-
Posts
14 -
Joined
-
Last visited
Reputation
0 Neutral-
Problem Resolved Please Close thread MrCharlie You are the MAN!
-
ah ok, Well again Thank You very much for the assistance.
-
Nevermind, I just realized that I have them on a thumb drive so I can just archive them there
-
Thanks, would it be wise of me to pack them up into a Zip to keep for future reference?
-
Ran FutureMark (Benchmark Software to task my PC) and rebooted to verify startup.
-
seems to be running fine. Heavy resource programs are initializing quickly and functioning well. No adverse effects noticable
-
Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.10.01 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19190 Blue :: BLUE-PC [administrator] Protection: Disabled 8/10/2012 8:14:32 AM mbam-log-2012-08-10 (08-14-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 248071 Time elapsed: 5 minute(s), 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Looks clean
-
BTW MrCharlie, Thank you for your help with this, its been most appreciated -Steve
-
*ComboFix Log* ComboFix 12-08-09.01 - Blue 08/09/2012 19:47:58.1.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6142.3420 [GMT -7:00] Running from: c:\users\Blue\Desktop\ComboFix.exe AV: STOPzilla! *Disabled/Outdated* {17032AB1-6644-0721-EEB5-A39B8B646009} SP: STOPzilla! *Disabled/Outdated* {AC62CB55-407E-08AF-D405-98E9F0E32AB4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\D74DBDC444.sys c:\users\Blue\AppData\Local\assembly\tmp c:\users\Blue\AppData\Roaming\Microsoft\Windows\Recent\Aquaria.url c:\users\Blue\AppData\Roaming\Microsoft\Windows\Recent\Dungeons of Dredmor.url c:\windows\SysWow64\SETEF10.tmp . . ((((((((((((((((((((((((( Files Created from 2012-07-10 to 2012-08-10 ))))))))))))))))))))))))))))))) . . 2012-08-10 03:09 . 2012-08-10 03:15 -------- d-----w- c:\users\Blue\AppData\Local\Temp 2012-08-10 03:06 . 2012-08-10 03:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-10 00:39 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-10 00:28 . 2012-08-10 02:40 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-10 00:10 . 2012-01-12 16:28 74872 ----a-r- c:\windows\system32\drivers\sbapifs.sys 2012-08-09 23:56 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CF6C1A3A-80ED-4ADB-8A92-AC9BBFB3ECEA}\mpengine.dll 2012-08-09 21:40 . 2012-08-09 21:40 -------- d-----w- c:\users\Blue\AppData\Roaming\Malwarebytes 2012-08-09 21:40 . 2012-08-09 21:40 -------- d-----w- c:\programdata\Malwarebytes 2012-08-09 21:40 . 2012-08-10 00:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-09 06:32 . 2012-08-09 06:32 -------- d-----w- c:\programdata\ALM 2012-08-08 23:50 . 2012-08-08 23:50 -------- d-----w- C:\temp 2012-08-08 23:48 . 2012-08-08 23:48 -------- d-----w- c:\users\Blue\AppData\Local\Trend Micro 2012-08-08 23:44 . 2012-08-08 23:57 -------- d-----w- c:\programdata\Trend Micro 2012-08-08 23:43 . 2012-08-08 23:43 -------- d-----w- c:\program files\Trend Micro 2012-08-08 23:10 . 2012-08-09 07:46 -------- d-----w- c:\program files (x86)\Trend Micro 2012-08-08 18:27 . 2012-08-08 18:54 -------- d-----w- C:\AdobeTemp 2012-08-07 15:29 . 2012-08-07 15:29 23416 ----a-r- c:\windows\SysWow64\SZIO5.dll 2012-08-07 15:29 . 2012-08-07 15:29 546680 ----a-r- c:\windows\SysWow64\SZComp5.dll 2012-08-07 15:28 . 2012-08-07 15:28 497528 ----a-r- c:\windows\SysWow64\SZBase5.dll 2012-07-17 15:36 . 2012-07-17 15:36 29048 ----a-r- c:\windows\SysWow64\IS3XDat5.dll 2012-07-17 15:36 . 2012-07-17 15:36 231288 ----a-r- c:\windows\SysWow64\IS3Win325.dll 2012-07-17 15:36 . 2012-07-17 15:36 391032 ----a-r- c:\windows\SysWow64\IS3UI5.dll 2012-07-17 15:36 . 2012-07-17 15:36 100216 ----a-r- c:\windows\SysWow64\IS3Svc5.dll 2012-07-17 15:36 . 2012-07-17 15:36 132984 ----a-r- c:\windows\SysWow64\IS3HTUI5.dll 2012-07-17 15:36 . 2012-07-17 15:36 104312 ----a-r- c:\windows\SysWow64\IS3Inet5.dll 2012-07-17 15:36 . 2012-07-17 15:36 67448 ----a-r- c:\windows\SysWow64\IS3Hks5.dll 2012-07-17 15:36 . 2012-07-17 15:36 456568 ----a-r- c:\windows\SysWow64\IS3DBA5.dll 2012-07-17 15:36 . 2012-07-17 15:36 812920 ----a-r- c:\windows\SysWow64\IS3Base5.dll 2012-07-14 21:51 . 2012-07-14 21:53 -------- d-----w- c:\users\Blue\AppData\Roaming\TechWizard 2012-07-14 21:49 . 2012-07-14 21:49 260 ----a-w- c:\windows\SysWow64\cmdVBS.vbs 2012-07-14 21:49 . 2012-07-14 21:49 256 ----a-w- c:\windows\SysWow64\MSIevent.bat . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-10 00:39 . 2012-04-05 17:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-10 00:39 . 2011-05-22 17:27 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-14 19:58 . 2012-06-12 23:50 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-06-30 19:57 . 2008-08-14 14:57 86584 ----a-w- c:\windows\SysWow64\drivers\adfs.sys 2012-06-30 19:57 . 2008-06-27 14:51 86584 ----a-w- c:\windows\system32\drivers\adfs.sys 2012-06-28 01:07 . 2012-06-28 01:07 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-06-12 23:50 . 2012-06-12 23:50 53248 ----a-r- c:\users\Blue\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-05-31 19:25 . 2009-10-22 20:15 279656 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-09 1353080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-05-03 17355912] "Starfield Updater"="c:\program files (x86)\Workspace\workspaceupdate.exe" [2012-06-29 34496] "AdobeBridge"="d:\adobe\Adobe Bridge CS4\Bridge.exe" [2008-08-29 13145448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2008-12-30 17713152] "TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-01-03 5381632] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2012-06-30 611712] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Trillian.lnk - c:\program files (x86)\Trillian\trillian.exe [2012-7-27 2088400] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2012-06-30 288112] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-10 250056] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;d:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 00:39] . 2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-21 21:48] . 2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-21 21:48] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Blue\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off0] @="{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}" [HKEY_CLASSES_ROOT\CLSID\{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}] 2012-06-29 16:02 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off1] @="{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}" [HKEY_CLASSES_ROOT\CLSID\{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}] 2012-06-29 16:02 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MacroKeyManager"="WTMKM.exe" [2009-11-04 6103784] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\acaptuser64.dll . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs oracleorahome90agent . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=fiber&cd=7.0unattached&bm=ho_central mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html TCP: DhcpNameServer = 192.168.1.1 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\4wm73yo9.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - uTorrentControl2 Customized Web Search FF - user.js: yahoo.homepage.dontask - true FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file) URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file) URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file) HKLM-Run-(Default) - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2352975200-1827147773-36085273-1000\Software\SecuROM\License information*] "datasecu"=hex:de,e5,1a,e2,41,8f,71,f9,cb,81,3b,8f,81,91,18,bb,ec,06,84,60,89, fc,e4,45,60,98,df,81,4f,35,44,32,b4,90,cd,42,0b,0a,93,99,c4,af,03,07,eb,cf,\ "rkeysecu"=hex:ea,1b,ce,8d,bb,25,7d,63,d6,3d,38,67,66,f2,25,ba . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\04\01\1e\1344?" . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files\ASUS\EPU\EPU.exe c:\program files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe c:\program files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Workspace\offSyncService.exe c:\program files (x86)\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe c:\program files (x86)\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\windows\SysWOW64\PnkBstrA.exe c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe . ************************************************************************** . Completion time: 2012-08-09 20:22:07 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-10 03:22 . Pre-Run: 226,197,213,184 bytes free Post-Run: 226,189,844,480 bytes free . - - End Of File - - 721C15E12E8566FF2DC33EAD1EB7FF23
-
*tdsskiller log* 19:13:05.0673 5960 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 19:13:06.0095 5960 ============================================================ 19:13:06.0095 5960 Current date / time: 2012/08/09 19:13:06.0095 19:13:06.0095 5960 SystemInfo: 19:13:06.0095 5960 19:13:06.0095 5960 OS Version: 6.0.6002 ServicePack: 2.0 19:13:06.0095 5960 Product type: Workstation 19:13:06.0095 5960 ComputerName: BLUE-PC 19:13:06.0095 5960 UserName: Blue 19:13:06.0095 5960 Windows directory: C:\Windows 19:13:06.0095 5960 System windows directory: C:\Windows 19:13:06.0095 5960 Running under WOW64 19:13:06.0095 5960 Processor architecture: Intel x64 19:13:06.0095 5960 Number of processors: 4 19:13:06.0095 5960 Page size: 0x1000 19:13:06.0095 5960 Boot type: Normal boot 19:13:06.0095 5960 ============================================================ 19:13:07.0171 5960 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:13:07.0171 5960 Drive \Device\Harddisk1\DR4 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 19:13:07.0187 5960 ============================================================ 19:13:07.0187 5960 \Device\Harddisk0\DR0: 19:13:07.0187 5960 MBR partitions: 19:13:07.0187 5960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37676000 19:13:07.0187 5960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x37676800, BlocksNum 0x3D08F800 19:13:07.0187 5960 \Device\Harddisk1\DR4: 19:13:07.0187 5960 MBR partitions: 19:13:07.0187 5960 \Device\Harddisk1\DR4\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7E1FA80 19:13:07.0187 5960 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x7, StartLBA 0x7E20000, BlocksNum 0xABF87F0 19:13:07.0187 5960 ============================================================ 19:13:07.0218 5960 C: <-> \Device\Harddisk0\DR0\Partition1 19:13:07.0249 5960 D: <-> \Device\Harddisk0\DR0\Partition0 19:13:07.0265 5960 G: <-> \Device\Harddisk1\DR4\Partition0 19:13:07.0296 5960 H: <-> \Device\Harddisk1\DR4\Partition1 19:13:07.0296 5960 ============================================================ 19:13:07.0296 5960 Initialize success 19:13:07.0296 5960 ============================================================ 19:13:13.0645 5288 ============================================================ 19:13:13.0645 5288 Scan started 19:13:13.0645 5288 Mode: Manual; SigCheck; TDLFS; 19:13:13.0645 5288 ============================================================ 19:13:14.0191 5288 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 19:13:14.0269 5288 ACPI - ok 19:13:14.0300 5288 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys 19:13:14.0363 5288 adfs - ok 19:13:14.0487 5288 Adobe Version Cue CS4 (9444a3530c2e88b7ed96a566ff9ccc13) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe 19:13:14.0503 5288 Adobe Version Cue CS4 - ok 19:13:14.0550 5288 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 19:13:14.0565 5288 AdobeActiveFileMonitor7.0 - ok 19:13:14.0597 5288 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:13:14.0597 5288 AdobeARMservice - ok 19:13:14.0706 5288 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:13:14.0721 5288 AdobeFlashPlayerUpdateSvc - ok 19:13:14.0784 5288 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 19:13:14.0799 5288 adp94xx - ok 19:13:14.0815 5288 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 19:13:14.0831 5288 adpahci - ok 19:13:14.0846 5288 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 19:13:14.0846 5288 adpu160m - ok 19:13:14.0877 5288 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 19:13:14.0893 5288 adpu320 - ok 19:13:14.0924 5288 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll 19:13:14.0955 5288 AeLookupSvc - ok 19:13:15.0018 5288 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys 19:13:15.0065 5288 AFD - ok 19:13:15.0111 5288 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 19:13:15.0111 5288 agp440 - ok 19:13:15.0127 5288 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 19:13:15.0127 5288 aic78xx - ok 19:13:15.0205 5288 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe 19:13:15.0314 5288 ALG - ok 19:13:15.0345 5288 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 19:13:15.0345 5288 aliide - ok 19:13:15.0377 5288 Alpham1 (b3e801135e0c81733542c14d9aa8120a) C:\Windows\system32\DRIVERS\Alpham164.sys 19:13:15.0408 5288 Alpham1 - ok 19:13:15.0423 5288 Alpham2 (6493983fedbc49d9112703ece9b251fe) C:\Windows\system32\DRIVERS\Alpham264.sys 19:13:15.0439 5288 Alpham2 - ok 19:13:15.0439 5288 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 19:13:15.0439 5288 amdide - ok 19:13:15.0455 5288 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 19:13:15.0470 5288 AmdK8 - ok 19:13:15.0517 5288 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll 19:13:15.0533 5288 Appinfo - ok 19:13:15.0735 5288 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 19:13:15.0751 5288 arc - ok 19:13:15.0751 5288 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 19:13:15.0767 5288 arcsas - ok 19:13:15.0813 5288 AsIO (8065a7659562005127673ac52898675f) C:\Windows\syswow64\drivers\AsIO.sys 19:13:15.0829 5288 AsIO - ok 19:13:15.0876 5288 AsSysCtrlService (edabc3fa8f941d2047da630e95e936c7) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe 19:13:15.0907 5288 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - warning 19:13:15.0907 5288 AsSysCtrlService - detected UnsignedFile.Multi.Generic (1) 19:13:15.0923 5288 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 19:13:15.0954 5288 AsyncMac - ok 19:13:15.0969 5288 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 19:13:15.0985 5288 atapi - ok 19:13:15.0985 5288 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys 19:13:15.0985 5288 AtiPcie - ok 19:13:16.0032 5288 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 19:13:16.0047 5288 AudioEndpointBuilder - ok 19:13:16.0047 5288 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 19:13:16.0079 5288 AudioSrv - ok 19:13:16.0110 5288 Autodesk Licensing Service (17681266e789ba928cbed70dd58ee4b1) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe 19:13:16.0125 5288 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - warning 19:13:16.0125 5288 Autodesk Licensing Service - detected UnsignedFile.Multi.Generic (1) 19:13:16.0188 5288 Automatic LiveUpdate Scheduler (2843669c89a00950195f51dbb5db0b8e) C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe 19:13:16.0203 5288 Automatic LiveUpdate Scheduler - ok 19:13:16.0235 5288 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll 19:13:16.0281 5288 BFE - ok 19:13:16.0359 5288 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll 19:13:16.0406 5288 BITS - ok 19:13:16.0422 5288 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 19:13:16.0453 5288 blbdrive - ok 19:13:16.0500 5288 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 19:13:16.0515 5288 Bonjour Service - ok 19:13:16.0531 5288 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 19:13:16.0562 5288 bowser - ok 19:13:16.0578 5288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 19:13:16.0593 5288 BrFiltLo - ok 19:13:16.0593 5288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 19:13:16.0609 5288 BrFiltUp - ok 19:13:16.0656 5288 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll 19:13:16.0703 5288 Browser - ok 19:13:16.0718 5288 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 19:13:16.0859 5288 Brserid - ok 19:13:16.0890 5288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 19:13:16.0937 5288 BrSerWdm - ok 19:13:16.0968 5288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 19:13:16.0999 5288 BrUsbMdm - ok 19:13:16.0999 5288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 19:13:17.0030 5288 BrUsbSer - ok 19:13:17.0046 5288 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 19:13:17.0077 5288 BTHMODEM - ok 19:13:17.0093 5288 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 19:13:17.0108 5288 cdfs - ok 19:13:17.0139 5288 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 19:13:17.0155 5288 cdrom - ok 19:13:17.0171 5288 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 19:13:17.0202 5288 CertPropSvc - ok 19:13:17.0202 5288 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 19:13:17.0249 5288 circlass - ok 19:13:17.0280 5288 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 19:13:17.0295 5288 CLFS - ok 19:13:17.0373 5288 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:13:17.0373 5288 clr_optimization_v2.0.50727_32 - ok 19:13:17.0420 5288 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:13:17.0420 5288 clr_optimization_v2.0.50727_64 - ok 19:13:17.0498 5288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:13:17.0498 5288 clr_optimization_v4.0.30319_32 - ok 19:13:17.0545 5288 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:13:17.0561 5288 clr_optimization_v4.0.30319_64 - ok 19:13:17.0576 5288 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 19:13:17.0576 5288 cmdide - ok 19:13:17.0576 5288 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 19:13:17.0592 5288 Compbatt - ok 19:13:17.0592 5288 COMSysApp - ok 19:13:17.0873 5288 cpuz130 - ok 19:13:17.0888 5288 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 19:13:17.0888 5288 crcdisk - ok 19:13:17.0935 5288 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll 19:13:17.0951 5288 CryptSvc - ok 19:13:17.0997 5288 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe 19:13:18.0013 5288 DAUpdaterSvc - ok 19:13:18.0060 5288 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 19:13:18.0107 5288 DcomLaunch - ok 19:13:18.0185 5288 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys 19:13:18.0200 5288 DfsC - ok 19:13:18.0372 5288 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe 19:13:18.0512 5288 DFSR - ok 19:13:18.0621 5288 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll 19:13:18.0637 5288 Dhcp - ok 19:13:18.0668 5288 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 19:13:18.0684 5288 disk - ok 19:13:18.0699 5288 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll 19:13:18.0715 5288 Dnscache - ok 19:13:18.0746 5288 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll 19:13:18.0762 5288 dot3svc - ok 19:13:18.0793 5288 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll 19:13:18.0809 5288 DPS - ok 19:13:18.0840 5288 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 19:13:18.0855 5288 drmkaud - ok 19:13:18.0933 5288 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 19:13:18.0949 5288 DXGKrnl - ok 19:13:18.0996 5288 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 19:13:19.0027 5288 E1G60 - ok 19:13:19.0058 5288 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll 19:13:19.0074 5288 EapHost - ok 19:13:19.0089 5288 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 19:13:19.0105 5288 Ecache - ok 19:13:19.0183 5288 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe 19:13:19.0214 5288 ehRecvr - ok 19:13:19.0214 5288 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe 19:13:19.0230 5288 ehSched - ok 19:13:19.0245 5288 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll 19:13:19.0261 5288 ehstart - ok 19:13:19.0308 5288 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 19:13:19.0308 5288 elxstor - ok 19:13:19.0355 5288 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll 19:13:19.0386 5288 EMDMgmt - ok 19:13:19.0401 5288 ENTECH64 (12c061d9f9621be916d58191872ec281) C:\Windows\system32\DRIVERS\ENTECH64.sys 19:13:19.0401 5288 ENTECH64 - ok 19:13:19.0417 5288 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 19:13:19.0433 5288 ErrDev - ok 19:13:19.0526 5288 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll 19:13:19.0557 5288 EventSystem - ok 19:13:19.0604 5288 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 19:13:19.0620 5288 exfat - ok 19:13:19.0651 5288 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 19:13:19.0682 5288 fastfat - ok 19:13:19.0682 5288 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 19:13:19.0713 5288 fdc - ok 19:13:19.0713 5288 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll 19:13:19.0729 5288 fdPHost - ok 19:13:19.0745 5288 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll 19:13:19.0791 5288 FDResPub - ok 19:13:19.0947 5288 File Backup (d9d2bfc887ac241e1a4bf019c325552c) C:\Program Files (x86)\Workspace\offSyncService.exe 19:13:19.0979 5288 File Backup - ok 19:13:19.0979 5288 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 19:13:19.0994 5288 FileInfo - ok 19:13:20.0025 5288 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 19:13:20.0057 5288 Filetrace - ok 19:13:20.0135 5288 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 19:13:20.0166 5288 FLEXnet Licensing Service - ok 19:13:20.0353 5288 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 19:13:20.0384 5288 FLEXnet Licensing Service 64 - ok 19:13:20.0462 5288 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 19:13:20.0493 5288 flpydisk - ok 19:13:20.0525 5288 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 19:13:20.0525 5288 FltMgr - ok 19:13:20.0821 5288 FMS (8795fd92b624648dabe7b75129ef8002) C:\Program Files (x86)\Adobe\Flash Media Server 3.5\FMSMaster.exe 19:13:20.0961 5288 FMS ( UnsignedFile.Multi.Generic ) - warning 19:13:20.0961 5288 FMS - detected UnsignedFile.Multi.Generic (1) 19:13:21.0149 5288 FMSAdmin (2db70167c13f2339a63e694291fd1bfd) C:\Program Files (x86)\Adobe\Flash Media Server 3.5\FMSAdmin.exe 19:13:21.0211 5288 FMSAdmin ( UnsignedFile.Multi.Generic ) - warning 19:13:21.0211 5288 FMSAdmin - detected UnsignedFile.Multi.Generic (1) 19:13:21.0507 5288 FMSHttpd (8881574868e648689b7aa88a88716e17) C:\Program Files (x86)\Adobe\Flash Media Server 3.5\Apache2.2\bin\httpd.exe 19:13:21.0523 5288 FMSHttpd ( UnsignedFile.Multi.Generic ) - warning 19:13:21.0523 5288 FMSHttpd - detected UnsignedFile.Multi.Generic (1) 19:13:21.0617 5288 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll 19:13:21.0648 5288 FontCache - ok 19:13:21.0741 5288 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:13:21.0741 5288 FontCache3.0.0.0 - ok 19:13:21.0788 5288 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 19:13:21.0819 5288 Fs_Rec - ok 19:13:21.0851 5288 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 19:13:21.0866 5288 gagp30kx - ok 19:13:21.0913 5288 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll 19:13:21.0944 5288 gpsvc - ok 19:13:21.0991 5288 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:13:22.0007 5288 gupdate - ok 19:13:22.0007 5288 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:13:22.0007 5288 gupdatem - ok 19:13:22.0053 5288 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 19:13:22.0085 5288 HdAudAddService - ok 19:13:22.0365 5288 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 19:13:22.0397 5288 HDAudBus - ok 19:13:22.0475 5288 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 19:13:22.0521 5288 HidBth - ok 19:13:22.0537 5288 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 19:13:22.0568 5288 HidIr - ok 19:13:22.0631 5288 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll 19:13:22.0646 5288 hidserv - ok 19:13:22.0662 5288 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 19:13:22.0677 5288 HidUsb - ok 19:13:22.0724 5288 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll 19:13:22.0755 5288 hkmsvc - ok 19:13:22.0787 5288 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 19:13:22.0787 5288 HpCISSs - ok 19:13:22.0849 5288 hpqcxs08 (ce0fcec4d4d860f36d972759b11eaf0f) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 19:13:22.0865 5288 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 19:13:22.0865 5288 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 19:13:22.0896 5288 hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 19:13:22.0896 5288 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 19:13:22.0896 5288 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 19:13:22.0943 5288 HPSLPSVC (298a6890a7ac415dabb35047d168f13b) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 19:13:22.0958 5288 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 19:13:22.0958 5288 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 19:13:23.0067 5288 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 19:13:23.0099 5288 HTTP - ok 19:13:23.0099 5288 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 19:13:23.0114 5288 i2omp - ok 19:13:23.0130 5288 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 19:13:23.0145 5288 i8042prt - ok 19:13:23.0255 5288 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 19:13:23.0270 5288 iaStorV - ok 19:13:23.0348 5288 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 19:13:23.0364 5288 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:13:23.0364 5288 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:13:23.0473 5288 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:13:23.0489 5288 idsvc - ok 19:13:23.0582 5288 IHA_MessageCenter (5cab9d1ab5c9384d28dff89dbe7a72bb) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe 19:13:23.0613 5288 IHA_MessageCenter ( UnsignedFile.Multi.Generic ) - warning 19:13:23.0613 5288 IHA_MessageCenter - detected UnsignedFile.Multi.Generic (1) 19:13:23.0660 5288 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 19:13:23.0660 5288 iirsp - ok 19:13:23.0707 5288 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll 19:13:23.0723 5288 IKEEXT - ok 19:13:23.0738 5288 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 19:13:23.0738 5288 intelide - ok 19:13:23.0754 5288 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 19:13:23.0769 5288 intelppm - ok 19:13:23.0816 5288 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll 19:13:23.0832 5288 IPBusEnum - ok 19:13:23.0879 5288 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:13:23.0894 5288 IpFilterDriver - ok 19:13:23.0957 5288 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll 19:13:23.0972 5288 iphlpsvc - ok 19:13:23.0972 5288 IpInIp - ok 19:13:24.0050 5288 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 19:13:24.0066 5288 IPMIDRV - ok 19:13:24.0081 5288 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 19:13:24.0128 5288 IPNAT - ok 19:13:24.0128 5288 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 19:13:24.0144 5288 IRENUM - ok 19:13:24.0300 5288 is3srv (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\drivers\is3srv64.sys 19:13:24.0300 5288 is3srv - ok 19:13:24.0300 5288 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 19:13:24.0315 5288 isapnp - ok 19:13:24.0347 5288 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 19:13:24.0362 5288 iScsiPrt - ok 19:13:24.0378 5288 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 19:13:24.0378 5288 iteatapi - ok 19:13:24.0393 5288 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 19:13:24.0393 5288 iteraid - ok 19:13:24.0409 5288 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 19:13:24.0409 5288 kbdclass - ok 19:13:24.0425 5288 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 19:13:24.0440 5288 kbdhid - ok 19:13:24.0487 5288 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 19:13:24.0518 5288 KeyIso - ok 19:13:24.0565 5288 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys 19:13:24.0581 5288 KSecDD - ok 19:13:24.0643 5288 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 19:13:24.0659 5288 ksthunk - ok 19:13:24.0690 5288 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll 19:13:24.0721 5288 KtmRm - ok 19:13:24.0768 5288 L1E (3e3d1d8dcb2ca53463d34252e99465d3) C:\Windows\system32\DRIVERS\L1E60x64.sys 19:13:24.0783 5288 L1E - ok 19:13:24.0830 5288 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll 19:13:24.0846 5288 LanmanServer - ok 19:13:24.0877 5288 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll 19:13:24.0908 5288 LanmanWorkstation - ok 19:13:25.0080 5288 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 19:13:25.0095 5288 LBTServ - ok 19:13:25.0127 5288 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:13:25.0127 5288 LHidFilt - ok 19:13:25.0345 5288 LiveUpdate (36375738dc0b3cd1f764268008e74fdf) C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE 19:13:25.0423 5288 LiveUpdate - ok 19:13:25.0548 5288 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 19:13:25.0579 5288 lltdio - ok 19:13:25.0610 5288 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll 19:13:25.0626 5288 lltdsvc - ok 19:13:25.0641 5288 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll 19:13:25.0688 5288 lmhosts - ok 19:13:25.0704 5288 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:13:25.0704 5288 LMouFilt - ok 19:13:25.0751 5288 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 19:13:25.0766 5288 LSI_FC - ok 19:13:25.0782 5288 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 19:13:25.0782 5288 LSI_SAS - ok 19:13:25.0797 5288 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 19:13:25.0797 5288 LSI_SCSI - ok 19:13:25.0813 5288 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 19:13:25.0829 5288 luafv - ok 19:13:25.0875 5288 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 19:13:25.0891 5288 MBAMProtector - ok 19:13:25.0985 5288 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:13:26.0000 5288 MBAMService - ok 19:13:26.0031 5288 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll 19:13:26.0047 5288 Mcx2Svc - ok 19:13:26.0063 5288 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 19:13:26.0063 5288 megasas - ok 19:13:26.0078 5288 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 19:13:26.0094 5288 MegaSR - ok 19:13:26.0172 5288 mi-raysat_3dsmax9_32 (aa0c4a2c33ce075df2c272d678734991) C:\Program Files (x86)\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe 19:13:26.0172 5288 mi-raysat_3dsmax9_32 ( UnsignedFile.Multi.Generic ) - warning 19:13:26.0172 5288 mi-raysat_3dsmax9_32 - detected UnsignedFile.Multi.Generic (1) 19:13:26.0187 5288 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 19:13:26.0203 5288 MMCSS - ok 19:13:26.0219 5288 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 19:13:26.0265 5288 Modem - ok 19:13:26.0312 5288 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 19:13:26.0328 5288 monitor - ok 19:13:26.0359 5288 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 19:13:26.0359 5288 mouclass - ok 19:13:26.0390 5288 moufiltr (21b7acea1bb49c3371dd5427bf309d6a) C:\Windows\system32\DRIVERS\moufiltr.sys 19:13:26.0406 5288 moufiltr - ok 19:13:26.0421 5288 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 19:13:26.0453 5288 mouhid - ok 19:13:26.0453 5288 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 19:13:26.0468 5288 MountMgr - ok 19:13:26.0499 5288 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:13:26.0515 5288 MozillaMaintenance - ok 19:13:26.0531 5288 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 19:13:26.0546 5288 mpio - ok 19:13:26.0562 5288 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 19:13:26.0577 5288 mpsdrv - ok 19:13:26.0609 5288 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll 19:13:26.0640 5288 MpsSvc - ok 19:13:26.0655 5288 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 19:13:26.0655 5288 Mraid35x - ok 19:13:26.0702 5288 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 19:13:26.0718 5288 MRxDAV - ok 19:13:26.0733 5288 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:13:26.0765 5288 mrxsmb - ok 19:13:26.0811 5288 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:13:26.0827 5288 mrxsmb10 - ok 19:13:26.0827 5288 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:13:26.0843 5288 mrxsmb20 - ok 19:13:26.0843 5288 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 19:13:26.0858 5288 msahci - ok 19:13:26.0874 5288 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 19:13:26.0874 5288 msdsm - ok 19:13:26.0905 5288 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe 19:13:26.0921 5288 MSDTC - ok 19:13:26.0952 5288 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 19:13:26.0967 5288 Msfs - ok 19:13:26.0983 5288 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 19:13:26.0983 5288 msisadrv - ok 19:13:27.0030 5288 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll 19:13:27.0061 5288 MSiSCSI - ok 19:13:27.0061 5288 msiserver - ok 19:13:27.0077 5288 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 19:13:27.0092 5288 MSKSSRV - ok 19:13:27.0108 5288 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 19:13:27.0123 5288 MSPCLOCK - ok 19:13:27.0139 5288 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 19:13:27.0155 5288 MSPQM - ok 19:13:27.0186 5288 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 19:13:27.0201 5288 MsRPC - ok 19:13:27.0217 5288 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 19:13:27.0217 5288 mssmbios - ok 19:13:27.0264 5288 MSSQL$BWDATOOLSET - ok 19:13:27.0279 5288 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe 19:13:27.0295 5288 MSSQLServerADHelper - ok 19:13:27.0295 5288 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 19:13:27.0311 5288 MSTEE - ok 19:13:27.0373 5288 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys 19:13:27.0389 5288 MTsensor - ok 19:13:27.0529 5288 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 19:13:27.0529 5288 Mup - ok 19:13:27.0607 5288 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll 19:13:27.0623 5288 napagent - ok 19:13:27.0654 5288 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 19:13:27.0669 5288 NativeWifiP - ok 19:13:27.0701 5288 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 19:13:27.0716 5288 NDIS - ok 19:13:27.0716 5288 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 19:13:27.0732 5288 NdisTapi - ok 19:13:27.0810 5288 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 19:13:27.0825 5288 Ndisuio - ok 19:13:27.0872 5288 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 19:13:27.0888 5288 NdisWan - ok 19:13:27.0903 5288 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 19:13:27.0919 5288 NDProxy - ok 19:13:27.0950 5288 Net Driver HPZ12 (bd94210175c488f18add3e189ee9304c) C:\Windows\system32\HPZinw12.dll 19:13:27.0950 5288 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 19:13:27.0950 5288 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 19:13:27.0966 5288 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 19:13:27.0981 5288 NetBIOS - ok 19:13:28.0013 5288 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 19:13:28.0028 5288 netbt - ok 19:13:28.0044 5288 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 19:13:28.0059 5288 Netlogon - ok 19:13:28.0091 5288 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll 19:13:28.0122 5288 Netman - ok 19:13:28.0169 5288 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll 19:13:28.0200 5288 netprofm - ok 19:13:28.0247 5288 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:13:28.0262 5288 NetTcpPortSharing - ok 19:13:28.0262 5288 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 19:13:28.0262 5288 nfrd960 - ok 19:13:28.0309 5288 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll 19:13:28.0340 5288 NlaSvc - ok 19:13:28.0356 5288 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 19:13:28.0371 5288 Npfs - ok 19:13:28.0403 5288 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll 19:13:28.0418 5288 nsi - ok 19:13:28.0434 5288 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 19:13:28.0465 5288 nsiproxy - ok 19:13:28.0543 5288 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 19:13:28.0559 5288 Ntfs - ok 19:13:28.0699 5288 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 19:13:28.0715 5288 Null - ok 19:13:29.0339 5288 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:13:29.0822 5288 nvlddmkm - ok 19:13:29.0947 5288 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 19:13:29.0947 5288 nvraid - ok 19:13:29.0963 5288 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 19:13:29.0963 5288 nvstor - ok 19:13:30.0025 5288 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe 19:13:30.0041 5288 nvsvc - ok 19:13:30.0181 5288 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 19:13:30.0228 5288 nvUpdatusService - ok 19:13:30.0259 5288 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 19:13:30.0275 5288 nv_agp - ok 19:13:30.0275 5288 NwlnkFlt - ok 19:13:30.0275 5288 NwlnkFwd - ok 19:13:30.0384 5288 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys 19:13:30.0415 5288 ohci1394 - ok 19:13:30.0477 5288 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 19:13:30.0509 5288 p2pimsvc - ok 19:13:30.0524 5288 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 19:13:30.0540 5288 p2psvc - ok 19:13:30.0571 5288 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 19:13:30.0602 5288 Parport - ok 19:13:30.0680 5288 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 19:13:30.0680 5288 partmgr - ok 19:13:30.0758 5288 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll 19:13:30.0774 5288 PcaSvc - ok 19:13:30.0789 5288 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 19:13:30.0805 5288 pci - ok 19:13:30.0836 5288 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys 19:13:30.0836 5288 pciide - ok 19:13:30.0852 5288 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 19:13:30.0852 5288 pcmcia - ok 19:13:30.0883 5288 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 19:13:30.0930 5288 PEAUTH - ok 19:13:31.0008 5288 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe 19:13:31.0023 5288 PerfHost - ok 19:13:31.0164 5288 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll 19:13:31.0195 5288 pla - ok 19:13:31.0242 5288 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll 19:13:31.0257 5288 PlugPlay - ok 19:13:31.0304 5288 Pml Driver HPZ12 (7fe2afb17d91cf39843d6766ea31cfc7) C:\Windows\system32\HPZipm12.dll 19:13:31.0304 5288 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 19:13:31.0304 5288 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 19:13:31.0304 5288 PnkBstrA - ok 19:13:31.0367 5288 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 19:13:31.0382 5288 PNRPAutoReg - ok 19:13:31.0398 5288 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 19:13:31.0413 5288 PNRPsvc - ok 19:13:31.0491 5288 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll 19:13:31.0523 5288 PolicyAgent - ok 19:13:31.0585 5288 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 19:13:31.0601 5288 PptpMiniport - ok 19:13:31.0663 5288 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys 19:13:31.0694 5288 Processor - ok 19:13:31.0741 5288 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll 19:13:31.0757 5288 ProfSvc - ok 19:13:31.0788 5288 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 19:13:31.0803 5288 ProtectedStorage - ok 19:13:31.0913 5288 PS3 Media Server (eb21a4f28e4135498b3ce981883a0a44) C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe 19:13:31.0944 5288 PS3 Media Server ( UnsignedFile.Multi.Generic ) - warning 19:13:31.0944 5288 PS3 Media Server - detected UnsignedFile.Multi.Generic (1) 19:13:31.0959 5288 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 19:13:31.0975 5288 PSched - ok 19:13:32.0069 5288 PSI_SVC_2_x64 (788cb65d49d1162c5ee6814afe5b0a70) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 19:13:32.0069 5288 PSI_SVC_2_x64 - ok 19:13:32.0100 5288 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 19:13:32.0100 5288 PxHlpa64 - ok 19:13:32.0162 5288 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 19:13:32.0193 5288 ql2300 - ok 19:13:32.0225 5288 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 19:13:32.0240 5288 ql40xx - ok 19:13:32.0271 5288 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll 19:13:32.0287 5288 QWAVE - ok 19:13:32.0287 5288 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 19:13:32.0303 5288 QWAVEdrv - ok 19:13:32.0334 5288 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 19:13:32.0365 5288 RasAcd - ok 19:13:32.0427 5288 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll 19:13:32.0443 5288 RasAuto - ok 19:13:32.0474 5288 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:13:32.0490 5288 Rasl2tp - ok 19:13:32.0505 5288 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll 19:13:32.0521 5288 RasMan - ok 19:13:32.0552 5288 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 19:13:32.0568 5288 RasPppoe - ok 19:13:32.0646 5288 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 19:13:32.0661 5288 RasSstp - ok 19:13:32.0693 5288 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 19:13:32.0708 5288 rdbss - ok 19:13:32.0708 5288 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:13:32.0724 5288 RDPCDD - ok 19:13:32.0755 5288 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 19:13:32.0771 5288 rdpdr - ok 19:13:32.0786 5288 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 19:13:32.0802 5288 RDPENCDD - ok 19:13:32.0833 5288 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys 19:13:32.0849 5288 RDPWD - ok 19:13:32.0864 5288 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll 19:13:32.0895 5288 RemoteAccess - ok 19:13:32.0911 5288 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll 19:13:32.0927 5288 RemoteRegistry - ok 19:13:32.0942 5288 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe 19:13:32.0958 5288 RpcLocator - ok 19:13:33.0020 5288 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 19:13:33.0036 5288 RpcSs - ok 19:13:33.0051 5288 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 19:13:33.0083 5288 rspndr - ok 19:13:33.0129 5288 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 19:13:33.0129 5288 SamSs - ok 19:13:33.0161 5288 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys 19:13:33.0161 5288 sbapifs - ok 19:13:33.0176 5288 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 19:13:33.0192 5288 sbp2port - ok 19:13:33.0223 5288 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys 19:13:33.0223 5288 SBRE - ok 19:13:33.0239 5288 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll 19:13:33.0254 5288 SCardSvr - ok 19:13:33.0363 5288 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll 19:13:33.0410 5288 Schedule - ok 19:13:33.0426 5288 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 19:13:33.0457 5288 SCPolicySvc - ok 19:13:33.0519 5288 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll 19:13:33.0535 5288 SDRSVC - ok 19:13:33.0551 5288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:13:33.0582 5288 secdrv - ok 19:13:33.0597 5288 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll 19:13:33.0613 5288 seclogon - ok 19:13:33.0629 5288 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll 19:13:33.0644 5288 SENS - ok 19:13:33.0660 5288 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys 19:13:33.0675 5288 Serenum - ok 19:13:33.0707 5288 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys 19:13:33.0722 5288 Serial - ok 19:13:33.0738 5288 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 19:13:33.0753 5288 sermouse - ok 19:13:33.0769 5288 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll 19:13:33.0800 5288 SessionEnv - ok 19:13:33.0800 5288 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 19:13:33.0831 5288 sffdisk - ok 19:13:33.0831 5288 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 19:13:33.0878 5288 sffp_mmc - ok 19:13:33.0878 5288 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 19:13:33.0909 5288 sffp_sd - ok 19:13:33.0909 5288 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 19:13:33.0941 5288 sfloppy - ok 19:13:33.0987 5288 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll 19:13:34.0034 5288 SharedAccess - ok 19:13:34.0112 5288 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll 19:13:34.0128 5288 ShellHWDetection - ok 19:13:34.0128 5288 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 19:13:34.0143 5288 SiSRaid2 - ok 19:13:34.0159 5288 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 19:13:34.0159 5288 SiSRaid4 - ok 19:13:34.0362 5288 Skype C2C Service (192d93ee7ae6a3c599c96cd8d736e914) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 19:13:34.0424 5288 Skype C2C Service - ok 19:13:34.0565 5288 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files (x86)\Skype\Updater\Updater.exe 19:13:34.0565 5288 SkypeUpdate - ok 19:13:34.0736 5288 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe 19:13:34.0799 5288 slsvc - ok 19:13:34.0861 5288 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll 19:13:34.0892 5288 SLUINotify - ok 19:13:34.0955 5288 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 19:13:34.0970 5288 Smb - ok 19:13:34.0986 5288 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe 19:13:35.0001 5288 SNMPTRAP - ok 19:13:35.0017 5288 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 19:13:35.0017 5288 spldr - ok 19:13:35.0048 5288 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe 19:13:35.0079 5288 Spooler - ok 19:13:35.0126 5288 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 19:13:35.0126 5288 SQLBrowser - ok 19:13:35.0157 5288 SQLWriter (3c432a96363097870995e2a3c8b66abd) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 19:13:35.0157 5288 SQLWriter - ok 19:13:35.0189 5288 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 19:13:35.0220 5288 srv - ok 19:13:35.0267 5288 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys 19:13:35.0282 5288 srv2 - ok 19:13:35.0313 5288 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys 19:13:35.0313 5288 srvnet - ok 19:13:35.0329 5288 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll 19:13:35.0360 5288 SSDPSRV - ok 19:13:35.0360 5288 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll 19:13:35.0391 5288 SstpSvc - ok 19:13:35.0423 5288 Steam Client Service - ok 19:13:35.0469 5288 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:13:35.0469 5288 Stereo Service - ok 19:13:35.0501 5288 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys 19:13:35.0516 5288 StillCam - ok 19:13:35.0579 5288 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll 19:13:35.0594 5288 stisvc - ok 19:13:35.0594 5288 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 19:13:35.0594 5288 swenum - ok 19:13:35.0672 5288 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll 19:13:35.0688 5288 swprv - ok 19:13:35.0735 5288 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 19:13:35.0735 5288 Symc8xx - ok 19:13:35.0750 5288 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 19:13:35.0750 5288 Sym_hi - ok 19:13:35.0766 5288 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 19:13:35.0766 5288 Sym_u3 - ok 19:13:35.0828 5288 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll 19:13:35.0875 5288 SysMain - ok 19:13:35.0984 5288 szkg5 (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\DRIVERS\szkg64.sys 19:13:35.0984 5288 szkg5 - ok 19:13:36.0062 5288 szserver (67f86bef497c02a765ab439495599717) C:\Program Files (x86)\STOPzilla!\SZServer.exe 19:13:36.0078 5288 szserver - ok 19:13:36.0187 5288 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll 19:13:36.0203 5288 TabletInputService - ok 19:13:36.0249 5288 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll 19:13:36.0265 5288 TapiSrv - ok 19:13:36.0296 5288 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll 19:13:36.0359 5288 TBS - ok 19:13:36.0483 5288 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys 19:13:36.0515 5288 Tcpip - ok 19:13:36.0624 5288 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys 19:13:36.0655 5288 Tcpip6 - ok 19:13:36.0873 5288 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 19:13:36.0889 5288 tcpipreg - ok 19:13:36.0920 5288 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 19:13:36.0951 5288 TDPIPE - ok 19:13:36.0998 5288 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 19:13:37.0014 5288 TDTCP - ok 19:13:37.0029 5288 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 19:13:37.0045 5288 tdx - ok 19:13:37.0092 5288 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 19:13:37.0092 5288 TermDD - ok 19:13:37.0170 5288 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll 19:13:37.0185 5288 TermService - ok 19:13:37.0217 5288 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll 19:13:37.0232 5288 Themes - ok 19:13:37.0248 5288 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 19:13:37.0263 5288 THREADORDER - ok 19:13:37.0295 5288 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll 19:13:37.0326 5288 TrkWks - ok 19:13:37.0419 5288 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe 19:13:37.0451 5288 TrustedInstaller - ok 19:13:37.0451 5288 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:13:37.0482 5288 tssecsrv - ok 19:13:37.0482 5288 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 19:13:37.0544 5288 tunmp - ok 19:13:37.0560 5288 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 19:13:37.0560 5288 tunnel - ok 19:13:37.0607 5288 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 19:13:37.0607 5288 uagp35 - ok 19:13:37.0653 5288 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 19:13:37.0669 5288 udfs - ok 19:13:37.0669 5288 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe 19:13:37.0700 5288 UI0Detect - ok 19:13:37.0700 5288 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 19:13:37.0716 5288 uliagpkx - ok 19:13:37.0731 5288 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 19:13:37.0747 5288 uliahci - ok 19:13:37.0763 5288 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 19:13:37.0763 5288 UlSata - ok 19:13:37.0778 5288 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 19:13:37.0794 5288 ulsata2 - ok 19:13:37.0809 5288 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 19:13:37.0841 5288 umbus - ok 19:13:37.0841 5288 UMPass (01abe05c401e70795b43a8933b44831e) C:\Windows\system32\DRIVERS\umpass.sys 19:13:37.0872 5288 UMPass - ok 19:13:37.0887 5288 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll 19:13:37.0919 5288 upnphost - ok 19:13:37.0981 5288 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 19:13:37.0997 5288 usbaudio - ok 19:13:38.0012 5288 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 19:13:38.0043 5288 usbccgp - ok 19:13:38.0059 5288 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 19:13:38.0090 5288 usbcir - ok 19:13:38.0199 5288 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 19:13:38.0215 5288 usbehci - ok 19:13:38.0246 5288 usbfilter (db07f39cb6f36b46ea681e754a0ec588) C:\Windows\system32\DRIVERS\usbfilter.sys 19:13:38.0246 5288 usbfilter - ok 19:13:38.0277 5288 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 19:13:38.0293 5288 usbhub - ok 19:13:38.0309 5288 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys 19:13:38.0324 5288 usbohci - ok 19:13:38.0324 5288 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys 19:13:38.0355 5288 usbprint - ok 19:13:38.0371 5288 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:13:38.0387 5288 USBSTOR - ok 19:13:38.0387 5288 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 19:13:38.0418 5288 usbuhci - ok 19:13:38.0433 5288 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll 19:13:38.0449 5288 UxSms - ok 19:13:38.0496 5288 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe 19:13:38.0511 5288 vds - ok 19:13:38.0511 5288 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 19:13:38.0543 5288 vga - ok 19:13:38.0543 5288 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 19:13:38.0574 5288 VgaSave - ok 19:13:38.0589 5288 vhidmini (c2c95d62c90ca809240112b41c1765f2) C:\Windows\system32\DRIVERS\walvhid.sys 19:13:38.0621 5288 vhidmini - ok 19:13:38.0683 5288 VIAHdAudAddService (4a441cef86dd95692984fce11d8fd530) C:\Windows\system32\drivers\viahduaa.sys 19:13:38.0777 5288 VIAHdAudAddService - ok 19:13:38.0777 5288 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 19:13:38.0792 5288 viaide - ok 19:13:38.0792 5288 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 19:13:38.0792 5288 volmgr - ok 19:13:38.0823 5288 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 19:13:38.0839 5288 volmgrx - ok 19:13:38.0901 5288 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 19:13:38.0917 5288 volsnap - ok 19:13:38.0933 5288 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 19:13:38.0933 5288 vsmraid - ok 19:13:39.0011 5288 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe 19:13:39.0042 5288 VSS - ok 19:13:39.0182 5288 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll 19:13:39.0198 5288 W32Time - ok 19:13:39.0213 5288 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 19:13:39.0245 5288 WacomPen - ok 19:13:39.0338 5288 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 19:13:39.0354 5288 Wanarp - ok 19:13:39.0354 5288 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 19:13:39.0369 5288 Wanarpv6 - ok 19:13:39.0401 5288 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll 19:13:39.0416 5288 wcncsvc - ok 19:13:39.0479 5288 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll 19:13:39.0494 5288 WcsPlugInService - ok 19:13:39.0494 5288 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 19:13:39.0510 5288 Wd - ok 19:13:39.0557 5288 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 19:13:39.0588 5288 Wdf01000 - ok 19:13:39.0603 5288 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 19:13:39.0635 5288 WdiServiceHost - ok 19:13:39.0635 5288 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 19:13:39.0650 5288 WdiSystemHost - ok 19:13:39.0713 5288 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll 19:13:39.0728 5288 WebClient - ok 19:13:39.0759 5288 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll 19:13:39.0775 5288 Wecsvc - ok 19:13:39.0822 5288 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll 19:13:39.0853 5288 wercplsupport - ok 19:13:39.0869 5288 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll 19:13:39.0884 5288 WerSvc - ok 19:13:39.0915 5288 WinDefend - ok 19:13:39.0915 5288 WinHttpAutoProxySvc - ok 19:13:39.0962 5288 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll 19:13:39.0978 5288 Winmgmt - ok 19:13:40.0118 5288 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll 19:13:40.0149 5288 WinRM - ok 19:13:40.0290 5288 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll 19:13:40.0337 5288 Wlansvc - ok 19:13:40.0368 5288 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys 19:13:40.0383 5288 WmiAcpi - ok 19:13:40.0461 5288 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe 19:13:40.0477 5288 wmiApSrv - ok 19:13:40.0477 5288 WMPNetworkSvc - ok 19:13:40.0508 5288 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll 19:13:40.0524 5288 WPCSvc - ok 19:13:40.0555 5288 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll 19:13:40.0571 5288 WPDBusEnum - ok 19:13:40.0602 5288 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 19:13:40.0617 5288 WpdUsb - ok 19:13:40.0742 5288 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 19:13:40.0758 5288 WPFFontCache_v0400 - ok 19:13:40.0758 5288 WPRO_40_1340 - ok 19:13:40.0773 5288 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 19:13:40.0789 5288 ws2ifsl - ok 19:13:40.0820 5288 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll 19:13:40.0836 5288 wscsvc - ok 19:13:40.0836 5288 WSearch - ok 19:13:40.0836 5288 WTService - ok 19:13:41.0039 5288 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll 19:13:41.0085 5288 wuauserv - ok 19:13:41.0210 5288 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:13:41.0241 5288 WUDFRd - ok 19:13:41.0257 5288 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll 19:13:41.0288 5288 wudfsvc - ok 19:13:41.0304 5288 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys 19:13:41.0319 5288 xusb21 - ok 19:13:41.0413 5288 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 19:13:41.0429 5288 YahooAUService - ok 19:13:41.0475 5288 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 19:13:41.0787 5288 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 19:13:41.0787 5288 \Device\Harddisk0\DR0 - detected TDSS File System (1) 19:13:41.0819 5288 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4 19:13:42.0489 5288 \Device\Harddisk1\DR4 - ok 19:13:42.0505 5288 Boot (0x1200) (2f103581a4010648c7d6a790f2dc42e4) \Device\Harddisk0\DR0\Partition0 19:13:42.0521 5288 \Device\Harddisk0\DR0\Partition0 - ok 19:13:42.0521 5288 Boot (0x1200) (424ec361e96ec87e3f8bf7c2fd5b45b2) \Device\Harddisk0\DR0\Partition1 19:13:42.0521 5288 \Device\Harddisk0\DR0\Partition1 - ok 19:13:42.0521 5288 Boot (0x1200) (905ff5c8808d549532c4f558f0d43674) \Device\Harddisk1\DR4\Partition0 19:13:42.0521 5288 \Device\Harddisk1\DR4\Partition0 - ok 19:13:42.0536 5288 Boot (0x1200) (eab693952dfc164a5355ceef9f082bde) \Device\Harddisk1\DR4\Partition1 19:13:42.0552 5288 \Device\Harddisk1\DR4\Partition1 - ok 19:13:42.0552 5288 ============================================================ 19:13:42.0552 5288 Scan finished 19:13:42.0552 5288 ============================================================ 19:13:42.0552 4028 Detected object count: 15 19:13:42.0552 4028 Actual detected object count: 15 19:14:23.0580 4028 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0580 4028 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0580 4028 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0580 4028 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0580 4028 FMS ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0580 4028 FMS ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0580 4028 FMSAdmin ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0580 4028 FMSAdmin ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 FMSHttpd ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 FMSHttpd ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 IHA_MessageCenter ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 IHA_MessageCenter ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 mi-raysat_3dsmax9_32 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 mi-raysat_3dsmax9_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 PS3 Media Server ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:23.0595 4028 PS3 Media Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:23.0595 4028 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 19:14:23.0595 4028 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
-
15 Items detected, All "Unasigned" do you want the log? No option for "Cure" was given
-
*DDS Log* . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.6001.19190 BrowserJavaVersion: 1.6.0_31 Run by Blue at 18:45:46 on 2012-08-09 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6142.3547 [GMT -7:00] . AV: STOPzilla! *Enabled/Outdated* {17032AB1-6644-0721-EEB5-A39B8B646009} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: STOPzilla! *Enabled/Outdated* {AC62CB55-407E-08AF-D405-98E9F0E32AB4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Program Files (x86)\STOPzilla!\SZServer.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\ASUS\EPU\EPU.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\Explorer.EXE D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Workspace\offSyncService.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe C:\Program Files (x86)\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe C:\Program Files (x86)\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\atwtusb.exe C:\Windows\system32\atwtusb.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\WTMKM.exe C:\Program Files (x86)\STOPzilla!\STOPzilla.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\ehome\ehtray.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files (x86)\Workspace\workspaceupdate.exe C:\Windows\ehome\ehmsas.exe C:\Program Files (x86)\Trillian\trillian.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\ASUS\TurboV\TurboV.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\msiexec.exe c:\program files\windows defender\MpCmdRun.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\FirewallControlPanel.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\REGSVR32.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=fiber&cd=7.0unattached&bm=ho_central uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File mWinlogon: Userinit=c:\windows\syswow64\userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - D:\Adobe\/Adobe Contribute CS4/contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - D:\Adobe\/Adobe Contribute CS4/contributeieplugin.dll TB: {00000000-0000-0000-0000-000000000000} - No File TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [starfield Updater] "C:\Program Files (x86)\Workspace\workspaceupdate.exe" uRun: [AdobeBridge] "D:\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth mRun: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\Users\Blue\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{ACE086FD-E64E-4058-8B42-5DF7F25AC8C2} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Adobe\/Adobe Contribute CS4/contributeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Adobe\/Adobe Contribute CS4/contributeieplugin.dll TB-X64: {00000000-0000-0000-0000-000000000000} - No File TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File mRun-x64: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r mRun-x64: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\4wm73yo9.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - uTorrentControl2 Customized Web Search FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins\npdeployJava1.dll FF - plugin: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins\npdnu.dll FF - plugin: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\Firefox\Profiles\4wm73yo9.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\plugins\npoff.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\Plugins\npoff.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\Plugins\npoff64.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\plugins\npoff64.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\plugins\npwbe.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\Plugins\npwbe.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\Plugins\npwbe64.dll FF - plugin: C:\Users\Blue\AppData\Roaming\Mozilla\plugins\npwbe64.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-8-15 86016] R2 File Backup;File Backup Service;C:\Program Files (x86)\Workspace\offSyncService.exe [2012-5-17 1174824] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-6-11 335888] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-9 655944] R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);C:\Program Files (x86)\Dragon Age\tools\toolssql\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-8 2348352] R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-4-9 3063968] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272] R2 WTService;WTService;C:\Windows\System32\atwtusb.exe -s --> C:\Windows\System32\atwtusb.exe -s [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-21 135664] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 288112] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-5 250056] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832] S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-6-30 1038088] S3 FMS;Flash Media Server (FMS);C:\Program Files (x86)\Adobe\Flash Media Server 3.5\FMSMaster.exe [2009-11-4 2428928] S3 FMSAdmin;Flash Media Administration Server;C:\Program Files (x86)\Adobe\Flash Media Server 3.5\FMSAdmin.exe [2009-11-4 2596864] S3 FMSHttpd;FMSHttpd;C:\Program Files (x86)\Adobe\Flash Media Server 3.5\Apache2.2\bin\httpd.exe [2009-11-4 24635] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-21 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2008-8-17 217088] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-10 89920] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-08-10 01:45:30 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF6C1A3A-80ED-4ADB-8A92-AC9BBFB3ECEA}\offreg.dll 2012-08-10 00:39:03 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-10 00:28:57 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-10 00:10:01 74872 ----a-r- C:\Windows\System32\drivers\sbapifs.sys 2012-08-09 23:56:23 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF6C1A3A-80ED-4ADB-8A92-AC9BBFB3ECEA}\mpengine.dll 2012-08-09 21:40:33 -------- d-----w- C:\Users\Blue\AppData\Roaming\Malwarebytes 2012-08-09 21:40:18 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-09 21:40:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-09 06:32:44 -------- d-----w- C:\ProgramData\ALM 2012-08-08 23:50:14 -------- d-----w- C:\temp 2012-08-08 23:48:21 -------- d-----w- C:\Users\Blue\AppData\Local\Trend Micro 2012-08-08 23:44:08 -------- d-----w- C:\ProgramData\Trend Micro 2012-08-08 23:43:34 -------- d-----w- C:\Program Files\Trend Micro 2012-08-08 23:10:12 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-08-08 18:27:37 -------- d-----w- C:\AdobeTemp 2012-08-07 15:29:12 23416 ----a-r- C:\Windows\SysWow64\SZIO5.dll 2012-08-07 15:29:02 546680 ----a-r- C:\Windows\SysWow64\SZComp5.dll 2012-08-07 15:28:56 497528 ----a-r- C:\Windows\SysWow64\SZBase5.dll 2012-07-17 15:36:16 29048 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll 2012-07-17 15:36:16 231288 ----a-r- C:\Windows\SysWow64\IS3Win325.dll 2012-07-17 15:36:14 391032 ----a-r- C:\Windows\SysWow64\IS3UI5.dll 2012-07-17 15:36:12 100216 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll 2012-07-17 15:36:06 132984 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll 2012-07-17 15:36:06 104312 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll 2012-07-17 15:36:04 67448 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll 2012-07-17 15:36:04 456568 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll 2012-07-17 15:36:02 812920 ----a-r- C:\Windows\SysWow64\IS3Base5.dll 2012-07-14 21:51:35 -------- d-----w- C:\Users\Blue\AppData\Roaming\TechWizard 2012-07-14 21:49:20 260 ----a-w- C:\Windows\SysWow64\cmdVBS.vbs 2012-07-14 21:49:20 256 ----a-w- C:\Windows\SysWow64\MSIevent.bat . ==================== Find3M ==================== . 2012-08-10 00:39:53 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-10 00:39:53 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-14 19:58:05 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2012-06-30 19:57:07 86584 ----a-w- C:\Windows\SysWow64\drivers\adfs.sys 2012-06-30 19:57:07 86584 ----a-w- C:\Windows\System32\drivers\adfs.sys 2012-05-31 19:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 18:46:25.38 =============== *RogueKiller Log* RogueKiller V7.6.5 [08/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 64 bits version Started in : Normal mode User: Blue [Admin rights] Mode: Scan -- Date: 08/09/2012 18:55:11 ¤¤¤ Bad processes: 1 ¤¤¤ [sUSP PATH] c2c_service.exe -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 4 ¤¤¤ [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD103UJ ATA Device +++++ --- User --- [MBR] 9ad95bbe26b845c22155cee2f62bc4b4 [bSP] 638e5a80e020404c80f0c466e267f1f7 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 453868 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 929523712 | Size: 499999 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
-
Online or offline? Or does it not matter with these?
-
Recently I went to open Adobe Illustrator and was hit with a BSOD. PAGE_FAULT_IN_NONPAGED_AREA Stop:0x00000050 ( 0xFFFFFA60F04CAC20, 0X0000000000000001, 0XFFFFFA8007D4A2E6, 0X0000000000000005) Then my AVM software detected SVCHost infected. Malwarebytes was ran offline (updated with current database) with all other protection disabled *Malwarebytes Log* Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.10.01 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19190 Blue :: BLUE-PC [administrator] Protection: Disabled 8/9/2012 5:39:37 PM mbam-log-2012-08-09 (17-39-37).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 245033 Time elapsed: 6 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully. Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Data: SPService^^ -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Computer Boots up REALLY slow, after rebooting Malwarebytes gives error dialog: [shell_NotifyIcon] Failed to perform desired action. Error Code: 0 Steve