ctruong333

I will reset all passwords.....but I am not sure I have the OS disks. I MUST work on my laptop. Would it be possible to clean the laptop and then reinstall after I have received the OS disks?

This is horrible news. I use this laptop for EVERYTHING. I wil review your recommendations. I am afraid that I let the AV expire on all my PCs recently. Thank you for your help. Christopher

Thank you for helping me. I have been very worried about this as this is the laptop I use for my freelance business.

11:44:34.0079 5140 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 11:44:34.0625 5140 ============================================================ 11:44:34.0625 5140 Current date / time: 2012/04/15 11:44:34.0625 11:44:34.0625 5140 SystemInfo: 11:44:34.0625 5140 11:44:34.0625 5140 OS Version: 6.1.7601 ServicePack: 1.0 11:44:34.0625 5140 Product type: Workstation 11:44:34.0626 5140 ComputerName: CHRISTOPHER-NB 11:44:34.0626 5140 UserName: Christopher 11:44:34.0626 5140 Windows directory: C:\Windows 11:44:34.0626 5140 System windows directory: C:\Windows 11:44:34.0626 5140 Running under WOW64 11:44:34.0626 5140 Processor architecture: Intel x64 11:44:34.0626 5140 Number of processors: 4 11:44:34.0626 5140 Page size: 0x1000 11:44:34.0626 5140 Boot type: Normal boot 11:44:34.0626 5140 ============================================================ 11:44:35.0700 5140 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:44:35.0707 5140 \Device\Harddisk0\DR0: 11:44:35.0707 5140 MBR used 11:44:35.0707 5140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 11:44:35.0707 5140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x387E9800 11:44:35.0707 5140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3884D800, BlocksNum 0x1B04800 11:44:35.0707 5140 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830 11:44:35.0811 5140 Initialize success 11:44:35.0811 5140 ============================================================ 11:45:02.0341 5088 ============================================================ 11:45:02.0341 5088 Scan started 11:45:02.0342 5088 Mode: Manual; 11:45:02.0342 5088 ============================================================ 11:45:04.0787 5088 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:45:04.0793 5088 1394ohci - ok 11:45:04.0868 5088 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:45:04.0872 5088 ACPI - ok 11:45:04.0982 5088 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:45:04.0993 5088 AcpiPmi - ok 11:45:05.0360 5088 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:45:05.0364 5088 AdobeFlashPlayerUpdateSvc - ok 11:45:05.0475 5088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:45:05.0486 5088 adp94xx - ok 11:45:05.0544 5088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:45:05.0552 5088 adpahci - ok 11:45:05.0647 5088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:45:05.0653 5088 adpu320 - ok 11:45:05.0710 5088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 11:45:05.0713 5088 AeLookupSvc - ok 11:45:05.0807 5088 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:45:05.0818 5088 AFD - ok 11:45:05.0922 5088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:45:05.0925 5088 agp440 - ok 11:45:05.0967 5088 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 11:45:05.0970 5088 ALG - ok 11:45:06.0116 5088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:45:06.0119 5088 aliide - ok 11:45:06.0334 5088 AMD External Events Utility (7842f4961f28022a881f85bb7494ac6d) C:\Windows\system32\atiesrxx.exe 11:45:06.0340 5088 AMD External Events Utility - ok 11:45:06.0406 5088 AMD FUEL Service - ok 11:45:06.0468 5088 AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe 11:45:06.0473 5088 AMD Reservation Manager - ok 11:45:06.0582 5088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:45:06.0584 5088 amdide - ok 11:45:06.0727 5088 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 11:45:06.0730 5088 amdiox64 - ok 11:45:06.0830 5088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:45:06.0833 5088 AmdK8 - ok 11:45:07.0154 5088 amdkmdag (cf5fc8d37f10c9c374ae6d990c9d2cd7) C:\Windows\system32\DRIVERS\atikmdag.sys 11:45:07.0348 5088 amdkmdag - ok 11:45:07.0477 5088 amdkmdap (2bd89cb34b67edc64e741aa3864d8c1a) C:\Windows\system32\DRIVERS\atikmpag.sys 11:45:07.0483 5088 amdkmdap - ok 11:45:07.0573 5088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 11:45:07.0575 5088 AmdPPM - ok 11:45:07.0661 5088 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:45:07.0664 5088 amdsata - ok 11:45:07.0766 5088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:45:07.0770 5088 amdsbs - ok 11:45:07.0871 5088 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:45:07.0873 5088 amdxata - ok 11:45:07.0914 5088 amd_sata (6363014d5e4ccd280fb4902ec3c2ccfe) C:\Windows\system32\DRIVERS\amd_sata.sys 11:45:07.0916 5088 amd_sata - ok 11:45:07.0972 5088 amd_xata (51a5aed2a4cceda6addcf3194c9b29eb) C:\Windows\system32\DRIVERS\amd_xata.sys 11:45:07.0974 5088 amd_xata - ok 11:45:08.0017 5088 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:45:08.0020 5088 AppID - ok 11:45:08.0086 5088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 11:45:08.0089 5088 AppIDSvc - ok 11:45:08.0114 5088 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 11:45:08.0117 5088 Appinfo - ok 11:45:08.0168 5088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:45:08.0170 5088 arc - ok 11:45:08.0226 5088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:45:08.0230 5088 arcsas - ok 11:45:08.0288 5088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:45:08.0289 5088 AsyncMac - ok 11:45:08.0362 5088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:45:08.0366 5088 atapi - ok 11:45:08.0472 5088 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys 11:45:08.0474 5088 AtiHdmiService - ok 11:45:08.0619 5088 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys 11:45:08.0620 5088 AtiPcie - ok 11:45:08.0716 5088 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:45:08.0725 5088 AudioEndpointBuilder - ok 11:45:08.0745 5088 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:45:08.0756 5088 AudioSrv - ok 11:45:08.0845 5088 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 11:45:08.0849 5088 AxInstSV - ok 11:45:08.0980 5088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:45:08.0994 5088 b06bdrv - ok 11:45:09.0091 5088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:45:09.0098 5088 b57nd60a - ok 11:45:09.0228 5088 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 11:45:09.0247 5088 BCM43XX - ok 11:45:09.0278 5088 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 11:45:09.0281 5088 BDESVC - ok 11:45:09.0357 5088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:45:09.0358 5088 Beep - ok 11:45:09.0419 5088 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 11:45:09.0430 5088 BFE - ok 11:45:09.0675 5088 BHDrvx64 (cd0ecb395666fc9ae23d7381e9e3370d) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111027.001\BHDrvx64.sys 11:45:09.0689 5088 BHDrvx64 - ok 11:45:09.0805 5088 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 11:45:09.0853 5088 BITS - ok 11:45:09.0947 5088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:45:09.0950 5088 blbdrive - ok 11:45:10.0032 5088 Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 11:45:10.0038 5088 Bonjour Service - ok 11:45:10.0137 5088 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:45:10.0153 5088 bowser - ok 11:45:10.0284 5088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:45:10.0286 5088 BrFiltLo - ok 11:45:10.0311 5088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:45:10.0314 5088 BrFiltUp - ok 11:45:10.0377 5088 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 11:45:10.0382 5088 Browser - ok 11:45:10.0458 5088 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:45:10.0465 5088 Brserid - ok 11:45:10.0501 5088 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:45:10.0503 5088 BrSerWdm - ok 11:45:10.0588 5088 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:45:10.0590 5088 BrUsbMdm - ok 11:45:10.0613 5088 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:45:10.0615 5088 BrUsbSer - ok 11:45:10.0678 5088 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:45:10.0680 5088 BTHMODEM - ok 11:45:10.0810 5088 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 11:45:10.0813 5088 bthserv - ok 11:45:10.0841 5088 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:45:10.0844 5088 cdfs - ok 11:45:10.0927 5088 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:45:10.0938 5088 cdrom - ok 11:45:11.0022 5088 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:45:11.0025 5088 CertPropSvc - ok 11:45:11.0065 5088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:45:11.0066 5088 circlass - ok 11:45:11.0135 5088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:45:11.0144 5088 CLFS - ok 11:45:11.0217 5088 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:45:11.0221 5088 clr_optimization_v2.0.50727_32 - ok 11:45:11.0304 5088 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:45:11.0308 5088 clr_optimization_v2.0.50727_64 - ok 11:45:11.0439 5088 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:45:11.0442 5088 clr_optimization_v4.0.30319_32 - ok 11:45:11.0487 5088 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:45:11.0492 5088 clr_optimization_v4.0.30319_64 - ok 11:45:11.0583 5088 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 11:45:11.0585 5088 clwvd - ok 11:45:11.0621 5088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:45:11.0624 5088 CmBatt - ok 11:45:11.0699 5088 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:45:11.0702 5088 cmdide - ok 11:45:11.0741 5088 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 11:45:11.0748 5088 CNG - ok 11:45:11.0852 5088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:45:11.0853 5088 Compbatt - ok 11:45:11.0875 5088 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:45:11.0877 5088 CompositeBus - ok 11:45:11.0938 5088 COMSysApp - ok 11:45:11.0979 5088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:45:12.0011 5088 crcdisk - ok 11:45:12.0115 5088 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 11:45:12.0121 5088 CryptSvc - ok 11:45:12.0213 5088 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:45:12.0226 5088 DcomLaunch - ok 11:45:12.0293 5088 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 11:45:12.0300 5088 defragsvc - ok 11:45:12.0395 5088 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:45:12.0398 5088 DfsC - ok 11:45:12.0457 5088 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 11:45:12.0462 5088 Dhcp - ok 11:45:12.0621 5088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:45:12.0624 5088 discache - ok 11:45:12.0720 5088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:45:12.0723 5088 Disk - ok 11:45:12.0794 5088 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 11:45:12.0799 5088 Dnscache - ok 11:45:12.0831 5088 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 11:45:12.0836 5088 dot3svc - ok 11:45:12.0892 5088 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 11:45:12.0895 5088 DPS - ok 11:45:12.0932 5088 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:45:12.0933 5088 drmkaud - ok 11:45:13.0032 5088 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:45:13.0053 5088 DXGKrnl - ok 11:45:13.0136 5088 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 11:45:13.0139 5088 EapHost - ok 11:45:13.0265 5088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:45:13.0328 5088 ebdrv - ok 11:45:13.0406 5088 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 11:45:13.0413 5088 eeCtrl - ok 11:45:13.0480 5088 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 11:45:13.0483 5088 EFS - ok 11:45:13.0569 5088 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 11:45:13.0587 5088 ehRecvr - ok 11:45:13.0637 5088 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 11:45:13.0646 5088 ehSched - ok 11:45:13.0732 5088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:45:13.0741 5088 elxstor - ok 11:45:13.0836 5088 EraserUtilRebootDrv (dcb76ecc6b50a266fdc16e1963ab98ce) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 11:45:13.0840 5088 EraserUtilRebootDrv - ok 11:45:13.0921 5088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:45:13.0923 5088 ErrDev - ok 11:45:14.0004 5088 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 11:45:14.0014 5088 EventSystem - ok 11:45:14.0093 5088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:45:14.0096 5088 exfat - ok 11:45:14.0181 5088 ezSharedSvc - ok 11:45:14.0230 5088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:45:14.0234 5088 fastfat - ok 11:45:14.0320 5088 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 11:45:14.0332 5088 Fax - ok 11:45:14.0397 5088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:45:14.0403 5088 fdc - ok 11:45:14.0540 5088 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 11:45:14.0543 5088 fdPHost - ok 11:45:14.0569 5088 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 11:45:14.0572 5088 FDResPub - ok 11:45:14.0653 5088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:45:14.0656 5088 FileInfo - ok 11:45:14.0681 5088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:45:14.0683 5088 Filetrace - ok 11:45:14.0869 5088 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 11:45:14.0884 5088 FLEXnet Licensing Service - ok 11:45:15.0098 5088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:45:15.0124 5088 flpydisk - ok 11:45:15.0326 5088 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:45:15.0334 5088 FltMgr - ok 11:45:15.0426 5088 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 11:45:15.0450 5088 FontCache - ok 11:45:15.0528 5088 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:45:15.0529 5088 FontCache3.0.0.0 - ok 11:45:15.0605 5088 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:45:15.0607 5088 FsDepends - ok 11:45:15.0694 5088 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 11:45:15.0696 5088 Fs_Rec - ok 11:45:15.0800 5088 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:45:15.0807 5088 fvevol - ok 11:45:15.0898 5088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:45:15.0900 5088 gagp30kx - ok 11:45:15.0950 5088 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 11:45:15.0970 5088 gpsvc - ok 11:45:16.0071 5088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:45:16.0073 5088 hcw85cir - ok 11:45:16.0178 5088 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:45:16.0187 5088 HdAudAddService - ok 11:45:16.0233 5088 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 11:45:16.0237 5088 HDAudBus - ok 11:45:16.0305 5088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:45:16.0307 5088 HidBatt - ok 11:45:16.0327 5088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:45:16.0337 5088 HidBth - ok 11:45:16.0447 5088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:45:16.0448 5088 HidIr - ok 11:45:16.0486 5088 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 11:45:16.0488 5088 hidserv - ok 11:45:16.0643 5088 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:45:16.0646 5088 HidUsb - ok 11:45:16.0762 5088 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 11:45:16.0768 5088 hkmsvc - ok 11:45:16.0803 5088 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 11:45:16.0812 5088 HomeGroupListener - ok 11:45:16.0843 5088 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 11:45:16.0850 5088 HomeGroupProvider - ok 11:45:16.0904 5088 HP Health Check Service - ok 11:45:16.0986 5088 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 11:45:16.0996 5088 HPClientSvc - ok 11:45:17.0103 5088 hpCMSrv - ok 11:45:17.0117 5088 HPDrvMntSvc.exe - ok 11:45:17.0129 5088 hpqwmiex - ok 11:45:17.0226 5088 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:45:17.0230 5088 HpSAMD - ok 11:45:17.0312 5088 HPWMISVC - ok 11:45:17.0414 5088 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:45:17.0430 5088 HTTP - ok 11:45:17.0443 5088 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:45:17.0444 5088 hwpolicy - ok 11:45:17.0541 5088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 11:45:17.0544 5088 i8042prt - ok 11:45:17.0597 5088 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:45:17.0604 5088 iaStorV - ok 11:45:17.0734 5088 IconMan_R (2c3cc41fefcb77e2826886e6b7ef93ae) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 11:45:17.0768 5088 IconMan_R - ok 11:45:17.0901 5088 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:45:17.0934 5088 idsvc - ok 11:45:18.0098 5088 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20111104.030\IDSvia64.sys 11:45:18.0133 5088 IDSVia64 - ok 11:45:18.0256 5088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:45:18.0273 5088 iirsp - ok 11:45:18.0528 5088 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 11:45:18.0562 5088 IKEEXT - ok 11:45:18.0801 5088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:45:18.0804 5088 intelide - ok 11:45:19.0038 5088 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 11:45:19.0041 5088 intelppm - ok 11:45:19.0284 5088 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 11:45:19.0287 5088 IPBusEnum - ok 11:45:19.0448 5088 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:45:19.0451 5088 IpFilterDriver - ok 11:45:19.0541 5088 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 11:45:19.0550 5088 iphlpsvc - ok 11:45:19.0620 5088 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:45:19.0622 5088 IPMIDRV - ok 11:45:19.0652 5088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:45:19.0654 5088 IPNAT - ok 11:45:19.0736 5088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:45:19.0738 5088 IRENUM - ok 11:45:19.0771 5088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:45:19.0773 5088 isapnp - ok 11:45:19.0809 5088 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:45:19.0817 5088 iScsiPrt - ok 11:45:19.0897 5088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 11:45:19.0898 5088 kbdclass - ok 11:45:19.0940 5088 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:45:19.0941 5088 kbdhid - ok 11:45:20.0113 5088 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:45:20.0116 5088 KeyIso - ok 11:45:20.0330 5088 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 11:45:20.0332 5088 KSecDD - ok 11:45:20.0563 5088 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 11:45:20.0567 5088 KSecPkg - ok 11:45:20.0808 5088 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:45:20.0810 5088 ksthunk - ok 11:45:20.0970 5088 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 11:45:20.0977 5088 KtmRm - ok 11:45:21.0203 5088 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 11:45:21.0226 5088 LanmanServer - ok 11:45:21.0410 5088 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 11:45:21.0417 5088 LanmanWorkstation - ok 11:45:21.0553 5088 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:45:21.0555 5088 lltdio - ok 11:45:21.0607 5088 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 11:45:21.0638 5088 lltdsvc - ok 11:45:21.0808 5088 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 11:45:21.0810 5088 lmhosts - ok 11:45:22.0017 5088 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:45:22.0020 5088 LSI_FC - ok 11:45:22.0271 5088 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:45:22.0274 5088 LSI_SAS - ok 11:45:22.0524 5088 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:45:22.0528 5088 LSI_SAS2 - ok 11:45:22.0737 5088 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:45:22.0741 5088 LSI_SCSI - ok 11:45:22.0935 5088 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:45:22.0938 5088 luafv - ok 11:45:23.0091 5088 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 11:45:23.0122 5088 MBAMProtector - ok 11:45:23.0293 5088 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:45:23.0300 5088 MBAMService - ok 11:45:23.0476 5088 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 11:45:23.0482 5088 Mcx2Svc - ok 11:45:23.0702 5088 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:45:23.0705 5088 megasas - ok 11:45:23.0916 5088 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:45:23.0924 5088 MegaSR - ok 11:45:24.0025 5088 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:45:24.0028 5088 MMCSS - ok 11:45:24.0151 5088 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:45:24.0177 5088 Modem - ok 11:45:24.0428 5088 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:45:24.0432 5088 monitor - ok 11:45:24.0622 5088 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:45:24.0645 5088 mouclass - ok 11:45:24.0827 5088 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:45:24.0829 5088 mouhid - ok 11:45:24.0895 5088 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:45:24.0898 5088 mountmgr - ok 11:45:24.0977 5088 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:45:24.0982 5088 mpio - ok 11:45:25.0093 5088 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:45:25.0127 5088 mpsdrv - ok 11:45:25.0220 5088 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 11:45:25.0262 5088 MpsSvc - ok 11:45:25.0375 5088 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:45:25.0379 5088 MRxDAV - ok 11:45:25.0418 5088 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:45:25.0422 5088 mrxsmb - ok 11:45:25.0500 5088 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:45:25.0507 5088 mrxsmb10 - ok 11:45:25.0541 5088 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:45:25.0545 5088 mrxsmb20 - ok 11:45:25.0627 5088 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:45:25.0629 5088 msahci - ok 11:45:25.0674 5088 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:45:25.0678 5088 msdsm - ok 11:45:25.0751 5088 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 11:45:25.0757 5088 MSDTC - ok 11:45:25.0820 5088 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:45:25.0822 5088 Msfs - ok 11:45:25.0879 5088 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:45:25.0881 5088 mshidkmdf - ok 11:45:25.0916 5088 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:45:25.0918 5088 msisadrv - ok 11:45:26.0012 5088 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 11:45:26.0017 5088 MSiSCSI - ok 11:45:26.0027 5088 msiserver - ok 11:45:26.0080 5088 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:45:26.0082 5088 MSKSSRV - ok 11:45:26.0154 5088 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:45:26.0156 5088 MSPCLOCK - ok 11:45:26.0215 5088 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:45:26.0218 5088 MSPQM - ok 11:45:26.0297 5088 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:45:26.0306 5088 MsRPC - ok 11:45:26.0350 5088 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:45:26.0353 5088 mssmbios - ok 11:45:26.0611 5088 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:45:26.0614 5088 MSTEE - ok 11:45:26.0732 5088 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:45:26.0735 5088 MTConfig - ok 11:45:26.0854 5088 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:45:26.0857 5088 Mup - ok 11:45:26.0918 5088 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 11:45:26.0933 5088 napagent - ok 11:45:27.0062 5088 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:45:27.0094 5088 NativeWifiP - ok 11:45:27.0243 5088 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20111106.009\ENG64.SYS 11:45:27.0268 5088 NAVENG - ok 11:45:27.0611 5088 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20111106.009\EX64.SYS 11:45:27.0638 5088 NAVEX15 - ok 11:45:27.0729 5088 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 11:45:27.0743 5088 NDIS - ok 11:45:27.0834 5088 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:45:27.0835 5088 NdisCap - ok 11:45:27.0900 5088 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:45:27.0902 5088 NdisTapi - ok 11:45:27.0941 5088 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:45:27.0943 5088 Ndisuio - ok 11:45:28.0005 5088 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:45:28.0010 5088 NdisWan - ok 11:45:28.0027 5088 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:45:28.0029 5088 NDProxy - ok 11:45:28.0072 5088 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:45:28.0074 5088 NetBIOS - ok 11:45:28.0136 5088 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:45:28.0141 5088 NetBT - ok 11:45:28.0169 5088 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:45:28.0173 5088 Netlogon - ok 11:45:28.0220 5088 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 11:45:28.0252 5088 Netman - ok 11:45:28.0370 5088 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 11:45:28.0382 5088 netprofm - ok 11:45:28.0625 5088 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:45:28.0649 5088 NetTcpPortSharing - ok 11:45:28.0845 5088 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:45:28.0848 5088 nfrd960 - ok 11:45:29.0048 5088 NIS (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe 11:45:29.0052 5088 NIS - ok 11:45:29.0221 5088 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 11:45:29.0250 5088 NlaSvc - ok 11:45:29.0483 5088 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:45:29.0485 5088 Npfs - ok 11:45:29.0796 5088 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 11:45:29.0799 5088 nsi - ok 11:45:29.0965 5088 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:45:29.0967 5088 nsiproxy - ok 11:45:30.0233 5088 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:45:30.0280 5088 Ntfs - ok 11:45:30.0402 5088 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:45:30.0418 5088 Null - ok 11:45:30.0656 5088 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 11:45:30.0662 5088 NVENETFD - ok 11:45:30.0825 5088 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:45:30.0848 5088 nvraid - ok 11:45:31.0069 5088 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:45:31.0072 5088 nvstor - ok 11:45:31.0276 5088 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:45:31.0280 5088 nv_agp - ok 11:45:31.0509 5088 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:45:31.0537 5088 ohci1394 - ok 11:45:31.0716 5088 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:45:31.0719 5088 ose - ok 11:45:31.0875 5088 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:45:31.0881 5088 p2pimsvc - ok 11:45:32.0000 5088 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 11:45:32.0007 5088 p2psvc - ok 11:45:32.0052 5088 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:45:32.0054 5088 Parport - ok 11:45:32.0325 5088 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 11:45:32.0328 5088 partmgr - ok 11:45:32.0471 5088 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 11:45:32.0476 5088 PcaSvc - ok 11:45:32.0573 5088 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:45:32.0578 5088 pci - ok 11:45:32.0739 5088 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:45:32.0741 5088 pciide - ok 11:45:32.0931 5088 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:45:32.0935 5088 pcmcia - ok 11:45:33.0014 5088 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:45:33.0016 5088 pcw - ok 11:45:33.0115 5088 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:45:33.0125 5088 PEAUTH - ok 11:45:33.0198 5088 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 11:45:33.0201 5088 PerfHost - ok 11:45:33.0300 5088 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 11:45:33.0318 5088 pla - ok 11:45:33.0398 5088 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 11:45:33.0408 5088 PlugPlay - ok 11:45:33.0438 5088 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 11:45:33.0440 5088 PNRPAutoReg - ok 11:45:33.0553 5088 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:45:33.0559 5088 PNRPsvc - ok 11:45:33.0589 5088 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 11:45:33.0597 5088 PolicyAgent - ok 11:45:33.0676 5088 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 11:45:33.0682 5088 Power - ok 11:45:33.0872 5088 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:45:33.0875 5088 PptpMiniport - ok 11:45:34.0011 5088 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:45:34.0013 5088 Processor - ok 11:45:34.0089 5088 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 11:45:34.0093 5088 ProfSvc - ok 11:45:34.0158 5088 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:45:34.0160 5088 ProtectedStorage - ok 11:45:34.0331 5088 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:45:34.0333 5088 Psched - ok 11:45:34.0726 5088 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:45:34.0819 5088 ql2300 - ok 11:45:35.0109 5088 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:45:35.0112 5088 ql40xx - ok 11:45:35.0228 5088 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 11:45:35.0235 5088 QWAVE - ok 11:45:35.0307 5088 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:45:35.0336 5088 QWAVEdrv - ok 11:45:35.0543 5088 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:45:35.0545 5088 RasAcd - ok 11:45:35.0679 5088 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:45:35.0681 5088 RasAgileVpn - ok 11:45:35.0767 5088 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 11:45:35.0773 5088 RasAuto - ok 11:45:35.0878 5088 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:45:35.0881 5088 Rasl2tp - ok 11:45:35.0992 5088 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 11:45:36.0011 5088 RasMan - ok 11:45:36.0195 5088 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:45:36.0199 5088 RasPppoe - ok 11:45:36.0554 5088 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:45:36.0558 5088 RasSstp - ok 11:45:36.0827 5088 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:45:36.0834 5088 rdbss - ok 11:45:36.0942 5088 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 11:45:36.0970 5088 rdpbus - ok 11:45:37.0131 5088 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:45:37.0133 5088 RDPCDD - ok 11:45:37.0370 5088 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:45:37.0372 5088 RDPENCDD - ok 11:45:37.0567 5088 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:45:37.0569 5088 RDPREFMP - ok 11:45:37.0795 5088 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 11:45:37.0799 5088 RDPWD - ok 11:45:37.0990 5088 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:45:37.0993 5088 rdyboost - ok 11:45:38.0147 5088 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 11:45:38.0150 5088 RemoteAccess - ok 11:45:38.0320 5088 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 11:45:38.0324 5088 RemoteRegistry - ok 11:45:38.0654 5088 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys 11:45:38.0752 5088 Revoflt - ok 11:45:38.0881 5088 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 11:45:38.0907 5088 RoxioNow Service - ok 11:45:39.0107 5088 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 11:45:39.0112 5088 RpcEptMapper - ok 11:45:39.0314 5088 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 11:45:39.0345 5088 RpcLocator - ok 11:45:39.0470 5088 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:45:39.0478 5088 RpcSs - ok 11:45:39.0792 5088 RSPCIESTOR (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys 11:45:39.0819 5088 RSPCIESTOR - ok 11:45:40.0170 5088 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:45:40.0173 5088 rspndr - ok 11:45:40.0393 5088 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys 11:45:40.0403 5088 RTL8167 - ok 11:45:40.0822 5088 RTL8192Ce (5fa2f4f658fca7816a5ff6980b95c5f9) C:\Windows\system32\DRIVERS\rtl8192Ce.sys 11:45:40.0839 5088 RTL8192Ce - ok 11:45:40.0980 5088 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:45:40.0982 5088 SamSs - ok 11:45:41.0166 5088 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:45:41.0168 5088 sbp2port - ok 11:45:41.0379 5088 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 11:45:41.0389 5088 SCardSvr - ok 11:45:41.0646 5088 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:45:41.0649 5088 scfilter - ok 11:45:41.0893 5088 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 11:45:41.0916 5088 Schedule - ok 11:45:42.0234 5088 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:45:42.0237 5088 SCPolicySvc - ok 11:45:42.0364 5088 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 11:45:42.0372 5088 sdbus - ok 11:45:42.0588 5088 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 11:45:42.0596 5088 SDRSVC - ok 11:45:42.0853 5088 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:45:42.0855 5088 secdrv - ok 11:45:43.0182 5088 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 11:45:43.0187 5088 seclogon - ok 11:45:43.0323 5088 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 11:45:43.0329 5088 SENS - ok 11:45:43.0487 5088 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 11:45:43.0493 5088 SensrSvc - ok 11:45:43.0622 5088 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:45:43.0624 5088 Serenum - ok 11:45:43.0695 5088 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:45:43.0699 5088 Serial - ok 11:45:43.0743 5088 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:45:43.0759 5088 sermouse - ok 11:45:43.0831 5088 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 11:45:43.0835 5088 SessionEnv - ok 11:45:43.0871 5088 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:45:43.0873 5088 sffdisk - ok 11:45:43.0888 5088 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:45:43.0889 5088 sffp_mmc - ok 11:45:43.0947 5088 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:45:43.0948 5088 sffp_sd - ok 11:45:43.0977 5088 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:45:43.0978 5088 sfloppy - ok 11:45:44.0012 5088 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 11:45:44.0018 5088 SharedAccess - ok 11:45:44.0081 5088 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 11:45:44.0088 5088 ShellHWDetection - ok 11:45:44.0129 5088 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:45:44.0131 5088 SiSRaid2 - ok 11:45:44.0206 5088 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:45:44.0208 5088 SiSRaid4 - ok 11:45:44.0262 5088 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:45:44.0265 5088 Smb - ok 11:45:44.0341 5088 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 11:45:44.0344 5088 SNMPTRAP - ok 11:45:44.0390 5088 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:45:44.0395 5088 spldr - ok 11:45:44.0627 5088 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 11:45:44.0636 5088 Spooler - ok 11:45:44.0778 5088 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 11:45:44.0871 5088 sppsvc - ok 11:45:44.0991 5088 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 11:45:44.0994 5088 sppuinotify - ok 11:45:45.0129 5088 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS 11:45:45.0140 5088 SRTSP - ok 11:45:45.0316 5088 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS 11:45:45.0317 5088 SRTSPX - ok 11:45:45.0507 5088 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:45:45.0513 5088 srv - ok 11:45:45.0668 5088 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:45:45.0674 5088 srv2 - ok 11:45:45.0769 5088 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 11:45:45.0810 5088 SrvHsfHDA - ok 11:45:46.0043 5088 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 11:45:46.0080 5088 SrvHsfV92 - ok 11:45:46.0293 5088 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 11:45:46.0310 5088 SrvHsfWinac - ok 11:45:46.0437 5088 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:45:46.0442 5088 srvnet - ok 11:45:46.0604 5088 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 11:45:46.0612 5088 SSDPSRV - ok 11:45:46.0636 5088 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 11:45:46.0642 5088 SstpSvc - ok 11:45:46.0830 5088 STacSV (293a556e04f815477ae93e07b35065e6) C:\Program Files\IDT\WDM\STacSV64.exe 11:45:46.0834 5088 STacSV - ok 11:45:47.0015 5088 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:45:47.0017 5088 stexstor - ok 11:45:47.0144 5088 STHDA (aa3c0336514c239a171f00a6902b59b8) C:\Windows\system32\DRIVERS\stwrt64.sys 11:45:47.0152 5088 STHDA - ok 11:45:47.0238 5088 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 11:45:47.0248 5088 stisvc - ok 11:45:47.0328 5088 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:45:47.0330 5088 swenum - ok 11:45:47.0373 5088 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 11:45:47.0389 5088 swprv - ok 11:45:47.0514 5088 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS 11:45:47.0522 5088 SymDS - ok 11:45:47.0658 5088 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS 11:45:47.0677 5088 SymEFA - ok 11:45:47.0756 5088 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 11:45:47.0762 5088 SymEvent - ok 11:45:47.0820 5088 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS 11:45:47.0830 5088 SymIRON - ok 11:45:47.0938 5088 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS 11:45:47.0946 5088 SymNetS - ok 11:45:48.0011 5088 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys 11:45:48.0030 5088 SynTP - ok 11:45:48.0137 5088 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 11:45:48.0165 5088 SysMain - ok 11:45:48.0182 5088 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 11:45:48.0187 5088 TabletInputService - ok 11:45:48.0267 5088 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 11:45:48.0278 5088 TapiSrv - ok 11:45:48.0297 5088 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 11:45:48.0303 5088 TBS - ok 11:45:48.0413 5088 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 11:45:48.0456 5088 Tcpip - ok 11:45:48.0736 5088 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 11:45:48.0762 5088 TCPIP6 - ok 11:45:48.0935 5088 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:45:48.0939 5088 tcpipreg - ok 11:45:48.0983 5088 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:45:48.0985 5088 TDPIPE - ok 11:45:49.0045 5088 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 11:45:49.0047 5088 TDTCP - ok 11:45:49.0080 5088 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:45:49.0084 5088 tdx - ok 11:45:49.0285 5088 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:45:49.0288 5088 TermDD - ok 11:45:49.0407 5088 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 11:45:49.0423 5088 TermService - ok 11:45:49.0451 5088 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 11:45:49.0454 5088 Themes - ok 11:45:49.0527 5088 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:45:49.0531 5088 THREADORDER - ok 11:45:49.0593 5088 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 11:45:49.0599 5088 TrkWks - ok 11:45:49.0642 5088 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 11:45:49.0644 5088 TrustedInstaller - ok 11:45:49.0718 5088 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:45:49.0719 5088 tssecsrv - ok 11:45:49.0767 5088 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:45:49.0770 5088 TsUsbFlt - ok 11:45:49.0849 5088 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 11:45:49.0860 5088 TsUsbGD - ok 11:45:49.0912 5088 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:45:49.0918 5088 tunnel - ok 11:45:50.0070 5088 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:45:50.0073 5088 uagp35 - ok 11:45:50.0096 5088 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:45:50.0111 5088 udfs - ok 11:45:50.0179 5088 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 11:45:50.0182 5088 UI0Detect - ok 11:45:50.0212 5088 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:45:50.0214 5088 uliagpkx - ok 11:45:50.0303 5088 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 11:45:50.0306 5088 umbus - ok 11:45:50.0342 5088 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 11:45:50.0344 5088 UmPass - ok 11:45:50.0466 5088 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 11:45:50.0477 5088 upnphost - ok 11:45:50.0568 5088 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:45:50.0571 5088 usbccgp - ok 11:45:50.0670 5088 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:45:50.0674 5088 usbcir - ok 11:45:50.0712 5088 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 11:45:50.0714 5088 usbehci - ok 11:45:50.0756 5088 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys 11:45:50.0758 5088 usbfilter - ok 11:45:50.0879 5088 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:45:50.0886 5088 usbhub - ok 11:45:50.0965 5088 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 11:45:50.0967 5088 usbohci - ok 11:45:51.0045 5088 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 11:45:51.0047 5088 usbprint - ok 11:45:51.0159 5088 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:45:51.0165 5088 USBSTOR - ok 11:45:51.0264 5088 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:45:51.0266 5088 usbuhci - ok 11:45:51.0331 5088 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 11:45:51.0335 5088 usbvideo - ok 11:45:51.0399 5088 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 11:45:51.0405 5088 UxSms - ok 11:45:51.0448 5088 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:45:51.0450 5088 VaultSvc - ok 11:45:51.0481 5088 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:45:51.0484 5088 vdrvroot - ok 11:45:51.0548 5088 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 11:45:51.0561 5088 vds - ok 11:45:51.0624 5088 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:45:51.0626 5088 vga - ok 11:45:51.0678 5088 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:45:51.0679 5088 VgaSave - ok 11:45:51.0716 5088 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:45:51.0719 5088 vhdmp - ok 11:45:51.0775 5088 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:45:51.0777 5088 viaide - ok 11:45:51.0841 5088 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:45:51.0845 5088 volmgr - ok 11:45:51.0908 5088 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:45:51.0917 5088 volmgrx - ok 11:45:51.0976 5088 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:45:51.0981 5088 volsnap - ok 11:45:52.0032 5088 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:45:52.0035 5088 vsmraid - ok 11:45:52.0144 5088 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 11:45:52.0172 5088 VSS - ok 11:45:52.0261 5088 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:45:52.0263 5088 vwifibus - ok 11:45:52.0287 5088 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:45:52.0290 5088 vwififlt - ok 11:45:52.0366 5088 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 11:45:52.0380 5088 W32Time - ok 11:45:52.0451 5088 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:45:52.0452 5088 WacomPen - ok 11:45:52.0594 5088 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:45:52.0597 5088 WANARP - ok 11:45:52.0603 5088 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:45:52.0604 5088 Wanarpv6 - ok 11:45:52.0758 5088 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 11:45:52.0783 5088 WatAdminSvc - ok 11:45:52.0984 5088 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 11:45:53.0031 5088 wbengine - ok 11:45:53.0151 5088 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 11:45:53.0181 5088 WbioSrvc - ok 11:45:53.0275 5088 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 11:45:53.0288 5088 wcncsvc - ok 11:45:53.0359 5088 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 11:45:53.0365 5088 WcsPlugInService - ok 11:45:53.0445 5088 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:45:53.0447 5088 Wd - ok 11:45:53.0552 5088 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:45:53.0563 5088 Wdf01000 - ok 11:45:53.0626 5088 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:45:53.0630 5088 WdiServiceHost - ok 11:45:53.0635 5088 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:45:53.0638 5088 WdiSystemHost - ok 11:45:53.0663 5088 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 11:45:53.0669 5088 WebClient - ok 11:45:53.0745 5088 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 11:45:53.0750 5088 Wecsvc - ok 11:45:53.0771 5088 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 11:45:53.0774 5088 wercplsupport - ok 11:45:53.0850 5088 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 11:45:53.0854 5088 WerSvc - ok 11:45:53.0912 5088 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:45:53.0913 5088 WfpLwf - ok 11:45:53.0983 5088 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:45:53.0984 5088 WIMMount - ok 11:45:54.0007 5088 WinDefend - ok 11:45:54.0019 5088 WinHttpAutoProxySvc - ok 11:45:54.0072 5088 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 11:45:54.0077 5088 Winmgmt - ok 11:45:54.0197 5088 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 11:45:54.0232 5088 WinRM - ok 11:45:54.0355 5088 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 11:45:54.0357 5088 WinUsb - ok 11:45:54.0425 5088 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 11:45:54.0441 5088 Wlansvc - ok 11:45:54.0579 5088 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:45:54.0580 5088 WmiAcpi - ok 11:45:54.0642 5088 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 11:45:54.0646 5088 wmiApSrv - ok 11:45:54.0765 5088 WMPNetworkSvc - ok 11:45:54.0973 5088 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 11:45:54.0983 5088 WPCSvc - ok 11:45:55.0010 5088 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 11:45:55.0016 5088 WPDBusEnum - ok 11:45:55.0118 5088 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:45:55.0120 5088 ws2ifsl - ok 11:45:55.0158 5088 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 11:45:55.0163 5088 wscsvc - ok 11:45:55.0249 5088 WSearch - ok 11:45:55.0323 5088 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 11:45:55.0359 5088 wuauserv - ok 11:45:55.0437 5088 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:45:55.0440 5088 WudfPf - ok 11:45:55.0548 5088 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:45:55.0554 5088 WUDFRd - ok 11:45:55.0582 5088 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 11:45:55.0586 5088 wudfsvc - ok 11:45:55.0650 5088 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 11:45:55.0656 5088 WwanSvc - ok 11:45:55.0693 5088 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0 11:45:55.0727 5088 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 11:45:55.0727 5088 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 11:45:55.0757 5088 Boot (0x1200) (9c85a4733cd963a3c98bb87793746910) \Device\Harddisk0\DR0\Partition0 11:45:55.0759 5088 \Device\Harddisk0\DR0\Partition0 - ok 11:45:55.0767 5088 Boot (0x1200) (df54bce7fb5f4ee389f0739dcf8f0936) \Device\Harddisk0\DR0\Partition1 11:45:55.0768 5088 \Device\Harddisk0\DR0\Partition1 - ok 11:45:55.0798 5088 Boot (0x1200) (71451637ac9a668b623dd20855fb820c) \Device\Harddisk0\DR0\Partition2 11:45:55.0800 5088 \Device\Harddisk0\DR0\Partition2 - ok 11:45:55.0818 5088 Boot (0x1200) (eb373bfaf84e479b17063bac6749bdfb) \Device\Harddisk0\DR0\Partition3 11:45:55.0819 5088 \Device\Harddisk0\DR0\Partition3 - ok 11:45:55.0820 5088 ============================================================ 11:45:55.0820 5088 Scan finished 11:45:55.0820 5088 ============================================================ 11:45:55.0864 4488 Detected object count: 1 11:45:55.0864 4488 Actual detected object count: 1 11:46:09.0244 4488 \Device\Harddisk0\DR0\# - copied to quarantine 11:46:09.0244 4488 \Device\Harddisk0\DR0 - copied to quarantine 11:46:09.0300 4488 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 11:46:09.0304 4488 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 11:46:09.0311 4488 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 11:46:09.0319 4488 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 11:46:09.0338 4488 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 11:46:09.0350 4488 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 11:46:09.0353 4488 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 11:46:09.0355 4488 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 11:46:09.0357 4488 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 11:46:09.0361 4488 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 11:46:09.0364 4488 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 11:46:09.0367 4488 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 11:46:09.0405 4488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 11:46:09.0461 4488 \Device\Harddisk0\DR0 - ok 11:46:11.0193 4488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 11:46:17.0311 5304 Deinitialize success

. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Christopher at 0:30:14 on 2012-04-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2460 [GMT -6:00] . AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\system32\SearchIndexer.exe -netsvcs C:\Windows\system32\conhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://pinterest.com/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll uRun: [spotify] "C:\Users\Christopher\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [<NO NAME>] mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~2.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{4FED689D-5C51-40CF-8D2E-975D769E3A13} : DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{4FED689D-5C51-40CF-8D2E-975D769E3A13}\D4A49413 : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [(Default)] mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?] R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111027.001\BHDrvx64.sys [2011-11-1 1155704] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20111104.030\IDSviA64.sys [2011-11-5 488568] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-2-28 354304] R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-5-13 514232] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-20 1751656] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-9 654408] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccsvchst.exe [2012-4-3 130008] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-9-8 136824] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" --> C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [?] S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe --> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-8 253600] S3 hpCMSrv;HP Connection Manager 4.0 Service;"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe" --> C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [?] S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-04-14 04:08:31 20480 ----a-w- C:\Windows\svchost.exe 2012-04-14 02:49:13 108544 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\18BF.tmp.dat 2012-04-14 01:13:18 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6EE35358-54FE-4E77-84A4-1EC9F6EE832E}\mpengine.dll 2012-04-13 02:47:38 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-04-11 18:25:15 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-11 18:25:14 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-11 18:25:14 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-11 18:25:09 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-11 18:25:09 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-11 18:25:09 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-11 18:25:09 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-09 05:04:38 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-09 04:51:59 -------- d-----w- C:\Users\Christopher\AppData\Roaming\Malwarebytes 2012-04-09 04:51:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-04-09 04:51:50 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-09 04:51:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-04 00:38:05 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symefa64.sys 2012-04-04 00:38:05 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\srtsp64.sys 2012-04-04 00:38:05 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symds64.sys 2012-04-04 00:38:05 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\srtspx64.sys 2012-04-04 00:38:05 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symnets.sys 2012-04-04 00:38:05 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\ironx64.sys 2012-04-04 00:37:56 -------- d-----w- C:\Windows\System32\drivers\NISx64\1207010.003 . ==================== Find3M ==================== . 2012-04-09 05:04:38 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-23 16:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-01-25 06:38:39 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-01-25 06:38:38 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-01-25 06:33:30 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe . ============= FINISH: 0:31:16.10 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 9/7/2011 12:06:34 AM System Uptime: 4/13/2012 11:56:57 PM (1 hours ago) . Motherboard: Hewlett-Packard | | 1664 Processor: AMD Phenom II P960 Quad-Core Processor | Socket S1G4 | 792/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 452 GiB total, 406.764 GiB free. D: is FIXED (NTFS) - 14 GiB total, 1.512 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP60: 2/29/2012 6:48:29 AM - Windows Update RP61: 3/7/2012 7:00:21 PM - Installed Compatibility Pack for the 2007 Office system RP63: 3/9/2012 6:21:10 AM - Windows Update RP64: 3/14/2012 3:00:16 AM - Windows Update RP65: 3/21/2012 7:40:20 PM - Scheduled Checkpoint RP66: 4/2/2012 7:40:00 AM - Scheduled Checkpoint RP67: 4/7/2012 2:03:32 PM - Windows Update RP68: 4/8/2012 4:32:41 AM - Windows Update RP69: 4/11/2012 12:23:46 PM - Windows Update RP70: 4/11/2012 12:55:49 PM - Windows Update RP71: 4/12/2012 6:20:02 AM - Windows Update RP72: 4/12/2012 12:26:25 PM - Windows Update RP73: 4/13/2012 6:39:34 AM - Windows Update RP74: 4/13/2012 11:36:23 PM - Windows Update . ==== Installed Programs ====================== . Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe Acrobat 8.1.3 Professional Adobe After Effects CS3 Presets Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Creative Suite 3 Master Collection Adobe Default Language CS3 Adobe Device Central CS3 Adobe Dreamweaver CS3 Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Flash CS3 Adobe Flash Player 11 ActiveX Adobe Flash Player 9 Plugin Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader X MUI Adobe Setup Adobe Shockwave Player 11.5 Adobe SING CS3 Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Video Profiles Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 AHV content for Acrobat and Flash Apple Application Support Apple Software Update Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibility Pack for the 2007 Office system CyberLink YouCam Dropbox Evernote v. 4.2.2 HP Connection Manager HP On Screen Display HP Quick Launch HP Setup HP Setup Manager HP Software Framework IDT Audio Java Auto Updater Java 6 Update 24 Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Norton Internet Security PDF Settings PlayReady PC Runtime x86 QuickTime Realtek Ethernet Controller Driver Realtek PCIE Card Reader REALTEK Wireless LAN Driver RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Skype Click to Call Skype™ 5.5 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows Live Mesh ActiveX Control for Remote Connections . ==== Event Viewer Messages From Past Week ======== . 4/9/2012 9:12:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 4/9/2012 9:12:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 4/9/2012 9:11:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service. 4/9/2012 9:11:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. 4/9/2012 9:10:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service. 4/9/2012 9:10:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. 4/9/2012 9:09:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 4/9/2012 9:08:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service. 4/9/2012 9:08:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service. 4/9/2012 9:07:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service. 4/9/2012 9:05:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 4/8/2012 4:27:23 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 4/8/2012 4:27:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 4/8/2012 4:27:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 4/8/2012 4:27:01 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 4/8/2012 4:26:58 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 4/8/2012 4:24:17 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service. 4/8/2012 11:57:34 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2. 4/13/2012 12:07:29 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 4/13/2012 11:59:38 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The system cannot find the file specified. 4/13/2012 11:57:27 PM, Error: Service Control Manager [7000] - The HPWMISVC service failed to start due to the following error: The system cannot find the file specified. 4/13/2012 11:57:27 PM, Error: Service Control Manager [7000] - The HP Quick Synchronization Service service failed to start due to the following error: The system cannot find the file specified. 4/13/2012 11:38:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 4/13/2012 11:38:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 4/13/2012 11:38:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 4/13/2012 11:38:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 4/13/2012 11:38:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6 4/13/2012 11:36:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2679255). 4/11/2012 7:49:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. . ==== End Of File ===========================

Please help me! I am receiving the threat message: SVCHOST.EXE TROJAN.AGENT . When I quarintine and delete it still appears. My computer has become quite slow and shuts down. Please advise.. I am worried as this laptop houses much of my personal information (which I also pay bills). Thank you in advance. Christopher