Sign in to follow this  
Followers 0
klesh45

WhiteSmoke Toolbar Removal

14 posts in this topic

So, I downloaded a program I trust and use often for converting all sorts of files, and this time I had to reinstall it due to it being out of date. In the process of installing 'Super.exe' I was asked whether or not I want to Install Whitesmoke Toolbar and ooVoo Video Chat. I clicked no, however after the program installed, I was informed that both the other programs were install, despite I said I didn't want them.

To put it all short, I don't want this toolbar, and I really don't trust it. This computer is my main business computer where I do try to keep up with keeping everything secure, and frankly I'm afraid to log into anything other than my email right now.

I have run AVG with the latest updates, to find nothing at all in the computer. Then I installed Malwarebytes, a program I have used in the past, however no results were sent back. Now, I'm considering installing HijackThis and see if I can find anything. But of course I don't trust making any changes unless someone reviews my logs.

Please Help,

Brian

Share this post


Link to post
Share on other sites

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs.

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

Share this post


Link to post
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Brian at 3:45:32 on 2012-05-15

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1701 [GMT -7:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\3686F696365673 : DhcpNameServer = 24.116.2.50 24.116.2.34

TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\4456E6E6977237D27457563747D275946494 : DhcpNameServer = 66.82.4.8 66.82.4.12

TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\4557C6C69737 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\771697E65636F6C6C696E637 : DhcpNameServer = 192.168.254.254 192.168.254.254

TCP: Interfaces\{C213DBDD-D352-46CD-BB13-5785ADBF7B3E}\C4F657467596C6C6F677D27657563747 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"

mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-12 98208]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-11 129976]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

.

=============== Created Last 30 ================

.

2012-05-14 20:32:45 -------- d-----w- C:\Program Files (x86)\VS Revo Group

2012-05-14 19:03:44 -------- d-----w- C:\Users\Brian\AppData\Roaming\Malwarebytes

2012-05-14 19:03:37 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2012-05-14 19:03:33 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-05-14 19:03:33 -------- d-----w- C:\ProgramData\Malwarebytes

2012-05-14 19:03:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-05-14 10:21:26 -------- d-----w- C:\Users\Brian\AppData\Roaming\ooVoo Details

2012-05-14 10:20:57 -------- d-----w- C:\Program Files (x86)\Conduit

2012-05-14 10:20:54 -------- d-----w- C:\Users\Brian\AppData\Local\Conduit

2012-05-14 10:20:51 327749 ----a-w- C:\Windows\SysWow64\drvc.dll

2012-05-14 10:20:31 -------- d-----w- C:\Program Files (x86)\iNTERNET Turbo

2012-05-12 01:31:07 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-05-12 01:30:51 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-05-12 01:30:51 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-05-12 01:30:51 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-12 01:30:51 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-11 09:28:30 1541120 ----a-w- C:\Windows\System32\DWrite.dll

2012-05-11 09:28:30 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-11 09:28:29 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-05-11 09:28:29 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-05-11 09:28:29 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-05-11 09:28:29 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-05-11 09:28:29 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-05-11 09:28:29 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-05-11 09:28:29 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-05-11 09:28:29 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-05-11 09:27:48 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-11 09:27:46 3143680 ----a-w- C:\Windows\System32\win32k.sys

2012-05-11 09:27:45 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-11 09:27:45 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-11 09:27:40 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-05-11 09:27:36 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-05-11 09:27:32 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-11 09:27:32 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

.

==================== Find3M ====================

.

2012-03-01 06:54:38 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-03-01 06:45:41 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-03-01 06:40:14 80896 ----a-w- C:\Windows\System32\imagehlp.dll

2012-03-01 06:35:16 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-03-01 05:49:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-03-01 05:45:05 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-03-01 05:40:44 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-23 10:24:05 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2012-02-23 10:24:05 161792 ----a-w- C:\Windows\SysWow64\msls31.dll

2012-02-23 10:24:02 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll

2012-02-23 10:24:01 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2012-02-23 10:24:01 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe

2012-02-23 10:24:01 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll

2012-02-23 10:24:00 63488 ----a-w- C:\Windows\SysWow64\tdc.ocx

2012-02-23 10:24:00 367104 ----a-w- C:\Windows\SysWow64\html.iec

.

============= FINISH: 3:46:40.23 ===============

-------------Second Log---------------

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 8/26/2011 1:29:39 PM

System Uptime: 5/15/2012 3:06:37 AM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 1484

Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 281 GiB total, 184.025 GiB free.

D: is FIXED (NTFS) - 17 GiB total, 2.496 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP89: 4/13/2012 3:09:06 AM - Windows Update

RP90: 4/30/2012 1:26:17 AM - Scheduled Checkpoint

RP91: 5/2/2012 3:00:14 AM - Windows Update

RP92: 5/11/2012 3:00:22 AM - Windows Update

RP93: 5/14/2012 3:27:16 AM - Removed ooVoo

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.0 MUI

Adobe Shockwave Player 11.5

Apple Application Support

Apple Software Update

Audacity 1.3.13 (Unicode)

Bejeweled 2 Deluxe

Bing Bar

Blackhawk Striker 2

Build-a-lot 2

Chuzzle Deluxe

CinemaNow Media Manager

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

CyberLink DVD Suite

CyberLink MediaShow

CyberLink PowerDVD 9

CyberLink YouCam

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Diner Dash 2 Restaurant Rescue

Dora's Carnival Adventure

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

FATE

Final Drive Nitro

Heroes of Hellas 2 - Olympia

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP Documentation

HP Game Console

HP Games

HP MediaSmart CinemaNow 2.0

HP Photo Creations

HP Power Manager

HP Quick Launch

HP Setup

HP Software Framework

HP Support Assistant

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 20

Jewel Quest 3

Jewel Quest Solitaire 2

Junk Mail filter update

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Choice Guard

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Rise Of Nations

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

MSXML4 Parser

Norton Online Backup

Penguins!

PhotoNow!

Plants vs. Zombies

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

QuickTime

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

REALTEK Wireless LAN Software

Recovery Manager

Revo Uninstaller 1.93

Rise of Nations Thrones and Patriots

Roxio CinemaNow 2.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Virtual Families

Virtual Villagers - The Secret City

Visual Studio 2008 x64 Redistributables

Wheel of Fortune 2

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

5/9/2012 3:10:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

5/15/2012 3:33:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

5/13/2012 10:19:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

.

==== End Of File ===========================

-----------RougeKiller Log-----------------------

RogueKiller V7.4.4 [05/08/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User: Brian [Admin rights]

Mode: Scan -- Date: 05/15/2012 03:49:38

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-60A23T0 +++++

--- User ---

[MBR] 6bcf3dd14c642cff97fa0a0ff0620cfe

[bSP] 57e03b796349a7f1515f6689363ea785 : Windows Vista/7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 287273 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 588744704 | Size: 17668 Mo

3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Note, I didn't delete anything with RougeKiller, just to make sure I didn't do anything I was suppose to.

Share this post


Link to post
Share on other sites

OK, we have to check for any rootkits first.....

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Share this post


Link to post
Share on other sites

14:55:34.0455 6116 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

14:55:35.0398 6116 ============================================================

14:55:35.0398 6116 Current date / time: 2012/05/15 14:55:35.0398

14:55:35.0399 6116 SystemInfo:

14:55:35.0399 6116

14:55:35.0399 6116 OS Version: 6.1.7600 ServicePack: 0.0

14:55:35.0399 6116 Product type: Workstation

14:55:35.0399 6116 ComputerName: COMPAQ

14:55:35.0399 6116 UserName: Brian

14:55:35.0399 6116 Windows directory: C:\Windows

14:55:35.0399 6116 System windows directory: C:\Windows

14:55:35.0399 6116 Running under WOW64

14:55:35.0399 6116 Processor architecture: Intel x64

14:55:35.0399 6116 Number of processors: 1

14:55:35.0399 6116 Page size: 0x1000

14:55:35.0399 6116 Boot type: Normal boot

14:55:35.0399 6116 ============================================================

14:55:36.0830 6116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:55:36.0835 6116 ============================================================

14:55:36.0835 6116 \Device\Harddisk0\DR0:

14:55:36.0835 6116 MBR partitions:

14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23114800

14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23178800, BlocksNum 0x2282000

14:55:36.0835 6116 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0

14:55:36.0835 6116 ============================================================

14:55:36.0866 6116 C: <-> \Device\Harddisk0\DR0\Partition1

14:55:36.0923 6116 D: <-> \Device\Harddisk0\DR0\Partition2

14:55:36.0972 6116 ============================================================

14:55:36.0972 6116 Initialize success

14:55:36.0972 6116 ============================================================

14:56:12.0214 5996 ============================================================

14:56:12.0214 5996 Scan started

14:56:12.0214 5996 Mode: Manual;

14:56:12.0214 5996 ============================================================

14:56:12.0587 5996 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

14:56:12.0598 5996 1394ohci - ok

14:56:12.0694 5996 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

14:56:12.0730 5996 ACPI - ok

14:56:12.0779 5996 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

14:56:12.0781 5996 AcpiPmi - ok

14:56:12.0862 5996 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:56:12.0923 5996 adp94xx - ok

14:56:12.0984 5996 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:56:12.0996 5996 adpahci - ok

14:56:13.0056 5996 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:56:13.0066 5996 adpu320 - ok

14:56:13.0111 5996 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:56:13.0115 5996 AeLookupSvc - ok

14:56:13.0219 5996 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

14:56:13.0222 5996 AERTFilters - ok

14:56:13.0297 5996 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

14:56:13.0303 5996 AFD - ok

14:56:13.0344 5996 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

14:56:13.0347 5996 agp440 - ok

14:56:13.0406 5996 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:56:13.0408 5996 ALG - ok

14:56:13.0451 5996 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

14:56:13.0453 5996 aliide - ok

14:56:13.0504 5996 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

14:56:13.0505 5996 amdide - ok

14:56:13.0542 5996 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:56:13.0544 5996 AmdK8 - ok

14:56:13.0571 5996 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:56:13.0573 5996 AmdPPM - ok

14:56:13.0629 5996 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

14:56:13.0650 5996 amdsata - ok

14:56:13.0710 5996 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:56:13.0727 5996 amdsbs - ok

14:56:13.0748 5996 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

14:56:13.0749 5996 amdxata - ok

14:56:13.0801 5996 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

14:56:13.0803 5996 AppID - ok

14:56:13.0844 5996 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:56:13.0846 5996 AppIDSvc - ok

14:56:13.0900 5996 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

14:56:13.0902 5996 Appinfo - ok

14:56:14.0008 5996 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:56:14.0024 5996 Apple Mobile Device - ok

14:56:14.0088 5996 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:56:14.0090 5996 arc - ok

14:56:14.0137 5996 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:56:14.0139 5996 arcsas - ok

14:56:14.0184 5996 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:56:14.0186 5996 AsyncMac - ok

14:56:14.0211 5996 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

14:56:14.0212 5996 atapi - ok

14:56:14.0303 5996 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

14:56:14.0311 5996 AudioEndpointBuilder - ok

14:56:14.0324 5996 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

14:56:14.0331 5996 AudioSrv - ok

14:56:14.0618 5996 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

14:56:14.0705 5996 AVGIDSAgent - ok

14:56:14.0858 5996 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

14:56:14.0890 5996 AVGIDSDriver - ok

14:56:14.0905 5996 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

14:56:14.0907 5996 AVGIDSEH - ok

14:56:14.0922 5996 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

14:56:14.0923 5996 AVGIDSFilter - ok

14:56:14.0988 5996 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

14:56:14.0996 5996 Avgldx64 - ok

14:56:15.0064 5996 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

14:56:15.0066 5996 Avgmfx64 - ok

14:56:15.0115 5996 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

14:56:15.0116 5996 Avgrkx64 - ok

14:56:15.0180 5996 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

14:56:15.0192 5996 Avgtdia - ok

14:56:15.0326 5996 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

14:56:15.0334 5996 avgwd - ok

14:56:15.0405 5996 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

14:56:15.0407 5996 AxInstSV - ok

14:56:15.0485 5996 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:56:15.0516 5996 b06bdrv - ok

14:56:15.0607 5996 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:56:15.0636 5996 b57nd60a - ok

14:56:15.0831 5996 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe

14:56:15.0834 5996 BBSvc - ok

14:56:15.0949 5996 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

14:56:15.0953 5996 BBUpdate - ok

14:56:15.0988 5996 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:56:15.0990 5996 BDESVC - ok

14:56:16.0035 5996 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:56:16.0037 5996 Beep - ok

14:56:16.0137 5996 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

14:56:16.0168 5996 BFE - ok

14:56:16.0285 5996 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

14:56:16.0320 5996 BITS - ok

14:56:16.0417 5996 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:56:16.0418 5996 blbdrive - ok

14:56:16.0553 5996 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

14:56:16.0573 5996 Bonjour Service - ok

14:56:16.0608 5996 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

14:56:16.0610 5996 bowser - ok

14:56:16.0653 5996 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:56:16.0655 5996 BrFiltLo - ok

14:56:16.0686 5996 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:56:16.0687 5996 BrFiltUp - ok

14:56:16.0730 5996 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

14:56:16.0733 5996 Browser - ok

14:56:16.0778 5996 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:56:16.0783 5996 Brserid - ok

14:56:16.0813 5996 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:56:16.0814 5996 BrSerWdm - ok

14:56:16.0877 5996 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:56:16.0878 5996 BrUsbMdm - ok

14:56:16.0929 5996 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:56:16.0931 5996 BrUsbSer - ok

14:56:17.0285 5996 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:56:17.0319 5996 BTHMODEM - ok

14:56:17.0390 5996 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:56:17.0395 5996 bthserv - ok

14:56:17.0436 5996 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:56:17.0438 5996 cdfs - ok

14:56:17.0486 5996 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

14:56:17.0492 5996 cdrom - ok

14:56:17.0541 5996 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

14:56:17.0542 5996 CertPropSvc - ok

14:56:17.0641 5996 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

14:56:17.0651 5996 CinemaNow Service - ok

14:56:17.0706 5996 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:56:17.0707 5996 circlass - ok

14:56:17.0761 5996 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:56:17.0766 5996 CLFS - ok

14:56:17.0852 5996 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:56:17.0854 5996 clr_optimization_v2.0.50727_32 - ok

14:56:17.0897 5996 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:56:17.0899 5996 clr_optimization_v2.0.50727_64 - ok

14:56:18.0017 5996 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:56:18.0020 5996 clr_optimization_v4.0.30319_32 - ok

14:56:18.0068 5996 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:56:18.0070 5996 clr_optimization_v4.0.30319_64 - ok

14:56:18.0118 5996 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:56:18.0119 5996 CmBatt - ok

14:56:18.0150 5996 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

14:56:18.0151 5996 cmdide - ok

14:56:18.0227 5996 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

14:56:18.0236 5996 CNG - ok

14:56:18.0280 5996 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:56:18.0281 5996 Compbatt - ok

14:56:18.0338 5996 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

14:56:18.0340 5996 CompositeBus - ok

14:56:18.0361 5996 COMSysApp - ok

14:56:18.0406 5996 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:56:18.0407 5996 crcdisk - ok

14:56:18.0475 5996 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

14:56:18.0480 5996 CryptSvc - ok

14:56:18.0552 5996 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

14:56:18.0558 5996 DcomLaunch - ok

14:56:18.0600 5996 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:56:18.0604 5996 defragsvc - ok

14:56:18.0646 5996 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

14:56:18.0648 5996 DfsC - ok

14:56:18.0715 5996 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

14:56:18.0731 5996 Dhcp - ok

14:56:18.0771 5996 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:56:18.0772 5996 discache - ok

14:56:18.0814 5996 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:56:18.0816 5996 Disk - ok

14:56:18.0866 5996 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

14:56:18.0871 5996 Dnscache - ok

14:56:18.0923 5996 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

14:56:18.0929 5996 dot3svc - ok

14:56:18.0962 5996 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

14:56:18.0967 5996 DPS - ok

14:56:18.0999 5996 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:56:19.0000 5996 drmkaud - ok

14:56:19.0088 5996 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

14:56:19.0107 5996 DXGKrnl - ok

14:56:19.0156 5996 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:56:19.0158 5996 EapHost - ok

14:56:19.0364 5996 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:56:19.0440 5996 ebdrv - ok

14:56:19.0569 5996 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

14:56:19.0571 5996 EFS - ok

14:56:19.0688 5996 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

14:56:19.0697 5996 ehRecvr - ok

14:56:19.0738 5996 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:56:19.0752 5996 ehSched - ok

14:56:19.0849 5996 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:56:19.0866 5996 elxstor - ok

14:56:19.0889 5996 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

14:56:19.0893 5996 ErrDev - ok

14:56:19.0984 5996 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:56:19.0996 5996 EventSystem - ok

14:56:20.0034 5996 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:56:20.0039 5996 exfat - ok

14:56:20.0077 5996 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:56:20.0086 5996 fastfat - ok

14:56:20.0170 5996 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

14:56:20.0179 5996 Fax - ok

14:56:20.0210 5996 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:56:20.0211 5996 fdc - ok

14:56:20.0254 5996 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:56:20.0256 5996 fdPHost - ok

14:56:20.0282 5996 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:56:20.0284 5996 FDResPub - ok

14:56:20.0306 5996 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:56:20.0308 5996 FileInfo - ok

14:56:20.0349 5996 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:56:20.0351 5996 Filetrace - ok

14:56:20.0380 5996 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:56:20.0382 5996 flpydisk - ok

14:56:20.0440 5996 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

14:56:20.0479 5996 FltMgr - ok

14:56:20.0600 5996 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

14:56:20.0612 5996 FontCache - ok

14:56:20.0687 5996 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:56:20.0689 5996 FontCache3.0.0.0 - ok

14:56:20.0751 5996 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:56:20.0753 5996 FsDepends - ok

14:56:20.0812 5996 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

14:56:20.0813 5996 Fs_Rec - ok

14:56:20.0890 5996 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:56:20.0893 5996 fvevol - ok

14:56:20.0934 5996 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:56:20.0936 5996 gagp30kx - ok

14:56:21.0060 5996 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

14:56:21.0069 5996 GameConsoleService - ok

14:56:21.0133 5996 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:56:21.0135 5996 GEARAspiWDM - ok

14:56:21.0220 5996 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

14:56:21.0229 5996 gpsvc - ok

14:56:21.0262 5996 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:56:21.0264 5996 hcw85cir - ok

14:56:21.0331 5996 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

14:56:21.0336 5996 HdAudAddService - ok

14:56:21.0390 5996 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:56:21.0392 5996 HDAudBus - ok

14:56:21.0446 5996 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:56:21.0447 5996 HidBatt - ok

14:56:21.0470 5996 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:56:21.0472 5996 HidBth - ok

14:56:21.0539 5996 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:56:21.0540 5996 HidIr - ok

14:56:21.0581 5996 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

14:56:21.0583 5996 hidserv - ok

14:56:21.0634 5996 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

14:56:21.0636 5996 HidUsb - ok

14:56:21.0664 5996 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

14:56:21.0666 5996 hkmsvc - ok

14:56:21.0701 5996 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

14:56:21.0709 5996 HomeGroupListener - ok

14:56:21.0741 5996 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

14:56:21.0751 5996 HomeGroupProvider - ok

14:56:21.0898 5996 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

14:56:21.0903 5996 HP Support Assistant Service - ok

14:56:22.0011 5996 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

14:56:22.0021 5996 HP Wireless Assistant Service - ok

14:56:22.0083 5996 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

14:56:22.0085 5996 HPDrvMntSvc.exe - ok

14:56:22.0180 5996 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

14:56:22.0190 5996 hpqwmiex - ok

14:56:22.0260 5996 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

14:56:22.0262 5996 HpSAMD - ok

14:56:22.0350 5996 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

14:56:22.0351 5996 HPWMISVC - ok

14:56:22.0439 5996 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

14:56:22.0447 5996 HTTP - ok

14:56:22.0464 5996 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

14:56:22.0465 5996 hwpolicy - ok

14:56:22.0518 5996 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

14:56:22.0521 5996 i8042prt - ok

14:56:22.0601 5996 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys

14:56:22.0605 5996 iaStor - ok

14:56:22.0668 5996 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

14:56:22.0676 5996 iaStorV - ok

14:56:22.0820 5996 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:56:22.0832 5996 idsvc - ok

14:56:23.0268 5996 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys

14:56:23.0464 5996 igfx - ok

14:56:23.0603 5996 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:56:23.0605 5996 iirsp - ok

14:56:23.0693 5996 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

14:56:23.0707 5996 IKEEXT - ok

14:56:23.0863 5996 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys

14:56:23.0913 5996 IntcAzAudAddService - ok

14:56:24.0041 5996 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

14:56:24.0043 5996 intelide - ok

14:56:24.0099 5996 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:56:24.0101 5996 intelppm - ok

14:56:24.0145 5996 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:56:24.0148 5996 IPBusEnum - ok

14:56:24.0188 5996 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:56:24.0192 5996 IpFilterDriver - ok

14:56:24.0255 5996 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

14:56:24.0270 5996 iphlpsvc - ok

14:56:24.0312 5996 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

14:56:24.0314 5996 IPMIDRV - ok

14:56:24.0335 5996 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:56:24.0337 5996 IPNAT - ok

14:56:24.0483 5996 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe

14:56:24.0524 5996 iPod Service - ok

14:56:24.0573 5996 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:56:24.0577 5996 IRENUM - ok

14:56:24.0600 5996 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

14:56:24.0602 5996 isapnp - ok

14:56:24.0647 5996 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

14:56:24.0656 5996 iScsiPrt - ok

14:56:24.0709 5996 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:56:24.0711 5996 kbdclass - ok

14:56:24.0751 5996 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

14:56:24.0752 5996 kbdhid - ok

14:56:24.0813 5996 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:56:24.0814 5996 KeyIso - ok

14:56:24.0843 5996 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

14:56:24.0846 5996 KSecDD - ok

14:56:24.0879 5996 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

14:56:24.0882 5996 KSecPkg - ok

14:56:24.0924 5996 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:56:24.0925 5996 ksthunk - ok

14:56:24.0982 5996 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:56:24.0992 5996 KtmRm - ok

14:56:25.0050 5996 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

14:56:25.0057 5996 LanmanServer - ok

14:56:25.0108 5996 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

14:56:25.0115 5996 LanmanWorkstation - ok

14:56:25.0233 5996 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

14:56:25.0235 5996 LightScribeService - ok

14:56:25.0279 5996 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:56:25.0280 5996 lltdio - ok

14:56:25.0336 5996 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:56:25.0363 5996 lltdsvc - ok

14:56:25.0391 5996 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:56:25.0393 5996 lmhosts - ok

14:56:25.0438 5996 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:56:25.0440 5996 LSI_FC - ok

14:56:25.0476 5996 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:56:25.0482 5996 LSI_SAS - ok

14:56:25.0505 5996 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:56:25.0508 5996 LSI_SAS2 - ok

14:56:25.0544 5996 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:56:25.0547 5996 LSI_SCSI - ok

14:56:25.0575 5996 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:56:25.0577 5996 luafv - ok

14:56:25.0621 5996 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

14:56:25.0623 5996 Mcx2Svc - ok

14:56:25.0670 5996 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:56:25.0671 5996 megasas - ok

14:56:25.0725 5996 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:56:25.0731 5996 MegaSR - ok

14:56:25.0857 5996 Microsoft SharePoint Workspace Audit Service - ok

14:56:25.0909 5996 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:56:25.0912 5996 MMCSS - ok

14:56:25.0949 5996 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:56:25.0950 5996 Modem - ok

14:56:26.0005 5996 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:56:26.0005 5996 monitor - ok

14:56:26.0040 5996 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:56:26.0042 5996 mouclass - ok

14:56:26.0071 5996 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:56:26.0073 5996 mouhid - ok

14:56:26.0121 5996 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

14:56:26.0123 5996 mountmgr - ok

14:56:26.0176 5996 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:56:26.0208 5996 MozillaMaintenance - ok

14:56:26.0256 5996 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

14:56:26.0259 5996 mpio - ok

14:56:26.0304 5996 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:56:26.0306 5996 mpsdrv - ok

14:56:26.0394 5996 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

14:56:26.0410 5996 MpsSvc - ok

14:56:26.0447 5996 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

14:56:26.0450 5996 MRxDAV - ok

14:56:26.0502 5996 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:56:26.0509 5996 mrxsmb - ok

14:56:26.0547 5996 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:56:26.0563 5996 mrxsmb10 - ok

14:56:26.0604 5996 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:56:26.0607 5996 mrxsmb20 - ok

14:56:26.0646 5996 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys

14:56:26.0648 5996 msahci - ok

14:56:26.0693 5996 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

14:56:26.0697 5996 msdsm - ok

14:56:26.0743 5996 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:56:26.0746 5996 MSDTC - ok

14:56:26.0800 5996 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:56:26.0802 5996 Msfs - ok

14:56:26.0839 5996 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:56:26.0841 5996 mshidkmdf - ok

14:56:26.0883 5996 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

14:56:26.0885 5996 msisadrv - ok

14:56:26.0937 5996 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:56:26.0949 5996 MSiSCSI - ok

14:56:26.0959 5996 msiserver - ok

14:56:27.0001 5996 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:56:27.0002 5996 MSKSSRV - ok

14:56:27.0033 5996 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:56:27.0034 5996 MSPCLOCK - ok

14:56:27.0049 5996 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:56:27.0050 5996 MSPQM - ok

14:56:27.0097 5996 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

14:56:27.0107 5996 MsRPC - ok

14:56:27.0141 5996 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

14:56:27.0142 5996 mssmbios - ok

14:56:27.0167 5996 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:56:27.0168 5996 MSTEE - ok

14:56:27.0207 5996 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:56:27.0209 5996 MTConfig - ok

14:56:27.0247 5996 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:56:27.0249 5996 Mup - ok

14:56:27.0311 5996 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

14:56:27.0318 5996 napagent - ok

14:56:27.0414 5996 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:56:27.0429 5996 NativeWifiP - ok

14:56:27.0520 5996 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

14:56:27.0530 5996 NDIS - ok

14:56:27.0571 5996 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:56:27.0572 5996 NdisCap - ok

14:56:27.0609 5996 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:56:27.0611 5996 NdisTapi - ok

14:56:27.0646 5996 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

14:56:27.0648 5996 Ndisuio - ok

14:56:27.0680 5996 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

14:56:27.0691 5996 NdisWan - ok

14:56:27.0711 5996 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

14:56:27.0713 5996 NDProxy - ok

14:56:27.0756 5996 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:56:27.0758 5996 NetBIOS - ok

14:56:27.0795 5996 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

14:56:27.0798 5996 NetBT - ok

14:56:27.0846 5996 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:56:27.0848 5996 Netlogon - ok

14:56:27.0918 5996 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:56:27.0931 5996 Netman - ok

14:56:27.0976 5996 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:56:27.0982 5996 netprofm - ok

14:56:28.0066 5996 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:56:28.0069 5996 NetTcpPortSharing - ok

14:56:28.0353 5996 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

14:56:28.0454 5996 netw5v64 - ok

14:56:28.0589 5996 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:56:28.0591 5996 nfrd960 - ok

14:56:28.0656 5996 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

14:56:28.0672 5996 NlaSvc - ok

14:56:28.0898 5996 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

14:56:28.0976 5996 NOBU - ok

14:56:29.0105 5996 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:56:29.0107 5996 Npfs - ok

14:56:29.0145 5996 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:56:29.0150 5996 nsi - ok

14:56:29.0173 5996 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:56:29.0174 5996 nsiproxy - ok

14:56:29.0295 5996 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

14:56:29.0331 5996 Ntfs - ok

14:56:29.0491 5996 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:56:29.0492 5996 Null - ok

14:56:29.0538 5996 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

14:56:29.0541 5996 nvraid - ok

14:56:29.0578 5996 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

14:56:29.0589 5996 nvstor - ok

14:56:29.0616 5996 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

14:56:29.0622 5996 nv_agp - ok

14:56:29.0665 5996 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

14:56:29.0670 5996 ohci1394 - ok

14:56:29.0772 5996 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:56:29.0775 5996 ose - ok

14:56:30.0133 5996 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

14:56:30.0229 5996 osppsvc - ok

14:56:30.0374 5996 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:56:30.0389 5996 p2pimsvc - ok

14:56:30.0436 5996 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:56:30.0444 5996 p2psvc - ok

14:56:30.0515 5996 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:56:30.0517 5996 Parport - ok

14:56:30.0569 5996 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

14:56:30.0609 5996 partmgr - ok

14:56:30.0673 5996 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:56:30.0685 5996 PcaSvc - ok

14:56:30.0746 5996 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

14:56:30.0756 5996 pci - ok

14:56:30.0777 5996 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

14:56:30.0779 5996 pciide - ok

14:56:30.0842 5996 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:56:30.0848 5996 pcmcia - ok

14:56:30.0873 5996 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:56:30.0875 5996 pcw - ok

14:56:30.0936 5996 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:56:30.0956 5996 PEAUTH - ok

14:56:31.0057 5996 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:56:31.0059 5996 PerfHost - ok

14:56:31.0212 5996 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

14:56:31.0243 5996 pla - ok

14:56:31.0305 5996 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

14:56:31.0317 5996 PlugPlay - ok

14:56:31.0366 5996 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:56:31.0371 5996 PNRPAutoReg - ok

14:56:31.0408 5996 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:56:31.0412 5996 PNRPsvc - ok

14:56:31.0477 5996 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

14:56:31.0496 5996 PolicyAgent - ok

14:56:31.0557 5996 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:56:31.0569 5996 Power - ok

14:56:31.0638 5996 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

14:56:31.0640 5996 PptpMiniport - ok

14:56:31.0688 5996 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:56:31.0690 5996 Processor - ok

14:56:31.0751 5996 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

14:56:31.0762 5996 ProfSvc - ok

14:56:31.0802 5996 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:56:31.0803 5996 ProtectedStorage - ok

14:56:31.0862 5996 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

14:56:31.0864 5996 Psched - ok

14:56:31.0991 5996 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:56:32.0020 5996 ql2300 - ok

14:56:32.0165 5996 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:56:32.0168 5996 ql40xx - ok

14:56:32.0224 5996 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:56:32.0231 5996 QWAVE - ok

14:56:32.0249 5996 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:56:32.0251 5996 QWAVEdrv - ok

14:56:32.0279 5996 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:56:32.0280 5996 RasAcd - ok

14:56:32.0333 5996 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:56:32.0335 5996 RasAgileVpn - ok

14:56:32.0395 5996 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:56:32.0399 5996 RasAuto - ok

14:56:32.0421 5996 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:56:32.0426 5996 Rasl2tp - ok

14:56:32.0469 5996 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

14:56:32.0484 5996 RasMan - ok

14:56:32.0527 5996 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:56:32.0529 5996 RasPppoe - ok

14:56:32.0576 5996 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:56:32.0578 5996 RasSstp - ok

14:56:32.0622 5996 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

14:56:32.0631 5996 rdbss - ok

14:56:32.0673 5996 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:56:32.0675 5996 rdpbus - ok

14:56:32.0700 5996 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:56:32.0701 5996 RDPCDD - ok

14:56:32.0736 5996 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:56:32.0737 5996 RDPENCDD - ok

14:56:32.0765 5996 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:56:32.0766 5996 RDPREFMP - ok

14:56:32.0819 5996 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys

14:56:32.0861 5996 RDPWD - ok

14:56:32.0918 5996 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

14:56:32.0926 5996 rdyboost - ok

14:56:32.0963 5996 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:56:32.0967 5996 RemoteAccess - ok

14:56:33.0012 5996 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:56:33.0024 5996 RemoteRegistry - ok

14:56:33.0061 5996 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:56:33.0064 5996 RpcEptMapper - ok

14:56:33.0099 5996 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:56:33.0101 5996 RpcLocator - ok

14:56:33.0160 5996 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

14:56:33.0164 5996 RpcSs - ok

14:56:33.0212 5996 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:56:33.0214 5996 rspndr - ok

14:56:33.0293 5996 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys

14:56:33.0300 5996 RSUSBSTOR - ok

14:56:33.0356 5996 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys

14:56:33.0391 5996 RTL8167 - ok

14:56:33.0530 5996 rtl8192se (cd8f32bb993b98e6705f11504a7f7250) C:\Windows\system32\DRIVERS\rtl8192se.sys

14:56:33.0545 5996 rtl8192se - ok

14:56:33.0691 5996 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

14:56:33.0706 5996 RtVOsdService - ok

14:56:33.0835 5996 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:56:33.0836 5996 SamSs - ok

14:56:33.0893 5996 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

14:56:33.0896 5996 sbp2port - ok

14:56:33.0951 5996 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:56:33.0961 5996 SCardSvr - ok

14:56:33.0985 5996 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

14:56:33.0986 5996 scfilter - ok

14:56:34.0084 5996 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

14:56:34.0102 5996 Schedule - ok

14:56:34.0152 5996 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

14:56:34.0153 5996 SCPolicySvc - ok

14:56:34.0210 5996 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys

14:56:34.0212 5996 sdbus - ok

14:56:34.0259 5996 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

14:56:34.0271 5996 SDRSVC - ok

14:56:34.0305 5996 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:56:34.0307 5996 secdrv - ok

14:56:34.0329 5996 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

14:56:34.0331 5996 seclogon - ok

14:56:34.0355 5996 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

14:56:34.0358 5996 SENS - ok

14:56:34.0412 5996 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:56:34.0414 5996 SensrSvc - ok

14:56:34.0447 5996 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:56:34.0451 5996 Serenum - ok

14:56:34.0494 5996 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:56:34.0499 5996 Serial - ok

14:56:34.0529 5996 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:56:34.0550 5996 sermouse - ok

14:56:34.0604 5996 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

14:56:34.0606 5996 SessionEnv - ok

14:56:34.0640 5996 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

14:56:34.0642 5996 sffdisk - ok

14:56:34.0682 5996 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

14:56:34.0683 5996 sffp_mmc - ok

14:56:34.0714 5996 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

14:56:34.0715 5996 sffp_sd - ok

14:56:34.0764 5996 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:56:34.0765 5996 sfloppy - ok

14:56:34.0829 5996 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:56:34.0842 5996 SharedAccess - ok

14:56:34.0901 5996 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

14:56:34.0915 5996 ShellHWDetection - ok

14:56:34.0954 5996 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:56:34.0955 5996 SiSRaid2 - ok

14:56:34.0997 5996 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:56:34.0999 5996 SiSRaid4 - ok

14:56:35.0042 5996 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:56:35.0045 5996 Smb - ok

14:56:35.0109 5996 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:56:35.0112 5996 SNMPTRAP - ok

14:56:35.0140 5996 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:56:35.0141 5996 spldr - ok

14:56:35.0215 5996 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

14:56:35.0223 5996 Spooler - ok

14:56:35.0461 5996 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

14:56:35.0521 5996 sppsvc - ok

14:56:35.0657 5996 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:56:35.0659 5996 sppuinotify - ok

14:56:35.0730 5996 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

14:56:35.0739 5996 srv - ok

14:56:35.0811 5996 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

14:56:35.0825 5996 srv2 - ok

14:56:35.0884 5996 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

14:56:35.0900 5996 SrvHsfHDA - ok

14:56:36.0001 5996 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

14:56:36.0039 5996 SrvHsfV92 - ok

14:56:36.0233 5996 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

14:56:36.0248 5996 SrvHsfWinac - ok

14:56:36.0312 5996 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

14:56:36.0317 5996 srvnet - ok

14:56:36.0381 5996 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:56:36.0390 5996 SSDPSRV - ok

14:56:36.0417 5996 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:56:36.0420 5996 SstpSvc - ok

14:56:36.0463 5996 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:56:36.0464 5996 stexstor - ok

14:56:36.0537 5996 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

14:56:36.0552 5996 stisvc - ok

14:56:36.0586 5996 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

14:56:36.0587 5996 swenum - ok

14:56:36.0643 5996 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:56:36.0661 5996 swprv - ok

14:56:36.0802 5996 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

14:56:36.0835 5996 SynTP - ok

14:56:37.0050 5996 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

14:56:37.0085 5996 SysMain - ok

14:56:37.0211 5996 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

14:56:37.0214 5996 TabletInputService - ok

14:56:37.0257 5996 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

14:56:37.0269 5996 TapiSrv - ok

14:56:37.0299 5996 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:56:37.0302 5996 TBS - ok

14:56:37.0477 5996 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

14:56:37.0519 5996 Tcpip - ok

14:56:37.0756 5996 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

14:56:37.0767 5996 TCPIP6 - ok

14:56:37.0865 5996 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

14:56:37.0867 5996 tcpipreg - ok

14:56:37.0906 5996 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:56:37.0907 5996 TDPIPE - ok

14:56:37.0947 5996 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

14:56:37.0949 5996 TDTCP - ok

14:56:38.0003 5996 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

14:56:38.0005 5996 tdx - ok

14:56:38.0036 5996 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

14:56:38.0038 5996 TermDD - ok

14:56:38.0118 5996 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

14:56:38.0138 5996 TermService - ok

14:56:38.0159 5996 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:56:38.0164 5996 Themes - ok

14:56:38.0207 5996 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:56:38.0209 5996 THREADORDER - ok

14:56:38.0263 5996 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:56:38.0266 5996 TrkWks - ok

14:56:38.0334 5996 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

14:56:38.0337 5996 TrustedInstaller - ok

14:56:38.0383 5996 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:56:38.0385 5996 tssecsrv - ok

14:56:38.0415 5996 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

14:56:38.0418 5996 tunnel - ok

14:56:38.0463 5996 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:56:38.0465 5996 uagp35 - ok

14:56:38.0527 5996 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys

14:56:38.0531 5996 udfs - ok

14:56:38.0581 5996 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:56:38.0586 5996 UI0Detect - ok

14:56:38.0622 5996 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

14:56:38.0624 5996 uliagpkx - ok

14:56:38.0679 5996 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

14:56:38.0684 5996 umbus - ok

14:56:38.0712 5996 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:56:38.0716 5996 UmPass - ok

14:56:38.0784 5996 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:56:38.0798 5996 upnphost - ok

14:56:38.0852 5996 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

14:56:38.0865 5996 USBAAPL64 - ok

14:56:38.0922 5996 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

14:56:38.0939 5996 usbaudio - ok

14:56:38.0997 5996 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

14:56:39.0000 5996 usbccgp - ok

14:56:39.0045 5996 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

14:56:39.0047 5996 usbcir - ok

14:56:39.0090 5996 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys

14:56:39.0091 5996 usbehci - ok

14:56:39.0155 5996 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

14:56:39.0169 5996 usbhub - ok

14:56:39.0197 5996 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

14:56:39.0199 5996 usbohci - ok

14:56:39.0251 5996 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:56:39.0253 5996 usbprint - ok

14:56:39.0288 5996 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:56:39.0291 5996 USBSTOR - ok

14:56:39.0322 5996 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys

14:56:39.0325 5996 usbuhci - ok

14:56:39.0402 5996 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:56:39.0405 5996 UxSms - ok

14:56:39.0447 5996 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:56:39.0448 5996 VaultSvc - ok

14:56:39.0497 5996 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

14:56:39.0499 5996 vdrvroot - ok

14:56:39.0559 5996 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

14:56:39.0576 5996 vds - ok

14:56:39.0599 5996 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:56:39.0600 5996 vga - ok

14:56:39.0625 5996 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:56:39.0627 5996 VgaSave - ok

14:56:39.0676 5996 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

14:56:39.0685 5996 vhdmp - ok

14:56:39.0716 5996 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

14:56:39.0717 5996 viaide - ok

14:56:39.0756 5996 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

14:56:39.0758 5996 volmgr - ok

14:56:39.0816 5996 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

14:56:39.0821 5996 volmgrx - ok

14:56:39.0882 5996 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

14:56:39.0911 5996 volsnap - ok

14:56:39.0968 5996 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:56:39.0971 5996 vsmraid - ok

14:56:40.0110 5996 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

14:56:40.0150 5996 VSS - ok

14:56:40.0284 5996 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

14:56:40.0289 5996 vwifibus - ok

14:56:40.0336 5996 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

14:56:40.0338 5996 vwififlt - ok

14:56:40.0382 5996 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

14:56:40.0386 5996 vwifimp - ok

14:56:40.0451 5996 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:56:40.0464 5996 W32Time - ok

14:56:40.0509 5996 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:56:40.0511 5996 WacomPen - ok

14:56:40.0571 5996 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

14:56:40.0573 5996 WANARP - ok

14:56:40.0599 5996 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

14:56:40.0600 5996 Wanarpv6 - ok

14:56:40.0726 5996 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

14:56:40.0803 5996 WatAdminSvc - ok

14:56:40.0935 5996 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

14:56:40.0965 5996 wbengine - ok

14:56:41.0110 5996 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:56:41.0120 5996 WbioSrvc - ok

14:56:41.0199 5996 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

14:56:41.0212 5996 wcncsvc - ok

14:56:41.0239 5996 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:56:41.0245 5996 WcsPlugInService - ok

14:56:41.0310 5996 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:56:41.0311 5996 Wd - ok

14:56:41.0376 5996 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:56:41.0388 5996 Wdf01000 - ok

14:56:41.0457 5996 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:56:41.0460 5996 WdiServiceHost - ok

14:56:41.0472 5996 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:56:41.0475 5996 WdiSystemHost - ok

14:56:41.0526 5996 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

14:56:41.0531 5996 WebClient - ok

14:56:41.0571 5996 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:56:41.0579 5996 Wecsvc - ok

14:56:41.0608 5996 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:56:41.0611 5996 wercplsupport - ok

14:56:41.0653 5996 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:56:41.0656 5996 WerSvc - ok

14:56:41.0732 5996 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:56:41.0734 5996 WfpLwf - ok

14:56:41.0765 5996 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:56:41.0766 5996 WIMMount - ok

14:56:41.0825 5996 WinDefend - ok

14:56:41.0840 5996 WinHttpAutoProxySvc - ok

14:56:41.0923 5996 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:56:41.0932 5996 Winmgmt - ok

14:56:42.0065 5996 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

14:56:42.0113 5996 WinRM - ok

14:56:42.0300 5996 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:56:42.0320 5996 Wlansvc - ok

14:56:42.0522 5996 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:56:42.0574 5996 wlidsvc - ok

14:56:42.0721 5996 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

14:56:42.0723 5996 WmiAcpi - ok

14:56:42.0813 5996 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:56:42.0822 5996 wmiApSrv - ok

14:56:42.0885 5996 WMPNetworkSvc - ok

14:56:42.0916 5996 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:56:42.0919 5996 WPCSvc - ok

14:56:42.0944 5996 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

14:56:42.0951 5996 WPDBusEnum - ok

14:56:42.0985 5996 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:56:42.0986 5996 ws2ifsl - ok

14:56:43.0042 5996 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

14:56:43.0045 5996 wscsvc - ok

14:56:43.0055 5996 WSearch - ok

14:56:43.0204 5996 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

14:56:43.0252 5996 wuauserv - ok

14:56:43.0398 5996 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

14:56:43.0403 5996 WudfPf - ok

14:56:43.0453 5996 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:56:43.0463 5996 WUDFRd - ok

14:56:43.0505 5996 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

14:56:43.0508 5996 wudfsvc - ok

14:56:43.0565 5996 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:56:43.0569 5996 WwanSvc - ok

14:56:43.0639 5996 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

14:56:43.0651 5996 yukonw7 - ok

14:56:43.0698 5996 MBR (0x1B8) (8ffbb27037b29e6fbfc4eb4fbd8c137e) \Device\Harddisk0\DR0

14:56:43.0737 5996 \Device\Harddisk0\DR0 - ok

14:56:43.0774 5996 Boot (0x1200) (c496ac5169381a53411fbd2bfbbf90fd) \Device\Harddisk0\DR0\Partition0

14:56:43.0776 5996 \Device\Harddisk0\DR0\Partition0 - ok

14:56:43.0798 5996 Boot (0x1200) (2a3c115f434efa736afb940118af559b) \Device\Harddisk0\DR0\Partition1

14:56:43.0799 5996 \Device\Harddisk0\DR0\Partition1 - ok

14:56:43.0841 5996 Boot (0x1200) (fd7cb2589a26cf2b7e5ead4264b06109) \Device\Harddisk0\DR0\Partition2

14:56:43.0843 5996 \Device\Harddisk0\DR0\Partition2 - ok

14:56:43.0871 5996 Boot (0x1200) (e2e9bf26d0f3321161d32c27fb773c68) \Device\Harddisk0\DR0\Partition3

14:56:43.0872 5996 \Device\Harddisk0\DR0\Partition3 - ok

14:56:43.0876 5996 ============================================================

14:56:43.0876 5996 Scan finished

14:56:43.0876 5996 ============================================================

14:56:43.0895 4592 Detected object count: 0

14:56:43.0895 4592 Actual detected object count: 0

14:57:27.0590 5428 ============================================================

14:57:27.0591 5428 Scan started

14:57:27.0591 5428 Mode: Manual;

14:57:27.0591 5428 ============================================================

14:57:27.0799 5428 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

14:57:27.0801 5428 1394ohci - ok

14:57:27.0871 5428 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

14:57:27.0876 5428 ACPI - ok

14:57:27.0924 5428 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

14:57:27.0924 5428 AcpiPmi - ok

14:57:27.0972 5428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:57:27.0976 5428 adp94xx - ok

14:57:28.0046 5428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:57:28.0049 5428 adpahci - ok

14:57:28.0131 5428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:57:28.0135 5428 adpu320 - ok

14:57:28.0177 5428 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:57:28.0178 5428 AeLookupSvc - ok

14:57:28.0275 5428 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

14:57:28.0276 5428 AERTFilters - ok

14:57:28.0343 5428 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

14:57:28.0346 5428 AFD - ok

14:57:28.0388 5428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

14:57:28.0389 5428 agp440 - ok

14:57:28.0436 5428 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:57:28.0437 5428 ALG - ok

14:57:28.0462 5428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

14:57:28.0463 5428 aliide - ok

14:57:28.0491 5428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

14:57:28.0492 5428 amdide - ok

14:57:28.0520 5428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:57:28.0523 5428 AmdK8 - ok

14:57:28.0548 5428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:57:28.0549 5428 AmdPPM - ok

14:57:28.0596 5428 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

14:57:28.0597 5428 amdsata - ok

14:57:28.0655 5428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:57:28.0656 5428 amdsbs - ok

14:57:28.0679 5428 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

14:57:28.0680 5428 amdxata - ok

14:57:28.0723 5428 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

14:57:28.0724 5428 AppID - ok

14:57:28.0766 5428 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:57:28.0767 5428 AppIDSvc - ok

14:57:28.0789 5428 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

14:57:28.0790 5428 Appinfo - ok

14:57:28.0884 5428 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:57:28.0886 5428 Apple Mobile Device - ok

14:57:28.0919 5428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:57:28.0920 5428 arc - ok

14:57:28.0968 5428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:57:28.0969 5428 arcsas - ok

14:57:29.0015 5428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:57:29.0015 5428 AsyncMac - ok

14:57:29.0044 5428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

14:57:29.0044 5428 atapi - ok

14:57:29.0113 5428 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

14:57:29.0117 5428 AudioEndpointBuilder - ok

14:57:29.0130 5428 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

14:57:29.0134 5428 AudioSrv - ok

14:57:29.0440 5428 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

14:57:29.0468 5428 AVGIDSAgent - ok

14:57:29.0636 5428 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

14:57:29.0637 5428 AVGIDSDriver - ok

14:57:29.0663 5428 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

14:57:29.0664 5428 AVGIDSEH - ok

14:57:29.0678 5428 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

14:57:29.0678 5428 AVGIDSFilter - ok

14:57:29.0724 5428 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

14:57:29.0726 5428 Avgldx64 - ok

14:57:29.0744 5428 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

14:57:29.0745 5428 Avgmfx64 - ok

14:57:29.0774 5428 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

14:57:29.0774 5428 Avgrkx64 - ok

14:57:29.0824 5428 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

14:57:29.0827 5428 Avgtdia - ok

14:57:29.0960 5428 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

14:57:29.0962 5428 avgwd - ok

14:57:30.0006 5428 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

14:57:30.0017 5428 AxInstSV - ok

14:57:30.0092 5428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:57:30.0096 5428 b06bdrv - ok

14:57:30.0154 5428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:57:30.0156 5428 b57nd60a - ok

14:57:30.0310 5428 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe

14:57:30.0311 5428 BBSvc - ok

14:57:30.0428 5428 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

14:57:30.0430 5428 BBUpdate - ok

14:57:30.0475 5428 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:57:30.0476 5428 BDESVC - ok

14:57:30.0514 5428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:57:30.0514 5428 Beep - ok

14:57:30.0574 5428 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

14:57:30.0579 5428 BFE - ok

14:57:30.0664 5428 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

14:57:30.0670 5428 BITS - ok

14:57:30.0740 5428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:57:30.0741 5428 blbdrive - ok

14:57:30.0861 5428 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

14:57:30.0864 5428 Bonjour Service - ok

14:57:30.0898 5428 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

14:57:30.0899 5428 bowser - ok

14:57:30.0943 5428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:57:30.0944 5428 BrFiltLo - ok

14:57:30.0975 5428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:57:30.0976 5428 BrFiltUp - ok

14:57:31.0017 5428 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

14:57:31.0021 5428 Browser - ok

14:57:31.0059 5428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:57:31.0061 5428 Brserid - ok

Share this post


Link to post
Share on other sites

14:57:31.0089 5428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:57:31.0090 5428 BrSerWdm - ok

14:57:31.0121 5428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:57:31.0122 5428 BrUsbMdm - ok

14:57:31.0144 5428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:57:31.0144 5428 BrUsbSer - ok

14:57:31.0170 5428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:57:31.0171 5428 BTHMODEM - ok

14:57:31.0226 5428 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:57:31.0227 5428 bthserv - ok

14:57:31.0259 5428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:57:31.0260 5428 cdfs - ok

14:57:31.0302 5428 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

14:57:31.0303 5428 cdrom - ok

14:57:31.0333 5428 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

14:57:31.0334 5428 CertPropSvc - ok

14:57:31.0408 5428 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

14:57:31.0410 5428 CinemaNow Service - ok

14:57:31.0451 5428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:57:31.0452 5428 circlass - ok

14:57:31.0511 5428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:57:31.0514 5428 CLFS - ok

14:57:31.0606 5428 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:57:31.0607 5428 clr_optimization_v2.0.50727_32 - ok

14:57:31.0653 5428 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:57:31.0654 5428 clr_optimization_v2.0.50727_64 - ok

14:57:31.0740 5428 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:57:31.0742 5428 clr_optimization_v4.0.30319_32 - ok

14:57:31.0791 5428 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:57:31.0793 5428 clr_optimization_v4.0.30319_64 - ok

14:57:31.0832 5428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:57:31.0833 5428 CmBatt - ok

14:57:31.0864 5428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

14:57:31.0865 5428 cmdide - ok

14:57:31.0938 5428 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

14:57:31.0941 5428 CNG - ok

14:57:31.0969 5428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:57:31.0970 5428 Compbatt - ok

14:57:31.0996 5428 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

14:57:31.0996 5428 CompositeBus - ok

14:57:32.0010 5428 COMSysApp - ok

14:57:32.0051 5428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:57:32.0052 5428 crcdisk - ok

14:57:32.0111 5428 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

14:57:32.0113 5428 CryptSvc - ok

14:57:32.0187 5428 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

14:57:32.0192 5428 DcomLaunch - ok

14:57:32.0233 5428 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:57:32.0238 5428 defragsvc - ok

14:57:32.0281 5428 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

14:57:32.0282 5428 DfsC - ok

14:57:32.0327 5428 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

14:57:32.0329 5428 Dhcp - ok

14:57:32.0360 5428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:57:32.0361 5428 discache - ok

14:57:32.0404 5428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:57:32.0404 5428 Disk - ok

14:57:32.0455 5428 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

14:57:32.0457 5428 Dnscache - ok

14:57:32.0523 5428 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

14:57:32.0525 5428 dot3svc - ok

14:57:32.0566 5428 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

14:57:32.0568 5428 DPS - ok

14:57:32.0597 5428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:57:32.0598 5428 drmkaud - ok

14:57:32.0680 5428 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

14:57:32.0686 5428 DXGKrnl - ok

14:57:32.0714 5428 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:57:32.0715 5428 EapHost - ok

14:57:32.0891 5428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:57:32.0911 5428 ebdrv - ok

14:57:33.0035 5428 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

14:57:33.0037 5428 EFS - ok

14:57:33.0121 5428 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

14:57:33.0125 5428 ehRecvr - ok

14:57:33.0169 5428 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:57:33.0170 5428 ehSched - ok

14:57:33.0273 5428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:57:33.0277 5428 elxstor - ok

14:57:33.0300 5428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

14:57:33.0300 5428 ErrDev - ok

14:57:33.0373 5428 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:57:33.0376 5428 EventSystem - ok

14:57:33.0433 5428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:57:33.0435 5428 exfat - ok

14:57:33.0476 5428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:57:33.0478 5428 fastfat - ok

14:57:33.0546 5428 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

14:57:33.0551 5428 Fax - ok

14:57:33.0577 5428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:57:33.0577 5428 fdc - ok

14:57:33.0610 5428 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:57:33.0611 5428 fdPHost - ok

14:57:33.0635 5428 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:57:33.0636 5428 FDResPub - ok

14:57:33.0663 5428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:57:33.0664 5428 FileInfo - ok

14:57:33.0682 5428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:57:33.0683 5428 Filetrace - ok

14:57:33.0713 5428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:57:33.0714 5428 flpydisk - ok

14:57:33.0764 5428 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

14:57:33.0766 5428 FltMgr - ok

14:57:33.0878 5428 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

14:57:33.0886 5428 FontCache - ok

14:57:33.0951 5428 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:57:33.0952 5428 FontCache3.0.0.0 - ok

14:57:34.0020 5428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:57:34.0021 5428 FsDepends - ok

14:57:34.0078 5428 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

14:57:34.0079 5428 Fs_Rec - ok

14:57:34.0134 5428 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:57:34.0135 5428 fvevol - ok

14:57:34.0168 5428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:57:34.0169 5428 gagp30kx - ok

14:57:34.0284 5428 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

14:57:34.0286 5428 GameConsoleService - ok

14:57:34.0333 5428 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:57:34.0334 5428 GEARAspiWDM - ok

14:57:34.0416 5428 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

14:57:34.0422 5428 gpsvc - ok

14:57:34.0462 5428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:57:34.0463 5428 hcw85cir - ok

14:57:34.0515 5428 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

14:57:34.0517 5428 HdAudAddService - ok

14:57:34.0546 5428 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:57:34.0547 5428 HDAudBus - ok

14:57:34.0579 5428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:57:34.0579 5428 HidBatt - ok

14:57:34.0611 5428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:57:34.0612 5428 HidBth - ok

14:57:34.0639 5428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:57:34.0640 5428 HidIr - ok

14:57:34.0671 5428 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

14:57:34.0672 5428 hidserv - ok

14:57:34.0697 5428 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

14:57:34.0698 5428 HidUsb - ok

14:57:34.0728 5428 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

14:57:34.0729 5428 hkmsvc - ok

14:57:34.0770 5428 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

14:57:34.0773 5428 HomeGroupListener - ok

14:57:34.0819 5428 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

14:57:34.0822 5428 HomeGroupProvider - ok

14:57:34.0944 5428 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

14:57:34.0945 5428 HP Support Assistant Service - ok

14:57:35.0033 5428 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

14:57:35.0035 5428 HP Wireless Assistant Service - ok

14:57:35.0082 5428 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

14:57:35.0084 5428 HPDrvMntSvc.exe - ok

14:57:35.0173 5428 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

14:57:35.0178 5428 hpqwmiex - ok

14:57:35.0238 5428 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

14:57:35.0239 5428 HpSAMD - ok

14:57:35.0294 5428 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

14:57:35.0295 5428 HPWMISVC - ok

14:57:35.0379 5428 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

14:57:35.0384 5428 HTTP - ok

14:57:35.0420 5428 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

14:57:35.0420 5428 hwpolicy - ok

14:57:35.0453 5428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

14:57:35.0454 5428 i8042prt - ok

14:57:35.0538 5428 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys

14:57:35.0544 5428 iaStor - ok

14:57:35.0601 5428 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

14:57:35.0604 5428 iaStorV - ok

14:57:35.0733 5428 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:57:35.0739 5428 idsvc - ok

14:57:36.0173 5428 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys

14:57:36.0240 5428 igfx - ok

14:57:36.0370 5428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:57:36.0371 5428 iirsp - ok

14:57:36.0450 5428 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

14:57:36.0456 5428 IKEEXT - ok

14:57:36.0619 5428 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys

14:57:36.0633 5428 IntcAzAudAddService - ok

14:57:36.0763 5428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

14:57:36.0764 5428 intelide - ok

14:57:36.0812 5428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:57:36.0813 5428 intelppm - ok

14:57:36.0855 5428 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:57:36.0857 5428 IPBusEnum - ok

14:57:36.0897 5428 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:57:36.0898 5428 IpFilterDriver - ok

14:57:36.0956 5428 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

14:57:36.0960 5428 iphlpsvc - ok

14:57:37.0003 5428 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

14:57:37.0004 5428 IPMIDRV - ok

14:57:37.0023 5428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:57:37.0025 5428 IPNAT - ok

14:57:37.0137 5428 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe

14:57:37.0143 5428 iPod Service - ok

14:57:37.0184 5428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:57:37.0185 5428 IRENUM - ok

14:57:37.0214 5428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

14:57:37.0215 5428 isapnp - ok

14:57:37.0259 5428 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

14:57:37.0263 5428 iScsiPrt - ok

14:57:37.0298 5428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:57:37.0299 5428 kbdclass - ok

14:57:37.0340 5428 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

14:57:37.0340 5428 kbdhid - ok

14:57:37.0402 5428 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:57:37.0403 5428 KeyIso - ok

14:57:37.0432 5428 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

14:57:37.0433 5428 KSecDD - ok

14:57:37.0499 5428 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

14:57:37.0501 5428 KSecPkg - ok

14:57:37.0535 5428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:57:37.0538 5428 ksthunk - ok

14:57:37.0610 5428 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:57:37.0613 5428 KtmRm - ok

14:57:37.0715 5428 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

14:57:37.0718 5428 LanmanServer - ok

14:57:37.0799 5428 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

14:57:37.0802 5428 LanmanWorkstation - ok

14:57:37.0900 5428 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

14:57:37.0901 5428 LightScribeService - ok

14:57:37.0947 5428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:57:37.0948 5428 lltdio - ok

14:57:38.0003 5428 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:57:38.0006 5428 lltdsvc - ok

14:57:38.0035 5428 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:57:38.0037 5428 lmhosts - ok

14:57:38.0083 5428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:57:38.0084 5428 LSI_FC - ok

14:57:38.0118 5428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:57:38.0122 5428 LSI_SAS - ok

14:57:38.0150 5428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:57:38.0151 5428 LSI_SAS2 - ok

14:57:38.0178 5428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:57:38.0180 5428 LSI_SCSI - ok

14:57:38.0220 5428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:57:38.0221 5428 luafv - ok

14:57:38.0268 5428 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

14:57:38.0269 5428 Mcx2Svc - ok

14:57:38.0317 5428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:57:38.0317 5428 megasas - ok

14:57:38.0381 5428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:57:38.0383 5428 MegaSR - ok

14:57:38.0501 5428 Microsoft SharePoint Workspace Audit Service - ok

14:57:38.0540 5428 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:57:38.0544 5428 MMCSS - ok

14:57:38.0584 5428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:57:38.0585 5428 Modem - ok

14:57:38.0613 5428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:57:38.0614 5428 monitor - ok

14:57:38.0643 5428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:57:38.0644 5428 mouclass - ok

14:57:38.0673 5428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:57:38.0674 5428 mouhid - ok

14:57:38.0697 5428 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

14:57:38.0698 5428 mountmgr - ok

14:57:38.0765 5428 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:57:38.0766 5428 MozillaMaintenance - ok

14:57:38.0812 5428 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

14:57:38.0814 5428 mpio - ok

14:57:38.0848 5428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:57:38.0852 5428 mpsdrv - ok

14:57:38.0940 5428 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

14:57:38.0946 5428 MpsSvc - ok

14:57:38.0978 5428 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

14:57:38.0982 5428 MRxDAV - ok

14:57:39.0031 5428 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:57:39.0033 5428 mrxsmb - ok

14:57:39.0080 5428 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:57:39.0082 5428 mrxsmb10 - ok

14:57:39.0123 5428 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:57:39.0127 5428 mrxsmb20 - ok

14:57:39.0168 5428 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys

14:57:39.0169 5428 msahci - ok

14:57:39.0215 5428 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

14:57:39.0216 5428 msdsm - ok

14:57:39.0265 5428 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:57:39.0267 5428 MSDTC - ok

14:57:39.0323 5428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:57:39.0324 5428 Msfs - ok

14:57:39.0339 5428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:57:39.0340 5428 mshidkmdf - ok

14:57:39.0394 5428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

14:57:39.0395 5428 msisadrv - ok

14:57:39.0446 5428 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:57:39.0448 5428 MSiSCSI - ok

14:57:39.0461 5428 msiserver - ok

14:57:39.0501 5428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:57:39.0502 5428 MSKSSRV - ok

14:57:39.0512 5428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:57:39.0513 5428 MSPCLOCK - ok

14:57:39.0527 5428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:57:39.0527 5428 MSPQM - ok

14:57:39.0582 5428 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

14:57:39.0585 5428 MsRPC - ok

14:57:39.0616 5428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

14:57:39.0617 5428 mssmbios - ok

14:57:39.0631 5428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:57:39.0631 5428 MSTEE - ok

14:57:39.0673 5428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:57:39.0674 5428 MTConfig - ok

14:57:39.0702 5428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:57:39.0703 5428 Mup - ok

14:57:39.0775 5428 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

14:57:39.0779 5428 napagent - ok

14:57:39.0827 5428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:57:39.0830 5428 NativeWifiP - ok

14:57:39.0917 5428 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

14:57:39.0923 5428 NDIS - ok

14:57:39.0948 5428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:57:39.0949 5428 NdisCap - ok

14:57:39.0973 5428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:57:39.0974 5428 NdisTapi - ok

14:57:40.0004 5428 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

14:57:40.0005 5428 Ndisuio - ok

14:57:40.0035 5428 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

14:57:40.0037 5428 NdisWan - ok

14:57:40.0055 5428 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

14:57:40.0056 5428 NDProxy - ok

14:57:40.0087 5428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:57:40.0088 5428 NetBIOS - ok

14:57:40.0127 5428 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

14:57:40.0129 5428 NetBT - ok

14:57:40.0190 5428 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:57:40.0192 5428 Netlogon - ok

14:57:40.0253 5428 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:57:40.0256 5428 Netman - ok

14:57:40.0296 5428 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:57:40.0300 5428 netprofm - ok

14:57:40.0385 5428 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:57:40.0386 5428 NetTcpPortSharing - ok

14:57:40.0652 5428 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

14:57:40.0685 5428 netw5v64 - ok

14:57:40.0823 5428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:57:40.0823 5428 nfrd960 - ok

14:57:40.0885 5428 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

14:57:40.0888 5428 NlaSvc - ok

14:57:41.0098 5428 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

14:57:41.0115 5428 NOBU - ok

14:57:41.0238 5428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:57:41.0239 5428 Npfs - ok

14:57:41.0278 5428 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:57:41.0280 5428 nsi - ok

14:57:41.0306 5428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:57:41.0307 5428 nsiproxy - ok

14:57:41.0440 5428 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

14:57:41.0450 5428 Ntfs - ok

14:57:41.0580 5428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:57:41.0581 5428 Null - ok

14:57:41.0627 5428 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

14:57:41.0629 5428 nvraid - ok

14:57:41.0667 5428 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

14:57:41.0668 5428 nvstor - ok

14:57:41.0707 5428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

14:57:41.0709 5428 nv_agp - ok

14:57:41.0756 5428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

14:57:41.0757 5428 ohci1394 - ok

14:57:41.0860 5428 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:57:41.0861 5428 ose - ok

14:57:42.0155 5428 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

14:57:42.0184 5428 osppsvc - ok

14:57:42.0330 5428 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:57:42.0333 5428 p2pimsvc - ok

14:57:42.0380 5428 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:57:42.0384 5428 p2psvc - ok

14:57:42.0438 5428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:57:42.0439 5428 Parport - ok

14:57:42.0491 5428 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

14:57:42.0492 5428 partmgr - ok

14:57:42.0554 5428 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:57:42.0556 5428 PcaSvc - ok

14:57:42.0590 5428 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

14:57:42.0592 5428 pci - ok

14:57:42.0622 5428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

14:57:42.0622 5428 pciide - ok

14:57:42.0683 5428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:57:42.0685 5428 pcmcia - ok

14:57:42.0717 5428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:57:42.0718 5428 pcw - ok

14:57:42.0779 5428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:57:42.0783 5428 PEAUTH - ok

14:57:42.0879 5428 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:57:42.0880 5428 PerfHost - ok

14:57:43.0023 5428 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

14:57:43.0033 5428 pla - ok

14:57:43.0094 5428 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

14:57:43.0099 5428 PlugPlay - ok

14:57:43.0122 5428 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:57:43.0123 5428 PNRPAutoReg - ok

14:57:43.0432 5428 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:57:43.0435 5428 PNRPsvc - ok

14:57:43.0533 5428 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

14:57:43.0537 5428 PolicyAgent - ok

14:57:43.0590 5428 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:57:43.0593 5428 Power - ok

14:57:43.0685 5428 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

14:57:43.0686 5428 PptpMiniport - ok

14:57:43.0721 5428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:57:43.0722 5428 Processor - ok

14:57:43.0772 5428 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

14:57:43.0775 5428 ProfSvc - ok

14:57:43.0824 5428 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:57:43.0825 5428 ProtectedStorage - ok

14:57:43.0870 5428 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

14:57:43.0871 5428 Psched - ok

14:57:44.0013 5428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:57:44.0022 5428 ql2300 - ok

14:57:44.0154 5428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:57:44.0156 5428 ql40xx - ok

14:57:44.0212 5428 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:57:44.0215 5428 QWAVE - ok

14:57:44.0251 5428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:57:44.0252 5428 QWAVEdrv - ok

14:57:44.0278 5428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:57:44.0279 5428 RasAcd - ok

14:57:44.0311 5428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:57:44.0312 5428 RasAgileVpn - ok

14:57:44.0359 5428 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:57:44.0364 5428 RasAuto - ok

14:57:44.0413 5428 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:57:44.0414 5428 Rasl2tp - ok

14:57:44.0462 5428 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

14:57:44.0465 5428 RasMan - ok

14:57:44.0494 5428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:57:44.0495 5428 RasPppoe - ok

14:57:44.0521 5428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:57:44.0522 5428 RasSstp - ok

14:57:44.0563 5428 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

14:57:44.0565 5428 rdbss - ok

14:57:44.0608 5428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:57:44.0609 5428 rdpbus - ok

14:57:44.0633 5428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:57:44.0634 5428 RDPCDD - ok

14:57:44.0658 5428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:57:44.0659 5428 RDPENCDD - ok

14:57:44.0690 5428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:57:44.0690 5428 RDPREFMP - ok

14:57:44.0749 5428 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys

14:57:44.0751 5428 RDPWD - ok

14:57:44.0795 5428 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

14:57:44.0797 5428 rdyboost - ok

14:57:44.0840 5428 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:57:44.0841 5428 RemoteAccess - ok

14:57:44.0890 5428 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:57:44.0892 5428 RemoteRegistry - ok

14:57:44.0920 5428 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:57:44.0922 5428 RpcEptMapper - ok

14:57:44.0965 5428 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:57:44.0967 5428 RpcLocator - ok

14:57:45.0062 5428 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

14:57:45.0067 5428 RpcSs - ok

14:57:45.0114 5428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:57:45.0115 5428 rspndr - ok

14:57:45.0170 5428 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys

14:57:45.0173 5428 RSUSBSTOR - ok

14:57:45.0233 5428 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys

14:57:45.0235 5428 RTL8167 - ok

14:57:45.0335 5428 rtl8192se (cd8f32bb993b98e6705f11504a7f7250) C:\Windows\system32\DRIVERS\rtl8192se.sys

14:57:45.0342 5428 rtl8192se - ok

14:57:45.0491 5428 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

14:57:45.0493 5428 RtVOsdService - ok

14:57:45.0612 5428 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:57:45.0614 5428 SamSs - ok

14:57:45.0668 5428 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

14:57:45.0669 5428 sbp2port - ok

14:57:45.0718 5428 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:57:45.0720 5428 SCardSvr - ok

14:57:45.0751 5428 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

14:57:45.0752 5428 scfilter - ok

14:57:45.0856 5428 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

14:57:45.0864 5428 Schedule - ok

14:57:45.0896 5428 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

14:57:45.0897 5428 SCPolicySvc - ok

14:57:45.0943 5428 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys

14:57:45.0944 5428 sdbus - ok

14:57:46.0003 5428 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

14:57:46.0006 5428 SDRSVC - ok

14:57:46.0024 5428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:57:46.0025 5428 secdrv - ok

14:57:46.0051 5428 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

14:57:46.0053 5428 seclogon - ok

14:57:46.0075 5428 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

14:57:46.0077 5428 SENS - ok

14:57:46.0123 5428 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:57:46.0125 5428 SensrSvc - ok

14:57:46.0158 5428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:57:46.0158 5428 Serenum - ok

14:57:46.0205 5428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:57:46.0207 5428 Serial - ok

14:57:46.0240 5428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:57:46.0241 5428 sermouse - ok

14:57:46.0303 5428 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

14:57:46.0305 5428 SessionEnv - ok

14:57:46.0342 5428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

14:57:46.0343 5428 sffdisk - ok

14:57:46.0382 5428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

14:57:46.0382 5428 sffp_mmc - ok

14:57:46.0425 5428 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

14:57:46.0425 5428 sffp_sd - ok

14:57:46.0475 5428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:57:46.0475 5428 sfloppy - ok

14:57:46.0528 5428 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:57:46.0531 5428 SharedAccess - ok

14:57:46.0592 5428 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

14:57:46.0596 5428 ShellHWDetection - ok

14:57:46.0640 5428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:57:46.0641 5428 SiSRaid2 - ok

14:57:46.0686 5428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:57:46.0687 5428 SiSRaid4 - ok

14:57:46.0721 5428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:57:46.0722 5428 Smb - ok

14:57:46.0777 5428 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:57:46.0781 5428 SNMPTRAP - ok

14:57:46.0807 5428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:57:46.0808 5428 spldr - ok

14:57:46.0879 5428 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

14:57:46.0885 5428 Spooler - ok

14:57:47.0081 5428 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

14:57:47.0103 5428 sppsvc - ok

14:57:47.0238 5428 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:57:47.0240 5428 sppuinotify - ok

14:57:47.0312 5428 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

14:57:47.0315 5428 srv - ok

14:57:47.0379 5428 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

14:57:47.0382 5428 srv2 - ok

14:57:47.0452 5428 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

14:57:47.0454 5428 SrvHsfHDA - ok

14:57:47.0558 5428 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

14:57:47.0567 5428 SrvHsfV92 - ok

14:57:47.0741 5428 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

14:57:47.0746 5428 SrvHsfWinac - ok

14:57:47.0793 5428 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

14:57:47.0794 5428 srvnet - ok

14:57:47.0846 5428 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:57:47.0852 5428 SSDPSRV - ok

14:57:47.0886 5428 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:57:47.0888 5428 SstpSvc - ok

14:57:47.0928 5428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:57:47.0928 5428 stexstor - ok

14:57:47.0994 5428 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

14:57:47.0999 5428 stisvc - ok

14:57:48.0020 5428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

14:57:48.0021 5428 swenum - ok

14:57:48.0078 5428 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:57:48.0083 5428 swprv - ok

14:57:48.0204 5428 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

14:57:48.0213 5428 SynTP - ok

14:57:48.0437 5428 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

14:57:48.0451 5428 SysMain - ok

14:57:48.0531 5428 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

14:57:48.0533 5428 TabletInputService - ok

14:57:48.0576 5428 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

14:57:48.0580 5428 TapiSrv - ok

14:57:48.0609 5428 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:57:48.0614 5428 TBS - ok

14:57:48.0790 5428 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

14:57:48.0802 5428 Tcpip - ok

14:57:49.0037 5428 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

14:57:49.0051 5428 TCPIP6 - ok

14:57:49.0143 5428 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

14:57:49.0144 5428 tcpipreg - ok

14:57:49.0181 5428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:57:49.0182 5428 TDPIPE - ok

14:57:49.0214 5428 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

14:57:49.0215 5428 TDTCP - ok

14:57:49.0246 5428 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

14:57:49.0247 5428 tdx - ok

14:57:49.0289 5428 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

14:57:49.0290 5428 TermDD - ok

14:57:49.0367 5428 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

14:57:49.0373 5428 TermService - ok

14:57:49.0415 5428 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:57:49.0417 5428 Themes - ok

14:57:49.0463 5428 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:57:49.0464 5428 THREADORDER - ok

14:57:49.0496 5428 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:57:49.0498 5428 TrkWks - ok

14:57:49.0570 5428 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

14:57:49.0572 5428 TrustedInstaller - ok

14:57:49.0616 5428 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:57:49.0617 5428 tssecsrv - ok

14:57:49.0647 5428 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

14:57:49.0651 5428 tunnel - ok

14:57:49.0686 5428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:57:49.0687 5428 uagp35 - ok

14:57:49.0747 5428 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys

14:57:49.0750 5428 udfs - ok

14:57:49.0792 5428 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:57:49.0797 5428 UI0Detect - ok

14:57:49.0847 5428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

14:57:49.0848 5428 uliagpkx - ok

14:57:49.0893 5428 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

14:57:49.0894 5428 umbus - ok

14:57:49.0926 5428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:57:49.0926 5428 UmPass - ok

14:57:49.0995 5428 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:57:49.0998 5428 upnphost - ok

14:57:50.0052 5428 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

14:57:50.0055 5428 USBAAPL64 - ok

14:57:50.0100 5428 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

14:57:50.0104 5428 usbaudio - ok

14:57:50.0154 5428 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

14:57:50.0156 5428 usbccgp - ok

14:57:50.0203 5428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

14:57:50.0204 5428 usbcir - ok

14:57:50.0247 5428 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys

14:57:50.0250 5428 usbehci - ok

14:57:50.0289 5428 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

14:57:50.0291 5428 usbhub - ok

14:57:50.0319 5428 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

14:57:50.0320 5428 usbohci - ok

14:57:50.0383 5428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:57:50.0384 5428 usbprint - ok

14:57:50.0420 5428 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:57:50.0421 5428 USBSTOR - ok

14:57:50.0439 5428 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys

14:57:50.0439 5428 usbuhci - ok

14:57:50.0480 5428 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:57:50.0482 5428 UxSms - ok

14:57:50.0535 5428 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:57:50.0537 5428 VaultSvc - ok

14:57:50.0576 5428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

14:57:50.0577 5428 vdrvroot - ok

14:57:50.0635 5428 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

14:57:50.0640 5428 vds - ok

14:57:50.0665 5428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:57:50.0666 5428 vga - ok

14:57:50.0690 5428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:57:50.0691 5428 VgaSave - ok

14:57:50.0743 5428 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

14:57:50.0745 5428 vhdmp - ok

14:57:50.0772 5428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

14:57:50.0773 5428 viaide - ok

14:57:50.0812 5428 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

14:57:50.0813 5428 volmgr - ok

14:57:50.0860 5428 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

14:57:50.0863 5428 volmgrx - ok

14:57:50.0906 5428 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

14:57:50.0908 5428 volsnap - ok

14:57:50.0949 5428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:57:50.0951 5428 vsmraid - ok

14:57:51.0078 5428 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

14:57:51.0089 5428 VSS - ok

14:57:51.0218 5428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

14:57:51.0218 5428 vwifibus - ok

14:57:51.0248 5428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

14:57:51.0249 5428 vwififlt - ok

14:57:51.0272 5428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

14:57:51.0273 5428 vwifimp - ok

14:57:51.0337 5428 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:57:51.0341 5428 W32Time - ok

14:57:51.0397 5428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:57:51.0397 5428 WacomPen - ok

14:57:51.0460 5428 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

14:57:51.0461 5428 WANARP - ok

14:57:51.0474 5428 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

14:57:51.0475 5428 Wanarpv6 - ok

14:57:51.0626 5428 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

14:57:51.0634 5428 WatAdminSvc - ok

14:57:51.0759 5428 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

14:57:51.0769 5428 wbengine - ok

14:57:51.0897 5428 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:57:51.0899 5428 WbioSrvc - ok

14:57:52.0010 5428 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

14:57:52.0013 5428 wcncsvc - ok

14:57:52.0076 5428 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:57:52.0078 5428 WcsPlugInService - ok

14:57:52.0143 5428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:57:52.0144 5428 Wd - ok

14:57:52.0209 5428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:57:52.0214 5428 Wdf01000 - ok

14:57:52.0255 5428 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:57:52.0257 5428 WdiServiceHost - ok

14:57:52.0269 5428 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:57:52.0272 5428 WdiSystemHost - ok

14:57:52.0335 5428 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

14:57:52.0339 5428 WebClient - ok

14:57:52.0370 5428 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:57:52.0376 5428 Wecsvc - ok

14:57:52.0411 5428 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:57:52.0413 5428 wercplsupport - ok

14:57:52.0444 5428 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:57:52.0447 5428 WerSvc - ok

14:57:52.0521 5428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:57:52.0522 5428 WfpLwf - ok

14:57:52.0553 5428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:57:52.0554 5428 WIMMount - ok

14:57:52.0604 5428 WinDefend - ok

14:57:52.0621 5428 WinHttpAutoProxySvc - ok

14:57:52.0703 5428 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:57:52.0705 5428 Winmgmt - ok

14:57:52.0834 5428 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

14:57:52.0848 5428 WinRM - ok

14:57:53.0029 5428 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:57:53.0036 5428 Wlansvc - ok

14:57:53.0247 5428 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:57:53.0261 5428 wlidsvc - ok

14:57:53.0399 5428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

14:57:53.0400 5428 WmiAcpi - ok

14:57:53.0489 5428 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:57:53.0493 5428 wmiApSrv - ok

14:57:53.0562 5428 WMPNetworkSvc - ok

14:57:53.0591 5428 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:57:53.0593 5428 WPCSvc - ok

14:57:53.0625 5428 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

14:57:53.0627 5428 WPDBusEnum - ok

14:57:53.0662 5428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:57:53.0663 5428 ws2ifsl - ok

14:57:53.0716 5428 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

14:57:53.0718 5428 wscsvc - ok

14:57:53.0729 5428 WSearch - ok

14:57:53.0880 5428 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

14:57:53.0896 5428 wuauserv - ok

14:57:54.0042 5428 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

14:57:54.0043 5428 WudfPf - ok

14:57:54.0072 5428 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:57:54.0077 5428 WUDFRd - ok

14:57:54.0116 5428 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

14:57:54.0119 5428 wudfsvc - ok

14:57:54.0167 5428 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:57:54.0170 5428 WwanSvc - ok

14:57:54.0226 5428 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

14:57:54.0229 5428 yukonw7 - ok

14:57:54.0275 5428 MBR (0x1B8) (8ffbb27037b29e6fbfc4eb4fbd8c137e) \Device\Harddisk0\DR0

14:57:54.0312 5428 \Device\Harddisk0\DR0 - ok

14:57:54.0352 5428 Boot (0x1200) (c496ac5169381a53411fbd2bfbbf90fd) \Device\Harddisk0\DR0\Partition0

14:57:54.0354 5428 \Device\Harddisk0\DR0\Partition0 - ok

14:57:54.0376 5428 Boot (0x1200) (2a3c115f434efa736afb940118af559b) \Device\Harddisk0\DR0\Partition1

14:57:54.0377 5428 \Device\Harddisk0\DR0\Partition1 - ok

14:57:54.0419 5428 Boot (0x1200) (fd7cb2589a26cf2b7e5ead4264b06109) \Device\Harddisk0\DR0\Partition2

14:57:54.0421 5428 \Device\Harddisk0\DR0\Partition2 - ok

14:57:54.0449 5428 Boot (0x1200) (e2e9bf26d0f3321161d32c27fb773c68) \Device\Harddisk0\DR0\Partition3

14:57:54.0449 5428 \Device\Harddisk0\DR0\Partition3 - ok

14:57:54.0453 5428 ============================================================

14:57:54.0454 5428 Scan finished

14:57:54.0454 5428 ============================================================

14:57:54.0474 4548 Detected object count: 0

14:57:54.0474 4548 Actual detected object count: 0

Nothing was found, am I safe?

Share this post


Link to post
Share on other sites

No, we didn't fix anything yet.....

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:

If you get the message Illegal operation attempted on registry key that has been marked for deletion. after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Share this post


Link to post
Share on other sites

ComboFix 12-05-15.04 - Brian 05/15/2012 15:31:58.1.1 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.2115 [GMT -7:00]

Running from: c:\users\Brian\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))

.

.

2012-05-15 22:44 . 2012-05-15 22:44 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS

2012-05-15 22:41 . 2012-05-15 22:41 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-14 20:32 . 2012-05-14 20:32 -------- d-----w- c:\program files (x86)\VS Revo Group

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\programdata\Malwarebytes

2012-05-14 19:03 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-14 10:21 . 2012-05-14 10:21 -------- d-----w- c:\users\Brian\AppData\Roaming\ooVoo Details

2012-05-14 10:20 . 2012-05-14 10:20 -------- d-----w- c:\program files (x86)\Conduit

2012-05-14 10:20 . 2012-05-14 10:26 -------- d-----w- c:\users\Brian\AppData\Local\Conduit

2012-05-14 10:20 . 2004-07-03 00:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll

2012-05-14 10:20 . 2012-05-14 10:21 -------- d-----w- c:\program files (x86)\iNTERNET Turbo

2012-05-12 01:31 . 2012-05-12 01:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-05-12 01:30 . 2012-05-12 01:30 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll

2012-05-12 01:30 . 2012-05-12 01:30 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll

2012-05-12 01:30 . 2012-05-12 01:30 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-12 01:30 . 2012-05-12 01:30 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-11 09:28 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll

2012-05-11 09:28 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-05-11 09:28 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-05-11 09:28 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-05-11 09:28 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll

2012-05-11 09:28 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-05-11 09:28 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2012-05-11 09:28 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-05-11 09:28 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2012-05-11 09:28 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-05-11 09:27 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-11 09:27 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys

2012-05-11 09:27 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-05-11 09:27 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-11 09:27 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-11 09:27 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-11 09:27 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-11 09:27 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-01 06:54 . 2012-04-13 10:11 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-03-01 06:45 . 2012-04-13 10:11 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-03-01 06:40 . 2012-04-13 10:11 80896 ----a-w- c:\windows\system32\imagehlp.dll

2012-03-01 06:35 . 2012-04-13 10:11 5120 ----a-w- c:\windows\system32\wmi.dll

2012-03-01 05:49 . 2012-04-13 10:11 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-03-01 05:45 . 2012-04-13 10:11 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-03-01 05:40 . 2012-04-13 10:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-02-28 06:56 . 2012-04-13 10:12 2311168 ----a-w- c:\windows\system32\jscript9.dll

2012-02-28 06:49 . 2012-04-13 10:12 1390080 ----a-w- c:\windows\system32\wininet.dll

2012-02-28 06:48 . 2012-04-13 10:12 1493504 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-28 06:42 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-02-28 01:18 . 2012-04-13 10:12 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-02-28 01:11 . 2012-04-13 10:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-02-28 01:11 . 2012-04-13 10:12 1127424 ----a-w- c:\windows\SysWow64\wininet.dll

2012-02-28 01:03 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-02-23 10:24 . 2012-02-23 10:24 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-02-23 10:24 . 2012-02-23 10:24 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-02-23 10:24 . 2012-02-23 10:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-02-23 10:24 . 2012-02-23 10:24 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-02-23 10:24 . 2012-02-23 10:24 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-02-23 10:24 . 2012-02-23 10:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-02-23 10:24 . 2012-02-23 10:24 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-02-23 10:24 . 2012-02-23 10:24 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-02-23 10:23 . 2012-02-23 10:23 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-02-23 10:23 . 2012-02-23 10:23 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-02-23 10:23 . 2012-02-23 10:23 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-02-23 10:23 . 2012-02-23 10:23 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-02-23 10:23 . 2012-02-23 10:23 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-02-23 10:23 . 2012-02-23 10:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-02-23 10:23 . 2012-02-23 10:23 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-02-23 10:23 . 2012-02-23 10:23 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-02-23 10:23 . 2012-02-23 10:23 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-02-23 10:23 . 2012-02-23 10:23 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-02-23 10:23 . 2012-02-23 10:23 222208 ----a-w- c:\windows\system32\msls31.dll

2012-02-23 10:23 . 2012-02-23 10:23 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-02-23 10:23 . 2012-02-23 10:23 12288 ----a-w- c:\windows\system32\mshta.exe

2012-02-23 10:23 . 2012-02-23 10:23 114176 ----a-w- c:\windows\system32\admparse.dll

2012-02-23 10:23 . 2012-02-23 10:23 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-02-23 10:23 . 2012-02-23 10:23 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-02-23 10:23 . 2012-02-23 10:23 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-02-23 10:23 . 2012-02-23 10:23 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-02-23 10:23 . 2012-02-23 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-02-23 10:23 . 2012-02-23 10:23 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-02-23 10:23 . 2012-02-23 10:23 448512 ----a-w- c:\windows\system32\html.iec

2012-02-23 10:23 . 2012-02-23 10:23 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-02-23 10:23 . 2012-02-23 10:23 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-02-23 10:23 . 2012-02-23 10:23 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-02-23 10:23 . 2012-02-23 10:23 160256 ----a-w- c:\windows\system32\wextract.exe

2012-02-23 10:23 . 2012-02-23 10:23 603648 ----a-w- c:\windows\system32\vbscript.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]

R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392]

R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]

S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-05-19 18:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-11 c:\windows\Tasks\HPCeeScheduleForBrian.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 166424]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 391192]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 410648]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408]

"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{cce665dd-f6dd-4808-968e-eaec971f70ef} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

.

**************************************************************************

.

Completion time: 2012-05-15 15:54:11 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-15 22:54

.

Pre-Run: 200,028,020,736 bytes free

Post-Run: 200,285,569,024 bytes free

.

- - End Of File - - FEE690D6AC74ECDAA71E6D8F418F51E8

Share this post


Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

4. If ComboFix wants to update.....please allow it to.

Firefox::

FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\

FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScript.gif

Refering to the picture above, drag CFScript into ComboFix.exe

CAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.

After reboot, (in case it asks to reboot)......

Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.

MrC

Share this post


Link to post
Share on other sites

ComboFix 12-05-15.04 - Brian 05/15/2012 16:27:09.2.1 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1997 [GMT -7:00]

Running from: c:\users\Brian\Desktop\ComboFix.exe

Command switches used :: c:\users\Brian\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))

.

.

2012-05-15 23:34 . 2012-05-15 23:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-14 20:32 . 2012-05-14 20:32 -------- d-----w- c:\program files (x86)\VS Revo Group

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-05-14 19:03 . 2012-05-14 19:03 -------- d-----w- c:\programdata\Malwarebytes

2012-05-14 19:03 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-14 10:21 . 2012-05-14 10:21 -------- d-----w- c:\users\Brian\AppData\Roaming\ooVoo Details

2012-05-14 10:20 . 2012-05-14 10:20 -------- d-----w- c:\program files (x86)\Conduit

2012-05-14 10:20 . 2012-05-14 10:26 -------- d-----w- c:\users\Brian\AppData\Local\Conduit

2012-05-14 10:20 . 2004-07-03 00:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll

2012-05-14 10:20 . 2012-05-14 10:21 -------- d-----w- c:\program files (x86)\iNTERNET Turbo

2012-05-12 01:31 . 2012-05-12 01:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-05-12 01:30 . 2012-05-12 01:30 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll

2012-05-12 01:30 . 2012-05-12 01:30 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll

2012-05-12 01:30 . 2012-05-12 01:30 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-12 01:30 . 2012-05-12 01:30 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-11 09:28 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll

2012-05-11 09:28 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-05-11 09:28 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-05-11 09:28 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-05-11 09:28 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll

2012-05-11 09:28 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-05-11 09:28 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2012-05-11 09:28 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-05-11 09:28 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2012-05-11 09:28 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-05-11 09:27 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-11 09:27 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys

2012-05-11 09:27 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-05-11 09:27 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-11 09:27 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-11 09:27 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-11 09:27 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-11 09:27 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-01 06:54 . 2012-04-13 10:11 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-03-01 06:45 . 2012-04-13 10:11 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-03-01 06:40 . 2012-04-13 10:11 80896 ----a-w- c:\windows\system32\imagehlp.dll

2012-03-01 06:35 . 2012-04-13 10:11 5120 ----a-w- c:\windows\system32\wmi.dll

2012-03-01 05:49 . 2012-04-13 10:11 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-03-01 05:45 . 2012-04-13 10:11 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-03-01 05:40 . 2012-04-13 10:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-02-28 06:56 . 2012-04-13 10:12 2311168 ----a-w- c:\windows\system32\jscript9.dll

2012-02-28 06:49 . 2012-04-13 10:12 1390080 ----a-w- c:\windows\system32\wininet.dll

2012-02-28 06:48 . 2012-04-13 10:12 1493504 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-28 06:42 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-02-28 01:18 . 2012-04-13 10:12 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-02-28 01:11 . 2012-04-13 10:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-02-28 01:11 . 2012-04-13 10:12 1127424 ----a-w- c:\windows\SysWow64\wininet.dll

2012-02-28 01:03 . 2012-04-13 10:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-02-23 10:24 . 2012-02-23 10:24 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-02-23 10:24 . 2012-02-23 10:24 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-02-23 10:24 . 2012-02-23 10:24 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-02-23 10:24 . 2012-02-23 10:24 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-02-23 10:24 . 2012-02-23 10:24 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-02-23 10:24 . 2012-02-23 10:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-02-23 10:24 . 2012-02-23 10:24 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-02-23 10:24 . 2012-02-23 10:24 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-02-23 10:23 . 2012-02-23 10:23 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-02-23 10:23 . 2012-02-23 10:23 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-02-23 10:23 . 2012-02-23 10:23 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-02-23 10:23 . 2012-02-23 10:23 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-02-23 10:23 . 2012-02-23 10:23 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-02-23 10:23 . 2012-02-23 10:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-02-23 10:23 . 2012-02-23 10:23 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-02-23 10:23 . 2012-02-23 10:23 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-02-23 10:23 . 2012-02-23 10:23 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-02-23 10:23 . 2012-02-23 10:23 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-02-23 10:23 . 2012-02-23 10:23 222208 ----a-w- c:\windows\system32\msls31.dll

2012-02-23 10:23 . 2012-02-23 10:23 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-02-23 10:23 . 2012-02-23 10:23 12288 ----a-w- c:\windows\system32\mshta.exe

2012-02-23 10:23 . 2012-02-23 10:23 114176 ----a-w- c:\windows\system32\admparse.dll

2012-02-23 10:23 . 2012-02-23 10:23 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-02-23 10:23 . 2012-02-23 10:23 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-02-23 10:23 . 2012-02-23 10:23 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-02-23 10:23 . 2012-02-23 10:23 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-02-23 10:23 . 2012-02-23 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-02-23 10:23 . 2012-02-23 10:23 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-02-23 10:23 . 2012-02-23 10:23 448512 ----a-w- c:\windows\system32\html.iec

2012-02-23 10:23 . 2012-02-23 10:23 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-02-23 10:23 . 2012-02-23 10:23 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-02-23 10:23 . 2012-02-23 10:23 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-02-23 10:23 . 2012-02-23 10:23 160256 ----a-w- c:\windows\system32\wextract.exe

2012-02-23 10:23 . 2012-02-23 10:23 603648 ----a-w- c:\windows\system32\vbscript.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-05-15_22.45.43 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-05-14 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-05-15 22:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-05-14 20:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-15 22:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-15 22:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-14 20:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 05:10 . 2012-05-15 23:38 44370 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-08-26 20:31 . 2012-05-15 23:38 11354 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-786997053-1296620380-1412284102-1002_UserData.bin

- 2012-05-15 22:44 . 2012-05-15 22:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-15 23:35 . 2012-05-15 23:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-05-15 22:44 . 2012-05-15 22:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-05-15 23:35 . 2012-05-15 23:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 05:01 . 2012-05-15 22:43 390876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-05-15 23:34 390876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-08-26 23:28 . 2012-05-15 23:34 1324052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-786997053-1296620380-1412284102-1002-8192.dat

- 2011-08-26 23:28 . 2012-05-15 22:43 1324052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-786997053-1296620380-1412284102-1002-8192.dat

- 2009-07-14 02:34 . 2012-05-15 22:04 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT

+ 2009-07-14 02:34 . 2012-05-15 23:03 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]

R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392]

R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]

S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-05-19 18:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-11 c:\windows\Tasks\HPCeeScheduleForBrian.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 166424]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 391192]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 410648]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408]

"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\enpebddp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=13

FF - prefs.js: network.proxy.type - 0

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files (x86)\Common Files\Java\Java Update\jusched.exe

.

**************************************************************************

.

Completion time: 2012-05-15 16:45:56 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-15 23:45

ComboFix2.txt 2012-05-15 22:54

.

Pre-Run: 200,338,493,440 bytes free

Post-Run: 200,044,150,784 bytes free

.

- - End Of File - - 8C4E95DD785D07E844EC38A3662D3DA4

Share this post


Link to post
Share on other sites

The Computer? Everything seems to be going great, all traces that lurked on Firefox are now gone, can't find anything related to WhiteSmoke. Safe to say it's all good now?

Share this post


Link to post
Share on other sites

Good....You're Good To Go

A little clean up to do...

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-------------------------------

You have out date Java on the system, older versions are vulnerable to malware.

Please go to your control panels add/remove programs and uninstall these:

Java Auto Updater

Java™ 6 Update 20

Then download and install the latest version Java™ 7 Update 4.

http://www.java.com/...load/manual.jsp <---latest version

http://www.java.com/...d/installed.jsp <---verify your Java

-----------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Share this post


Link to post
Share on other sites

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.