54:31.0509 4308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:54:31.0527 4308 nfrd960 - ok
13:54:31.0604 4308 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:54:31.0652 4308 NlaSvc - ok
13:54:31.0721 4308 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys
13:54:31.0746 4308 NMgamingmsFltr - ok
13:54:31.0779 4308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:54:31.0823 4308 Npfs - ok
13:54:31.0874 4308 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:54:31.0919 4308 nsi - ok
13:54:31.0954 4308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:54:32.0013 4308 nsiproxy - ok
13:54:32.0127 4308 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:54:32.0179 4308 Ntfs - ok
13:54:32.0360 4308 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:54:32.0402 4308 Null - ok
13:54:32.0464 4308 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:54:32.0483 4308 nvraid - ok
13:54:32.0505 4308 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:54:32.0525 4308 nvstor - ok
13:54:32.0587 4308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:54:32.0605 4308 nv_agp - ok
13:54:32.0756 4308 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:54:32.0780 4308 odserv - ok
13:54:32.0815 4308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:54:32.0845 4308 ohci1394 - ok
13:54:32.0886 4308 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:54:32.0902 4308 ose - ok
13:54:32.0952 4308 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:54:32.0985 4308 p2pimsvc - ok
13:54:33.0039 4308 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:54:33.0068 4308 p2psvc - ok
13:54:33.0116 4308 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:54:33.0136 4308 Parport - ok
13:54:33.0189 4308 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:54:33.0206 4308 partmgr - ok
13:54:33.0232 4308 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:54:33.0276 4308 PcaSvc - ok
13:54:33.0331 4308 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:54:33.0351 4308 pci - ok
13:54:33.0372 4308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:54:33.0388 4308 pciide - ok
13:54:33.0435 4308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:54:33.0456 4308 pcmcia - ok
13:54:33.0484 4308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:54:33.0501 4308 pcw - ok
13:54:33.0545 4308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:54:33.0614 4308 PEAUTH - ok
13:54:33.0716 4308 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:54:33.0755 4308 PerfHost - ok
13:54:33.0926 4308 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:54:34.0002 4308 pla - ok
13:54:34.0058 4308 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:54:34.0094 4308 PlugPlay - ok
13:54:34.0186 4308 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
13:54:34.0203 4308 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:54:34.0203 4308 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:54:34.0252 4308 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:54:34.0287 4308 PNRPAutoReg - ok
13:54:34.0319 4308 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:54:34.0343 4308 PNRPsvc - ok
13:54:34.0402 4308 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:54:34.0461 4308 PolicyAgent - ok
13:54:34.0508 4308 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:54:34.0566 4308 Power - ok
13:54:34.0648 4308 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:54:34.0701 4308 PptpMiniport - ok
13:54:34.0736 4308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:54:34.0776 4308 Processor - ok
13:54:34.0847 4308 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
13:54:34.0909 4308 ProfSvc - ok
13:54:34.0951 4308 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:54:34.0969 4308 ProtectedStorage - ok
13:54:35.0038 4308 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:54:35.0085 4308 Psched - ok
13:54:35.0154 4308 PxHlpa64 (bc08f7f3c53cbee68670ed1314e290fd) C:\Windows\system32\Drivers\PxHlpa64.sys
13:54:35.0169 4308 PxHlpa64 - ok
13:54:35.0252 4308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:54:35.0301 4308 ql2300 - ok
13:54:35.0486 4308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:54:35.0505 4308 ql40xx - ok
13:54:35.0707 4308 QPCapSvc (ba396d1c71934e22679d3f4dac17e7ab) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
13:54:35.0725 4308 QPCapSvc - ok
13:54:35.0745 4308 QPSched (4b455e8c41cad3219ccf53024dcad604) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
13:54:35.0760 4308 QPSched - ok
13:54:35.0817 4308 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:54:35.0845 4308 QWAVE - ok
13:54:35.0866 4308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:54:35.0901 4308 QWAVEdrv - ok
13:54:35.0925 4308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:54:35.0985 4308 RasAcd - ok
13:54:36.0042 4308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:54:36.0085 4308 RasAgileVpn - ok
13:54:36.0135 4308 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:54:36.0195 4308 RasAuto - ok
13:54:36.0241 4308 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:54:36.0298 4308 Rasl2tp - ok
13:54:36.0347 4308 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:54:36.0397 4308 RasMan - ok
13:54:36.0445 4308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:54:36.0507 4308 RasPppoe - ok
13:54:36.0540 4308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:54:36.0593 4308 RasSstp - ok
13:54:36.0647 4308 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:54:36.0709 4308 rdbss - ok
13:54:36.0749 4308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:54:36.0786 4308 rdpbus - ok
13:54:36.0803 4308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:54:36.0846 4308 RDPCDD - ok
13:54:36.0876 4308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:54:36.0932 4308 RDPENCDD - ok
13:54:36.0941 4308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:54:36.0984 4308 RDPREFMP - ok
13:54:37.0038 4308 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:54:37.0068 4308 RDPWD - ok
13:54:37.0141 4308 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:54:37.0161 4308 rdyboost - ok
13:54:37.0206 4308 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:54:37.0260 4308 RemoteAccess - ok
13:54:37.0297 4308 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:54:37.0362 4308 RemoteRegistry - ok
13:54:37.0411 4308 rimmptsk (e31960692cbb3a8bcdf300bc1d889e1f) C:\Windows\system32\DRIVERS\rimmpx64.sys
13:54:37.0438 4308 rimmptsk - ok
13:54:37.0456 4308 rimsptsk (82356915157ab59064a24993ae5be8aa) C:\Windows\system32\DRIVERS\rimspx64.sys
13:54:37.0478 4308 rimsptsk - ok
13:54:37.0496 4308 rismxdp (c01a92a546854a3e34103b642f0f94a1) C:\Windows\system32\DRIVERS\rixdpx64.sys
13:54:37.0519 4308 rismxdp - ok
13:54:37.0566 4308 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:54:37.0626 4308 RpcEptMapper - ok
13:54:37.0676 4308 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:54:37.0711 4308 RpcLocator - ok
13:54:37.0781 4308 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:54:37.0832 4308 RpcSs - ok
13:54:37.0874 4308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:54:37.0919 4308 rspndr - ok
13:54:37.0982 4308 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:54:38.0014 4308 RTL8167 - ok
13:54:38.0062 4308 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:54:38.0081 4308 SamSs - ok
13:54:38.0117 4308 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:54:38.0135 4308 sbp2port - ok
13:54:38.0183 4308 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:54:38.0244 4308 SCardSvr - ok
13:54:38.0285 4308 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:54:38.0340 4308 scfilter - ok
13:54:38.0440 4308 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:54:38.0503 4308 Schedule - ok
13:54:38.0556 4308 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:54:38.0598 4308 SCPolicySvc - ok
13:54:38.0653 4308 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
13:54:38.0676 4308 sdbus - ok
13:54:38.0693 4308 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:54:38.0716 4308 SDRSVC - ok
13:54:38.0767 4308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:54:38.0811 4308 secdrv - ok
13:54:38.0853 4308 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:54:38.0908 4308 seclogon - ok
13:54:38.0956 4308 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
13:54:39.0014 4308 SENS - ok
13:54:39.0037 4308 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:54:39.0066 4308 SensrSvc - ok
13:54:39.0111 4308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:54:39.0148 4308 Serenum - ok
13:54:39.0214 4308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:54:39.0234 4308 Serial - ok
13:54:39.0292 4308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:54:39.0331 4308 sermouse - ok
13:54:39.0384 4308 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:54:39.0444 4308 SessionEnv - ok
13:54:39.0486 4308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:54:39.0524 4308 sffdisk - ok
13:54:39.0549 4308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:54:39.0586 4308 sffp_mmc - ok
13:54:39.0609 4308 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:54:39.0649 4308 sffp_sd - ok
13:54:39.0694 4308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:54:39.0734 4308 sfloppy - ok
13:54:39.0791 4308 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:54:39.0856 4308 SharedAccess - ok
13:54:39.0919 4308 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:54:39.0982 4308 ShellHWDetection - ok
13:54:40.0042 4308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:54:40.0059 4308 SiSRaid2 - ok
13:54:40.0082 4308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:54:40.0100 4308 SiSRaid4 - ok
13:54:40.0133 4308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:54:40.0178 4308 Smb - ok
13:54:40.0284 4308 smserial (22631aaf0ac9e9881ce76beac27d8030) C:\Windows\system32\DRIVERS\smserial.sys
13:54:40.0332 4308 smserial - ok
13:54:40.0397 4308 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:54:40.0437 4308 SNMPTRAP - ok
13:54:40.0487 4308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:54:40.0504 4308 spldr - ok
13:54:40.0575 4308 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:54:40.0628 4308 Spooler - ok
13:54:40.0815 4308 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:54:40.0924 4308 sppsvc - ok
13:54:41.0077 4308 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:54:41.0124 4308 sppuinotify - ok
13:54:41.0232 4308 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:54:41.0269 4308 srv - ok
13:54:41.0298 4308 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:54:41.0333 4308 srv2 - ok
13:54:41.0360 4308 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:54:41.0388 4308 srvnet - ok
13:54:41.0444 4308 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:54:41.0506 4308 SSDPSRV - ok
13:54:41.0528 4308 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:54:41.0575 4308 SstpSvc - ok
13:54:41.0670 4308 Steam Client Service - ok
13:54:41.0709 4308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:54:41.0726 4308 stexstor - ok
13:54:41.0767 4308 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
13:54:41.0799 4308 StillCam - ok
13:54:41.0880 4308 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:54:41.0933 4308 stisvc - ok
13:54:41.0977 4308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:54:41.0993 4308 swenum - ok
13:54:42.0108 4308 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:54:42.0154 4308 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
13:54:42.0154 4308 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
13:54:42.0227 4308 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:54:42.0281 4308 swprv - ok
13:54:42.0350 4308 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
13:54:42.0372 4308 SynTP - ok
13:54:42.0484 4308 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:54:42.0552 4308 SysMain - ok
13:54:42.0695 4308 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:54:42.0739 4308 TabletInputService - ok
13:54:42.0767 4308 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:54:42.0829 4308 TapiSrv - ok
13:54:42.0868 4308 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:54:42.0915 4308 TBS - ok
13:54:43.0099 4308 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:54:43.0156 4308 Tcpip - ok
13:54:43.0432 4308 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:54:43.0480 4308 TCPIP6 - ok
13:54:43.0675 4308 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:54:43.0725 4308 tcpipreg - ok
13:54:43.0785 4308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:54:43.0821 4308 TDPIPE - ok
13:54:43.0862 4308 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:54:43.0889 4308 TDTCP - ok
13:54:43.0950 4308 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:54:43.0992 4308 tdx - ok
13:54:44.0032 4308 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:54:44.0050 4308 TermDD - ok
13:54:44.0092 4308 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:54:44.0157 4308 TermService - ok
13:54:44.0192 4308 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:54:44.0230 4308 Themes - ok
13:54:44.0275 4308 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:54:44.0322 4308 THREADORDER - ok
13:54:44.0336 4308 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:54:44.0397 4308 TrkWks - ok
13:54:44.0473 4308 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:54:44.0533 4308 TrustedInstaller - ok
13:54:44.0575 4308 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:54:44.0630 4308 tssecsrv - ok
13:54:44.0692 4308 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:54:44.0710 4308 TsUsbFlt - ok
13:54:44.0778 4308 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:54:44.0833 4308 tunnel - ok
13:54:44.0868 4308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:54:44.0886 4308 uagp35 - ok
13:54:44.0940 4308 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:54:45.0001 4308 udfs - ok
13:54:45.0046 4308 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:54:45.0070 4308 UI0Detect - ok
13:54:45.0116 4308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:54:45.0134 4308 uliagpkx - ok
13:54:45.0186 4308 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:54:45.0219 4308 umbus - ok
13:54:45.0254 4308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:54:45.0292 4308 UmPass - ok
13:54:45.0410 4308 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:54:45.0433 4308 UMVPFSrv - ok
13:54:45.0486 4308 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:54:45.0552 4308 upnphost - ok
13:54:45.0604 4308 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:54:45.0632 4308 USBAAPL64 - ok
13:54:45.0687 4308 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:54:45.0726 4308 usbaudio - ok
13:54:45.0772 4308 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:54:45.0791 4308 usbccgp - ok
13:54:45.0831 4308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:54:45.0853 4308 usbcir - ok
13:54:45.0894 4308 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:54:45.0929 4308 usbehci - ok
13:54:45.0966 4308 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:54:46.0005 4308 usbhub - ok
13:54:46.0054 4308 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
13:54:46.0074 4308 usbohci - ok
13:54:46.0108 4308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:54:46.0143 4308 usbprint - ok
13:54:46.0186 4308 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:54:46.0216 4308 usbscan - ok
13:54:46.0263 4308 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:54:46.0291 4308 USBSTOR - ok
13:54:46.0326 4308 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
13:54:46.0357 4308 usbuhci - ok
13:54:46.0416 4308 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
13:54:46.0440 4308 usbvideo - ok
13:54:46.0490 4308 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:54:46.0549 4308 UxSms - ok
13:54:46.0597 4308 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:54:46.0615 4308 VaultSvc - ok
13:54:46.0637 4308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:54:46.0654 4308 vdrvroot - ok
13:54:46.0721 4308 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:54:46.0771 4308 vds - ok
13:54:46.0831 4308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:54:46.0852 4308 vga - ok
13:54:46.0867 4308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:54:46.0921 4308 VgaSave - ok
13:54:46.0972 4308 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:54:46.0993 4308 vhdmp - ok
13:54:47.0014 4308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:54:47.0031 4308 viaide - ok
13:54:47.0047 4308 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:54:47.0067 4308 volmgr - ok
13:54:47.0119 4308 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:54:47.0140 4308 volmgrx - ok
13:54:47.0174 4308 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:54:47.0196 4308 volsnap - ok
13:54:47.0262 4308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:54:47.0281 4308 vsmraid - ok
13:54:47.0410 4308 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:54:47.0497 4308 VSS - ok
13:54:47.0699 4308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:54:47.0730 4308 vwifibus - ok
13:54:47.0801 4308 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:54:47.0851 4308 W32Time - ok
13:54:47.0871 4308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:54:47.0890 4308 WacomPen - ok
13:54:47.0958 4308 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:54:48.0011 4308 WANARP - ok
13:54:48.0015 4308 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:54:48.0057 4308 Wanarpv6 - ok
13:54:48.0160 4308 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:54:48.0203 4308 WatAdminSvc - ok
13:54:48.0314 4308 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:54:48.0360 4308 wbengine - ok
13:54:48.0513 4308 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:54:48.0543 4308 WbioSrvc - ok
13:54:48.0601 4308 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:54:48.0641 4308 wcncsvc - ok
13:54:48.0664 4308 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:54:48.0685 4308 WcsPlugInService - ok
13:54:48.0773 4308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:54:48.0789 4308 Wd - ok
13:54:48.0847 4308 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
13:54:48.0861 4308 WDC_SAM - ok
13:54:48.0906 4308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:54:48.0935 4308 Wdf01000 - ok
13:54:48.0960 4308 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:54:48.0999 4308 WdiServiceHost - ok
13:54:49.0003 4308 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:54:49.0031 4308 WdiSystemHost - ok
13:54:49.0079 4308 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:54:49.0126 4308 WebClient - ok
13:54:49.0169 4308 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:54:49.0235 4308 Wecsvc - ok
13:54:49.0255 4308 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:54:49.0308 4308 wercplsupport - ok
13:54:49.0348 4308 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:54:49.0395 4308 WerSvc - ok
13:54:49.0504 4308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:54:49.0547 4308 WfpLwf - ok
13:54:49.0565 4308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:54:49.0582 4308 WIMMount - ok
13:54:49.0640 4308 WinDefend - ok
13:54:49.0649 4308 WinHttpAutoProxySvc - ok
13:54:49.0730 4308 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:54:49.0785 4308 Winmgmt - ok
13:54:49.0915 4308 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:54:50.0000 4308 WinRM - ok
13:54:50.0199 4308 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:54:50.0235 4308 WinUsb - ok
13:54:50.0325 4308 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:54:50.0376 4308 Wlansvc - ok
13:54:50.0472 4308 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:54:50.0486 4308 wlcrasvc - ok
13:54:50.0663 4308 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:54:50.0725 4308 wlidsvc - ok
13:54:50.0936 4308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:54:50.0970 4308 WmiAcpi - ok
13:54:51.0066 4308 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:54:51.0122 4308 wmiApSrv - ok
13:54:51.0199 4308 WMPNetworkSvc - ok
13:54:51.0261 4308 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:54:51.0282 4308 WPCSvc - ok
13:54:51.0326 4308 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:54:51.0351 4308 WPDBusEnum - ok
13:54:51.0387 4308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:54:51.0438 4308 ws2ifsl - ok
13:54:51.0464 4308 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
13:54:51.0508 4308 wscsvc - ok
13:54:51.0513 4308 WSearch - ok
13:54:51.0657 4308 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
13:54:51.0731 4308 wuauserv - ok
13:54:51.0925 4308 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:54:51.0981 4308 WudfPf - ok
13:54:52.0034 4308 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:54:52.0079 4308 WUDFRd - ok
13:54:52.0123 4308 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:54:52.0188 4308 wudfsvc - ok
13:54:52.0232 4308 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:54:52.0270 4308 WwanSvc - ok
13:54:52.0309 4308 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:54:53.0361 4308 \Device\Harddisk0\DR0 - ok
13:54:53.0365 4308 Boot (0x1200) (38768062373580b9042743b433655c45) \Device\Harddisk0\DR0\Partition0
13:54:53.0367 4308 \Device\Harddisk0\DR0\Partition0 - ok
13:54:53.0386 4308 Boot (0x1200) (0c01b14effef159d4bedb13ac952d81a) \Device\Harddisk0\DR0\Partition1
13:54:53.0388 4308 \Device\Harddisk0\DR0\Partition1 - ok
13:54:53.0388 4308 ============================================================
13:54:53.0388 4308 Scan finished
13:54:53.0388 4308 ============================================================
13:54:53.0453 1684 Detected object count: 8
13:54:53.0453 1684 Actual detected object count: 8
13:57:42.0702 1684 Com4Qlb ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0702 1684 Com4Qlb ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0706 1684 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0706 1684 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0712 1684 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0712 1684 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0721 1684 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0721 1684 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0725 1684 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0725 1684 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0730 1684 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0730 1684 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0731 1684 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0731 1684 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:42.0733 1684 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:42.0734 1684 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:54.0563 2824 Deinitialize success

Attached Files

•  mbam-log-2012-05-19 (10-00-26).txt   1.83K   7 downloads

[MrCharlie]

That looks OK.....

Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.
MrC

[Wofstar]

ComboFix 12-05-20.09 - AngelsBaby 05/20/2012 19:42:53.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4086.2523 [GMT -5:00]
Running from: c:\users\AngelsBaby\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SETC16F.tmp
c:\windows\setupact.log
.
.
((((((((((((((((((((((((( Files Created from 2012-04-21 to 2012-05-21 )))))))))))))))))))))))))))))))
.
.
2012-05-21 00:54 . 2012-05-21 00:54 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-21 00:54 . 2012-05-21 00:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-19 15:24 . 2012-05-19 15:24 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D51315D-8798-40A9-BB35-E9D0E86A1A18}\offreg.dll
2012-05-19 14:45 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D51315D-8798-40A9-BB35-E9D0E86A1A18}\mpengine.dll
2012-05-17 21:31 . 2012-05-17 21:36 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\HandBrake
2012-05-17 21:31 . 2012-05-17 21:31 -------- d-----w- c:\program files\Handbrake
2012-05-17 05:03 . 2012-05-17 05:03 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\PACE Anti-Piracy
2012-05-17 05:03 . 2012-05-17 05:03 -------- d-----w- c:\users\AngelsBaby\AppData\Local\PACE Anti-Piracy
2012-05-17 05:03 . 2012-05-17 05:03 -------- d-----w- c:\programdata\PACE Anti-Piracy
2012-05-17 05:02 . 2012-05-17 05:02 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\PDAppFlex
2012-05-17 05:02 . 2012-05-17 05:02 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-05-17 04:58 . 2012-05-17 04:58 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-05-17 04:58 . 2011-11-03 08:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2012-05-17 04:58 . 2011-10-17 08:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2012-05-17 04:58 . 2011-10-17 08:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2012-05-17 04:58 . 2012-05-17 04:58 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2012-05-17 04:57 . 2012-05-17 04:57 -------- d-----w- c:\program files (x86)\My Company Name
2012-05-17 03:56 . 2012-05-17 04:29 -------- d-----w- c:\users\AngelsBaby\Adobe Premiere Pro CS6
2012-05-17 03:55 . 2012-05-17 03:55 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-05-17 03:55 . 2012-05-17 03:55 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-05-13 17:11 . 2012-05-13 17:11 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-13 17:11 . 2012-05-13 17:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-10 02:11 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 02:10 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 02:10 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-10 02:09 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 02:09 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 02:09 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-10 02:09 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-10 02:08 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-10 02:08 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 02:08 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 02:08 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-10 02:08 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-10 02:08 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 05:15 . 2012-05-09 05:55 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\Magic Set Editor
2012-05-03 15:55 . 2012-05-03 15:55 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-03 15:55 . 2012-05-03 15:55 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-03 15:55 . 2012-05-03 15:55 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-05-02 02:38 . 2012-05-03 21:52 -------- d-----w- c:\programdata\Yahoo!
2012-05-02 02:20 . 2012-05-02 02:20 -------- d-----w- c:\windows\en
2012-05-02 02:16 . 2012-05-02 02:16 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DSETUP.dll
2012-05-02 02:16 . 2012-05-02 02:16 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\DXSETUP.exe
2012-05-02 02:16 . 2012-05-02 02:16 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\84377ed81cd280901\dsetup32.dll
2012-05-02 02:16 . 2012-05-02 02:16 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\848e79be1cd280902\MeshBetaRemover.exe
2012-04-24 15:13 . 2012-04-24 15:13 -------- d-----w- c:\program files (x86)\VitalSource Bookshelf
2012-04-22 06:55 . 2012-04-22 06:55 -------- d-----w- c:\users\AngelsBaby\AppData\Local\LogiShrd
2012-04-21 17:22 . 2012-04-21 17:22 -------- d-----w- c:\users\AngelsBaby\AppData\Local\Logitech® Webcam Software
2012-04-21 16:58 . 2012-04-21 16:58 -------- d-----w- c:\users\AngelsBaby\AppData\Roaming\Leadertech
2012-04-21 16:58 . 2012-04-21 16:58 53248 ----a-r- c:\users\AngelsBaby\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-04-21 16:55 . 2012-04-21 16:55 -------- d-----w- c:\programdata\Logitech
2012-04-21 16:55 . 2012-04-21 16:55 -------- d-----w- c:\program files (x86)\Common Files\LWS
2012-04-21 16:54 . 2012-04-21 16:54 -------- d-----w- c:\programdata\LogiShrd
2012-04-21 16:54 . 2012-04-21 16:59 -------- d-----w- c:\program files (x86)\Logitech
2012-04-21 16:42 . 2012-04-21 16:42 -------- d-----w- c:\program files\Real
2012-04-21 16:33 . 2009-08-20 04:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll
2012-04-21 16:29 . 2012-03-26 13:41 103864 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-04-21 16:27 . 2012-04-21 17:01 -------- d-----w- c:\program files (x86)\Common Files\logishrd
2012-04-21 16:27 . 2012-04-21 16:58 -------- d-----w- c:\program files\Common Files\logishrd
2012-04-21 16:25 . 2012-05-10 03:48 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-10 03:48 . 2011-06-18 16:04 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 20:56 . 2011-01-08 04:09 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-13 01:56 . 2008-07-31 15:16 947472 ----a-w- c:\windows\SysWow64\msjava.dll
2012-03-08 23:50 . 2012-03-08 23:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 23:37 . 2012-03-08 23:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-06 23:15 . 2011-06-16 06:41 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2011-06-16 06:41 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-06 23:15 . 2011-06-16 06:42 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:04 . 2011-06-16 06:42 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:04 . 2011-06-16 06:42 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2012-02-25 15:15 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01 . 2011-06-16 06:42 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2011-06-16 06:42 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2011-06-16 06:42 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-05 17:12 . 2011-02-02 07:47 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-01 06:46 . 2012-04-10 20:12 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-10 20:12 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-10 20:12 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-10 20:12 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-10 20:12 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-10 20:12 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-10 20:12 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-10 20:14 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-10 20:14 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-10 20:14 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-10 20:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-10 20:14 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-10 20:14 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-10 20:14 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-10 20:15 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-23 15:18 . 2010-12-13 07:20 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"Facebook Update"="c:\users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-11-13 137536]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-23 80896]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"QPService"="c:\program files (x86)\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"WAWifiMessage"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
c:\users\AngelsBaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HughesNetStatusMeter.lnk - c:\program files (x86)\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-15 1038088]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [x]
R3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-765764038-2876004717-2175413507-1000Core.job
- c:\users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 08:36]
.
2012-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-765764038-2876004717-2175413507-1000UA.job
- c:\users\AngelsBaby\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 08:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2007-10-09 5429760]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1702400]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-24 178712]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 701440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 363544]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 67.142.162.12 67.142.162.13
FF - ProfilePath - c:\users\AngelsBaby\AppData\Roaming\Mozilla\Firefox\Profiles\vren65jd.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-765764038-2876004717-2175413507-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-765764038-2876004717-2175413507-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
.
**************************************************************************
.
Completion time: 2012-05-20 20:03:02 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-21 01:03
ComboFix2.txt 2011-02-23 07:40
.
Pre-Run: 106,643,369,984 bytes free
Post-Run: 107,604,111,360 bytes free
.
- - End Of File - - 94DE6008F96765671959940627354AB1

Attached Files

•  ComboFix.txt   23.85K   3 downloads

[MrCharlie]

That looked OK....please do this:

Download aswMBR to your desktop.
http://public.avast....erek/aswMBR.exe
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

Please zip it up and attach it to your next post.

MrC

[Wofstar]

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-22 01:41:36
-----------------------------
01:41:36.200 OS Version: Windows x64 6.1.7601 Service Pack 1
01:41:36.200 Number of processors: 2 586 0xF0D
01:41:36.202 ComputerName: ANGELSBABY-LT UserName: AngelsBaby
01:41:37.664 Initialize success
01:41:38.128 AVAST engine defs: 12052101
01:41:46.210 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
01:41:46.212 Disk 0 Vendor: TOSHIBA_ LV01 Size: 238475MB BusType: 3
01:41:46.253 Disk 0 MBR read successfully
01:41:46.256 Disk 0 MBR scan
01:41:46.260 Disk 0 Windows 7 default MBR code
01:41:46.263 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 225278 MB offset 63
01:41:46.296 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13194 MB offset 461370735
01:41:46.334 Disk 0 scanning C:\Windows\system32\drivers
01:41:57.011 Service scanning
01:42:29.786 Modules scanning
01:42:29.794 Disk 0 trace - called modules:
01:42:29.837 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:42:29.841 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004888060]
01:42:29.848 3 CLASSPNP.SYS[fffff88001b8e43f] -> nt!IofCallDriver -> [0xfffffa80046eaa10]
01:42:29.853 5 ACPI.sys[fffff88000faf7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa80046eb050]
01:42:30.662 AVAST engine scan C:\Windows
01:42:33.929 AVAST engine scan C:\Windows\system32
01:45:10.365 AVAST engine scan C:\Windows\system32\drivers
01:45:23.912 AVAST engine scan C:\Users\AngelsBaby
01:53:31.065 Disk 0 MBR has been saved successfully to "C:\Users\AngelsBaby\Desktop\MBR.dat"
01:53:31.094 The log file has been saved successfully to "C:\Users\AngelsBaby\Desktop\aswMBR.txt"

[MrCharlie]

Not much showing so far.........

Please download OTL from one of the links below:
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.
Double click on the icon on your desktop.
Click the Scan All Users checkbox.
Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)
OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized

MrC

[Wofstar]

Here's the logs:

Attached Files

•  OTL.Txt   103.28K   4 downloads
•  Extras.Txt   88.32K   4 downloads

[MrCharlie]

Not much showing....

Please do this:
Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL
  IE - HKU\S-1-5-21-765764038-2876004717-2175413507-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
  :Commands
  [EMPTYJAVA]
  [emptytemp]
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  
• Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

MrC

[Wofstar]

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-765764038-2876004717-2175413507-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: AngelsBaby
->Java cache emptied: 77072248 bytes

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 74.00 mb


[EMPTYTEMP]

User: All Users

User: AngelsBaby
->Temp folder emptied: 18217756 bytes
->Temporary Internet Files folder emptied: 15412078 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1073519875 bytes
->Flash cache emptied: 252321890 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 36864 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47582 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,297.00 mb


OTL by OldTimer - Version 3.2.43.1 log created on 05222012_185359

Files\Folders moved on Reboot...
C:\Users\AngelsBaby\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please update and run a scan with your avast! Antivirus

Please let me know how it is, MrC

[Wofstar]

Both found no threats, would you like the reports?

[MrCharlie]

No if nothing was found, I don't need to see them.

How is the computer running now?? MrC

[Wofstar]

Its running a lot faster, and I haven't encountered any programs that "blah..is not responding" thus far.

[MrCharlie]

Great

A little clean up to do....

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /



Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-------------------------------

You have out date Java on the system, older versions are vulnerable to malware.

Please go to your control panels add/remove programs and uninstall these:

Java Auto Updater
Java™ 6 Update 31

Then download and install the latest version Java™ 7 Update 4.

http://www.java.com/...load/manual.jsp <---latest version

http://www.java.com/...d/installed.jsp <---verify your Java

-----------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC