brassrat

Members
  • Content count

    22
  • Joined

  • Last visited

About brassrat

  • Rank
    New Member
  1. The AVP tool cleared a couple things. I couldn't get the report to save. Things seem to be working normally; I think I'm ok. Thanks.
  2. ESET Anti-virus was not finding the trojan any more, though now it's getting hung up and not completing scans.
  3. The log is attached. I'll be out of town for a couple days; back on Saturday. Thanks! TDSSKiller log.doc
  4. The anti-virus scan doesn't find the trojan. Here's the TDSSKiller log: 10:01:13.0598 1940 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 10:01:13.0863 1940 ============================================================ 10:01:13.0863 1940 Current date / time: 2012/07/18 10:01:13.0863 10:01:13.0863 1940 SystemInfo: 10:01:13.0863 1940 10:01:13.0863 1940 OS Version: 6.0.6002 ServicePack: 2.0 10:01:13.0863 1940 Product type: Workstation 10:01:13.0863 1940 ComputerName: ALAN-PC 10:01:13.0863 1940 UserName: Alan 10:01:13.0863 1940 Windows directory: C:\Windows 10:01:13.0863 1940 System windows directory: C:\Windows 10:01:13.0863 1940 Running under WOW64 10:01:13.0863 1940 Processor architecture: Intel x64 10:01:13.0863 1940 Number of processors: 2 10:01:13.0863 1940 Page size: 0x1000 10:01:13.0863 1940 Boot type: Normal boot 10:01:13.0863 1940 ============================================================ 10:01:14.0269 1940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:01:14.0409 1940 Drive \Device\Harddisk6\DR6 - Size: 0x778800000 (29.88 Gb), SectorSize: 0x200, Cylinders: 0xF3C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 10:01:14.0409 1940 ============================================================ 10:01:14.0409 1940 \Device\Harddisk0\DR0: 10:01:14.0409 1940 MBR partitions: 10:01:14.0409 1940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x38F85030 10:01:14.0409 1940 \Device\Harddisk6\DR6: 10:01:14.0409 1940 MBR partitions: 10:01:14.0409 1940 \Device\Harddisk6\DR6\Partition0: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BC3FE0 10:01:14.0409 1940 ============================================================ 10:01:14.0425 1940 C: <-> \Device\Harddisk0\DR0\Partition0 10:01:14.0425 1940 ============================================================ 10:01:14.0425 1940 Initialize success 10:01:14.0425 1940 ============================================================ 10:01:25.0625 3832 ============================================================ 10:01:25.0625 3832 Scan started 10:01:25.0625 3832 Mode: Manual; SigCheck; TDLFS; 10:01:25.0625 3832 ============================================================ 10:01:25.0953 3832 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 10:01:26.0078 3832 ACPI - ok 10:01:26.0140 3832 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:01:26.0156 3832 AdobeARMservice - ok 10:01:26.0203 3832 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 10:01:26.0265 3832 adp94xx - ok 10:01:26.0312 3832 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 10:01:26.0374 3832 adpahci - ok 10:01:26.0390 3832 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 10:01:26.0437 3832 adpu160m - ok 10:01:26.0452 3832 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 10:01:26.0468 3832 adpu320 - ok 10:01:26.0499 3832 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll 10:01:26.0639 3832 AeLookupSvc - ok 10:01:26.0686 3832 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys 10:01:26.0749 3832 AFD - ok 10:01:26.0780 3832 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 10:01:26.0795 3832 agp440 - ok 10:01:26.0827 3832 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 10:01:26.0842 3832 aic78xx - ok 10:01:26.0873 3832 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe 10:01:26.0936 3832 ALG - ok 10:01:26.0951 3832 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 10:01:26.0983 3832 aliide - ok 10:01:26.0998 3832 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 10:01:27.0029 3832 amdide - ok 10:01:27.0045 3832 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 10:01:27.0107 3832 AmdK8 - ok 10:01:27.0139 3832 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll 10:01:27.0170 3832 Appinfo - ok 10:01:27.0232 3832 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 10:01:27.0248 3832 Apple Mobile Device - ok 10:01:27.0279 3832 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 10:01:27.0310 3832 arc - ok 10:01:27.0357 3832 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 10:01:27.0388 3832 arcsas - ok 10:01:27.0404 3832 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 10:01:27.0451 3832 AsyncMac - ok 10:01:27.0482 3832 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 10:01:27.0513 3832 atapi - ok 10:01:27.0560 3832 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 10:01:27.0638 3832 AudioEndpointBuilder - ok 10:01:27.0638 3832 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 10:01:27.0669 3832 AudioSrv - ok 10:01:27.0700 3832 Beep - ok 10:01:27.0747 3832 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll 10:01:27.0825 3832 BFE - ok 10:01:27.0903 3832 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll 10:01:28.0012 3832 BITS - ok 10:01:28.0059 3832 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 10:01:28.0106 3832 blbdrive - ok 10:01:28.0371 3832 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 10:01:28.0387 3832 Bonjour Service - ok 10:01:28.0433 3832 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 10:01:28.0511 3832 bowser - ok 10:01:28.0574 3832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 10:01:28.0636 3832 BrFiltLo - ok 10:01:28.0652 3832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 10:01:28.0699 3832 BrFiltUp - ok 10:01:28.0886 3832 Brother XP spl Service (c711ed965009bdcff9aa62ceb6ff1aad) C:\Windows\SysWOW64\brsvc01a.exe 10:01:28.0917 3832 Brother XP spl Service - ok 10:01:28.0948 3832 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll 10:01:29.0026 3832 Browser - ok 10:01:29.0057 3832 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 10:01:29.0291 3832 Brserid - ok 10:01:29.0307 3832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 10:01:29.0432 3832 BrSerWdm - ok 10:01:29.0463 3832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 10:01:29.0588 3832 BrUsbMdm - ok 10:01:29.0603 3832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 10:01:29.0697 3832 BrUsbSer - ok 10:01:29.0728 3832 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 10:01:29.0806 3832 BTHMODEM - ok 10:01:29.0853 3832 catchme - ok 10:01:29.0900 3832 CAXHWBS2 (797c36e597f9fc4efd88e6e0e98abe37) C:\Windows\system32\DRIVERS\CAXHWBS2.sys 10:01:29.0978 3832 CAXHWBS2 - ok 10:01:30.0025 3832 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 10:01:30.0071 3832 cdfs - ok 10:01:30.0103 3832 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 10:01:30.0134 3832 cdrom - ok 10:01:30.0165 3832 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 10:01:30.0196 3832 CertPropSvc - ok 10:01:30.0196 3832 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys 10:01:30.0243 3832 circlass - ok 10:01:30.0274 3832 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 10:01:30.0321 3832 CLFS - ok 10:01:30.0383 3832 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:01:30.0399 3832 clr_optimization_v2.0.50727_32 - ok 10:01:30.0446 3832 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:01:30.0461 3832 clr_optimization_v2.0.50727_64 - ok 10:01:30.0508 3832 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:01:30.0524 3832 clr_optimization_v4.0.30319_32 - ok 10:01:30.0555 3832 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:01:30.0571 3832 clr_optimization_v4.0.30319_64 - ok 10:01:30.0586 3832 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 10:01:30.0617 3832 cmdide - ok 10:01:30.0649 3832 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys 10:01:30.0664 3832 Compbatt - ok 10:01:30.0664 3832 COMSysApp - ok 10:01:30.0680 3832 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 10:01:30.0711 3832 crcdisk - ok 10:01:30.0758 3832 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll 10:01:30.0789 3832 CryptSvc - ok 10:01:30.0836 3832 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 10:01:30.0929 3832 DcomLaunch - ok 10:01:30.0961 3832 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys 10:01:31.0007 3832 DfsC - ok 10:01:31.0210 3832 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe 10:01:31.0397 3832 DFSR - ok 10:01:31.0507 3832 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll 10:01:31.0553 3832 Dhcp - ok 10:01:31.0600 3832 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 10:01:31.0616 3832 disk - ok 10:01:31.0663 3832 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll 10:01:31.0694 3832 Dnscache - ok 10:01:31.0709 3832 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll 10:01:31.0772 3832 dot3svc - ok 10:01:31.0803 3832 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll 10:01:31.0865 3832 DPS - ok 10:01:31.0881 3832 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 10:01:31.0975 3832 drmkaud - ok 10:01:32.0037 3832 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 10:01:32.0115 3832 DXGKrnl - ok 10:01:32.0193 3832 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 10:01:32.0302 3832 E1G60 - ok 10:01:32.0333 3832 eamon (a183851333985c6de08dade07b074d0d) C:\Windows\system32\DRIVERS\eamon.sys 10:01:32.0427 3832 eamon - ok 10:01:32.0443 3832 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll 10:01:32.0521 3832 EapHost - ok 10:01:32.0552 3832 easdrv (4db13a6a158c160b01971e0eab4b6fa8) C:\Windows\system32\DRIVERS\easdrv.sys 10:01:32.0599 3832 easdrv - ok 10:01:32.0645 3832 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 10:01:32.0708 3832 Ecache - ok 10:01:32.0739 3832 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe 10:01:32.0801 3832 ehRecvr - ok 10:01:32.0817 3832 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe 10:01:32.0864 3832 ehSched - ok 10:01:32.0879 3832 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll 10:01:32.0926 3832 ehstart - ok 10:01:32.0973 3832 EhttpSrv (40ddb5654b9fb14aa3fa00b116efbbdd) C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 10:01:32.0989 3832 EhttpSrv - ok 10:01:33.0067 3832 ekrn (49485fa5c3a8a5ce866b281e75e99f24) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 10:01:33.0082 3832 ekrn - ok 10:01:33.0145 3832 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 10:01:33.0223 3832 elxstor - ok 10:01:33.0269 3832 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll 10:01:33.0347 3832 EMDMgmt - ok 10:01:33.0379 3832 epfwtdir (bb0e86ba3336ccc7c885e1b47d9c4675) C:\Windows\system32\DRIVERS\epfwtdir.sys 10:01:33.0457 3832 epfwtdir - ok 10:01:33.0472 3832 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 10:01:33.0535 3832 ErrDev - ok 10:01:33.0581 3832 ETService (6b1f9c8c3757622824705a32bf721e8a) C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe 10:01:33.0597 3832 ETService ( UnsignedFile.Multi.Generic ) - warning 10:01:33.0597 3832 ETService - detected UnsignedFile.Multi.Generic (1) 10:01:33.0628 3832 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll 10:01:33.0691 3832 EventSystem - ok 10:01:33.0722 3832 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 10:01:33.0769 3832 exfat - ok 10:01:33.0800 3832 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 10:01:33.0878 3832 fastfat - ok 10:01:33.0893 3832 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 10:01:33.0940 3832 fdc - ok 10:01:33.0956 3832 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll 10:01:33.0987 3832 fdPHost - ok 10:01:34.0003 3832 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll 10:01:34.0049 3832 FDResPub - ok 10:01:34.0081 3832 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 10:01:34.0096 3832 FileInfo - ok 10:01:34.0127 3832 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 10:01:34.0159 3832 Filetrace - ok 10:01:34.0190 3832 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 10:01:34.0237 3832 flpydisk - ok 10:01:34.0268 3832 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 10:01:34.0283 3832 FltMgr - ok 10:01:34.0377 3832 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll 10:01:34.0471 3832 FontCache - ok 10:01:34.0517 3832 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:01:34.0533 3832 FontCache3.0.0.0 - ok 10:01:34.0564 3832 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys 10:01:34.0611 3832 Fs_Rec - ok 10:01:34.0627 3832 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 10:01:34.0689 3832 gagp30kx - ok 10:01:34.0705 3832 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:01:34.0720 3832 GEARAspiWDM - ok 10:01:34.0767 3832 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll 10:01:34.0814 3832 gpsvc - ok 10:01:34.0907 3832 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:01:34.0923 3832 gupdate - ok 10:01:34.0939 3832 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:01:34.0954 3832 gupdatem - ok 10:01:35.0001 3832 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 10:01:35.0126 3832 HdAudAddService - ok 10:01:35.0188 3832 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 10:01:35.0282 3832 HDAudBus - ok 10:01:35.0313 3832 HidBatt (68214c82fa6222591873677a72df2a66) C:\Windows\system32\DRIVERS\HidBatt.sys 10:01:35.0422 3832 HidBatt - ok 10:01:35.0438 3832 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 10:01:35.0578 3832 HidBth - ok 10:01:35.0594 3832 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys 10:01:35.0641 3832 HidIr - ok 10:01:35.0672 3832 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll 10:01:35.0703 3832 hidserv - ok 10:01:35.0734 3832 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 10:01:35.0765 3832 HidUsb - ok 10:01:35.0781 3832 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll 10:01:35.0812 3832 hkmsvc - ok 10:01:35.0843 3832 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 10:01:35.0875 3832 HpCISSs - ok 10:01:35.0953 3832 HSF_DPV (1e260b33f6555146a0b826f047238c00) C:\Windows\system32\DRIVERS\CAX_DPV.sys 10:01:36.0062 3832 HSF_DPV - ok 10:01:36.0171 3832 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 10:01:36.0296 3832 HTTP - ok 10:01:36.0311 3832 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 10:01:36.0327 3832 i2omp - ok 10:01:36.0358 3832 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 10:01:36.0421 3832 i8042prt - ok 10:01:36.0467 3832 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 10:01:36.0577 3832 iaStorV - ok 10:01:36.0670 3832 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:01:36.0717 3832 idsvc - ok 10:01:36.0748 3832 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 10:01:36.0748 3832 iirsp - ok 10:01:36.0795 3832 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll 10:01:36.0873 3832 IKEEXT - ok 10:01:36.0920 3832 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys 10:01:36.0935 3832 int15 - ok 10:01:37.0029 3832 IntcAzAudAddService (f737c4e44fb41524978709274da24b2e) C:\Windows\system32\drivers\RTKVHD64.sys 10:01:37.0107 3832 IntcAzAudAddService - ok 10:01:37.0169 3832 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 10:01:37.0201 3832 intelide - ok 10:01:37.0216 3832 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 10:01:37.0263 3832 intelppm - ok 10:01:37.0279 3832 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll 10:01:37.0341 3832 IPBusEnum - ok 10:01:37.0357 3832 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:01:37.0435 3832 IpFilterDriver - ok 10:01:37.0466 3832 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll 10:01:37.0513 3832 iphlpsvc - ok 10:01:37.0513 3832 IpInIp - ok 10:01:37.0544 3832 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 10:01:37.0653 3832 IPMIDRV - ok 10:01:37.0684 3832 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 10:01:37.0778 3832 IPNAT - ok 10:01:37.0871 3832 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 10:01:37.0934 3832 iPod Service - ok 10:01:37.0965 3832 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 10:01:38.0043 3832 IRENUM - ok 10:01:38.0059 3832 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 10:01:38.0090 3832 isapnp - ok 10:01:38.0152 3832 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 10:01:38.0168 3832 iScsiPrt - ok 10:01:38.0199 3832 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 10:01:38.0199 3832 iteatapi - ok 10:01:38.0246 3832 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 10:01:38.0246 3832 iteraid - ok 10:01:38.0277 3832 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 10:01:38.0308 3832 kbdclass - ok 10:01:38.0324 3832 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 10:01:38.0371 3832 kbdhid - ok 10:01:38.0371 3832 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 10:01:38.0402 3832 KeyIso - ok 10:01:38.0449 3832 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys 10:01:38.0480 3832 KSecDD - ok 10:01:38.0495 3832 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 10:01:38.0542 3832 ksthunk - ok 10:01:38.0589 3832 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll 10:01:38.0651 3832 KtmRm - ok 10:01:38.0667 3832 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll 10:01:38.0714 3832 LanmanServer - ok 10:01:38.0745 3832 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll 10:01:38.0776 3832 LanmanWorkstation - ok 10:01:38.0807 3832 LGDDCDevice - ok 10:01:38.0807 3832 LGII2CDevice - ok 10:01:38.0839 3832 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 10:01:38.0901 3832 lltdio - ok 10:01:38.0932 3832 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll 10:01:38.0979 3832 lltdsvc - ok 10:01:38.0995 3832 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll 10:01:39.0026 3832 lmhosts - ok 10:01:39.0057 3832 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 10:01:39.0073 3832 LSI_FC - ok 10:01:39.0104 3832 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 10:01:39.0166 3832 LSI_SAS - ok 10:01:39.0182 3832 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 10:01:39.0229 3832 LSI_SCSI - ok 10:01:39.0244 3832 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 10:01:39.0291 3832 luafv - ok 10:01:39.0307 3832 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll 10:01:39.0338 3832 Mcx2Svc - ok 10:01:39.0353 3832 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 10:01:39.0369 3832 mdmxsdk - ok 10:01:39.0400 3832 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 10:01:39.0447 3832 megasas - ok 10:01:39.0494 3832 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 10:01:39.0541 3832 MegaSR - ok 10:01:39.0556 3832 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 10:01:39.0603 3832 MMCSS - ok 10:01:39.0619 3832 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 10:01:39.0697 3832 Modem - ok 10:01:39.0712 3832 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 10:01:39.0759 3832 monitor - ok 10:01:39.0775 3832 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 10:01:39.0806 3832 mouclass - ok 10:01:39.0837 3832 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 10:01:39.0868 3832 mouhid - ok 10:01:39.0884 3832 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 10:01:39.0946 3832 MountMgr - ok 10:01:40.0024 3832 mozybackup (4559f45671297fe955b3b6de1bdf26ce) C:\Program Files\MozyHome\mozybackup.exe 10:01:40.0024 3832 mozybackup - ok 10:01:40.0055 3832 mozyFilter (792e9d1d6160df481dea44d8171b8e25) C:\Windows\system32\DRIVERS\mozy.sys 10:01:40.0087 3832 mozyFilter - ok 10:01:40.0118 3832 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 10:01:40.0149 3832 mpio - ok 10:01:40.0149 3832 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 10:01:40.0211 3832 mpsdrv - ok 10:01:40.0258 3832 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll 10:01:40.0305 3832 MpsSvc - ok 10:01:40.0352 3832 mr97310c (637650a42fd23947d837053fac789d38) C:\Windows\system32\DRIVERS\mr97310c.sys 10:01:40.0399 3832 mr97310c - ok 10:01:40.0430 3832 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 10:01:40.0430 3832 Mraid35x - ok 10:01:40.0477 3832 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 10:01:40.0508 3832 MRxDAV - ok 10:01:40.0539 3832 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:01:40.0586 3832 mrxsmb - ok 10:01:40.0617 3832 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:01:40.0664 3832 mrxsmb10 - ok 10:01:40.0679 3832 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:01:40.0711 3832 mrxsmb20 - ok 10:01:40.0742 3832 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 10:01:40.0773 3832 msahci - ok 10:01:40.0804 3832 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 10:01:40.0851 3832 msdsm - ok 10:01:40.0882 3832 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe 10:01:40.0929 3832 MSDTC - ok 10:01:40.0960 3832 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 10:01:41.0038 3832 Msfs - ok 10:01:41.0054 3832 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 10:01:41.0069 3832 msisadrv - ok 10:01:41.0101 3832 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll 10:01:41.0179 3832 MSiSCSI - ok 10:01:41.0179 3832 msiserver - ok 10:01:41.0210 3832 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 10:01:41.0272 3832 MSKSSRV - ok 10:01:41.0288 3832 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 10:01:41.0350 3832 MSPCLOCK - ok 10:01:41.0366 3832 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 10:01:41.0413 3832 MSPQM - ok 10:01:41.0444 3832 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 10:01:41.0459 3832 MsRPC - ok 10:01:41.0491 3832 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 10:01:41.0522 3832 mssmbios - ok 10:01:41.0537 3832 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 10:01:41.0615 3832 MSTEE - ok 10:01:41.0631 3832 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 10:01:41.0662 3832 Mup - ok 10:01:41.0709 3832 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll 10:01:41.0787 3832 napagent - ok 10:01:41.0818 3832 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 10:01:41.0881 3832 NativeWifiP - ok 10:01:41.0943 3832 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 10:01:41.0990 3832 NDIS - ok 10:01:42.0021 3832 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 10:01:42.0052 3832 NdisTapi - ok 10:01:42.0083 3832 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 10:01:42.0161 3832 Ndisuio - ok 10:01:42.0177 3832 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 10:01:42.0255 3832 NdisWan - ok 10:01:42.0271 3832 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 10:01:42.0333 3832 NDProxy - ok 10:01:42.0349 3832 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 10:01:42.0395 3832 NetBIOS - ok 10:01:42.0411 3832 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 10:01:42.0458 3832 netbt - ok 10:01:42.0473 3832 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 10:01:42.0489 3832 Netlogon - ok 10:01:42.0536 3832 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll 10:01:42.0614 3832 Netman - ok 10:01:42.0645 3832 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll 10:01:42.0692 3832 netprofm - ok 10:01:42.0739 3832 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 10:01:42.0754 3832 NetTcpPortSharing - ok 10:01:42.0770 3832 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 10:01:42.0832 3832 nfrd960 - ok 10:01:42.0863 3832 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll 10:01:42.0926 3832 NlaSvc - ok 10:01:42.0941 3832 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 10:01:43.0004 3832 Npfs - ok 10:01:43.0019 3832 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll 10:01:43.0082 3832 nsi - ok 10:01:43.0082 3832 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 10:01:43.0129 3832 nsiproxy - ok 10:01:43.0222 3832 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 10:01:43.0285 3832 Ntfs - ok 10:01:43.0347 3832 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 10:01:43.0409 3832 Null - ok 10:01:43.0503 3832 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys 10:01:43.0565 3832 NVENETFD - ok 10:01:43.0675 3832 NVHDA (87a7e98a682b0b20820be781c7758b94) C:\Windows\system32\drivers\nvhda64v.sys 10:01:43.0690 3832 NVHDA - ok 10:01:44.0392 3832 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:01:45.0016 3832 nvlddmkm - ok 10:01:45.0110 3832 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 10:01:45.0125 3832 nvraid - ok 10:01:45.0157 3832 nvrd64 (081601b398ded2fbc6ff62ae2042c38a) C:\Windows\system32\drivers\nvrd64.sys 10:01:45.0172 3832 nvrd64 - ok 10:01:45.0203 3832 nvsmu (f6c6d8298dd85507f680437ec2e6899c) C:\Windows\system32\DRIVERS\nvsmu.sys 10:01:45.0219 3832 nvsmu - ok 10:01:45.0235 3832 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 10:01:45.0266 3832 nvstor - ok 10:01:45.0297 3832 nvstor64 (1f27f53013b40565c8bd1d787ea5ec6a) C:\Windows\system32\drivers\nvstor64.sys 10:01:45.0313 3832 nvstor64 - ok 10:01:45.0391 3832 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe 10:01:45.0437 3832 nvsvc - ok 10:01:45.0625 3832 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 10:01:45.0703 3832 nvUpdatusService - ok 10:01:45.0781 3832 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 10:01:45.0812 3832 nv_agp - ok 10:01:45.0812 3832 NwlnkFlt - ok 10:01:45.0827 3832 NwlnkFwd - ok 10:01:45.0874 3832 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys 10:01:45.0968 3832 ohci1394 - ok 10:01:46.0015 3832 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe 10:01:46.0030 3832 OMSI download service ( UnsignedFile.Multi.Generic ) - warning 10:01:46.0030 3832 OMSI download service - detected UnsignedFile.Multi.Generic (1) 10:01:46.0093 3832 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 10:01:46.0171 3832 p2pimsvc - ok 10:01:46.0186 3832 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 10:01:46.0233 3832 p2psvc - ok 10:01:46.0264 3832 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 10:01:46.0342 3832 Parport - ok 10:01:46.0358 3832 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys 10:01:46.0389 3832 partmgr - ok 10:01:46.0405 3832 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll 10:01:46.0436 3832 PcaSvc - ok 10:01:46.0467 3832 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 10:01:46.0498 3832 pci - ok 10:01:46.0514 3832 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys 10:01:46.0529 3832 pciide - ok 10:01:46.0576 3832 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 10:01:46.0623 3832 pcmcia - ok 10:01:46.0685 3832 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 10:01:46.0810 3832 PEAUTH - ok 10:01:46.0873 3832 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe 10:01:46.0919 3832 PerfHost - ok 10:01:47.0029 3832 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll 10:01:47.0138 3832 pla - ok 10:01:47.0169 3832 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll 10:01:47.0216 3832 PlugPlay - ok 10:01:47.0278 3832 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 10:01:47.0309 3832 PNRPAutoReg - ok 10:01:47.0325 3832 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 10:01:47.0356 3832 PNRPsvc - ok 10:01:47.0419 3832 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll 10:01:47.0512 3832 PolicyAgent - ok 10:01:47.0621 3832 ppped (d483893aa28f060d2b2cdb69586d1cdb) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe 10:01:47.0668 3832 ppped - ok 10:01:47.0746 3832 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 10:01:47.0840 3832 PptpMiniport - ok 10:01:47.0855 3832 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 10:01:47.0965 3832 Processor - ok 10:01:47.0996 3832 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll 10:01:48.0027 3832 ProfSvc - ok 10:01:48.0043 3832 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 10:01:48.0058 3832 ProtectedStorage - ok 10:01:48.0074 3832 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 10:01:48.0121 3832 PSched - ok 10:01:48.0199 3832 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 10:01:48.0261 3832 ql2300 - ok 10:01:48.0292 3832 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 10:01:48.0323 3832 ql40xx - ok 10:01:48.0355 3832 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll 10:01:48.0386 3832 QWAVE - ok 10:01:48.0401 3832 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 10:01:48.0448 3832 QWAVEdrv - ok 10:01:48.0464 3832 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 10:01:48.0511 3832 RasAcd - ok 10:01:48.0542 3832 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll 10:01:48.0589 3832 RasAuto - ok 10:01:48.0620 3832 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:01:48.0667 3832 Rasl2tp - ok 10:01:48.0698 3832 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll 10:01:48.0745 3832 RasMan - ok 10:01:48.0760 3832 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 10:01:48.0823 3832 RasPppoe - ok 10:01:48.0838 3832 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 10:01:48.0901 3832 RasSstp - ok 10:01:48.0932 3832 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 10:01:48.0994 3832 rdbss - ok 10:01:48.0994 3832 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:01:49.0057 3832 RDPCDD - ok 10:01:49.0088 3832 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 10:01:49.0166 3832 rdpdr - ok 10:01:49.0181 3832 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 10:01:49.0228 3832 RDPENCDD - ok 10:01:49.0275 3832 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys 10:01:49.0322 3832 RDPWD - ok 10:01:49.0353 3832 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll 10:01:49.0415 3832 RemoteAccess - ok 10:01:49.0447 3832 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll 10:01:49.0493 3832 RemoteRegistry - ok 10:01:49.0509 3832 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe 10:01:49.0556 3832 RpcLocator - ok 10:01:49.0603 3832 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 10:01:49.0649 3832 RpcSs - ok 10:01:49.0649 3832 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 10:01:49.0774 3832 rspndr - ok 10:01:49.0790 3832 RTSTOR (fe1d4924e1680a192f9617c5eca19c93) C:\Windows\system32\drivers\RTSTOR64.SYS 10:01:49.0852 3832 RTSTOR - ok 10:01:49.0899 3832 s117bus (6c90231046fb9fc4123c42179832817f) C:\Windows\system32\DRIVERS\s117bus.sys 10:01:49.0946 3832 s117bus - ok 10:01:49.0961 3832 s117mdfl (3279341c90ef8f226af77623039f4495) C:\Windows\system32\DRIVERS\s117mdfl.sys 10:01:49.0993 3832 s117mdfl - ok 10:01:50.0024 3832 s117mdm (73e331f555279e753b312675ddaf4516) C:\Windows\system32\DRIVERS\s117mdm.sys 10:01:50.0102 3832 s117mdm - ok 10:01:50.0117 3832 s117mgmt (d420731fd2880f0f40f20771efaad671) C:\Windows\system32\DRIVERS\s117mgmt.sys 10:01:50.0149 3832 s117mgmt - ok 10:01:50.0180 3832 s117nd5 (98236ca5a9a77d0983ac3f6d6527c796) C:\Windows\system32\DRIVERS\s117nd5.sys 10:01:50.0211 3832 s117nd5 - ok 10:01:50.0227 3832 s117obex (1dd613909477ae298c98e86617ec356b) C:\Windows\system32\DRIVERS\s117obex.sys 10:01:50.0273 3832 s117obex - ok 10:01:50.0305 3832 s117unic (9a22df5fe9b6be279d820776a6adb56f) C:\Windows\system32\DRIVERS\s117unic.sys 10:01:50.0336 3832 s117unic - ok 10:01:50.0351 3832 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 10:01:50.0367 3832 SamSs - ok 10:01:50.0398 3832 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 10:01:50.0445 3832 sbp2port - ok 10:01:50.0554 3832 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 10:01:50.0585 3832 SBSDWSCService - ok 10:01:50.0632 3832 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll 10:01:50.0679 3832 SCardSvr - ok 10:01:50.0741 3832 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll 10:01:50.0819 3832 Schedule - ok 10:01:50.0851 3832 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 10:01:50.0866 3832 SCPolicySvc - ok 10:01:50.0897 3832 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll 10:01:50.0944 3832 SDRSVC - ok 10:01:50.0991 3832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 10:01:51.0085 3832 secdrv - ok 10:01:51.0100 3832 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll 10:01:51.0163 3832 seclogon - ok 10:01:51.0194 3832 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys 10:01:51.0225 3832 seehcri - ok 10:01:51.0241 3832 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll 10:01:51.0287 3832 SENS - ok 10:01:51.0303 3832 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys 10:01:51.0350 3832 Serenum - ok 10:01:51.0381 3832 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys 10:01:51.0428 3832 Serial - ok 10:01:51.0443 3832 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 10:01:51.0506 3832 sermouse - ok 10:01:51.0521 3832 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll 10:01:51.0553 3832 SessionEnv - ok 10:01:51.0568 3832 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 10:01:51.0615 3832 sffdisk - ok 10:01:51.0615 3832 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 10:01:51.0662 3832 sffp_mmc - ok 10:01:51.0677 3832 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 10:01:51.0724 3832 sffp_sd - ok 10:01:51.0740 3832 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 10:01:51.0802 3832 sfloppy - ok 10:01:51.0833 3832 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll 10:01:51.0896 3832 SharedAccess - ok 10:01:51.0943 3832 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll 10:01:51.0974 3832 ShellHWDetection - ok 10:01:51.0989 3832 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 10:01:52.0005 3832 SiSRaid2 - ok 10:01:52.0036 3832 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 10:01:52.0067 3832 SiSRaid4 - ok 10:01:52.0208 3832 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe 10:01:52.0364 3832 slsvc - ok 10:01:52.0426 3832 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll 10:01:52.0473 3832 SLUINotify - ok 10:01:52.0504 3832 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 10:01:52.0567 3832 Smb - ok 10:01:52.0598 3832 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe 10:01:52.0613 3832 SNMPTRAP - ok 10:01:52.0629 3832 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 10:01:52.0660 3832 spldr - ok 10:01:52.0691 3832 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe 10:01:52.0738 3832 Spooler - ok 10:01:52.0769 3832 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 10:01:52.0879 3832 srv - ok 10:01:52.0910 3832 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys 10:01:52.0988 3832 srv2 - ok 10:01:53.0003 3832 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys 10:01:53.0050 3832 srvnet - ok 10:01:53.0066 3832 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll 10:01:53.0113 3832 SSDPSRV - ok 10:01:53.0159 3832 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll 10:01:53.0191 3832 SstpSvc - ok 10:01:53.0237 3832 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll 10:01:53.0269 3832 stisvc - ok 10:01:53.0300 3832 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 10:01:53.0315 3832 swenum - ok 10:01:53.0362 3832 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll 10:01:53.0425 3832 swprv - ok 10:01:53.0503 3832 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe 10:01:53.0518 3832 Symantec RemoteAssist - ok 10:01:53.0534 3832 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 10:01:53.0581 3832 Symc8xx - ok 10:01:53.0581 3832 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 10:01:53.0627 3832 Sym_hi - ok 10:01:53.0643 3832 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 10:01:53.0690 3832 Sym_u3 - ok 10:01:53.0752 3832 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll 10:01:53.0830 3832 SysMain - ok 10:01:53.0861 3832 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll 10:01:53.0893 3832 TabletInputService - ok 10:01:53.0924 3832 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll 10:01:53.0971 3832 TapiSrv - ok 10:01:53.0986 3832 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll 10:01:54.0049 3832 TBS - ok 10:01:54.0158 3832 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys 10:01:54.0236 3832 Tcpip - ok 10:01:54.0376 3832 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys 10:01:54.0439 3832 Tcpip6 - ok 10:01:54.0485 3832 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 10:01:54.0563 3832 tcpipreg - ok 10:01:54.0595 3832 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 10:01:54.0688 3832 TDPIPE - ok 10:01:54.0704 3832 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 10:01:54.0797 3832 TDTCP - ok 10:01:54.0829 3832 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 10:01:54.0922 3832 tdx - ok 10:01:54.0938 3832 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 10:01:54.0985 3832 TermDD - ok 10:01:55.0031 3832 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll 10:01:55.0125 3832 TermService - ok 10:01:55.0156 3832 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll 10:01:55.0172 3832 Themes - ok 10:01:55.0187 3832 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 10:01:55.0219 3832 THREADORDER - ok 10:01:55.0265 3832 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 10:01:55.0281 3832 TomTomHOMEService - ok 10:01:55.0312 3832 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll 10:01:55.0343 3832 TrkWks - ok 10:01:55.0390 3832 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe 10:01:55.0421 3832 TrustedInstaller - ok 10:01:55.0437 3832 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:01:55.0484 3832 tssecsrv - ok 10:01:55.0499 3832 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 10:01:55.0546 3832 tunmp - ok 10:01:55.0577 3832 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 10:01:55.0624 3832 tunnel - ok 10:01:55.0640 3832 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 10:01:55.0687 3832 uagp35 - ok 10:01:55.0733 3832 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 10:01:55.0796 3832 udfs - ok 10:01:55.0827 3832 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe 10:01:55.0874 3832 UI0Detect - ok 10:01:55.0889 3832 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 10:01:55.0921 3832 uliagpkx - ok 10:01:55.0952 3832 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 10:01:55.0983 3832 uliahci - ok 10:01:56.0030 3832 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 10:01:56.0061 3832 UlSata - ok 10:01:56.0092 3832 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 10:01:56.0123 3832 ulsata2 - ok 10:01:56.0155 3832 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 10:01:56.0186 3832 umbus - ok 10:01:56.0217 3832 UMPass (01abe05c401e70795b43a8933b44831e) C:\Windows\system32\DRIVERS\umpass.sys 10:01:56.0248 3832 UMPass - ok 10:01:56.0279 3832 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll 10:01:56.0326 3832 upnphost - ok 10:01:56.0373 3832 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 10:01:56.0404 3832 USBAAPL64 - ok 10:01:56.0435 3832 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 10:01:56.0529 3832 usbccgp - ok 10:01:56.0529 3832 usbcir (8c39d53e1a343f4c47ee8f3c052126d8) C:\Windows\system32\DRIVERS\usbcir.sys 10:01:56.0576 3832 usbcir - ok 10:01:56.0591 3832 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 10:01:56.0654 3832 usbehci - ok 10:01:56.0669 3832 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 10:01:56.0732 3832 usbhub - ok 10:01:56.0747 3832 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys 10:01:56.0794 3832 usbohci - ok 10:01:56.0810 3832 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 10:01:56.0872 3832 usbprint - ok 10:01:56.0888 3832 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 10:01:56.0935 3832 usbscan - ok 10:01:56.0966 3832 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:01:57.0013 3832 USBSTOR - ok 10:01:57.0044 3832 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 10:01:57.0091 3832 usbuhci - ok 10:01:57.0106 3832 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll 10:01:57.0137 3832 UxSms - ok 10:01:57.0169 3832 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe 10:01:57.0215 3832 vds - ok 10:01:57.0247 3832 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 10:01:57.0309 3832 vga - ok 10:01:57.0325 3832 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 10:01:57.0387 3832 VgaSave - ok 10:01:57.0403 3832 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 10:01:57.0434 3832 viaide - ok 10:01:57.0449 3832 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 10:01:57.0496 3832 volmgr - ok 10:01:57.0512 3832 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 10:01:57.0559 3832 volmgrx - ok 10:01:57.0605 3832 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 10:01:57.0621 3832 volsnap - ok 10:01:57.0637 3832 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 10:01:57.0668 3832 vsmraid - ok 10:01:57.0761 3832 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe 10:01:57.0824 3832 VSS - ok 10:01:57.0917 3832 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll 10:01:57.0964 3832 W32Time - ok 10:01:57.0995 3832 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 10:01:58.0042 3832 WacomPen - ok 10:01:58.0058 3832 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 10:01:58.0136 3832 Wanarp - ok 10:01:58.0136 3832 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 10:01:58.0167 3832 Wanarpv6 - ok 10:01:58.0198 3832 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll 10:01:58.0229 3832 wcncsvc - ok 10:01:58.0276 3832 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll 10:01:58.0307 3832 WcsPlugInService - ok 10:01:58.0323 3832 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 10:01:58.0354 3832 Wd - ok 10:01:58.0417 3832 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 10:01:58.0448 3832 Wdf01000 - ok 10:01:58.0463 3832 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 10:01:58.0495 3832 WdiServiceHost - ok 10:01:58.0510 3832 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 10:01:58.0541 3832 WdiSystemHost - ok 10:01:58.0557 3832 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll 10:01:58.0588 3832 WebClient - ok 10:01:58.0604 3832 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll 10:01:58.0635 3832 Wecsvc - ok 10:01:58.0651 3832 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll 10:01:58.0682 3832 wercplsupport - ok 10:01:58.0697 3832 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll 10:01:58.0729 3832 WerSvc - ok 10:01:58.0807 3832 winachsf (cbdeb4b3b5cf8c49acc221d45f1c50c1) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 10:01:58.0853 3832 winachsf - ok 10:01:58.0900 3832 WinDefend - ok 10:01:58.0916 3832 WinHttpAutoProxySvc - ok 10:01:58.0963 3832 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll 10:01:59.0009 3832 Winmgmt - ok 10:01:59.0119 3832 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll 10:01:59.0243 3832 WinRM - ok 10:01:59.0368 3832 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll 10:01:59.0446 3832 Wlansvc - ok 10:01:59.0618 3832 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 10:01:59.0759 3832 wlidsvc - ok 10:01:59.0837 3832 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys 10:01:59.0884 3832 WmiAcpi - ok 10:01:59.0931 3832 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe 10:01:59.0962 3832 wmiApSrv - ok 10:01:59.0993 3832 WMPNetworkSvc - ok 10:02:00.0024 3832 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll 10:02:00.0056 3832 WPCSvc - ok 10:02:00.0102 3832 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll 10:02:00.0134 3832 WPDBusEnum - ok 10:02:00.0165 3832 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 10:02:00.0196 3832 WpdUsb - ok 10:02:00.0321 3832 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 10:02:00.0368 3832 WPFFontCache_v0400 - ok 10:02:00.0399 3832 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 10:02:00.0477 3832 ws2ifsl - ok 10:02:00.0492 3832 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll 10:02:00.0524 3832 wscsvc - ok 10:02:00.0524 3832 WSearch - ok 10:02:00.0664 3832 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 10:02:00.0804 3832 wuauserv - ok 10:02:00.0898 3832 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:02:00.0976 3832 WUDFRd - ok 10:02:00.0992 3832 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll 10:02:01.0038 3832 wudfsvc - ok 10:02:01.0070 3832 XAudio (2f2ce5e47b014f52bc722ae28b19cbf3) C:\Windows\system32\DRIVERS\xaudio64.sys 10:02:01.0085 3832 XAudio - ok 10:02:01.0116 3832 XAudioService (a337887a4e3396a3ea5d6e54fa431c84) C:\Windows\system32\DRIVERS\xaudio64.exe 10:02:01.0148 3832 XAudioService - ok 10:02:01.0179 3832 MBR (0x1B8) (8c9f9e03865c35f0f3829a23cda42f5d) \Device\Harddisk0\DR0 10:02:03.0675 3832 \Device\Harddisk0\DR0 - ok 10:02:03.0675 3832 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk6\DR6 10:02:06.0077 3832 \Device\Harddisk6\DR6 - ok 10:02:06.0108 3832 Boot (0x1200) (aca8d8eee4ecbf8a2bc078dc82da69f2) \Device\Harddisk0\DR0\Partition0 10:02:06.0108 3832 \Device\Harddisk0\DR0\Partition0 - ok 10:02:06.0108 3832 Boot (0x1200) (784211be52d4ccd8801ebdd7adc95aaa) \Device\Harddisk6\DR6\Partition0 10:02:06.0124 3832 \Device\Harddisk6\DR6\Partition0 - ok 10:02:06.0124 3832 ============================================================ 10:02:06.0124 3832 Scan finished 10:02:06.0124 3832 ============================================================ 10:02:06.0140 1312 Detected object count: 2 10:02:06.0140 1312 Actual detected object count: 2 10:02:14.0938 1312 ETService ( UnsignedFile.Multi.Generic ) - skipped by user 10:02:14.0938 1312 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:02:14.0954 1312 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user 10:02:14.0954 1312 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip
  5. ESET didn't find anythimg. TDSSKiller ran and identified the two objects that were skipped when I'd run it from the website.
  6. TDSSKiller ran from the desktop this time. Here's the log from the ESET scan: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  7. Well, I think maybe I got it. I started to download TDSSKiller again but instead of saving it to the desktop I just ran it from the website. I followed the instructions you'd given for running it and I believe it grabbed the trojan; one object was cured and one deleted. I rebooted and ran an ESET scan that didn't find the Olmarik.TDL4 bugger. Any further advice? Thanks so much for your patient help.
  8. Also, when I initiated Chameleon after running rkill, Malwarebytes updated itself and ran a scan that didn't find anything.
  9. rkill ran. TDSSKiller didn't. rkill log below. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 07/17/2012 at 13:36:48. Operating System: Windows Vista Home Premium Processes terminated by Rkill or while it was running: C:\Users\Alan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\grpconv.exe Rkill completed on 07/17/2012 at 13:38:21.
  10. BTW I was able to cut and paste TDSSKiller into the Chameleon folder now, but it still wouldn't run on two attempts.
  11. Sorry, still won't run.
  12. Here's the ComboFix report: ComboFix 12-07-16.01 - Alan 07/16/2012 21:23:32.1.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3838.1903 [GMT -4:00] Running from: c:\users\Alan\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\hpe319A.dll c:\users\Alan\AppData\Roaming\AD ON Multimedia c:\windows\SysWow64\spool\prtprocs\w32x86\ppbiPr.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 ))))))))))))))))))))))))))))))) . . 2012-07-17 02:05 . 2012-07-17 02:10 -------- d-----w- c:\users\Alan\AppData\Local\temp 2012-07-17 02:05 . 2012-07-17 02:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-07-17 02:05 . 2012-07-17 02:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-16 15:54 . 2012-07-16 15:54 -------- d-----w- c:\users\Alan\AppData\Local\Zoom_Downloader 2012-07-16 15:54 . 2012-07-16 15:54 247 ----a-w- C:\user.js 2012-07-16 15:54 . 2012-07-16 15:54 -------- d-----w- c:\program files (x86)\BabylonToolbar 2012-07-16 15:54 . 2012-07-16 15:54 -------- d-----w- c:\programdata\Babylon 2012-07-14 00:03 . 2012-07-14 00:03 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3AC2850D-BD0B-416C-B786-AAFED5E587F8}\offreg.dll 2012-07-13 16:08 . 2012-06-18 07:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3AC2850D-BD0B-416C-B786-AAFED5E587F8}\mpengine.dll 2012-07-11 07:02 . 2012-06-13 13:58 2769408 ----a-w- c:\windows\system32\win32k.sys 2012-06-27 00:24 . 2012-06-27 01:04 -------- d-----w- c:\program files (x86)\Cisco Systems 2012-06-20 02:55 . 2012-06-20 02:55 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(64)\UICORE.JS 2012-06-17 11:19 . 2011-07-27 20:22 66552 ----a-w- c:\windows\system32\drivers\mozy.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 17:46 . 2011-11-21 19:15 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-22 21:27 . 2012-04-11 20:28 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-22 21:27 . 2011-06-03 21:34 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 02:06 . 2012-04-13 21:48 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-05-01 14:29 . 2012-06-13 00:12 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 16:25 . 2012-06-13 00:11 1267200 ----a-w- c:\windows\system32\crypt32.dll 2012-04-23 16:25 . 2012-06-13 00:11 174592 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-23 16:25 . 2012-06-13 00:11 132096 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-23 16:00 . 2012-06-13 00:11 984064 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-04-23 16:00 . 2012-06-13 00:11 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-23 16:00 . 2012-06-13 00:11 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "QuickenScheduledUpdates"="c:\program files (x86)\Quicken\bagent.exe" [2010-06-02 77656] "Spotify Web Helper"="c:\users\Alan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-29 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "LchDrvKey"="LchDrvKey.exe" [2007-03-29 36864] "LedKey"="CNYHKey.exe" [2008-04-24 339968] "Smart Copy"="c:\program files (x86)\IOI\Smart Copy\ButtonMonitor.exe" [2008-05-11 49152] "PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393] "IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960] "BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-08 622592] "ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2006-07-19 65536] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "PowerPanel Personal Edition User Interaction"="c:\program files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe" [2010-04-10 316864] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] . c:\users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Jacquie Lawson Village Advent Calendar.lnk - c:\users\Alan\Desktop\Jacquie Lawson Village Advent Calendar\Jacquie Lawson Village Advent Calendar.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ EasySetPackage.lnk - c:\program files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2010-12-20 159744] Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2012-6-4 6271376] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-31 21:20] . 2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-31 21:20] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2] @="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}" [HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}] 2012-06-04 20:17 6301584 ----a-w- c:\program files\MozyHome\mozyshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3] @="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}" [HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}] 2012-06-04 20:17 6301584 ----a-w- c:\program files\MozyHome\mozyshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RAVCpl64.exe" [2008-04-17 5445120] "Skytel"="Skytel.exe" [2008-04-17 1826816] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1923640] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=GTW&Loc=ENG_US&Sys=DTP&M=DX4640-UB201A mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = localhost;*.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: intuit.com\ttlc TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 DPF: {6A4F3A11-99B7-4BD1-AF88-B7354D1DAECD} - hxxp://www.freehandmusic.com/update/soleromusiccontrol.cab CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\9hgrmdzq.default\ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=113959&tt=2912_7&babsrc=KW_ss&mntrId=2e93e7b0000000000000002185cdd9d9&q= FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=113959&tt=2912_7&babsrc=HP_ss&mntrId=2e93e7b0000000000000002185cdd9d9 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - user.js: extensions.BabylonToolbar_i.id - 2e93e7b0000000000000002185cdd9d9 FF - user.js: extensions.BabylonToolbar_i.hardId - 2e93e7b0000000000000002185cdd9d9 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15537 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:54 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113959&tt=2912_7 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-eRecoveryService - (no file) HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\brsvc01a.exe c:\windows\SysWOW64\brss01a.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe c:\program files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe c:\windows\CNYHKey.exe c:\program files (x86)\Brother\ControlCenter3\brccMCtl.exe c:\program files (x86)\Brother\Brmfcmon\BrMfcmon.exe c:\windows\ModLedKey.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe . ************************************************************************** . Completion time: 2012-07-16 22:32:17 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-17 02:32 . Pre-Run: 349,160,742,912 bytes free Post-Run: 349,330,866,176 bytes free . - - End Of File - - 22FFF755E51F50F1BB504F92DDC1122B
  13. I keep getting a "Destination Folder Access Denied" message that says "You need permission to perform this action."