Jump to content


gwm32683

Member Since 17 Jun 2012
Offline Last Active Jun 21 2012 01:34 PM
-----

Posts I've Made

In Topic: Needing someone to look at this..

21 June 2012 - 07:02 AM

ComboFix 12-06-21.01 - aaron's 06/21/2012 5:55.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2741 [GMT -5:00]
Running from: c:\users\aaron's\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-05-21 to 2012-06-21 )))))))))))))))))))))))))))))))
.
.
2012-06-21 11:42 . 2012-06-21 11:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-21 10:36 . 2012-06-21 11:44 -------- d-----w- c:\windows\system32\drivers\NISx64\1109000.00C
2012-06-19 14:39 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-06-19 14:39 . 2010-05-26 16:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-06-19 14:23 . 2012-06-19 14:23 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-06-19 12:28 . 2012-06-19 12:30 -------- d-----w- c:\users\aaron's\AppData\Local\Tific
2012-06-19 12:24 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 12:24 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 12:24 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 12:24 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 12:24 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-19 12:24 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 12:24 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 12:24 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 12:24 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 07:58 . 2012-06-19 07:58 -------- d-----w- c:\users\aaron's\AppData\Roaming\Tific
2012-06-19 07:58 . 2012-06-19 07:58 -------- d-----w- c:\users\aaron's\AppData\Local\Symantec
2012-06-19 07:57 . 2012-06-19 07:57 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-19 07:57 . 2012-06-19 07:58 -------- d-----w- c:\program files\Symantec
2012-06-19 07:57 . 2012-06-19 07:57 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-06-18 04:48 . 2012-06-18 04:48 -------- d-----w- c:\users\aaron's\AppData\Roaming\Malwarebytes
2012-06-18 04:48 . 2012-06-18 04:48 -------- d-----w- c:\programdata\Malwarebytes
2012-06-18 04:48 . 2012-06-18 04:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-18 04:48 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-18 04:03 . 2012-06-18 04:03 388096 ----a-r- c:\users\aaron's\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-18 04:03 . 2012-06-18 04:03 -------- d-----w- c:\program files (x86)\Trend Micro
2012-06-17 03:42 . 2012-06-17 03:42 -------- d-----w- c:\users\aaron's\AppData\Roaming\PC Speed Maximizer
2012-06-17 03:24 . 2012-06-17 08:56 -------- d-----w- c:\users\aaron's\AppData\Roaming\.purple
2012-06-17 03:22 . 2012-06-17 14:15 -------- d-----w- c:\program files (x86)\PC Speed Maximizer
2012-06-17 03:21 . 2012-06-17 14:15 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-06-17 03:21 . 2012-06-17 03:22 -------- d-----w- c:\users\aaron's\AppData\Local\antiphishing-vmninternethelper1_1dn
2012-06-17 03:21 . 2012-06-17 03:21 -------- d-----w- c:\programdata\Tarma Installer
2012-06-17 00:22 . 2012-06-20 12:23 -------- d-----w- c:\users\aaron's\AppData\Roaming\XBMC
2012-06-17 00:20 . 2012-06-19 14:38 -------- d-----w- c:\program files (x86)\XBMC
2012-06-17 00:20 . 2012-06-17 00:20 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5636211A-21C5-41E6-B3C5-F2FAB8306557}\offreg.dll
2012-06-17 00:19 . 2012-06-17 00:19 -------- d-----w- c:\users\aaron's\AppData\Local\jZip
2012-06-17 00:19 . 2012-06-17 14:16 -------- d-----w- c:\programdata\boost_interprocess
2012-06-17 00:19 . 2012-06-17 00:19 -------- d-----w- c:\program files (x86)\jZip
2012-06-15 17:18 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5636211A-21C5-41E6-B3C5-F2FAB8306557}\mpengine.dll
2012-06-13 15:52 . 2012-04-24 05:59 1460224 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 15:52 . 2012-04-24 05:59 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 15:52 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 15:52 . 2012-04-24 05:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 15:52 . 2012-04-24 04:47 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 15:52 . 2012-04-24 04:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-12 03:13 . 2012-06-12 03:13 -------- d-----w- c:\users\aaron's\AppData\Local\Unity
2012-06-11 05:53 . 2012-06-11 05:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-06-06 08:04 . 2012-06-06 08:04 -------- d-----w- c:\users\aaron's\AppData\Local\Diagnostics
2012-06-04 00:28 . 2012-06-04 00:28 -------- d-----w- c:\programdata\CCP
2012-06-03 17:23 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2012-06-03 17:23 . 2009-09-04 22:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2012-06-03 17:23 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-06-03 17:05 . 2012-06-03 17:05 -------- d-----w- c:\program files (x86)\CCP
2012-06-03 16:22 . 2012-06-03 16:22 -------- d-----w- c:\users\aaron's\AppData\Local\CCP
2012-06-02 03:06 . 2012-06-02 03:06 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-06-02 02:15 . 2012-06-02 03:06 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-02 02:15 . 2012-06-02 02:15 -------- d-----w- c:\windows\system32\Macromed
2012-06-02 01:55 . 2012-06-02 01:55 -------- d-----w- c:\users\aaron's\AppData\Local\Mozilla
2012-06-02 01:55 . 2012-06-17 14:15 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-01 21:15 . 2012-06-01 21:15 -------- d-----w- c:\program files\Google
2012-06-01 21:15 . 2012-06-03 18:20 -------- d-----w- c:\users\aaron's\AppData\Local\Google
2012-06-01 21:15 . 2012-06-03 18:20 -------- d-----w- c:\program files (x86)\Google
2012-06-01 21:13 . 2012-06-18 18:34 -------- d-----w- c:\windows\SysWow64\Adobe
2012-06-01 20:48 . 2012-06-02 03:06 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-01 20:48 . 2012-06-01 20:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-06-01 20:48 . 2012-06-11 05:55 -------- d-----w- c:\users\aaron's\AppData\Local\Adobe
2012-06-01 20:47 . 2012-06-01 20:47 -------- d-----w- c:\program files (x86)\Atari
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-30 11:09 . 2012-05-10 17:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-01 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-01 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 257696]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-01 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-09-17 23536]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-06-19 1161376]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120613.007\IDSvia64.sys [2012-06-14 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [x]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-06-19 138912]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 03:06]
.
2012-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-01 21:15]
.
2012-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-01 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-04 8098848]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 216.220.3.205 216.220.3.204
FF - ProfilePath - c:\users\aaron's\AppData\Roaming\Mozilla\Firefox\Profiles\3n825qi4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=100&systemid=102&sr=0&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\NORTON INTERNET SECURITY\ENGINE\17.9.0.12\cltLMH.exe
.
**************************************************************************
.
Completion time: 2012-06-21 06:50:34 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-21 11:50
.
Pre-Run: 253,363,617,792 bytes free
Post-Run: 253,173,067,776 bytes free
.
- - End Of File - - CEAA831E234B69C0B0E4D6C873FFAA8C

In Topic: Needing someone to look at this..

19 June 2012 - 09:35 AM

09:25:58.0611 4092 IDSVia64 (41d2c4e4c5dfab0b9fbd7438d8822123) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20090828.002\IDSVia64.sys
09:25:58.0657 4092 IDSVia64 - ok
09:25:58.0737 4092 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:25:58.0774 4092 iirsp - ok
09:25:58.0838 4092 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
09:25:58.0946 4092 IKEEXT - ok
09:25:59.0107 4092 IntcAzAudAddService (430aab6c09af99d5beb311795349e9dd) C:\Windows\system32\drivers\RTKVHD64.sys
09:25:59.0189 4092 IntcAzAudAddService - ok
09:25:59.0585 4092 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
09:25:59.0621 4092 intelide - ok
09:25:59.0629 4092 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:25:59.0699 4092 intelppm - ok
09:25:59.0726 4092 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:25:59.0820 4092 IPBusEnum - ok
09:25:59.0830 4092 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:59.0908 4092 IpFilterDriver - ok
09:25:59.0959 4092 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
09:26:00.0048 4092 iphlpsvc - ok
09:26:00.0068 4092 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:26:00.0121 4092 IPMIDRV - ok
09:26:00.0135 4092 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:26:00.0239 4092 IPNAT - ok
09:26:00.0270 4092 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:26:00.0314 4092 IRENUM - ok
09:26:00.0322 4092 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
09:26:00.0365 4092 isapnp - ok
09:26:00.0385 4092 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
09:26:00.0428 4092 iScsiPrt - ok
09:26:00.0452 4092 JMCR (41e6c1f0f85f6f75e53a56dd6bf809ab) C:\Windows\system32\DRIVERS\jmcr.sys
09:26:00.0513 4092 JMCR - ok
09:26:00.0529 4092 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:26:00.0566 4092 kbdclass - ok
09:26:00.0575 4092 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
09:26:00.0630 4092 kbdhid - ok
09:26:00.0672 4092 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:00.0709 4092 KeyIso - ok
09:26:00.0727 4092 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
09:26:00.0766 4092 KSecDD - ok
09:26:00.0786 4092 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
09:26:00.0828 4092 KSecPkg - ok
09:26:00.0841 4092 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:26:00.0934 4092 ksthunk - ok
09:26:00.0975 4092 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:26:01.0077 4092 KtmRm - ok
09:26:01.0118 4092 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
09:26:01.0175 4092 LanmanServer - ok
09:26:01.0208 4092 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
09:26:01.0309 4092 LanmanWorkstation - ok
09:26:01.0541 4092 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:26:01.0615 4092 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
09:26:01.0616 4092 LightScribeService - detected UnsignedFile.Multi.Generic (1)
09:26:01.0637 4092 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:26:01.0727 4092 lltdio - ok
09:26:01.0777 4092 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:26:01.0859 4092 lltdsvc - ok
09:26:01.0874 4092 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:26:01.0951 4092 lmhosts - ok
09:26:01.0976 4092 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:26:02.0016 4092 LSI_FC - ok
09:26:02.0025 4092 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:26:02.0066 4092 LSI_SAS - ok
09:26:02.0073 4092 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:26:02.0111 4092 LSI_SAS2 - ok
09:26:02.0120 4092 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:26:02.0161 4092 LSI_SCSI - ok
09:26:02.0182 4092 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:26:02.0290 4092 luafv - ok
09:26:02.0322 4092 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
09:26:02.0380 4092 Mcx2Svc - ok
09:26:02.0391 4092 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:26:02.0427 4092 megasas - ok
09:26:02.0456 4092 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:26:02.0502 4092 MegaSR - ok
09:26:02.0563 4092 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:26:02.0667 4092 MMCSS - ok
09:26:02.0686 4092 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:26:02.0780 4092 Modem - ok
09:26:02.0797 4092 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:26:02.0858 4092 monitor - ok
09:26:02.0968 4092 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:26:03.0004 4092 mouclass - ok
09:26:03.0117 4092 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:26:03.0166 4092 mouhid - ok
09:26:03.0192 4092 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
09:26:03.0230 4092 mountmgr - ok
09:26:03.0282 4092 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:26:03.0379 4092 MozillaMaintenance - ok
09:26:03.0400 4092 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
09:26:03.0444 4092 mpio - ok
09:26:03.0464 4092 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:26:03.0540 4092 mpsdrv - ok
09:26:03.0610 4092 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
09:26:03.0773 4092 MpsSvc - ok
09:26:03.0788 4092 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
09:26:03.0874 4092 MRxDAV - ok
09:26:03.0911 4092 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:26:03.0985 4092 mrxsmb - ok
09:26:04.0018 4092 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:26:04.0060 4092 mrxsmb10 - ok
09:26:04.0076 4092 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:26:04.0114 4092 mrxsmb20 - ok
09:26:04.0120 4092 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
09:26:04.0165 4092 msahci - ok
09:26:04.0179 4092 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
09:26:04.0218 4092 msdsm - ok
09:26:04.0242 4092 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:26:04.0301 4092 MSDTC - ok
09:26:04.0337 4092 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:26:04.0411 4092 Msfs - ok
09:26:04.0423 4092 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:26:04.0497 4092 mshidkmdf - ok
09:26:04.0509 4092 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
09:26:04.0547 4092 msisadrv - ok
09:26:04.0574 4092 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:26:04.0652 4092 MSiSCSI - ok
09:26:04.0657 4092 msiserver - ok
09:26:04.0676 4092 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:26:04.0771 4092 MSKSSRV - ok
09:26:04.0776 4092 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:26:04.0856 4092 MSPCLOCK - ok
09:26:04.0861 4092 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:26:04.0941 4092 MSPQM - ok
09:26:04.0980 4092 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
09:26:05.0027 4092 MsRPC - ok
09:26:05.0064 4092 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
09:26:05.0100 4092 mssmbios - ok
09:26:05.0152 4092 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:26:05.0226 4092 MSTEE - ok
09:26:05.0232 4092 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:26:05.0271 4092 MTConfig - ok
09:26:05.0290 4092 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:26:05.0337 4092 Mup - ok
09:26:05.0392 4092 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
09:26:05.0480 4092 napagent - ok
09:26:05.0515 4092 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:26:05.0584 4092 NativeWifiP - ok
09:26:05.0677 4092 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120618.017\ENG64.SYS
09:26:05.0714 4092 NAVENG - ok
09:26:05.0852 4092 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120618.017\EX64.SYS
09:26:05.0936 4092 NAVEX15 - ok
09:26:06.0086 4092 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
09:26:06.0178 4092 NDIS - ok
09:26:06.0194 4092 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:26:06.0282 4092 NdisCap - ok
09:26:06.0305 4092 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:26:06.0407 4092 NdisTapi - ok
09:26:06.0432 4092 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
09:26:06.0521 4092 Ndisuio - ok
09:26:06.0555 4092 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:26:06.0631 4092 NdisWan - ok
09:26:06.0645 4092 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
09:26:06.0738 4092 NDProxy - ok
09:26:06.0759 4092 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:26:06.0854 4092 NetBIOS - ok
09:26:06.0886 4092 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
09:26:06.0985 4092 NetBT - ok
09:26:07.0015 4092 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:07.0058 4092 Netlogon - ok
09:26:07.0103 4092 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:26:07.0204 4092 Netman - ok
09:26:07.0261 4092 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:26:07.0420 4092 netprofm - ok
09:26:07.0493 4092 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:26:07.0533 4092 NetTcpPortSharing - ok
09:26:07.0566 4092 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:26:07.0603 4092 nfrd960 - ok
09:26:07.0663 4092 NIS (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
09:26:07.0727 4092 NIS - ok
09:26:07.0772 4092 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
09:26:07.0873 4092 NlaSvc - ok
09:26:07.0900 4092 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:26:07.0992 4092 Npfs - ok
09:26:08.0023 4092 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:26:08.0114 4092 nsi - ok
09:26:08.0139 4092 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:26:08.0226 4092 nsiproxy - ok
09:26:08.0366 4092 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
09:26:08.0442 4092 Ntfs - ok
09:26:08.0542 4092 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:26:08.0616 4092 Null - ok
09:26:08.0643 4092 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
09:26:08.0683 4092 nvraid - ok
09:26:08.0709 4092 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
09:26:08.0749 4092 nvstor - ok
09:26:08.0772 4092 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
09:26:08.0812 4092 nv_agp - ok
09:26:08.0819 4092 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
09:26:08.0874 4092 ohci1394 - ok
09:26:08.0924 4092 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:26:09.0003 4092 p2pimsvc - ok
09:26:09.0040 4092 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:26:09.0085 4092 p2psvc - ok
09:26:09.0097 4092 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:26:09.0135 4092 Parport - ok
09:26:09.0159 4092 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
09:26:09.0197 4092 partmgr - ok
09:26:09.0220 4092 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:26:09.0285 4092 PcaSvc - ok
09:26:09.0415 4092 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 (51209fbdb13a46e05c1b0077a9310264) c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
09:26:09.0456 4092 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
09:26:09.0509 4092 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
09:26:09.0550 4092 pci - ok
09:26:09.0562 4092 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
09:26:09.0598 4092 pciide - ok
09:26:09.0614 4092 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:26:09.0657 4092 pcmcia - ok
09:26:09.0674 4092 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:26:09.0710 4092 pcw - ok
09:26:09.0765 4092 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:26:09.0870 4092 PEAUTH - ok
09:26:09.0924 4092 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:26:09.0990 4092 PerfHost - ok
09:26:10.0099 4092 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
09:26:10.0217 4092 pla - ok
09:26:10.0261 4092 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
09:26:10.0358 4092 PlugPlay - ok
09:26:10.0381 4092 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:26:10.0439 4092 PNRPAutoReg - ok
09:26:10.0481 4092 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:26:10.0524 4092 PNRPsvc - ok
09:26:10.0577 4092 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
09:26:10.0681 4092 PolicyAgent - ok
09:26:10.0729 4092 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:26:10.0815 4092 Power - ok
09:26:10.0867 4092 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
09:26:10.0995 4092 PptpMiniport - ok
09:26:11.0021 4092 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:26:11.0093 4092 Processor - ok
09:26:11.0130 4092 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
09:26:11.0224 4092 ProfSvc - ok
09:26:11.0244 4092 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:11.0284 4092 ProtectedStorage - ok
09:26:11.0307 4092 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
09:26:11.0391 4092 Psched - ok
09:26:11.0480 4092 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:26:11.0571 4092 ql2300 - ok
09:26:11.0777 4092 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:26:11.0818 4092 ql40xx - ok
09:26:11.0851 4092 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:26:11.0902 4092 QWAVE - ok
09:26:11.0912 4092 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:26:11.0969 4092 QWAVEdrv - ok
09:26:11.0976 4092 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:26:12.0061 4092 RasAcd - ok
09:26:12.0096 4092 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:26:12.0217 4092 RasAgileVpn - ok
09:26:12.0256 4092 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:26:12.0378 4092 RasAuto - ok
09:26:12.0416 4092 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:26:12.0507 4092 Rasl2tp - ok
09:26:12.0537 4092 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
09:26:12.0642 4092 RasMan - ok
09:26:12.0672 4092 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:26:12.0766 4092 RasPppoe - ok
09:26:12.0794 4092 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:26:12.0891 4092 RasSstp - ok
09:26:12.0935 4092 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
09:26:13.0045 4092 rdbss - ok
09:26:13.0065 4092 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:26:13.0118 4092 rdpbus - ok
09:26:13.0134 4092 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:26:13.0207 4092 RDPCDD - ok
09:26:13.0220 4092 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:26:13.0335 4092 RDPENCDD - ok
09:26:13.0363 4092 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:26:13.0474 4092 RDPREFMP - ok
09:26:13.0519 4092 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
09:26:13.0617 4092 RDPWD - ok
09:26:13.0657 4092 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
09:26:13.0701 4092 rdyboost - ok
09:26:13.0728 4092 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:26:13.0824 4092 RemoteAccess - ok
09:26:13.0858 4092 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:26:13.0940 4092 RemoteRegistry - ok
09:26:13.0957 4092 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:26:14.0051 4092 RpcEptMapper - ok
09:26:14.0074 4092 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:26:14.0127 4092 RpcLocator - ok
09:26:14.0179 4092 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
09:26:14.0267 4092 RpcSs - ok
09:26:14.0301 4092 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:26:14.0394 4092 rspndr - ok
09:26:14.0437 4092 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:26:14.0491 4092 RTL8167 - ok
09:26:14.0516 4092 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:14.0556 4092 SamSs - ok
09:26:14.0578 4092 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
09:26:14.0622 4092 sbp2port - ok
09:26:14.0651 4092 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:26:14.0756 4092 SCardSvr - ok
09:26:14.0778 4092 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
09:26:14.0878 4092 scfilter - ok
09:26:14.0976 4092 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
09:26:15.0130 4092 Schedule - ok
09:26:15.0162 4092 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
09:26:15.0246 4092 SCPolicySvc - ok
09:26:15.0278 4092 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
09:26:15.0366 4092 SDRSVC - ok
09:26:15.0497 4092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:26:15.0571 4092 secdrv - ok
09:26:15.0583 4092 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
09:26:15.0676 4092 seclogon - ok
09:26:15.0693 4092 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:26:15.0790 4092 SENS - ok
09:26:15.0808 4092 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:26:15.0893 4092 SensrSvc - ok
09:26:15.0920 4092 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:26:15.0974 4092 Serenum - ok
09:26:15.0990 4092 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:26:16.0034 4092 Serial - ok
09:26:16.0048 4092 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:26:16.0101 4092 sermouse - ok
09:26:16.0144 4092 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
09:26:16.0232 4092 SessionEnv - ok
09:26:16.0239 4092 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
09:26:16.0298 4092 sffdisk - ok
09:26:16.0304 4092 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
09:26:16.0345 4092 sffp_mmc - ok
09:26:16.0352 4092 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:26:16.0399 4092 sffp_sd - ok
09:26:16.0410 4092 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:26:16.0454 4092 sfloppy - ok
09:26:16.0501 4092 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:26:16.0598 4092 SharedAccess - ok
09:26:16.0651 4092 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
09:26:16.0728 4092 ShellHWDetection - ok
09:26:16.0736 4092 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:26:16.0774 4092 SiSRaid2 - ok
09:26:16.0784 4092 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:26:16.0824 4092 SiSRaid4 - ok
09:26:16.0834 4092 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:26:16.0922 4092 Smb - ok
09:26:16.0960 4092 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:26:16.0997 4092 SNMPTRAP - ok
09:26:17.0014 4092 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:26:17.0051 4092 spldr - ok
09:26:17.0102 4092 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
09:26:17.0191 4092 Spooler - ok
09:26:17.0415 4092 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
09:26:17.0623 4092 sppsvc - ok
09:26:17.0710 4092 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:26:17.0786 4092 sppuinotify - ok
09:26:17.0873 4092 SRTSP (56979a80f6f9df788a8bfcc1603da40d) C:\Windows\system32\drivers\NISx64\1100000.088\SRTSP64.SYS
09:26:17.0919 4092 SRTSP - ok
09:26:17.0934 4092 SRTSPX (3c3d82bb245ad1cb00ed48cb2f4ab385) C:\Windows\system32\drivers\NISx64\1100000.088\SRTSPX64.SYS
09:26:17.0968 4092 SRTSPX - ok
09:26:18.0019 4092 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
09:26:18.0099 4092 srv - ok
09:26:18.0136 4092 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
09:26:18.0204 4092 srv2 - ok
09:26:18.0239 4092 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
09:26:18.0293 4092 srvnet - ok
09:26:18.0338 4092 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:26:18.0420 4092 SSDPSRV - ok
09:26:18.0441 4092 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:26:18.0528 4092 SstpSvc - ok
09:26:18.0553 4092 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:26:18.0589 4092 stexstor - ok
09:26:18.0635 4092 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
09:26:18.0717 4092 stisvc - ok
09:26:18.0738 4092 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
09:26:18.0780 4092 swenum - ok
09:26:18.0816 4092 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:26:18.0917 4092 swprv - ok
09:26:18.0988 4092 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1100000.088\SYMDS64.SYS
09:26:19.0033 4092 SymDS - ok
09:26:19.0064 4092 SymEFA (8464297bf069a81613a276181b83b37c) C:\Windows\system32\drivers\NISx64\1100000.088\SYMEFA64.SYS
09:26:19.0103 4092 SymEFA - ok
09:26:19.0147 4092 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:26:19.0184 4092 SymEvent - ok
09:26:19.0211 4092 SymIRON (3744dae483213fac04422731825af44f) C:\Windows\system32\drivers\NISx64\1100000.088\Ironx64.SYS
09:26:19.0247 4092 SymIRON - ok
09:26:19.0287 4092 SYMTDIv (186814960618bc499399a6f455ec0e14) C:\Windows\system32\drivers\NISx64\1100000.088\SYMTDIV.SYS
09:26:19.0333 4092 SYMTDIv - ok
09:26:19.0467 4092 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
09:26:19.0596 4092 SysMain - ok
09:26:19.0688 4092 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
09:26:19.0734 4092 TabletInputService - ok
09:26:19.0763 4092 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
09:26:19.0861 4092 TapiSrv - ok
09:26:19.0890 4092 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:26:19.0967 4092 TBS - ok
09:26:20.0110 4092 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
09:26:20.0193 4092 Tcpip - ok
09:26:20.0367 4092 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
09:26:20.0449 4092 TCPIP6 - ok
09:26:20.0537 4092 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
09:26:20.0626 4092 tcpipreg - ok
09:26:20.0643 4092 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:26:20.0716 4092 TDPIPE - ok
09:26:20.0745 4092 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
09:26:20.0811 4092 TDTCP - ok
09:26:20.0833 4092 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
09:26:20.0925 4092 tdx - ok
09:26:20.0939 4092 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
09:26:20.0976 4092 TermDD - ok
09:26:21.0041 4092 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
09:26:21.0147 4092 TermService - ok
09:26:21.0175 4092 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:26:21.0239 4092 Themes - ok
09:26:21.0280 4092 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:26:21.0359 4092 THREADORDER - ok
09:26:21.0381 4092 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:26:21.0481 4092 TrkWks - ok
09:26:21.0540 4092 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
09:26:21.0580 4092 TrustedInstaller - ok
09:26:21.0595 4092 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:26:21.0696 4092 tssecsrv - ok
09:26:21.0784 4092 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
09:26:21.0861 4092 tunnel - ok
09:26:21.0877 4092 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:26:21.0915 4092 uagp35 - ok
09:26:21.0941 4092 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
09:26:22.0036 4092 udfs - ok
09:26:22.0072 4092 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:26:22.0111 4092 UI0Detect - ok
09:26:22.0121 4092 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
09:26:22.0160 4092 uliagpkx - ok
09:26:22.0181 4092 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
09:26:22.0217 4092 umbus - ok
09:26:22.0223 4092 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:26:22.0276 4092 UmPass - ok
09:26:22.0316 4092 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:26:22.0413 4092 upnphost - ok
09:26:22.0457 4092 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
09:26:22.0532 4092 usbccgp - ok
09:26:22.0543 4092 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
09:26:22.0618 4092 usbcir - ok
09:26:22.0647 4092 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
09:26:22.0682 4092 usbehci - ok
09:26:22.0711 4092 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
09:26:22.0746 4092 usbfilter - ok
09:26:22.0780 4092 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
09:26:22.0835 4092 usbhub - ok
09:26:22.0860 4092 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
09:26:22.0912 4092 usbohci - ok
09:26:22.0945 4092 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:26:22.0998 4092 usbprint - ok
09:26:23.0027 4092 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
09:26:23.0097 4092 USBSTOR - ok
09:26:23.0111 4092 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
09:26:23.0146 4092 usbuhci - ok
09:26:23.0185 4092 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
09:26:23.0239 4092 usbvideo - ok
09:26:23.0259 4092 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:26:23.0357 4092 UxSms - ok
09:26:23.0390 4092 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:26:23.0429 4092 VaultSvc - ok
09:26:23.0453 4092 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
09:26:23.0490 4092 vdrvroot - ok
09:26:23.0522 4092 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
09:26:23.0587 4092 vds - ok
09:26:23.0616 4092 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:26:23.0658 4092 vga - ok
09:26:23.0710 4092 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:26:23.0873 4092 VgaSave - ok
09:26:23.0892 4092 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
09:26:23.0936 4092 vhdmp - ok
09:26:23.0943 4092 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
09:26:23.0981 4092 viaide - ok
09:26:24.0002 4092 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
09:26:24.0041 4092 volmgr - ok
09:26:24.0071 4092 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
09:26:24.0118 4092 volmgrx - ok
09:26:24.0145 4092 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
09:26:24.0190 4092 volsnap - ok
09:26:24.0215 4092 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:26:24.0257 4092 vsmraid - ok
09:26:24.0382 4092 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
09:26:24.0468 4092 VSS - ok
09:26:24.0580 4092 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:26:24.0637 4092 vwifibus - ok
09:26:24.0661 4092 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:26:24.0710 4092 vwififlt - ok
09:26:24.0750 4092 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:26:24.0887 4092 W32Time - ok
09:26:24.0908 4092 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:26:24.0957 4092 WacomPen - ok
09:26:24.0987 4092 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
09:26:25.0078 4092 WANARP - ok
09:26:25.0084 4092 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
09:26:25.0164 4092 Wanarpv6 - ok
09:26:25.0276 4092 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:26:25.0347 4092 WatAdminSvc - ok
09:26:25.0461 4092 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
09:26:25.0564 4092 wbengine - ok
09:26:25.0654 4092 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:26:25.0706 4092 WbioSrvc - ok
09:26:25.0745 4092 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
09:26:25.0822 4092 wcncsvc - ok
09:26:25.0833 4092 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:26:25.0888 4092 WcsPlugInService - ok
09:26:25.0925 4092 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:26:25.0972 4092 Wd - ok
09:26:26.0021 4092 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:26:26.0085 4092 Wdf01000 - ok
09:26:26.0118 4092 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:26:26.0217 4092 WdiServiceHost - ok
09:26:26.0235 4092 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:26:26.0291 4092 WdiSystemHost - ok
09:26:26.0340 4092 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
09:26:26.0440 4092 WebClient - ok
09:26:26.0463 4092 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:26:26.0565 4092 Wecsvc - ok
09:26:26.0594 4092 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:26:26.0675 4092 wercplsupport - ok
09:26:26.0695 4092 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:26:26.0791 4092 WerSvc - ok
09:26:26.0841 4092 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:26:26.0942 4092 WfpLwf - ok
09:26:26.0966 4092 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:26:27.0012 4092 WIMMount - ok
09:26:27.0050 4092 WinDefend - ok
09:26:27.0071 4092 WinHttpAutoProxySvc - ok
09:26:27.0131 4092 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:26:27.0217 4092 Winmgmt - ok
09:26:27.0408 4092 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
09:26:27.0524 4092 WinRM - ok
09:26:27.0653 4092 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:26:27.0760 4092 Wlansvc - ok
09:26:27.0798 4092 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:26:27.0845 4092 WmiAcpi - ok
09:26:27.0914 4092 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:26:27.0999 4092 wmiApSrv - ok
09:26:28.0034 4092 WMPNetworkSvc - ok
09:26:28.0065 4092 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:26:28.0117 4092 WPCSvc - ok
09:26:28.0133 4092 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
09:26:28.0195 4092 WPDBusEnum - ok
09:26:28.0224 4092 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:26:28.0301 4092 ws2ifsl - ok
09:26:28.0329 4092 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
09:26:28.0383 4092 wscsvc - ok
09:26:28.0389 4092 WSearch - ok
09:26:28.0572 4092 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
09:26:28.0673 4092 wuauserv - ok
09:26:28.0871 4092 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
09:26:28.0961 4092 WudfPf - ok
09:26:28.0985 4092 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
09:26:29.0081 4092 wudfsvc - ok
09:26:29.0117 4092 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:26:29.0179 4092 WwanSvc - ok
09:26:29.0218 4092 MBR (0x1B8) (59822081721d0d15221fb33e0acb545d) \Device\Harddisk0\DR0
09:26:29.0541 4092 \Device\Harddisk0\DR0 - ok
09:26:29.0546 4092 Boot (0x1200) (0b48cd1e7270759058c21d85f5337fbf) \Device\Harddisk0\DR0\Partition0
09:26:29.0548 4092 \Device\Harddisk0\DR0\Partition0 - ok
09:26:29.0577 4092 Boot (0x1200) (bbc58d97c987564e4744dbcdf3f2ad8d) \Device\Harddisk0\DR0\Partition1
09:26:29.0579 4092 \Device\Harddisk0\DR0\Partition1 - ok
09:26:29.0609 4092 Boot (0x1200) (c4d84563404fa572c68b0c1143a05e85) \Device\Harddisk0\DR0\Partition2
09:26:29.0612 4092 \Device\Harddisk0\DR0\Partition2 - ok
09:26:29.0612 4092 ============================================================
09:26:29.0612 4092 Scan finished
09:26:29.0612 4092 ============================================================
09:26:29.0633 4160 Detected object count: 2
09:26:29.0633 4160 Actual detected object count: 2
09:26:58.0024 4160 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:26:58.0024 4160 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:26:58.0031 4160 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
09:26:58.0031 4160 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:27:02.0504 3492 Deinitialize success

In Topic: Needing someone to look at this..

19 June 2012 - 09:33 AM

6.0638 3372 msiserver - ok
09:25:16.0659 3372 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:25:16.0672 3372 MSKSSRV - ok
09:25:16.0678 3372 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:25:16.0692 3372 MSPCLOCK - ok
09:25:16.0698 3372 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:25:16.0712 3372 MSPQM - ok
09:25:16.0744 3372 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
09:25:16.0766 3372 MsRPC - ok
09:25:16.0780 3372 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
09:25:16.0781 3372 mssmbios - ok
09:25:16.0789 3372 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:25:16.0803 3372 MSTEE - ok
09:25:16.0810 3372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:25:16.0824 3372 MTConfig - ok
09:25:16.0853 3372 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:25:16.0878 3372 Mup - ok
09:25:16.0923 3372 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
09:25:16.0931 3372 napagent - ok
09:25:16.0971 3372 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:25:16.0992 3372 NativeWifiP - ok
09:25:17.0075 3372 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120618.017\ENG64.SYS
09:25:17.0106 3372 NAVENG - ok
09:25:17.0246 3372 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120618.017\EX64.SYS
09:25:17.0288 3372 NAVEX15 - ok
09:25:17.0481 3372 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
09:25:17.0495 3372 NDIS - ok
09:25:17.0544 3372 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:25:17.0568 3372 NdisCap - ok
09:25:17.0596 3372 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:25:17.0621 3372 NdisTapi - ok
09:25:17.0640 3372 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
09:25:17.0655 3372 Ndisuio - ok
09:25:17.0679 3372 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:25:17.0697 3372 NdisWan - ok
09:25:17.0720 3372 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
09:25:17.0736 3372 NDProxy - ok
09:25:17.0751 3372 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:25:17.0766 3372 NetBIOS - ok
09:25:17.0794 3372 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
09:25:17.0813 3372 NetBT - ok
09:25:17.0832 3372 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:25:17.0834 3372 Netlogon - ok
09:25:17.0901 3372 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:25:17.0910 3372 Netman - ok
09:25:17.0950 3372 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:25:17.0959 3372 netprofm - ok
09:25:18.0025 3372 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:25:18.0061 3372 NetTcpPortSharing - ok
09:25:18.0098 3372 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:25:18.0120 3372 nfrd960 - ok
09:25:18.0187 3372 NIS (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
09:25:18.0192 3372 NIS - ok
09:25:18.0232 3372 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
09:25:18.0240 3372 NlaSvc - ok
09:25:18.0258 3372 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:25:18.0277 3372 Npfs - ok
09:25:18.0306 3372 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:25:18.0342 3372 nsi - ok
09:25:18.0373 3372 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:25:18.0389 3372 nsiproxy - ok
09:25:18.0514 3372 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
09:25:18.0562 3372 Ntfs - ok
09:25:18.0651 3372 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:25:18.0664 3372 Null - ok
09:25:18.0710 3372 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
09:25:18.0729 3372 nvraid - ok
09:25:18.0768 3372 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
09:25:18.0788 3372 nvstor - ok
09:25:18.0924 3372 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
09:25:19.0059 3372 nv_agp - ok
09:25:19.0069 3372 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
09:25:19.0084 3372 ohci1394 - ok
09:25:19.0120 3372 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:25:19.0125 3372 p2pimsvc - ok
09:25:19.0168 3372 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:25:19.0177 3372 p2psvc - ok
09:25:19.0189 3372 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:25:19.0205 3372 Parport - ok
09:25:19.0245 3372 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
09:25:19.0279 3372 partmgr - ok
09:25:19.0313 3372 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:25:19.0346 3372 PcaSvc - ok
09:25:19.0499 3372 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 (51209fbdb13a46e05c1b0077a9310264) c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
09:25:19.0767 3372 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
09:25:19.0833 3372 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
09:25:19.0835 3372 pci - ok
09:25:19.0871 3372 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
09:25:19.0897 3372 pciide - ok
09:25:19.0918 3372 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:25:19.0940 3372 pcmcia - ok
09:25:19.0957 3372 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:25:19.0973 3372 pcw - ok
09:25:20.0024 3372 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:25:20.0049 3372 PEAUTH - ok
09:25:20.0126 3372 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:25:20.0171 3372 PerfHost - ok
09:25:20.0292 3372 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
09:25:20.0344 3372 pla - ok
09:25:20.0404 3372 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
09:25:20.0448 3372 PlugPlay - ok
09:25:20.0501 3372 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:25:20.0530 3372 PNRPAutoReg - ok
09:25:20.0564 3372 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:25:20.0570 3372 PNRPsvc - ok
09:25:20.0612 3372 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
09:25:20.0621 3372 PolicyAgent - ok
09:25:20.0654 3372 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:25:20.0660 3372 Power - ok
09:25:20.0710 3372 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
09:25:20.0728 3372 PptpMiniport - ok
09:25:20.0747 3372 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:25:20.0763 3372 Processor - ok
09:25:20.0794 3372 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
09:25:20.0799 3372 ProfSvc - ok
09:25:20.0821 3372 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:25:20.0823 3372 ProtectedStorage - ok
09:25:20.0843 3372 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
09:25:20.0845 3372 Psched - ok
09:25:20.0962 3372 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:25:21.0017 3372 ql2300 - ok
09:25:21.0122 3372 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:25:21.0142 3372 ql40xx - ok
09:25:21.0178 3372 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:25:21.0202 3372 QWAVE - ok
09:25:21.0223 3372 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:25:21.0242 3372 QWAVEdrv - ok
09:25:21.0260 3372 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:25:21.0293 3372 RasAcd - ok
09:25:21.0345 3372 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:25:21.0376 3372 RasAgileVpn - ok
09:25:21.0402 3372 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:25:21.0420 3372 RasAuto - ok
09:25:21.0440 3372 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:25:21.0458 3372 Rasl2tp - ok
09:25:21.0481 3372 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
09:25:21.0505 3372 RasMan - ok
09:25:21.0522 3372 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:25:21.0539 3372 RasPppoe - ok
09:25:21.0565 3372 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:25:21.0582 3372 RasSstp - ok
09:25:21.0612 3372 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
09:25:21.0647 3372 rdbss - ok
09:25:21.0659 3372 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:25:21.0674 3372 rdpbus - ok
09:25:21.0711 3372 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:25:21.0725 3372 RDPCDD - ok
09:25:21.0739 3372 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:25:21.0759 3372 RDPENCDD - ok
09:25:21.0780 3372 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:25:21.0795 3372 RDPREFMP - ok
09:25:21.0830 3372 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
09:25:21.0859 3372 RDPWD - ok
09:25:21.0880 3372 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
09:25:21.0899 3372 rdyboost - ok
09:25:21.0938 3372 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:25:21.0955 3372 RemoteAccess - ok
09:25:21.0993 3372 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:25:22.0020 3372 RemoteRegistry - ok
09:25:22.0050 3372 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:25:22.0086 3372 RpcEptMapper - ok
09:25:22.0111 3372 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:25:22.0130 3372 RpcLocator - ok
09:25:22.0180 3372 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
09:25:22.0192 3372 RpcSs - ok
09:25:22.0229 3372 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:25:22.0250 3372 rspndr - ok
09:25:22.0315 3372 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:25:22.0346 3372 RTL8167 - ok
09:25:22.0369 3372 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:25:22.0372 3372 SamSs - ok
09:25:22.0398 3372 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
09:25:22.0417 3372 sbp2port - ok
09:25:22.0446 3372 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:25:22.0465 3372 SCardSvr - ok
09:25:22.0483 3372 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
09:25:22.0498 3372 scfilter - ok
09:25:22.0595 3372 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
09:25:22.0744 3372 Schedule - ok
09:25:22.0773 3372 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
09:25:22.0775 3372 SCPolicySvc - ok
09:25:22.0802 3372 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
09:25:22.0821 3372 SDRSVC - ok
09:25:22.0864 3372 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:25:22.0879 3372 secdrv - ok
09:25:22.0896 3372 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
09:25:22.0914 3372 seclogon - ok
09:25:22.0930 3372 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:25:22.0934 3372 SENS - ok
09:25:22.0963 3372 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:25:22.0980 3372 SensrSvc - ok
09:25:23.0007 3372 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:25:23.0022 3372 Serenum - ok
09:25:23.0031 3372 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:25:23.0049 3372 Serial - ok
09:25:23.0069 3372 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:25:23.0083 3372 sermouse - ok
09:25:23.0115 3372 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
09:25:23.0141 3372 SessionEnv - ok
09:25:23.0148 3372 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
09:25:23.0163 3372 sffdisk - ok
09:25:23.0169 3372 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
09:25:23.0183 3372 sffp_mmc - ok
09:25:23.0190 3372 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:25:23.0205 3372 sffp_sd - ok
09:25:23.0214 3372 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:25:23.0229 3372 sfloppy - ok
09:25:23.0280 3372 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:25:23.0306 3372 SharedAccess - ok
09:25:23.0355 3372 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
09:25:23.0381 3372 ShellHWDetection - ok
09:25:23.0388 3372 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:25:23.0405 3372 SiSRaid2 - ok
09:25:23.0417 3372 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:25:23.0436 3372 SiSRaid4 - ok
09:25:23.0459 3372 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:25:23.0475 3372 Smb - ok
09:25:23.0506 3372 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:25:23.0522 3372 SNMPTRAP - ok
09:25:23.0535 3372 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:25:23.0550 3372 spldr - ok
09:25:23.0603 3372 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
09:25:23.0615 3372 Spooler - ok
09:25:23.0849 3372 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
09:25:23.0923 3372 sppsvc - ok
09:25:24.0014 3372 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:25:24.0048 3372 sppuinotify - ok
09:25:24.0141 3372 SRTSP (56979a80f6f9df788a8bfcc1603da40d) C:\Windows\system32\drivers\NISx64\1100000.088\SRTSP64.SYS
09:25:24.0178 3372 SRTSP - ok
09:25:24.0205 3372 SRTSPX (3c3d82bb245ad1cb00ed48cb2f4ab385) C:\Windows\system32\drivers\NISx64\1100000.088\SRTSPX64.SYS
09:25:24.0222 3372 SRTSPX - ok
09:25:24.0273 3372 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
09:25:24.0296 3372 srv - ok
09:25:24.0326 3372 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
09:25:24.0354 3372 srv2 - ok
09:25:24.0377 3372 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
09:25:24.0405 3372 srvnet - ok
09:25:24.0466 3372 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:25:24.0472 3372 SSDPSRV - ok
09:25:24.0488 3372 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:25:24.0513 3372 SstpSvc - ok
09:25:24.0542 3372 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:25:24.0559 3372 stexstor - ok
09:25:24.0614 3372 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
09:25:24.0625 3372 stisvc - ok
09:25:24.0634 3372 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
09:25:24.0659 3372 swenum - ok
09:25:24.0704 3372 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:25:24.0714 3372 swprv - ok
09:25:24.0793 3372 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1100000.088\SYMDS64.SYS
09:25:24.0818 3372 SymDS - ok
09:25:24.0853 3372 SymEFA (8464297bf069a81613a276181b83b37c) C:\Windows\system32\drivers\NISx64\1100000.088\SYMEFA64.SYS
09:25:24.0873 3372 SymEFA - ok
09:25:24.0917 3372 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:25:24.0946 3372 SymEvent - ok
09:25:24.0981 3372 SymIRON (3744dae483213fac04422731825af44f) C:\Windows\system32\drivers\NISx64\1100000.088\Ironx64.SYS
09:25:24.0999 3372 SymIRON - ok
09:25:25.0036 3372 SYMTDIv (186814960618bc499399a6f455ec0e14) C:\Windows\system32\drivers\NISx64\1100000.088\SYMTDIV.SYS
09:25:25.0059 3372 SYMTDIv - ok
09:25:25.0187 3372 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
09:25:25.0206 3372 SysMain - ok
09:25:25.0293 3372 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
09:25:25.0310 3372 TabletInputService - ok
09:25:25.0343 3372 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
09:25:25.0367 3372 TapiSrv - ok
09:25:25.0386 3372 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:25:25.0390 3372 TBS - ok
09:25:25.0591 3372 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
09:25:25.0652 3372 Tcpip - ok
09:25:25.0850 3372 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
09:25:25.0868 3372 TCPIP6 - ok
09:25:25.0936 3372 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
09:25:25.0951 3372 tcpipreg - ok
09:25:25.0974 3372 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:25:25.0989 3372 TDPIPE - ok
09:25:26.0009 3372 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
09:25:26.0024 3372 TDTCP - ok
09:25:26.0055 3372 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
09:25:26.0071 3372 tdx - ok
09:25:26.0087 3372 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
09:25:26.0103 3372 TermDD - ok
09:25:26.0168 3372 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
09:25:26.0200 3372 TermService - ok
09:25:26.0215 3372 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:25:26.0233 3372 Themes - ok
09:25:26.0261 3372 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:25:26.0264 3372 THREADORDER - ok
09:25:26.0287 3372 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:25:26.0324 3372 TrkWks - ok
09:25:26.0388 3372 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
09:25:26.0391 3372 TrustedInstaller - ok
09:25:26.0409 3372 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:25:26.0431 3372 tssecsrv - ok
09:25:26.0474 3372 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
09:25:26.0491 3372 tunnel - ok
09:25:26.0508 3372 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:25:26.0526 3372 uagp35 - ok
09:25:26.0548 3372 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
09:25:26.0568 3372 udfs - ok
09:25:26.0603 3372 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:25:26.0621 3372 UI0Detect - ok
09:25:26.0631 3372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
09:25:26.0648 3372 uliagpkx - ok
09:25:26.0689 3372 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
09:25:26.0703 3372 umbus - ok
09:25:26.0709 3372 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:25:26.0724 3372 UmPass - ok
09:25:26.0759 3372 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:25:26.0768 3372 upnphost - ok
09:25:26.0797 3372 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
09:25:26.0825 3372 usbccgp - ok
09:25:26.0844 3372 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
09:25:26.0861 3372 usbcir - ok
09:25:26.0878 3372 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
09:25:26.0893 3372 usbehci - ok
09:25:26.0927 3372 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
09:25:26.0943 3372 usbfilter - ok
09:25:26.0986 3372 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
09:25:27.0006 3372 usbhub - ok
09:25:27.0020 3372 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
09:25:27.0035 3372 usbohci - ok
09:25:27.0053 3372 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:25:27.0068 3372 usbprint - ok
09:25:27.0085 3372 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
09:25:27.0102 3372 USBSTOR - ok
09:25:27.0119 3372 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
09:25:27.0134 3372 usbuhci - ok
09:25:27.0184 3372 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
09:25:27.0202 3372 usbvideo - ok
09:25:27.0232 3372 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:25:27.0254 3372 UxSms - ok
09:25:27.0291 3372 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:25:27.0294 3372 VaultSvc - ok
09:25:27.0343 3372 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
09:25:27.0363 3372 vdrvroot - ok
09:25:27.0433 3372 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
09:25:27.0443 3372 vds - ok
09:25:27.0473 3372 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:25:27.0490 3372 vga - ok
09:25:27.0521 3372 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:25:27.0541 3372 VgaSave - ok
09:25:27.0577 3372 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
09:25:27.0600 3372 vhdmp - ok
09:25:27.0626 3372 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
09:25:27.0641 3372 viaide - ok
09:25:27.0659 3372 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
09:25:27.0676 3372 volmgr - ok
09:25:27.0714 3372 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
09:25:27.0736 3372 volmgrx - ok
09:25:27.0755 3372 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
09:25:27.0775 3372 volsnap - ok
09:25:27.0797 3372 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:25:27.0818 3372 vsmraid - ok
09:25:27.0910 3372 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
09:25:27.0945 3372 VSS - ok
09:25:28.0029 3372 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:25:28.0043 3372 vwifibus - ok
09:25:28.0069 3372 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:25:28.0085 3372 vwififlt - ok
09:25:28.0135 3372 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:25:28.0209 3372 W32Time - ok
09:25:28.0232 3372 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:25:28.0256 3372 WacomPen - ok
09:25:28.0287 3372 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
09:25:28.0304 3372 WANARP - ok
09:25:28.0310 3372 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
09:25:28.0313 3372 Wanarpv6 - ok
09:25:28.0427 3372 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:25:28.0506 3372 WatAdminSvc - ok
09:25:28.0617 3372 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
09:25:28.0638 3372 wbengine - ok
09:25:28.0732 3372 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:25:28.0757 3372 WbioSrvc - ok
09:25:28.0795 3372 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
09:25:28.0819 3372 wcncsvc - ok
09:25:28.0834 3372 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:25:28.0852 3372 WcsPlugInService - ok
09:25:28.0884 3372 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:25:28.0901 3372 Wd - ok
09:25:28.0952 3372 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:25:28.0978 3372 Wdf01000 - ok
09:25:29.0144 3372 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:25:29.0149 3372 WdiServiceHost - ok
09:25:29.0158 3372 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:25:29.0163 3372 WdiSystemHost - ok
09:25:29.0360 3372 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
09:25:29.0422 3372 WebClient - ok
09:25:29.0453 3372 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:25:29.0486 3372 Wecsvc - ok
09:25:29.0512 3372 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:25:29.0516 3372 wercplsupport - ok
09:25:29.0544 3372 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:25:29.0548 3372 WerSvc - ok
09:25:29.0600 3372 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:25:29.0627 3372 WfpLwf - ok
09:25:29.0641 3372 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:25:29.0658 3372 WIMMount - ok
09:25:29.0676 3372 WinDefend - ok
09:25:29.0690 3372 WinHttpAutoProxySvc - ok
09:25:29.0756 3372 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:25:29.0789 3372 Winmgmt - ok
09:25:29.0946 3372 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
09:25:30.0037 3372 WinRM - ok
09:25:30.0193 3372 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:25:30.0234 3372 Wlansvc - ok
09:25:30.0265 3372 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:25:30.0283 3372 WmiAcpi - ok
09:25:30.0359 3372 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:25:30.0400 3372 wmiApSrv - ok
09:25:30.0426 3372 WMPNetworkSvc - ok
09:25:30.0466 3372 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:25:30.0482 3372 WPCSvc - ok
09:25:30.0501 3372 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
09:25:30.0522 3372 WPDBusEnum - ok
09:25:30.0549 3372 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:25:30.0564 3372 ws2ifsl - ok
09:25:30.0596 3372 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
09:25:30.0601 3372 wscsvc - ok
09:25:30.0608 3372 WSearch - ok
09:25:30.0791 3372 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
09:25:30.0850 3372 wuauserv - ok
09:25:30.0946 3372 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
09:25:30.0966 3372 WudfPf - ok
09:25:30.0993 3372 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
09:25:31.0011 3372 wudfsvc - ok
09:25:31.0040 3372 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:25:31.0063 3372 WwanSvc - ok
09:25:31.0094 3372 MBR (0x1B8) (59822081721d0d15221fb33e0acb545d) \Device\Harddisk0\DR0
09:25:31.0316 3372 \Device\Harddisk0\DR0 - ok
09:25:31.0323 3372 Boot (0x1200) (0b48cd1e7270759058c21d85f5337fbf) \Device\Harddisk0\DR0\Partition0
09:25:31.0325 3372 \Device\Harddisk0\DR0\Partition0 - ok
09:25:31.0345 3372 Boot (0x1200) (bbc58d97c987564e4744dbcdf3f2ad8d) \Device\Harddisk0\DR0\Partition1
09:25:31.0347 3372 \Device\Harddisk0\DR0\Partition1 - ok
09:25:31.0377 3372 Boot (0x1200) (c4d84563404fa572c68b0c1143a05e85) \Device\Harddisk0\DR0\Partition2
09:25:31.0379 3372 \Device\Harddisk0\DR0\Partition2 - ok
09:25:31.0380 3372 ============================================================
09:25:31.0380 3372 Scan finished
09:25:31.0380 3372 ============================================================
09:25:31.0405 5056 Detected object count: 0
09:25:31.0405 5056 Actual detected object count: 0
09:25:43.0859 4092 ============================================================
09:25:43.0859 4092 Scan started
09:25:43.0859 4092 Mode: Manual; SigCheck; TDLFS;
09:25:43.0859 4092 ============================================================
09:25:44.0135 4092 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
09:25:44.0309 4092 1394ohci - ok
09:25:44.0342 4092 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
09:25:44.0392 4092 ACPI - ok
09:25:44.0399 4092 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
09:25:44.0503 4092 AcpiPmi - ok
09:25:44.0558 4092 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:25:44.0610 4092 AdobeARMservice - ok
09:25:44.0711 4092 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:25:44.0821 4092 AdobeFlashPlayerUpdateSvc - ok
09:25:44.0866 4092 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:25:44.0917 4092 adp94xx - ok
09:25:44.0952 4092 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:25:44.0999 4092 adpahci - ok
09:25:45.0016 4092 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:25:45.0059 4092 adpu320 - ok
09:25:45.0092 4092 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:25:45.0252 4092 AeLookupSvc - ok
09:25:45.0299 4092 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
09:25:45.0443 4092 AERTFilters - ok
09:25:45.0494 4092 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
09:25:45.0557 4092 AFD - ok
09:25:45.0585 4092 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
09:25:45.0624 4092 agp440 - ok
09:25:45.0650 4092 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:25:45.0726 4092 ALG - ok
09:25:45.0732 4092 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
09:25:45.0770 4092 aliide - ok
09:25:45.0803 4092 AMD External Events Utility (f238be4fa4e55eb67f17281fadf69851) C:\Windows\system32\atiesrxx.exe
09:25:45.0892 4092 AMD External Events Utility - ok
09:25:45.0899 4092 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
09:25:45.0944 4092 amdide - ok
09:25:45.0963 4092 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:25:46.0023 4092 AmdK8 - ok
09:25:46.0041 4092 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:25:46.0119 4092 AmdPPM - ok
09:25:46.0143 4092 amdsata (f747497a0ee5498f79b207f215b3d2d8) C:\Windows\system32\DRIVERS\amdsata.sys
09:25:46.0186 4092 amdsata - ok
09:25:46.0204 4092 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:25:46.0246 4092 amdsbs - ok
09:25:46.0258 4092 amdxata (2946d695e158615baaa16248e63c7adb) C:\Windows\system32\DRIVERS\amdxata.sys
09:25:46.0293 4092 amdxata - ok
09:25:46.0302 4092 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
09:25:46.0433 4092 AppID - ok
09:25:46.0454 4092 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:25:46.0530 4092 AppIDSvc - ok
09:25:46.0543 4092 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
09:25:46.0615 4092 Appinfo - ok
09:25:46.0632 4092 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:25:46.0672 4092 arc - ok
09:25:46.0685 4092 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:25:46.0724 4092 arcsas - ok
09:25:46.0741 4092 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:46.0835 4092 AsyncMac - ok
09:25:46.0842 4092 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
09:25:46.0878 4092 atapi - ok
09:25:46.0999 4092 athr (e0fabc10635c670bd7d89fd214a405d7) C:\Windows\system32\DRIVERS\athrx.sys
09:25:47.0101 4092 athr - ok
09:25:47.0595 4092 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
09:25:47.0761 4092 atikmdag - ok
09:25:47.0844 4092 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
09:25:47.0878 4092 AtiPcie - ok
09:25:47.0945 4092 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
09:25:48.0112 4092 AudioEndpointBuilder - ok
09:25:48.0125 4092 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
09:25:48.0271 4092 AudioSrv - ok
09:25:48.0294 4092 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
09:25:48.0368 4092 AxInstSV - ok
09:25:48.0419 4092 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:25:48.0498 4092 b06bdrv - ok
09:25:48.0530 4092 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:25:48.0572 4092 b57nd60a - ok
09:25:48.0601 4092 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:25:48.0678 4092 BDESVC - ok
09:25:48.0686 4092 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:25:48.0776 4092 Beep - ok
09:25:48.0831 4092 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
09:25:48.0940 4092 BFE - ok
09:25:49.0056 4092 BHDrvx64 (cbee185bf1fa48d1d273b592c62a5a41) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx64.sys
09:25:49.0106 4092 BHDrvx64 - ok
09:25:49.0177 4092 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
09:25:49.0285 4092 BITS - ok
09:25:49.0335 4092 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:25:49.0385 4092 blbdrive - ok
09:25:49.0405 4092 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
09:25:49.0481 4092 bowser - ok
09:25:49.0501 4092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:25:49.0560 4092 BrFiltLo - ok
09:25:49.0566 4092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:25:49.0628 4092 BrFiltUp - ok
09:25:49.0666 4092 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
09:25:49.0756 4092 Browser - ok
09:25:49.0780 4092 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:25:49.0855 4092 Brserid - ok
09:25:49.0863 4092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:25:49.0926 4092 BrSerWdm - ok
09:25:49.0932 4092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:25:50.0014 4092 BrUsbMdm - ok
09:25:50.0021 4092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:25:50.0060 4092 BrUsbSer - ok
09:25:50.0071 4092 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:25:50.0113 4092 BTHMODEM - ok
09:25:50.0142 4092 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:25:50.0233 4092 bthserv - ok
09:25:50.0316 4092 ccHP (60050e92e160115b80175a5bdb1525b4) C:\Windows\system32\drivers\NISx64\1100000.088\ccHPx64.sys
09:25:50.0365 4092 ccHP - ok
09:25:50.0386 4092 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:25:50.0482 4092 cdfs - ok
09:25:50.0509 4092 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
09:25:50.0565 4092 cdrom - ok
09:25:50.0595 4092 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
09:25:50.0688 4092 CertPropSvc - ok
09:25:50.0717 4092 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:25:50.0774 4092 circlass - ok
09:25:50.0816 4092 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:25:50.0872 4092 CLFS - ok
09:25:50.0939 4092 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:51.0031 4092 clr_optimization_v2.0.50727_32 - ok
09:25:51.0073 4092 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:25:51.0109 4092 clr_optimization_v2.0.50727_64 - ok
09:25:51.0159 4092 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:51.0209 4092 clr_optimization_v4.0.30319_32 - ok
09:25:51.0254 4092 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:25:51.0293 4092 clr_optimization_v4.0.30319_64 - ok
09:25:51.0352 4092 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:51.0436 4092 CmBatt - ok
09:25:51.0451 4092 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
09:25:51.0486 4092 cmdide - ok
09:25:51.0538 4092 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
09:25:51.0603 4092 CNG - ok
09:25:51.0611 4092 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:25:51.0648 4092 Compbatt - ok
09:25:51.0663 4092 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:25:51.0722 4092 CompositeBus - ok
09:25:51.0728 4092 COMSysApp - ok
09:25:51.0740 4092 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:25:51.0778 4092 crcdisk - ok
09:25:51.0820 4092 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
09:25:51.0900 4092 CryptSvc - ok
09:25:51.0956 4092 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
09:25:52.0062 4092 DcomLaunch - ok
09:25:52.0110 4092 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:25:52.0212 4092 defragsvc - ok
09:25:52.0242 4092 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
09:25:52.0318 4092 DfsC - ok
09:25:52.0351 4092 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
09:25:52.0454 4092 Dhcp - ok
09:25:52.0478 4092 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:25:52.0571 4092 discache - ok
09:25:52.0596 4092 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:25:52.0635 4092 Disk - ok
09:25:52.0667 4092 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
09:25:52.0720 4092 Dnscache - ok
09:25:52.0760 4092 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
09:25:52.0852 4092 dot3svc - ok
09:25:52.0887 4092 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
09:25:52.0969 4092 DPS - ok
09:25:52.0992 4092 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:25:53.0047 4092 drmkaud - ok
09:25:53.0138 4092 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
09:25:53.0199 4092 DXGKrnl - ok
09:25:53.0218 4092 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:25:53.0316 4092 EapHost - ok
09:25:53.0550 4092 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:25:53.0664 4092 ebdrv - ok
09:25:53.0760 4092 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:25:53.0807 4092 eeCtrl - ok
09:25:53.0904 4092 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
09:25:53.0987 4092 EFS - ok
09:25:54.0068 4092 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
09:25:54.0183 4092 ehRecvr - ok
09:25:54.0218 4092 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:25:54.0272 4092 ehSched - ok
09:25:54.0337 4092 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:25:54.0393 4092 elxstor - ok
09:25:54.0454 4092 EraserUtilDrv11210 (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11210.sys
09:25:54.0495 4092 EraserUtilDrv11210 - ok
09:25:54.0501 4092 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
09:25:54.0548 4092 ErrDev - ok
09:25:54.0603 4092 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:25:54.0704 4092 EventSystem - ok
09:25:54.0735 4092 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:25:54.0814 4092 exfat - ok
09:25:54.0833 4092 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:25:54.0939 4092 fastfat - ok
09:25:55.0012 4092 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
09:25:55.0113 4092 Fax - ok
09:25:55.0121 4092 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:25:55.0172 4092 fdc - ok
09:25:55.0195 4092 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:25:55.0273 4092 fdPHost - ok
09:25:55.0282 4092 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:25:55.0374 4092 FDResPub - ok
09:25:55.0410 4092 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:25:55.0447 4092 FileInfo - ok
09:25:55.0458 4092 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:25:55.0549 4092 Filetrace - ok
09:25:55.0556 4092 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:55.0594 4092 flpydisk - ok
09:25:55.0638 4092 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
09:25:55.0680 4092 FltMgr - ok
09:25:55.0781 4092 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
09:25:55.0868 4092 FontCache - ok
09:25:55.0922 4092 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:25:55.0963 4092 FontCache3.0.0.0 - ok
09:25:55.0989 4092 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:25:56.0026 4092 FsDepends - ok
09:25:56.0042 4092 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
09:25:56.0078 4092 Fs_Rec - ok
09:25:56.0111 4092 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:25:56.0158 4092 fvevol - ok
09:25:56.0175 4092 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:25:56.0213 4092 gagp30kx - ok
09:25:56.0277 4092 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
09:25:56.0330 4092 GameConsoleService - ok
09:25:56.0418 4092 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
09:25:56.0573 4092 gpsvc - ok
09:25:56.0631 4092 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:25:56.0704 4092 gupdate - ok
09:25:56.0712 4092 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:25:56.0775 4092 gupdatem - ok
09:25:56.0805 4092 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:25:56.0857 4092 gusvc - ok
09:25:56.0893 4092 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:25:56.0962 4092 hcw85cir - ok
09:25:56.0982 4092 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:57.0043 4092 HDAudBus - ok
09:25:57.0050 4092 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:25:57.0088 4092 HidBatt - ok
09:25:57.0100 4092 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:25:57.0145 4092 HidBth - ok
09:25:57.0153 4092 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:25:57.0215 4092 HidIr - ok
09:25:57.0245 4092 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:25:57.0338 4092 hidserv - ok
09:25:57.0360 4092 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
09:25:57.0416 4092 HidUsb - ok
09:25:57.0441 4092 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
09:25:57.0519 4092 hkmsvc - ok
09:25:57.0549 4092 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
09:25:57.0631 4092 HomeGroupListener - ok
09:25:57.0661 4092 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
09:25:57.0705 4092 HomeGroupProvider - ok
09:25:57.0755 4092 HP Health Check Service (00b239202f7756695c8ccdf8bafa7d3d) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
09:25:57.0796 4092 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
09:25:57.0796 4092 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
09:25:57.0852 4092 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
09:25:57.0917 4092 hpqwmiex - ok
09:25:57.0946 4092 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
09:25:57.0985 4092 HpSAMD - ok
09:25:58.0043 4092 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
09:25:58.0151 4092 HTTP - ok
09:25:58.0167 4092 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
09:25:58.0202 4092 hwpolicy - ok
09:25:58.0213 4092 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:58.0254 4092 i8042prt - ok
09:25:58.0294 4092 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
09:25:58.0343 4092 iaStorV - ok
09:25:58.0432 4092 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:25:58.0486 4092 idsvc - ok

In Topic: Needing someone to look at this..

19 June 2012 - 09:31 AM

Tdsskiller log: (Will be in multiple posts as it won't fit in just one)



09:24:59.0133 4608 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
09:25:01.0136 4608 ============================================================
09:25:01.0136 4608 Current date / time: 2012/06/19 09:25:01.0136
09:25:01.0136 4608 SystemInfo:
09:25:01.0137 4608
09:25:01.0137 4608 OS Version: 6.1.7600 ServicePack: 0.0
09:25:01.0137 4608 Product type: Workstation
09:25:01.0137 4608 ComputerName: AARONS-PC
09:25:01.0137 4608 UserName: aaron's
09:25:01.0137 4608 Windows directory: C:\Windows
09:25:01.0137 4608 System windows directory: C:\Windows
09:25:01.0137 4608 Running under WOW64
09:25:01.0137 4608 Processor architecture: Intel x64
09:25:01.0137 4608 Number of processors: 2
09:25:01.0137 4608 Page size: 0x1000
09:25:01.0137 4608 Boot type: Normal boot
09:25:01.0137 4608 ============================================================
09:25:02.0181 4608 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:25:02.0189 4608 ============================================================
09:25:02.0189 4608 \Device\Harddisk0\DR0:
09:25:02.0189 4608 MBR partitions:
09:25:02.0189 4608 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:25:02.0189 4608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0x23F5C7C1
09:25:02.0189 4608 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23F8F000, BlocksNum 0x149F000
09:25:02.0189 4608 ============================================================
09:25:02.0215 4608 C: <-> \Device\Harddisk0\DR0\Partition1
09:25:02.0253 4608 D: <-> \Device\Harddisk0\DR0\Partition2
09:25:02.0253 4608 ============================================================
09:25:02.0253 4608 Initialize success
09:25:02.0253 4608 ============================================================
09:25:03.0760 3372 ============================================================
09:25:03.0760 3372 Scan started
09:25:03.0760 3372 Mode: Manual;
09:25:03.0760 3372 ============================================================
09:25:04.0625 3372 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
09:25:04.0674 3372 1394ohci - ok
09:25:04.0704 3372 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
09:25:04.0710 3372 ACPI - ok
09:25:04.0715 3372 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
09:25:04.0729 3372 AcpiPmi - ok
09:25:04.0798 3372 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:25:04.0831 3372 AdobeARMservice - ok
09:25:04.0943 3372 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:25:04.0947 3372 AdobeFlashPlayerUpdateSvc - ok
09:25:05.0002 3372 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:25:05.0032 3372 adp94xx - ok
09:25:05.0076 3372 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:25:05.0098 3372 adpahci - ok
09:25:05.0115 3372 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:25:05.0136 3372 adpu320 - ok
09:25:05.0167 3372 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:25:05.0169 3372 AeLookupSvc - ok
09:25:05.0214 3372 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
09:25:05.0217 3372 AERTFilters - ok
09:25:05.0301 3372 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
09:25:05.0335 3372 AFD - ok
09:25:05.0384 3372 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
09:25:05.0401 3372 agp440 - ok
09:25:05.0433 3372 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:25:05.0462 3372 ALG - ok
09:25:05.0485 3372 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
09:25:05.0501 3372 aliide - ok
09:25:05.0535 3372 AMD External Events Utility (f238be4fa4e55eb67f17281fadf69851) C:\Windows\system32\atiesrxx.exe
09:25:05.0540 3372 AMD External Events Utility - ok
09:25:05.0547 3372 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
09:25:05.0570 3372 amdide - ok
09:25:05.0587 3372 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:25:05.0589 3372 AmdK8 - ok
09:25:05.0599 3372 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:25:05.0614 3372 AmdPPM - ok
09:25:05.0644 3372 amdsata (f747497a0ee5498f79b207f215b3d2d8) C:\Windows\system32\DRIVERS\amdsata.sys
09:25:05.0645 3372 amdsata - ok
09:25:05.0664 3372 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:25:05.0682 3372 amdsbs - ok
09:25:05.0699 3372 amdxata (2946d695e158615baaa16248e63c7adb) C:\Windows\system32\DRIVERS\amdxata.sys
09:25:05.0735 3372 amdxata - ok
09:25:05.0767 3372 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
09:25:05.0783 3372 AppID - ok
09:25:05.0812 3372 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:25:05.0826 3372 AppIDSvc - ok
09:25:05.0844 3372 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
09:25:05.0862 3372 Appinfo - ok
09:25:05.0873 3372 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:25:05.0892 3372 arc - ok
09:25:05.0904 3372 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:25:05.0923 3372 arcsas - ok
09:25:05.0958 3372 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:05.0972 3372 AsyncMac - ok
09:25:05.0989 3372 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
09:25:06.0005 3372 atapi - ok
09:25:06.0124 3372 athr (e0fabc10635c670bd7d89fd214a405d7) C:\Windows\system32\DRIVERS\athrx.sys
09:25:06.0190 3372 athr - ok
09:25:06.0673 3372 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
09:25:06.0850 3372 atikmdag - ok
09:25:06.0969 3372 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
09:25:06.0998 3372 AtiPcie - ok
09:25:07.0086 3372 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
09:25:07.0178 3372 AudioEndpointBuilder - ok
09:25:07.0191 3372 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
09:25:07.0198 3372 AudioSrv - ok
09:25:07.0227 3372 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
09:25:07.0242 3372 AxInstSV - ok
09:25:07.0300 3372 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:25:07.0323 3372 b06bdrv - ok
09:25:07.0363 3372 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:25:07.0383 3372 b57nd60a - ok
09:25:07.0410 3372 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:25:07.0425 3372 BDESVC - ok
09:25:07.0436 3372 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:25:07.0449 3372 Beep - ok
09:25:07.0518 3372 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
09:25:07.0547 3372 BFE - ok
09:25:07.0686 3372 BHDrvx64 (cbee185bf1fa48d1d273b592c62a5a41) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx64.sys
09:25:07.0739 3372 BHDrvx64 - ok
09:25:07.0820 3372 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
09:25:07.0834 3372 BITS - ok
09:25:07.0878 3372 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:25:07.0893 3372 blbdrive - ok
09:25:07.0932 3372 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
09:25:07.0959 3372 bowser - ok
09:25:07.0986 3372 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:25:08.0002 3372 BrFiltLo - ok
09:25:08.0008 3372 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:25:08.0022 3372 BrFiltUp - ok
09:25:08.0052 3372 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
09:25:08.0068 3372 Browser - ok
09:25:08.0091 3372 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:25:08.0111 3372 Brserid - ok
09:25:08.0118 3372 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:25:08.0134 3372 BrSerWdm - ok
09:25:08.0141 3372 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:25:08.0155 3372 BrUsbMdm - ok
09:25:08.0161 3372 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:25:08.0175 3372 BrUsbSer - ok
09:25:08.0187 3372 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:25:08.0204 3372 BTHMODEM - ok
09:25:08.0227 3372 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:25:08.0241 3372 bthserv - ok
09:25:08.0342 3372 ccHP (60050e92e160115b80175a5bdb1525b4) C:\Windows\system32\drivers\NISx64\1100000.088\ccHPx64.sys
09:25:08.0366 3372 ccHP - ok
09:25:08.0396 3372 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:25:08.0411 3372 cdfs - ok
09:25:08.0435 3372 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
09:25:08.0451 3372 cdrom - ok
09:25:08.0480 3372 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
09:25:08.0500 3372 CertPropSvc - ok
09:25:08.0517 3372 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:25:08.0533 3372 circlass - ok
09:25:08.0568 3372 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:25:08.0601 3372 CLFS - ok
09:25:08.0673 3372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:08.0750 3372 clr_optimization_v2.0.50727_32 - ok
09:25:09.0010 3372 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:25:09.0045 3372 clr_optimization_v2.0.50727_64 - ok
09:25:09.0101 3372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:09.0104 3372 clr_optimization_v4.0.30319_32 - ok
09:25:09.0155 3372 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:25:09.0158 3372 clr_optimization_v4.0.30319_64 - ok
09:25:09.0185 3372 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:09.0200 3372 CmBatt - ok
09:25:09.0205 3372 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
09:25:09.0222 3372 cmdide - ok
09:25:09.0277 3372 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
09:25:09.0315 3372 CNG - ok
09:25:09.0344 3372 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:25:09.0360 3372 Compbatt - ok
09:25:09.0380 3372 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:25:09.0395 3372 CompositeBus - ok
09:25:09.0405 3372 COMSysApp - ok
09:25:09.0415 3372 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:25:09.0434 3372 crcdisk - ok
09:25:09.0478 3372 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
09:25:09.0498 3372 CryptSvc - ok
09:25:09.0545 3372 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
09:25:09.0553 3372 DcomLaunch - ok
09:25:09.0594 3372 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:25:09.0623 3372 defragsvc - ok
09:25:09.0652 3372 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
09:25:09.0680 3372 DfsC - ok
09:25:09.0719 3372 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
09:25:09.0725 3372 Dhcp - ok
09:25:09.0755 3372 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:25:09.0776 3372 discache - ok
09:25:09.0904 3372 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:25:09.0936 3372 Disk - ok
09:25:09.0979 3372 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
09:25:09.0999 3372 Dnscache - ok
09:25:10.0035 3372 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
09:25:10.0061 3372 dot3svc - ok
09:25:10.0089 3372 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
09:25:10.0094 3372 DPS - ok
09:25:10.0127 3372 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:25:10.0141 3372 drmkaud - ok
09:25:10.0229 3372 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
09:25:10.0256 3372 DXGKrnl - ok
09:25:10.0278 3372 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:25:10.0295 3372 EapHost - ok
09:25:10.0510 3372 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:25:10.0613 3372 ebdrv - ok
09:25:10.0721 3372 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:25:10.0726 3372 eeCtrl - ok
09:25:10.0823 3372 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
09:25:10.0826 3372 EFS - ok
09:25:10.0907 3372 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
09:25:10.0965 3372 ehRecvr - ok
09:25:10.0984 3372 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:25:11.0025 3372 ehSched - ok
09:25:11.0088 3372 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:25:11.0120 3372 elxstor - ok
09:25:11.0189 3372 EraserUtilDrv11210 (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11210.sys
09:25:11.0192 3372 EraserUtilDrv11210 - ok
09:25:11.0198 3372 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
09:25:11.0212 3372 ErrDev - ok
09:25:11.0287 3372 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:25:11.0296 3372 EventSystem - ok
09:25:11.0348 3372 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:25:11.0367 3372 exfat - ok
09:25:11.0379 3372 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:25:11.0399 3372 fastfat - ok
09:25:11.0442 3372 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
09:25:11.0450 3372 Fax - ok
09:25:11.0467 3372 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:25:11.0482 3372 fdc - ok
09:25:11.0506 3372 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:25:11.0508 3372 fdPHost - ok
09:25:11.0519 3372 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:25:11.0521 3372 FDResPub - ok
09:25:11.0554 3372 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:25:11.0571 3372 FileInfo - ok
09:25:11.0587 3372 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:25:11.0603 3372 Filetrace - ok
09:25:11.0610 3372 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:11.0625 3372 flpydisk - ok
09:25:11.0657 3372 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
09:25:11.0676 3372 FltMgr - ok
09:25:11.0775 3372 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
09:25:11.0808 3372 FontCache - ok
09:25:11.0866 3372 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:25:11.0868 3372 FontCache3.0.0.0 - ok
09:25:11.0892 3372 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:25:11.0909 3372 FsDepends - ok
09:25:11.0919 3372 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
09:25:11.0951 3372 Fs_Rec - ok
09:25:12.0015 3372 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:25:12.0036 3372 fvevol - ok
09:25:12.0054 3372 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:25:12.0071 3372 gagp30kx - ok
09:25:12.0146 3372 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
09:25:12.0193 3372 GameConsoleService - ok
09:25:12.0262 3372 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
09:25:12.0271 3372 gpsvc - ok
09:25:12.0325 3372 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:25:12.0328 3372 gupdate - ok
09:25:12.0334 3372 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:25:12.0336 3372 gupdatem - ok
09:25:12.0357 3372 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:25:12.0404 3372 gusvc - ok
09:25:12.0454 3372 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:25:12.0468 3372 hcw85cir - ok
09:25:12.0502 3372 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:12.0504 3372 HDAudBus - ok
09:25:12.0511 3372 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:25:12.0526 3372 HidBatt - ok
09:25:12.0538 3372 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:25:12.0555 3372 HidBth - ok
09:25:12.0584 3372 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:25:12.0598 3372 HidIr - ok
09:25:12.0623 3372 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:25:12.0651 3372 hidserv - ok
09:25:12.0673 3372 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
09:25:12.0687 3372 HidUsb - ok
09:25:12.0703 3372 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
09:25:12.0719 3372 hkmsvc - ok
09:25:12.0745 3372 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
09:25:12.0750 3372 HomeGroupListener - ok
09:25:12.0792 3372 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
09:25:12.0796 3372 HomeGroupProvider - ok
09:25:12.0851 3372 HP Health Check Service (00b239202f7756695c8ccdf8bafa7d3d) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
09:25:12.0853 3372 HP Health Check Service - ok
09:25:12.0906 3372 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
09:25:12.0961 3372 hpqwmiex - ok
09:25:12.0983 3372 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
09:25:13.0002 3372 HpSAMD - ok
09:25:13.0061 3372 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
09:25:13.0087 3372 HTTP - ok
09:25:13.0097 3372 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
09:25:13.0111 3372 hwpolicy - ok
09:25:13.0128 3372 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:13.0145 3372 i8042prt - ok
09:25:13.0199 3372 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
09:25:13.0221 3372 iaStorV - ok
09:25:13.0340 3372 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:25:13.0370 3372 idsvc - ok
09:25:13.0531 3372 IDSVia64 (41d2c4e4c5dfab0b9fbd7438d8822123) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20090828.002\IDSVia64.sys
09:25:13.0553 3372 IDSVia64 - ok
09:25:13.0658 3372 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:25:13.0675 3372 iirsp - ok
09:25:13.0747 3372 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
09:25:13.0778 3372 IKEEXT - ok
09:25:13.0948 3372 IntcAzAudAddService (430aab6c09af99d5beb311795349e9dd) C:\Windows\system32\drivers\RTKVHD64.sys
09:25:13.0986 3372 IntcAzAudAddService - ok
09:25:14.0090 3372 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
09:25:14.0106 3372 intelide - ok
09:25:14.0125 3372 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:25:14.0140 3372 intelppm - ok
09:25:14.0166 3372 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:25:14.0183 3372 IPBusEnum - ok
09:25:14.0205 3372 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:14.0221 3372 IpFilterDriver - ok
09:25:14.0281 3372 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
09:25:14.0288 3372 iphlpsvc - ok
09:25:14.0298 3372 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:25:14.0315 3372 IPMIDRV - ok
09:25:14.0328 3372 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:25:14.0345 3372 IPNAT - ok
09:25:14.0367 3372 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:25:14.0383 3372 IRENUM - ok
09:25:14.0390 3372 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
09:25:14.0407 3372 isapnp - ok
09:25:14.0437 3372 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
09:25:14.0458 3372 iScsiPrt - ok
09:25:14.0482 3372 JMCR (41e6c1f0f85f6f75e53a56dd6bf809ab) C:\Windows\system32\DRIVERS\jmcr.sys
09:25:14.0500 3372 JMCR - ok
09:25:14.0526 3372 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:25:14.0543 3372 kbdclass - ok
09:25:14.0556 3372 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
09:25:14.0571 3372 kbdhid - ok
09:25:14.0593 3372 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
09:25:14.0596 3372 KeyIso - ok
09:25:14.0614 3372 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
09:25:14.0646 3372 KSecDD - ok
09:25:14.0674 3372 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
09:25:14.0694 3372 KSecPkg - ok
09:25:14.0704 3372 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:25:14.0719 3372 ksthunk - ok
09:25:14.0758 3372 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:25:14.0797 3372 KtmRm - ok
09:25:14.0843 3372 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
09:25:14.0867 3372 LanmanServer - ok
09:25:14.0897 3372 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
09:25:14.0931 3372 LanmanWorkstation - ok
09:25:14.0996 3372 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
09:25:15.0027 3372 LightScribeService - ok
09:25:15.0051 3372 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:25:15.0067 3372 lltdio - ok
09:25:15.0109 3372 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:25:15.0128 3372 lltdsvc - ok
09:25:15.0155 3372 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:25:15.0173 3372 lmhosts - ok
09:25:15.0208 3372 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:25:15.0226 3372 LSI_FC - ok
09:25:15.0235 3372 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:25:15.0255 3372 LSI_SAS - ok
09:25:15.0264 3372 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:25:15.0282 3372 LSI_SAS2 - ok
09:25:15.0299 3372 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:25:15.0318 3372 LSI_SCSI - ok
09:25:15.0338 3372 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:25:15.0364 3372 luafv - ok
09:25:15.0387 3372 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
09:25:15.0404 3372 Mcx2Svc - ok
09:25:15.0421 3372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:25:15.0437 3372 megasas - ok
09:25:15.0474 3372 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:25:15.0496 3372 MegaSR - ok
09:25:15.0529 3372 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:25:15.0533 3372 MMCSS - ok
09:25:15.0580 3372 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:25:15.0596 3372 Modem - ok
09:25:15.0613 3372 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:25:15.0615 3372 monitor - ok
09:25:15.0650 3372 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:25:15.0681 3372 mouclass - ok
09:25:15.0707 3372 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:25:15.0722 3372 mouhid - ok
09:25:15.0750 3372 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
09:25:15.0768 3372 mountmgr - ok
09:25:15.0830 3372 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:25:15.0924 3372 MozillaMaintenance - ok
09:25:15.0955 3372 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
09:25:15.0979 3372 mpio - ok
09:25:15.0994 3372 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:25:16.0011 3372 mpsdrv - ok
09:25:16.0088 3372 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
09:25:16.0178 3372 MpsSvc - ok
09:25:16.0197 3372 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
09:25:16.0215 3372 MRxDAV - ok
09:25:16.0251 3372 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:25:16.0270 3372 mrxsmb - ok
09:25:16.0299 3372 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:25:16.0319 3372 mrxsmb10 - ok
09:25:16.0351 3372 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:25:16.0368 3372 mrxsmb20 - ok
09:25:16.0379 3372 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
09:25:16.0405 3372 msahci - ok
09:25:16.0419 3372 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
09:25:16.0442 3372 msdsm - ok
09:25:16.0469 3372 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:25:16.0486 3372 MSDTC - ok
09:25:16.0511 3372 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:25:16.0525 3372 Msfs - ok
09:25:16.0538 3372 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:25:16.0553 3372 mshidkmdf - ok
09:25:16.0566 3372 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
09:25:16.0581 3372 msisadrv - ok
09:25:16.0615 3372 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:25:16.0632 3372 MSiSCSI - ok

In Topic: Needing someone to look at this..

19 June 2012 - 01:19 AM

DDS log:

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by aaron's at 1:12:49 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2039 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.0.0.136\InstStub.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
TCP: DhcpNameServer = 216.220.3.205 216.220.3.204
TCP: Interfaces\{4ACC5026-0964-49B7-8181-F782528441BA} : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{6770BB12-71B9-4564-81E4-FFB8EC3F9856} : DhcpNameServer = 216.220.3.205 216.220.3.204
AppInit_DLLs:
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AppInit_DLLs-X64:
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\aaron's\AppData\Roaming\Mozilla\Firefox\Profiles\3n825qi4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=100&systemid=102&sr=0&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\aaron's\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-3-31 92160]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2012-2-27 126392]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-6-1 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-1 257696]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-6-1 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-1 113120]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-17 23536]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-06-18 04:48:31 -------- d-----w- C:\Users\aaron's\AppData\Roaming\Malwarebytes
2012-06-18 04:48:24 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-18 04:48:23 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-18 04:48:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-18 04:03:34 388096 ----a-r- C:\Users\aaron's\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-18 04:03:34 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-06-17 03:42:23 -------- d-----w- C:\Users\aaron's\AppData\Roaming\PC Speed Maximizer
2012-06-17 03:24:09 -------- d-----w- C:\Users\aaron's\AppData\Roaming\.purple
2012-06-17 03:22:03 -------- d-----w- C:\Program Files (x86)\PC Speed Maximizer
2012-06-17 03:21:59 -------- d-----w- C:\Users\aaron's\AppData\Local\antiphishing-vmninternethelper1_1dn
2012-06-17 03:21:59 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-06-17 03:21:48 -------- d-----w- C:\ProgramData\Tarma Installer
2012-06-17 00:22:17 -------- d-----w- C:\Users\aaron's\AppData\Roaming\XBMC
2012-06-17 00:20:55 -------- d-----w- C:\Program Files (x86)\XBMC
2012-06-17 00:20:35 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5636211A-21C5-41E6-B3C5-F2FAB8306557}\offreg.dll
2012-06-17 00:19:25 -------- d-----w- C:\Users\aaron's\AppData\Local\jZip
2012-06-17 00:19:10 -------- d-----w- C:\ProgramData\boost_interprocess
2012-06-17 00:19:03 -------- d-----w- C:\Program Files (x86)\jZip
2012-06-16 23:41:27 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-16 23:41:27 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-15 17:18:52 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5636211A-21C5-41E6-B3C5-F2FAB8306557}\mpengine.dll
2012-06-13 15:52:41 1460224 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 15:52:40 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 15:52:40 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 15:52:39 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 15:52:39 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 15:52:38 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-12 03:13:40 -------- d-----w- C:\Users\aaron's\AppData\Local\Unity
2012-06-06 08:04:50 -------- d-----w- C:\Users\aaron's\AppData\Local\Diagnostics
2012-06-04 00:28:18 -------- d-----w- C:\ProgramData\CCP
2012-06-03 17:23:37 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-06-03 17:23:37 235344 ----a-w- C:\Windows\SysWow64\d3dx11_42.dll
2012-06-03 17:23:34 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-06-03 17:05:21 -------- d-----w- C:\Program Files (x86)\CCP
2012-06-03 16:22:12 -------- d-----w- C:\Users\aaron's\AppData\Local\CCP
2012-06-02 03:06:07 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-06-02 02:15:30 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-01 21:15:15 -------- d-----w- C:\Users\aaron's\AppData\Local\Google
2012-06-01 21:13:55 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-06-01 20:48:46 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-01 20:48:22 -------- d-----w- C:\Users\aaron's\AppData\Local\Adobe
2012-06-01 20:47:46 -------- d-----w- C:\Program Files (x86)\Atari
.
==================== Find3M ====================
.
2012-05-15 03:56:59 1197568 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:08:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-15 01:32:20 3144192 ----a-w- C:\Windows\System32\win32k.sys
2012-05-04 10:52:22 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:08:16 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08:15 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-20 06:22:18 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2012-04-20 05:05:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-04-20 05:00:31 482816 ----a-w- C:\Windows\System32\html.iec
2012-04-20 04:15:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-04-20 03:58:07 386048 ----a-w- C:\Windows\SysWow64\html.iec
2012-04-20 03:24:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-07 12:18:36 3213824 ----a-w- C:\Windows\System32\msi.dll
2012-04-07 11:34:37 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-03-30 11:09:53 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 1:13:43.70 ===============

Attach log:

Internet Explorer: 8.0.7600.16385
Run by aaron's at 1:12:49 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2039 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.0.0.136\InstStub.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
TCP: DhcpNameServer = 216.220.3.205 216.220.3.204
TCP: Interfaces\{4ACC5026-0964-49B7-8181-F782528441BA} : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{6770BB12-71B9-4564-81E4-FFB8EC3F9856} : DhcpNameServer = 216.220.3.205 216.220.3.204
AppInit_DLLs:
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AppInit_DLLs-X64:
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\aaron's\AppData\Roaming\Mozilla\Firefox\Profiles\3n825qi4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=100&systemid=102&sr=0&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\aaron's\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-3-31 92160]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2012-2-27 126392]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-6-1 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-1 257696]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-6-1 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-1 113120]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-17 23536]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-06-18 04:48:31 -------- d-----w- C:\Users\aaron's\AppData\Roaming\Malwarebytes
2012-06-18 04:48:24 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-18 04:48:23 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-18 04:48:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-18 04:03:34 388096 ----a-r- C:\Users\aaron's\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-18 04:03:34 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-06-17 03:42:23 -------- d-----w- C:\Users\aaron's\AppData\Roaming\PC Speed Maximizer
2012-06-17 03:24:09 -------- d-----w- C:\Users\aaron's\AppData\Roaming\.purple
2012-06-17 03:22:03 -------- d-----w- C:\Program Files (x86)\PC Speed Maximizer
2012-06-17 03:21:59 -------- d-----w- C:\Users\aaron's\AppData\Local\antiphishing-vmninternethelper1_1dn
2012-06-17 03:21:59 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-06-17 03:21:48 -------- d-----w- C:\ProgramData\Tarma Installer
2012-06-17 00:22:17 -------- d-----w- C:\Users\aaron's\AppData\Roaming\XBMC
2012-06-17 00:20:55 -------- d-----w- C:\Program Files (x86)\XBMC
2012-06-17 00:20:35 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5636211A-21C5-41E6-B3C5-F2FAB8306557}\offreg.dll
2012-06-17 00:19:25 -------- d-----w- C:\Users\aaron's\AppData\Local\jZip
2012-06-17 00:19:10 -------- d-----w- C:\ProgramData\boost_interprocess
2012-06-17 00:19:03 -------- d-----w- C:\Program Files (x86)\jZip
2012-06-16 23:41:27 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-16 23:41:27 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-15 17:18:52 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5636211A-21C5-41E6-B3C5-F2FAB8306557}\mpengine.dll
2012-06-13 15:52:41 1460224 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 15:52:40 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 15:52:40 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 15:52:39 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 15:52:39 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 15:52:38 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-12 03:13:40 -------- d-----w- C:\Users\aaron's\AppData\Local\Unity
2012-06-06 08:04:50 -------- d-----w- C:\Users\aaron's\AppData\Local\Diagnostics
2012-06-04 00:28:18 -------- d-----w- C:\ProgramData\CCP
2012-06-03 17:23:37 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-06-03 17:23:37 235344 ----a-w- C:\Windows\SysWow64\d3dx11_42.dll
2012-06-03 17:23:34 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-06-03 17:05:21 -------- d-----w- C:\Program Files (x86)\CCP
2012-06-03 16:22:12 -------- d-----w- C:\Users\aaron's\AppData\Local\CCP
2012-06-02 03:06:07 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-06-02 02:15:30 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-01 21:15:15 -------- d-----w- C:\Users\aaron's\AppData\Local\Google
2012-06-01 21:13:55 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-06-01 20:48:46 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-01 20:48:22 -------- d-----w- C:\Users\aaron's\AppData\Local\Adobe
2012-06-01 20:47:46 -------- d-----w- C:\Program Files (x86)\Atari
.
==================== Find3M ====================
.
2012-05-15 03:56:59 1197568 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:08:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-15 01:32:20 3144192 ----a-w- C:\Windows\System32\win32k.sys
2012-05-04 10:52:22 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:08:16 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08:15 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-20 06:22:18 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2012-04-20 05:05:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-04-20 05:00:31 482816 ----a-w- C:\Windows\System32\html.iec
2012-04-20 04:15:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-04-20 03:58:07 386048 ----a-w- C:\Windows\SysWow64\html.iec
2012-04-20 03:24:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-07 12:18:36 3213824 ----a-w- C:\Windows\System32\msi.dll
2012-04-07 11:34:37 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-03-30 11:09:53 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 1:13:43.70 ===============

Just incase,RogueKiller log:

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: aaron's [Admin rights]
Mode: Scan -- Date: 06/19/2012 01:17:06

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST332041 8AS SATA Disk Device +++++
--- User ---
[MBR] f09fd6969ddbd27b848e83b3ab693c26
[BSP] f63a4cca6bce2f9ccb022c39f9298531 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206911 | Size: 294584 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 603516928 | Size: 10558 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 88e42e907aec80f2e3f36dffeac43632
[BSP] 096ca65415799301792a33c93b5e78da : Windows XP MBR Code
Partition table:

Finished