Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 - Files Disappearing


  • This topic is locked This topic is locked
24 replies to this topic

#1 romosumo

romosumo

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 20 October 2012 - 06:47 PM

My apologies in advance: I was desperate to stop files from disappearing from my laptop, and I ran ComboFix before realizing I was supposed to ask for help first. Sorry if that screws things up.

My stuff is backed up in multiple places, but I noticed a few weeks ago that some of my laptop files started disappearing, seemingly spontaneously. At first, I blamed Cubby (the file syncing software) because that was the app which was notifying me of the deletions. After shutting Cubby down, and restoring my 'lost' files, things seemed OK for a while.

Then I noticed yesterday that a few more files had disappeared.

I've attached the log after running ComboFix. I saved ComboFix to my desktop as "Carbon". It is pretty long - ComboFix took nearly an hour and a half to run.
Attached File  ComboFix.txt   31.39KB   1 downloads

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 22 October 2012 - 12:00 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 22 October 2012 - 02:00 PM

Gringo,

Thanks for your response. Here are the logs you requested:

SecurityCheck checkup.txt
=========================

Results of screen317's Security Check version 0.99.53
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
Webroot SecureAnywhere
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 35
Java version out of Date!
Adobe Flash Player 11.3.300.257 Flash Player out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox 15.0.1 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

DDS.txt
=======
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35
Run by Rob at 14:55:21 on 2012-10-22
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3835.305 [GMT -4:00]
.
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\g7dccoms.exe
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\lxeccoms.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AirPrint\airprint.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\splwow64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files (x86)\VersaJette M300-V08\g7dcamon.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Users\Rob\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Rob\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office 2010\Office14\URLREDIR.DLL
BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
uRun: [RockMelt Update] "C:\Users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office 2010\Office14\BCSSync.exe" /DelayServices
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files\CrashPlan\CrashPlanTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: LastPass - C:\Users\Rob\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\Rob\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B} : NameServer = 8.8.8.8,4.2.2.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\05279667164756 : NameServer = 4.2.2.1,8.8.8.8
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\05279667164756 : DHCPNameServer = 192.168.0.1 4.2.2.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\47F677E65607C6163656 : DHCPNameServer = 12.127.16.67 12.127.17.72
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\8497164747 : NameServer = 4.2.2.1,8.8.8.8
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\8497164747 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\84F6D656F4E656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\C4F67756C6C637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\C6F67756C6C637 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files (x86)\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = DPPassFilter scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [lxecmon.exe] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"
x64-Run: [g7dcmon.exe] "C:\Program Files (x86)\VersaJette M300-V08\g7dcmon.exe"
x64-Run: [g7dcamon] "C:\Program Files (x86)\VersaJette M300-V08\g7dcamon.exe"
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences Pro\FencesMenu64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\qxo8123q.default\
FF - plugin: C:\PROGRA~2\MIC30F~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIC30F~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll
FF - plugin: C:\Users\Rob\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Rob\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-09-04 08:04; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys [2012-6-11 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2012-6-11 912504]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2012-8-10 110608]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2011-3-12 945200]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [2011-3-12 463408]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2012-6-11 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys [2012-6-11 386168]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-12 89600]
R2 AirPrint;AirPrint;C:\Program Files (x86)\AirPrint\airprint.exe -s --> C:\Program Files (x86)\AirPrint\airprint.exe -s [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-8 203264]
R2 Apache2.2;Apache2.2;C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-5-11 20549]
R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2012-3-26 222720]
R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-6-20 32368]
R2 g7dc_device;g7dc_device;C:\Windows\System32\g7dccoms.exe -service --> C:\Windows\System32\g7dccoms.exe -service [?]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2010-6-15 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-5-11 375208]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-4-2 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-6-1 72216]
R2 lxec_device;lxec_device;C:\Windows\System32\lxeccoms.exe -service --> C:\Windows\System32\lxeccoms.exe -service [?]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-8 7767552]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-8 279040]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-3-12 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-3-12 39464]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-9-3 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-3-12 132656]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-3-12 38528]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2011/03/12 01:07:02;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2011-3-12 245232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-27 116648]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxecserv.exe [2011-5-20 45736]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-27 116648]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-3-12 239136]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-12 344680]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2012-10-22 15:40:06 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4178500-EB81-473F-BB9C-C1870FA3DCE9}\offreg.dll
2012-10-21 20:17:58 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-20 19:07:10 98816 ----a-w- C:\Windows\sed.exe
2012-10-20 19:07:10 256000 ----a-w- C:\Windows\PEV.exe
2012-10-20 19:07:10 208896 ----a-w- C:\Windows\MBR.exe
2012-10-19 07:08:45 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4178500-EB81-473F-BB9C-C1870FA3DCE9}\mpengine.dll
2012-10-16 18:00:18 -------- d-----w- C:\Users\Rob\AppData\Local\Sanford,_L.P
2012-10-16 17:58:33 -------- d-----w- C:\Users\Rob\AppData\Local\DYMO
2012-10-16 17:53:07 -------- d-----w- C:\Program Files (x86)\DYMO
2012-10-16 17:52:58 -------- d-----w- C:\ProgramData\DYMO
2012-10-16 17:36:18 -------- d-----w- C:\Program Files\DYMO LabelWriter Drivers
2012-10-10 16:09:10 -------- d-----w- C:\Program Files\SyncToy 2.1
2012-10-10 04:33:19 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-10 04:33:15 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-10-10 04:33:13 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-10-10 04:33:13 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-10-10 04:33:00 425984 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-10 04:31:53 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-10 04:31:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-10 04:30:45 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-10 04:30:45 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-10 04:30:39 714752 ----a-w- C:\Windows\System32\kerberos.dll
2012-10-10 04:30:39 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-10-10 04:30:04 1462784 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 04:30:03 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 04:30:03 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 04:30:02 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 04:30:02 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 04:30:02 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-04 14:59:35 -------- d-----w- C:\Users\Rob\AppData\Local\PDF Writer
2012-10-04 14:53:18 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-10-04 14:43:36 -------- d-----w- C:\Program Files\Common Files\Bullzip
2012-10-04 14:43:35 227840 ----a-w- C:\Windows\SysWow64\bzFlRdr.dll
2012-10-04 14:43:35 103424 ----a-w- C:\Windows\SysWow64\bzDCT.dll
2012-10-04 14:43:35 -------- d-----w- C:\Users\Rob\AppData\Roaming\PDF Writer
2012-10-04 14:43:34 -------- d-----w- C:\ProgramData\PDF Writer
2012-10-04 14:43:31 135168 ----a-w- C:\Windows\SysWow64\bzpdfc.dll
2012-10-04 14:42:47 216064 ----a-w- C:\Windows\System32\bzpdf.dll
2012-10-04 14:42:05 -------- d-----w- C:\Program Files\Bullzip
.
==================== Find3M ====================
.
2012-10-12 14:20:41 150712 ----a-w- C:\Windows\SysWow64\WRusr.dll
2012-10-12 14:20:41 110608 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2012-10-12 14:20:41 103344 ----a-w- C:\Windows\System32\WRusr.dll
2012-10-02 12:42:16 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-02 12:42:16 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-29 00:24:56 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-08-29 00:24:53 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-21 17:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-02 17:55:04 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 17:05:42 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
.
============= FINISH: 14:57:35.48 ===============


Attach.txt
==========
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/17/2011 2:33:44 PM
System Uptime: 10/22/2012 7:53:04 AM (7 hours ago)
.
Motherboard: Hewlett-Packard | | 1641
Processor: AMD Phenom™ II P860 Triple-Core Processor | Socket S1G4 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 674 GiB total, 224.606 GiB free.
D: is FIXED (NTFS) - 24 GiB total, 2.734 GiB free.
E: is CDROM (CDFS)
F: is FIXED (NTFS) - 932 GiB total, 150.97 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP338: 10/2/2012 9:19:22 AM - Windows Update
RP339: 10/7/2012 11:21:56 PM - HPSF Restore Point
RP340: 10/9/2012 2:31:20 AM - Windows Update
RP341: 10/10/2012 3:00:24 AM - Windows Update
RP342: 10/10/2012 12:07:18 PM - Installed SyncToy 2.1 (x64)
RP343: 10/16/2012 5:53:23 AM - Windows Update
RP344: 10/16/2012 1:31:20 PM - Installed DYMO LabelWriter Drivers
RP345: 10/19/2012 4:31:13 PM - Removed Evernote v. 4.5.9
RP346: 10/19/2012 4:37:47 PM - Installed Evernote v. 4.5.9
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
ABBYY FineReader 6.0 Sprint
AceBackup 3
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.5
Agatha Christie - Peril at End House
Apache HTTP Server 2.2.18
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Bejeweled 2 Deluxe
Bing Bar
Bing Rewards Client Installer
BitTorrent
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Borland Delphi 7
Bounce Symphony
Broadcom 2070 Bluetooth 3.0
Broadcom 802.11 Wireless LAN Adapter
Build-a-lot 2
Bullzip PDF Printer 8.4.0.1425
Business Contact Manager for Outlook 2007 SP2
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco WebEx Meetings
Contents
Corel PaintShop Photo Pro X3
Corel VideoStudio Pro X3
CrashPlan
Cubby
CyberLink DVD Suite
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceIO
Diner Dash 2 Restaurant Rescue
doPDF 6.2 printer
doPDF 7.3 printer
Dora's World Adventure
Dropbox
DVD Menu Pack for HP MediaSmart Video
DYMO Label v.8
DYMO LabelWriter Drivers
Empire: Total War
Energy Star Digital Logo
Escape Rosecliff Island
ESU for Microsoft Windows 7
Evernote v. 4.5.9
Farm Frenzy
FATE
Fences Pro
Final Drive Nitro
GIMP 2.6.10
Google Chrome
Google Drive
Google Gmail Notifier
Google Update Helper
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.2.0
HP 3D DriveGuard
HP Auto
HP Client Services
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP DVB-T TV Tuner 8.0.64.43
HP FWUpdateEDO3
HP Game Console
HP Games
HP LaserJet Professional CM1410 Series
HP LaserJet Professional CP1520 Series
HP LJ CM1410 MFP Series HP Scan
HP MediaSmart DVD
HP MediaSmart Movies and TV
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Photo Creations
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass Identity Protection
HP Software Framework
HP Support Assistant
HP Update
HP Wireless Assistant
HPLaserJetHelp_LearnCenter
HPLJUT
hppCM1410LaserJetService
hppFaxDrvCM1410
hppFaxUtilityCM1410
hppLaserJetService
hppSendFaxCM1410
hppTLBXFXCM1410
hpzTLBXFX
Hulu Desktop
I.R.I.S. OCR
ICA
iCloud
IDT Audio
IPM_PSP_Pro
IPM_VS_Pro
ISCOM
iTunes
Java Auto Updater
Java™ 6 Update 21 (64-bit)
Java™ 6 Update 35
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
LastPass (uninstall only)
Lexmark Printable Web
Lexmark Pro800-Pro900 Series
Lexmark Toolbar
Lexmark Tools for Office
LinuxLive USB Creator
LogMeIn
Marketsplash Shortcuts
Microsoft .NET Framework 4 Client Profile
Microsoft Access 2010
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Small Business 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework 2.0 Core Components (x64) ENU
Microsoft Sync Framework 2.0 Provider Services (x64) ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual FoxPro OLE DB Provider
Microsoft WSE 3.0 Runtime
MobileMe Control Panel
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySQL Server 5.5
MySQL Workbench 5.2 CE
Mystery P.I. - The London Caper
Norton Internet Security
Norton Online Backup
Penguins!
PhotoNow!
PictureMover
Plants vs. Zombies
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PrimoPDF -- brought to you by Nitro PDF Software
PSPPContent
PSPPRO_DCRAW
PureHD
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
RockMelt
RoxioNow Player
Safari
Scrivener
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Setup
Share
Share64
Steam
Synaptics Pointing Device Driver
SyncToy 2.1 (x64)
Tax Forms Helper 2011 10.0
TextPad 5
Times Reader
TweetDeck
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Validity Sensors DDK
VersaCheck Presto
VersaJette M300-V08
VIO
Virtual Families
Virtual Villagers 4 - The Tree of Life
Visual FoxPro ODBC Driver
VLC media player 1.1.10
VSClassic
VSPro
Webroot SecureAnywhere
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
10/22/2012 7:55:52 AM, Error: Service Control Manager [7038] - The Service1 service was unable to log on as .\Rob with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
10/22/2012 7:55:52 AM, Error: Service Control Manager [7000] - The Multimedia Network Module service failed to start due to the following error: The service did not start due to a logon failure.
10/22/2012 7:55:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxecCATSCustConnectService service to connect.
10/22/2012 7:55:45 AM, Error: Service Control Manager [7000] - The lxecCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/20/2012 7:22:11 AM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.
10/20/2012 4:34:05 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/20/2012 4:29:49 PM, Error: Application Popup [1060] - \??\C:\Carbon\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/20/2012 2:57:28 PM, Error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10/19/2012 5:08:25 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
10/19/2012 3:09:33 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.139.124.0).
10/16/2012 8:02:25 AM, Error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).
10/16/2012 7:38:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
10/16/2012 11:26:08 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/15/2012 6:01:04 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff960002b4d2e, 0xfffff8800cf93db0, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101512-54584-01.
.
==== End Of File ===========================

Thanks,
Rob

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 22 October 2012 - 02:56 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 26 October 2012 - 11:15 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 27 October 2012 - 07:07 AM

Gringo,

I'm sorry - I somehow missed your earlier response. Here are the results of running ADWCleaner. I'll send the RogueCleaner results in a separate post.


# AdwCleaner v2.005 - Logfile created 10/27/2012 at 07:55:20
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Rob - ROB-DV7
# Boot Mode : Normal
# Running from : C:\Users\Rob\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\qxo8123q.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1514 octets] - [27/10/2012 07:55:20]

########## EOF - C:\AdwCleaner[S1].txt - [1574 octets] ##########

#7 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 27 October 2012 - 07:26 AM

Gringo,

RogueKiller generated one RKReport after the scan, and another after the delete. They are slightly different, so I am posting both below.

Thanks for your help,
Rob

<<EDIT: I attached the wrong data in my initial response. Corrected info below.>>


RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Rob [Admin rights]
Mode : Scan -- Date : 10/27/2012 08:17:07

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[TASK][SUSP PATH] {3E882617-6DBD-46D8-8BBA-4209AD3B9199} : C:\Windows\system32\pcalua.exe -a C:\Users\Rob\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_4.5.2.5517.exe -d C:\Windows\system32 -c /qb -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK7559GSXP ATA Device +++++
--- User ---
[MBR] e1f28d2db5abd27f0a721e0cba67d10e
[BSP] 8ba57bdf3f245bc6748b8dd7dd9cff06 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 690238 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1414017024 | Size: 24863 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt




RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Rob [Admin rights]
Mode : Remove -- Date : 10/27/2012 08:19:43

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[TASK][SUSP PATH] {3E882617-6DBD-46D8-8BBA-4209AD3B9199} : C:\Windows\system32\pcalua.exe -a C:\Users\Rob\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_4.5.2.5517.exe -d C:\Windows\system32 -c /qb -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK7559GSXP ATA Device +++++
--- User ---
[MBR] e1f28d2db5abd27f0a721e0cba67d10e
[BSP] 8ba57bdf3f245bc6748b8dd7dd9cff06 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 690238 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1414017024 | Size: 24863 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

Edited by romosumo, 27 October 2012 - 07:32 AM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 27 October 2012 - 12:33 PM

Hello romosumo

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 30 October 2012 - 12:52 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 30 October 2012 - 08:42 AM

Sorry for not replying sooner. After running ComboFix, I wanted to see whether the file deletion problem returned before posting again.

Unfortunately, it seems to have returned. This morning, I had ~20,000 files show up in my Recycle Bin which I hadn't deleted. I'm in the process of restoring them now.

In the meantime, here are the results of running ComboFix on Saturday:


ComboFix 12-10-26.05 - Rob 10/27/2012 14:32:35.2.3 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3835.2454 [GMT -4:00]
Running from: c:\users\Rob\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Webroot SecureAnywhere *Disabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Webroot SecureAnywhere *Disabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\jna9118101206631673578.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-09-27 to 2012-10-27 )))))))))))))))))))))))))))))))
.
.
2012-10-27 19:43 . 2012-10-27 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-16 18:00 . 2012-10-16 18:00 -------- d-----w- c:\users\Rob\AppData\Local\Sanford,_L.P
2012-10-16 17:58 . 2012-10-16 18:00 -------- d-----w- c:\users\Rob\AppData\Local\DYMO
2012-10-16 17:53 . 2012-10-16 17:53 -------- d-----w- c:\program files (x86)\DYMO
2012-10-16 17:52 . 2012-10-16 17:52 -------- d-----w- c:\programdata\DYMO
2012-10-16 17:36 . 2012-10-16 17:36 -------- d-----w- c:\program files\DYMO LabelWriter Drivers
2012-10-10 16:09 . 2012-10-10 16:09 -------- d-----w- c:\program files\SyncToy 2.1
2012-10-10 16:06 . 2012-10-10 16:06 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-10-10 04:33 . 2012-08-31 18:02 1656688 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 04:33 . 2012-08-30 18:11 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 04:33 . 2012-08-30 17:18 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 04:33 . 2012-08-30 17:18 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 04:33 . 2012-08-18 15:37 425984 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-10 04:33 . 2012-08-18 15:37 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-10-10 04:31 . 2012-09-14 19:23 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 04:31 . 2012-09-14 18:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 04:30 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 04:30 . 2012-08-24 17:10 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 04:30 . 2012-08-11 00:53 714752 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 04:30 . 2012-08-10 23:54 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 04:30 . 2012-06-02 05:25 1462784 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 04:30 . 2012-06-02 05:25 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 04:30 . 2012-06-02 04:45 1157632 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 04:30 . 2012-06-02 05:25 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 04:30 . 2012-06-02 04:45 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 04:30 . 2012-06-02 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 14:59 . 2012-10-04 14:59 -------- d-----w- c:\users\Rob\AppData\Local\PDF Writer
2012-10-04 14:53 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-10-04 14:43 . 2012-10-04 14:43 -------- d-----w- c:\program files\Common Files\Bullzip
2012-10-04 14:43 . 2012-10-04 14:43 -------- d-----w- c:\users\Rob\AppData\Roaming\PDF Writer
2012-10-04 14:43 . 2008-10-30 20:04 227840 ----a-w- c:\windows\SysWow64\bzFlRdr.dll
2012-10-04 14:43 . 2008-07-09 20:04 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll
2012-10-04 14:43 . 2012-10-04 14:43 -------- d-----w- c:\programdata\PDF Writer
2012-10-04 14:43 . 2010-09-27 20:04 135168 ----a-w- c:\windows\SysWow64\bzpdfc.dll
2012-10-04 14:42 . 2012-03-27 20:04 216064 ----a-w- c:\windows\system32\bzpdf.dll
2012-10-04 14:42 . 2012-10-04 14:42 -------- d-----w- c:\program files\Bullzip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 14:20 . 2012-08-10 19:24 103344 ----a-w- c:\windows\system32\WRusr.dll
2012-10-12 14:20 . 2012-08-10 19:24 150712 ----a-w- c:\windows\SysWow64\WRusr.dll
2012-10-12 14:20 . 2012-08-10 19:24 110608 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2012-10-02 12:42 . 2012-03-28 23:28 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-02 12:42 . 2011-05-17 18:50 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-29 00:24 . 2012-08-20 12:36 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-29 00:24 . 2010-10-23 18:00 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-24 11:15 . 2012-09-21 20:14 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-21 20:14 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-21 20:14 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-21 20:14 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-21 20:14 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-21 20:14 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-21 20:14 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-21 20:14 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-21 20:14 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-21 20:14 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-21 20:14 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-21 20:14 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-21 20:14 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-21 20:14 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-21 20:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-21 20:14 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-21 20:14 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-21 20:14 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-21 20:14 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-21 20:14 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-21 20:14 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-21 20:14 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-21 17:01 . 2012-09-20 12:45 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 17:01 . 2011-05-18 23:07 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 17:01 . 2011-05-18 23:07 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-18 11:19 . 2012-10-10 04:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:55 . 2012-09-12 10:12 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 17:05 . 2012-09-12 10:12 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RockMelt Update"="c:\users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2011-05-17 136336]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-03 1353080]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
"DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2012-06-20 1865840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"ToolboxFX"="c:\program files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" [2010-10-25 58936]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-10-12 726472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"BCSSync"="c:\program files (x86)\Microsoft Office 2010\Office14\BCSSync.exe" [2010-03-13 91520]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
c:\users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-10-25 1017184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-3-26 217088]
Monitor Apache Servers.lnk - c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2011-5-11 41051]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/03/12 01:07;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-09-21 245232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 116648]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-10-12 726472]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 116648]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-13 114144]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-09-15 239136]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-15 344680]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-18 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-10-12 110608]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-08-09 945200]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [2010-06-27 463408]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2010-09-14 89600]
S2 AirPrint;AirPrint;c:\program files (x86)\AirPrint\airprint.exe [2011-06-06 234784]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-08 203264]
S2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-05-11 20549]
S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2012-03-26 222720]
S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-06-20 32368]
S2 g7dc_device;g7dc_device;c:\windows\system32\g7dccoms.exe [2007-06-19 562176]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-06-15 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-12 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2012-04-02 15928]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-23 2192176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-08 7767552]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-08 279040]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-09-04 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-13 132656]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-10-08 38528]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_C6F09094
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 14:26]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 14:26]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000Core.job
- c:\users\Rob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-17 18:47]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000UA.job
- c:\users\Rob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-17 18:47]
.
2012-10-13 c:\windows\Tasks\HPCeeScheduleForROB-DV7$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-10-17 c:\windows\Tasks\HPCeeScheduleForRob.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-10-27 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000Core.job
- c:\users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-05-17 18:48]
.
2012-10-27 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000UA.job
- c:\users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-05-17 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 19:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 19:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 19:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 19:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-14 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-01 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-23 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2011-01-23 148280]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-04-02 57928]
"HP LaserJet Professional CM1410 Series Fax"="c:\program files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe" [2010-08-24 3706424]
"g7dcmon.exe"="c:\program files (x86)\VersaJette M300-V08\g7dcmon.exe" [BU]
"g7dcamon"="c:\program files (x86)\VersaJette M300-V08\g7dcamon.exe" [2007-05-01 20480]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences Pro\FencesMenu64.dll" [2010-09-16 464744]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: LastPass - file://c:\users\Rob\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\users\Rob\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}: NameServer = 8.8.8.8,4.2.2.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\05279667164756: NameServer = 4.2.2.1,8.8.8.8
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\8497164747: NameServer = 4.2.2.1,8.8.8.8
FF - ProfilePath - c:\users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\qxo8123q.default\
FF - ExtSQL: 2012-09-04 08:04; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-27 15:47:03
ComboFix-quarantined-files.txt 2012-10-27 19:47
ComboFix2.txt 2012-10-20 20:38
.
Pre-Run: 304,240,672,768 bytes free
Post-Run: 304,026,202,112 bytes free
.
- - End Of File - - A6BF9C90BF22A3D51FF652415BB9F03A

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 30 October 2012 - 11:14 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

:multiple Anti Virus programs:

It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:

AV: Norton Internet Security
AV: Webroot SecureAnywhere


Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

Please remove all but one of them.



I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 30 October 2012 - 01:54 PM

Gringo,

Thanks. As requested, I removed the Norton AV, which came with the PC and I never used. I left the SecureAnywhere AV in place.

Here are the results of TDSSKiller. I will run aswMBR next, and post it separately.

14:46:06.0041 5644 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:46:06.0306 5644 ============================================================
14:46:06.0306 5644 Current date / time: 2012/10/30 14:46:06.0306
14:46:06.0306 5644 SystemInfo:
14:46:06.0306 5644
14:46:06.0306 5644 OS Version: 6.1.7600 ServicePack: 0.0
14:46:06.0306 5644 Product type: Workstation
14:46:06.0306 5644 ComputerName: ROB-DV7
14:46:06.0306 5644 UserName: Rob
14:46:06.0306 5644 Windows directory: C:\Windows
14:46:06.0306 5644 System windows directory: C:\Windows
14:46:06.0306 5644 Running under WOW64
14:46:06.0306 5644 Processor architecture: Intel x64
14:46:06.0306 5644 Number of processors: 3
14:46:06.0306 5644 Page size: 0x1000
14:46:06.0306 5644 Boot type: Normal boot
14:46:06.0306 5644 ============================================================
14:46:10.0768 5644 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:46:10.0783 5644 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:46:10.0783 5644 ============================================================
14:46:10.0783 5644 \Device\Harddisk0\DR0:
14:46:10.0783 5644 MBR partitions:
14:46:10.0783 5644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:46:10.0783 5644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x5441F000
14:46:10.0783 5644 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54483000, BlocksNum 0x308F800
14:46:10.0783 5644 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
14:46:10.0783 5644 \Device\Harddisk1\DR1:
14:46:10.0783 5644 MBR partitions:
14:46:10.0783 5644 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
14:46:10.0783 5644 ============================================================
14:46:10.0877 5644 C: <-> \Device\Harddisk0\DR0\Partition2
14:46:10.0971 5644 D: <-> \Device\Harddisk0\DR0\Partition3
14:46:11.0002 5644 F: <-> \Device\Harddisk1\DR1\Partition1
14:46:11.0002 5644 ============================================================
14:46:11.0002 5644 Initialize success
14:46:11.0002 5644 ============================================================
14:46:22.0171 7840 ============================================================
14:46:22.0171 7840 Scan started
14:46:22.0171 7840 Mode: Manual;
14:46:22.0171 7840 ============================================================
14:46:28.0786 7840 ================ Scan system memory ========================
14:46:28.0786 7840 System memory - ok
14:46:28.0786 7840 ================ Scan services =============================
14:46:29.0051 7840 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:46:29.0051 7840 1394ohci - ok
14:46:29.0145 7840 [ 5AA055FE5AE506E19E9A8F537756EE10 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
14:46:29.0145 7840 Accelerometer - ok
14:46:29.0207 7840 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:46:29.0223 7840 ACPI - ok
14:46:29.0316 7840 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:46:29.0332 7840 AcpiPmi - ok
14:46:29.0613 7840 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:46:29.0613 7840 AdobeARMservice - ok
14:46:29.0706 7840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:46:29.0706 7840 adp94xx - ok
14:46:29.0784 7840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:46:29.0815 7840 adpahci - ok
14:46:29.0925 7840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:46:29.0940 7840 adpu320 - ok
14:46:30.0018 7840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:46:30.0018 7840 AeLookupSvc - ok
14:46:30.0127 7840 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
14:46:30.0127 7840 AESTFilters - ok
14:46:30.0221 7840 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:46:30.0221 7840 AFD - ok
14:46:30.0283 7840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:46:30.0283 7840 agp440 - ok
14:46:30.0455 7840 AirPrint - ok
14:46:30.0502 7840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:46:30.0502 7840 ALG - ok
14:46:30.0533 7840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:46:30.0533 7840 aliide - ok
14:46:30.0580 7840 [ 09FCD2C758F1AD3DF931AB9D944FE348 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:46:30.0595 7840 AMD External Events Utility - ok
14:46:30.0642 7840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:46:30.0642 7840 amdide - ok
14:46:30.0705 7840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:46:30.0705 7840 AmdK8 - ok
14:46:31.0641 7840 [ 2E76D0A912AB09CA5586AB23E466A25F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:46:31.0828 7840 amdkmdag - ok
14:46:32.0062 7840 [ DD3C0C1B62DA0736482501C4BCDCD1F8 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:46:32.0062 7840 amdkmdap - ok
14:46:32.0499 7840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:46:32.0499 7840 AmdPPM - ok
14:46:32.0592 7840 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:46:32.0592 7840 amdsata - ok
14:46:32.0623 7840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:46:32.0623 7840 amdsbs - ok
14:46:32.0717 7840 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:46:32.0717 7840 amdxata - ok
14:46:32.0904 7840 [ 349E929757AA980335E4618C9D291190 ] Apache2.2 C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
14:46:32.0904 7840 Apache2.2 - ok
14:46:32.0951 7840 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:46:32.0951 7840 AppID - ok
14:46:32.0982 7840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:46:32.0998 7840 AppIDSvc - ok
14:46:33.0029 7840 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:46:33.0029 7840 Appinfo - ok
14:46:33.0232 7840 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:46:33.0232 7840 Apple Mobile Device - ok
14:46:33.0372 7840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:46:33.0372 7840 arc - ok
14:46:33.0388 7840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:46:33.0388 7840 arcsas - ok
14:46:33.0466 7840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:46:33.0466 7840 AsyncMac - ok
14:46:33.0497 7840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:46:33.0497 7840 atapi - ok
14:46:33.0622 7840 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:46:33.0871 7840 athr - ok
14:46:33.0965 7840 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:46:33.0965 7840 AtiHdmiService - ok
14:46:34.0012 7840 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:46:34.0012 7840 AtiPcie - ok
14:46:34.0105 7840 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:46:34.0121 7840 AudioEndpointBuilder - ok
14:46:34.0137 7840 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:46:34.0137 7840 AudioSrv - ok
14:46:34.0168 7840 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:46:34.0168 7840 AxInstSV - ok
14:46:34.0230 7840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:46:34.0230 7840 b06bdrv - ok
14:46:34.0308 7840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:46:34.0308 7840 b57nd60a - ok
14:46:34.0636 7840 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
14:46:34.0636 7840 BBSvc - ok
14:46:34.0714 7840 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
14:46:34.0714 7840 BBUpdate - ok
14:46:34.0870 7840 [ 810BE94A9E42309B3F74217AC28BC6AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:46:34.0917 7840 BCM43XX - ok
14:46:35.0010 7840 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:46:35.0010 7840 BcmSqlStartupSvc - ok
14:46:35.0057 7840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:46:35.0057 7840 BDESVC - ok
14:46:35.0135 7840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:46:35.0135 7840 Beep - ok
14:46:35.0229 7840 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:46:35.0229 7840 BFE - ok
14:46:35.0416 7840 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
14:46:35.0681 7840 BITS - ok
14:46:35.0743 7840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:35.0743 7840 blbdrive - ok
14:46:35.0837 7840 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:46:35.0853 7840 Bonjour Service - ok
14:46:35.0915 7840 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:46:35.0915 7840 bowser - ok
14:46:35.0962 7840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:35.0962 7840 BrFiltLo - ok
14:46:35.0977 7840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:35.0977 7840 BrFiltUp - ok
14:46:36.0133 7840 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:46:36.0133 7840 BridgeMP - ok
14:46:36.0243 7840 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:46:36.0243 7840 Browser - ok
14:46:36.0305 7840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:46:36.0305 7840 Brserid - ok
14:46:36.0321 7840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:36.0321 7840 BrSerWdm - ok
14:46:36.0383 7840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:36.0383 7840 BrUsbMdm - ok
14:46:36.0430 7840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:36.0430 7840 BrUsbSer - ok
14:46:36.0508 7840 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:46:36.0508 7840 BthEnum - ok
14:46:36.0570 7840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:36.0570 7840 BTHMODEM - ok
14:46:36.0648 7840 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:46:36.0664 7840 BthPan - ok
14:46:36.0757 7840 [ E10D1912634974EA273A1588C75CCB76 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:46:36.0757 7840 BTHPORT - ok
14:46:37.0194 7840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:46:37.0194 7840 bthserv - ok
14:46:37.0381 7840 [ 19B784B6ECBB3ADBB2242700FEE90BEC ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:46:37.0397 7840 BTHUSB - ok
14:46:37.0678 7840 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
14:46:37.0678 7840 btwampfl - ok
14:46:37.0709 7840 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:46:37.0709 7840 btwaudio - ok
14:46:37.0771 7840 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
14:46:37.0771 7840 btwavdt - ok
14:46:37.0896 7840 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:46:37.0912 7840 btwdins - ok
14:46:37.0959 7840 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:46:37.0959 7840 btwl2cap - ok
14:46:37.0974 7840 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:46:37.0974 7840 btwrchid - ok
14:46:38.0021 7840 catchme - ok
14:46:38.0099 7840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:46:38.0099 7840 cdfs - ok
14:46:38.0161 7840 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:46:38.0177 7840 cdrom - ok
14:46:38.0208 7840 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:46:38.0208 7840 CertPropSvc - ok
14:46:38.0333 7840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:46:38.0333 7840 circlass - ok
14:46:38.0427 7840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:46:38.0427 7840 CLFS - ok
14:46:38.0614 7840 [ DEDE5EC7DC09D840D5D74E06FF4DE127 ] CLKMSVC10_C6F09094 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
14:46:38.0614 7840 CLKMSVC10_C6F09094 - ok
14:46:38.0770 7840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:46:38.0770 7840 clr_optimization_v2.0.50727_32 - ok
14:46:39.0144 7840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:46:39.0144 7840 clr_optimization_v2.0.50727_64 - ok
14:46:39.0331 7840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:46:39.0394 7840 clr_optimization_v4.0.30319_32 - ok
14:46:39.0472 7840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:46:39.0472 7840 clr_optimization_v4.0.30319_64 - ok
14:46:39.0534 7840 [ D68D9F4D53010B7E84D4E80A2E485554 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
14:46:39.0534 7840 clwvd - ok
14:46:39.0581 7840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:39.0581 7840 CmBatt - ok
14:46:39.0643 7840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:46:39.0643 7840 cmdide - ok
14:46:39.0706 7840 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:46:39.0706 7840 CNG - ok
14:46:39.0753 7840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:46:39.0753 7840 Compbatt - ok
14:46:39.0784 7840 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:46:39.0784 7840 CompositeBus - ok
14:46:39.0799 7840 COMSysApp - ok
14:46:39.0909 7840 [ 2CCC97E81FFB6263A038709D3D28DD48 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe
14:46:39.0909 7840 CrashPlanService - ok
14:46:39.0955 7840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:39.0955 7840 crcdisk - ok
14:46:40.0033 7840 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:46:40.0080 7840 CryptSvc - ok
14:46:40.0205 7840 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:46:40.0221 7840 DcomLaunch - ok
14:46:40.0267 7840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:46:40.0267 7840 defragsvc - ok
14:46:40.0330 7840 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:46:40.0330 7840 DfsC - ok
14:46:40.0423 7840 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:46:40.0423 7840 Dhcp - ok
14:46:40.0470 7840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:46:40.0470 7840 discache - ok
14:46:40.0579 7840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:46:40.0579 7840 Disk - ok
14:46:40.0626 7840 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:46:40.0626 7840 Dnscache - ok
14:46:40.0704 7840 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:46:40.0720 7840 dot3svc - ok
14:46:40.0829 7840 [ EAC9D9868D37C8785D12475A9BB65A11 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
14:46:40.0829 7840 DpHost - ok
14:46:40.0876 7840 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:46:40.0876 7840 DPS - ok
14:46:40.0969 7840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:46:40.0969 7840 drmkaud - ok
14:46:41.0094 7840 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:46:41.0094 7840 DXGKrnl - ok
14:46:41.0297 7840 [ 62A4B8B414A53E426B0028CA53AC6419 ] DymoPnpService C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
14:46:41.0297 7840 DymoPnpService - ok
14:46:41.0406 7840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:46:41.0422 7840 EapHost - ok
14:46:41.0734 7840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:46:41.0812 7840 ebdrv - ok
14:46:41.0843 7840 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:46:41.0843 7840 EFS - ok
14:46:41.0983 7840 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:46:41.0999 7840 ehRecvr - ok
14:46:42.0061 7840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:46:42.0061 7840 ehSched - ok
14:46:42.0139 7840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:46:42.0389 7840 elxstor - ok
14:46:42.0545 7840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:46:42.0545 7840 ErrDev - ok
14:46:43.0216 7840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:46:43.0216 7840 EventSystem - ok
14:46:43.0263 7840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:46:43.0263 7840 exfat - ok
14:46:43.0278 7840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:46:43.0294 7840 fastfat - ok
14:46:43.0387 7840 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:46:43.0403 7840 Fax - ok
14:46:43.0465 7840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:46:43.0465 7840 fdc - ok
14:46:43.0528 7840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:46:43.0528 7840 fdPHost - ok
14:46:43.0559 7840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:46:43.0559 7840 FDResPub - ok
14:46:43.0590 7840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:46:43.0590 7840 FileInfo - ok
14:46:43.0637 7840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:46:43.0637 7840 Filetrace - ok
14:46:43.0746 7840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:46:43.0746 7840 flpydisk - ok
14:46:43.0777 7840 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:46:43.0777 7840 FltMgr - ok
14:46:43.0887 7840 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
14:46:43.0902 7840 FontCache - ok
14:46:43.0965 7840 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:46:43.0965 7840 FontCache3.0.0.0 - ok
14:46:44.0011 7840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:46:44.0011 7840 FsDepends - ok
14:46:44.0136 7840 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:46:44.0136 7840 Fs_Rec - ok
14:46:44.0183 7840 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:46:44.0183 7840 fvevol - ok
14:46:44.0245 7840 g7dc_device - ok
14:46:44.0277 7840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:46:44.0277 7840 gagp30kx - ok
14:46:44.0401 7840 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:46:44.0401 7840 GameConsoleService - ok
14:46:44.0479 7840 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:46:44.0479 7840 GEARAspiWDM - ok
14:46:44.0791 7840 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:46:44.0807 7840 gpsvc - ok
14:46:45.0072 7840 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:46:45.0072 7840 gupdate - ok
14:46:45.0197 7840 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:46:45.0197 7840 gupdatem - ok
14:46:45.0244 7840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:46:45.0244 7840 hcw85cir - ok
14:46:45.0291 7840 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:46:45.0291 7840 HdAudAddService - ok
14:46:45.0353 7840 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:46:45.0353 7840 HDAudBus - ok
14:46:45.0400 7840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:46:45.0400 7840 HidBatt - ok
14:46:45.0431 7840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:46:45.0447 7840 HidBth - ok
14:46:45.0462 7840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:46:45.0462 7840 HidIr - ok
14:46:45.0493 7840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:46:45.0493 7840 hidserv - ok
14:46:45.0540 7840 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:46:45.0540 7840 HidUsb - ok
14:46:45.0571 7840 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:46:45.0571 7840 hkmsvc - ok
14:46:45.0603 7840 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:46:45.0603 7840 HomeGroupListener - ok
14:46:45.0649 7840 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:46:45.0649 7840 HomeGroupProvider - ok
14:46:45.0790 7840 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
14:46:45.0790 7840 HP LaserJet Service - ok
14:46:46.0055 7840 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:46:46.0055 7840 HP Support Assistant Service - ok
14:46:46.0195 7840 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:46:46.0211 7840 HP Wireless Assistant Service - ok
14:46:46.0351 7840 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
14:46:46.0351 7840 HPClientSvc - ok
14:46:46.0398 7840 [ C958976C7DAAF47084A33EBBC6E28B84 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:46:46.0398 7840 HPDrvMntSvc.exe - ok
14:46:46.0476 7840 [ 0AC88FBE4BF315F5F8FD862426C11540 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
14:46:46.0476 7840 hpdskflt - ok
14:46:46.0570 7840 [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:46:46.0819 7840 hpqwmiex - ok
14:46:46.0913 7840 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:46:46.0913 7840 HpSAMD - ok
14:46:46.0960 7840 [ 778CE2C015DEC896C5C9323342BD71D4 ] hpsrv C:\Windows\system32\Hpservice.exe
14:46:46.0960 7840 hpsrv - ok
14:46:47.0131 7840 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:46:47.0131 7840 HPWMISVC - ok
14:46:47.0287 7840 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:46:47.0287 7840 HTTP - ok
14:46:47.0319 7840 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:46:47.0319 7840 hwpolicy - ok
14:46:47.0443 7840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:46:47.0443 7840 i8042prt - ok
14:46:47.0584 7840 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:46:47.0599 7840 iaStorV - ok
14:46:47.0740 7840 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:46:47.0740 7840 idsvc - ok
14:46:48.0255 7840 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:46:48.0364 7840 igfx - ok
14:46:48.0411 7840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:46:48.0411 7840 iirsp - ok
14:46:48.0504 7840 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:46:48.0520 7840 IKEEXT - ok
14:46:48.0832 7840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:46:48.0832 7840 intelide - ok
14:46:48.0910 7840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:46:48.0910 7840 intelppm - ok
14:46:48.0925 7840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:46:48.0925 7840 IPBusEnum - ok
14:46:48.0957 7840 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:46:48.0957 7840 IpFilterDriver - ok
14:46:49.0159 7840 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:46:49.0159 7840 iphlpsvc - ok
14:46:49.0206 7840 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:46:49.0206 7840 IPMIDRV - ok
14:46:49.0237 7840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:46:49.0237 7840 IPNAT - ok
14:46:49.0378 7840 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:46:49.0378 7840 iPod Service - ok
14:46:49.0471 7840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:46:49.0471 7840 IRENUM - ok
14:46:49.0503 7840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:46:49.0503 7840 isapnp - ok
14:46:49.0549 7840 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:46:49.0549 7840 iScsiPrt - ok
14:46:49.0581 7840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:46:49.0596 7840 kbdclass - ok
14:46:49.0627 7840 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:46:49.0627 7840 kbdhid - ok
14:46:49.0643 7840 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:46:49.0643 7840 KeyIso - ok
14:46:49.0690 7840 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:46:49.0690 7840 KSecDD - ok
14:46:49.0737 7840 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:46:49.0752 7840 KSecPkg - ok
14:46:49.0799 7840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:46:49.0799 7840 ksthunk - ok
14:46:49.0830 7840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:46:49.0830 7840 KtmRm - ok
14:46:49.0939 7840 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:46:49.0955 7840 LanmanServer - ok
14:46:50.0064 7840 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:46:50.0064 7840 LanmanWorkstation - ok
14:46:50.0485 7840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:46:50.0501 7840 lltdio - ok
14:46:50.0610 7840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:46:50.0626 7840 lltdsvc - ok
14:46:50.0641 7840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:46:50.0657 7840 lmhosts - ok
14:46:50.0891 7840 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
14:46:50.0907 7840 LMIGuardianSvc - ok
14:46:51.0047 7840 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
14:46:51.0047 7840 LMIInfo - ok
14:46:51.0172 7840 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
14:46:51.0187 7840 LMIMaint - ok
14:46:51.0265 7840 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
14:46:51.0265 7840 lmimirr - ok
14:46:51.0297 7840 LMIRfsClientNP - ok
14:46:51.0390 7840 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
14:46:51.0390 7840 LMIRfsDriver - ok
14:46:51.0546 7840 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
14:46:51.0546 7840 LogMeIn - ok
14:46:51.0889 7840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:46:51.0889 7840 LSI_FC - ok
14:46:51.0921 7840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:46:51.0921 7840 LSI_SAS - ok
14:46:51.0936 7840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:46:51.0936 7840 LSI_SAS2 - ok
14:46:51.0967 7840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:46:52.0030 7840 LSI_SCSI - ok
14:46:52.0123 7840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:46:52.0123 7840 luafv - ok
14:46:52.0295 7840 [ 1F02B554DDC4086D786537A3BF6488F1 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
14:46:52.0435 7840 lxecCATSCustConnectService - ok
14:46:52.0560 7840 lxec_device - ok
14:46:52.0623 7840 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:46:52.0623 7840 Mcx2Svc - ok
14:46:52.0872 7840 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:46:52.0872 7840 MDM - ok
14:46:52.0903 7840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:46:52.0903 7840 megasas - ok
14:46:53.0247 7840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:46:53.0262 7840 MegaSR - ok
14:46:53.0309 7840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:46:53.0309 7840 MMCSS - ok
14:46:53.0356 7840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:46:53.0356 7840 Modem - ok
14:46:53.0403 7840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:46:53.0403 7840 monitor - ok
14:46:53.0465 7840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:46:53.0465 7840 mouclass - ok
14:46:53.0512 7840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:46:53.0512 7840 mouhid - ok
14:46:53.0527 7840 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:46:53.0527 7840 mountmgr - ok
14:46:53.0761 7840 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:46:53.0761 7840 MozillaMaintenance - ok
14:46:53.0839 7840 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:46:53.0839 7840 mpio - ok
14:46:53.0886 7840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:46:53.0886 7840 mpsdrv - ok
14:46:53.0933 7840 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:46:53.0933 7840 MpsSvc - ok
14:46:53.0964 7840 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:46:53.0964 7840 MRxDAV - ok
14:46:54.0011 7840 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:54.0027 7840 mrxsmb - ok
14:46:54.0089 7840 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:54.0089 7840 mrxsmb10 - ok
14:46:54.0183 7840 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:54.0183 7840 mrxsmb20 - ok
14:46:54.0214 7840 [ D1318D7B87B71003A5C6C7C31EC80288 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:46:54.0214 7840 msahci - ok
14:46:54.0276 7840 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:46:54.0292 7840 msdsm - ok
14:46:54.0323 7840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:46:54.0323 7840 MSDTC - ok
14:46:54.0354 7840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:46:54.0354 7840 Msfs - ok
14:46:54.0666 7840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:46:54.0666 7840 mshidkmdf - ok
14:46:54.0682 7840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:46:54.0729 7840 msisadrv - ok
14:46:54.0853 7840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:46:54.0853 7840 MSiSCSI - ok
14:46:54.0869 7840 msiserver - ok
14:46:54.0916 7840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:46:54.0916 7840 MSKSSRV - ok
14:46:54.0916 7840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:54.0916 7840 MSPCLOCK - ok
14:46:54.0931 7840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:46:54.0931 7840 MSPQM - ok
14:46:54.0947 7840 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:46:54.0963 7840 MsRPC - ok
14:46:54.0994 7840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:46:54.0994 7840 mssmbios - ok
14:46:55.0165 7840 MSSQL$MSSMLBIZ - ok
14:46:55.0228 7840 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:46:55.0228 7840 MSSQLServerADHelper - ok
14:46:55.0275 7840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:46:55.0275 7840 MSTEE - ok
14:46:55.0306 7840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:46:55.0306 7840 MTConfig - ok
14:46:55.0337 7840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:46:55.0353 7840 Mup - ok
14:46:55.0524 7840 MySQL - ok
14:46:55.0587 7840 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:46:55.0587 7840 napagent - ok
14:46:55.0696 7840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:46:55.0696 7840 NativeWifiP - ok
14:46:55.0852 7840 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:46:55.0867 7840 NDIS - ok
14:46:55.0899 7840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:46:55.0914 7840 NdisCap - ok
14:46:55.0961 7840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:55.0961 7840 NdisTapi - ok
14:46:55.0992 7840 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:55.0992 7840 Ndisuio - ok
14:46:56.0023 7840 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:56.0023 7840 NdisWan - ok
14:46:56.0413 7840 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:46:56.0445 7840 NDProxy - ok
14:46:56.0538 7840 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:46:56.0538 7840 Net Driver HPZ12 - ok
14:46:56.0569 7840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:46:56.0569 7840 NetBIOS - ok
14:46:56.0632 7840 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:46:56.0632 7840 NetBT - ok
14:46:56.0663 7840 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:46:56.0663 7840 Netlogon - ok
14:46:56.0694 7840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:46:56.0710 7840 Netman - ok
14:46:56.0757 7840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:46:56.0772 7840 netprofm - ok
14:46:56.0803 7840 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:46:56.0803 7840 NetTcpPortSharing - ok
14:46:57.0100 7840 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:46:57.0225 7840 netw5v64 - ok
14:46:57.0256 7840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:46:57.0256 7840 nfrd960 - ok
14:46:57.0303 7840 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:46:57.0303 7840 NlaSvc - ok
14:46:57.0599 7840 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:46:58.0114 7840 NOBU - ok
14:46:58.0223 7840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:46:58.0223 7840 Npfs - ok
14:46:58.0254 7840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:46:58.0254 7840 nsi - ok
14:46:58.0317 7840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:46:58.0317 7840 nsiproxy - ok
14:46:58.0504 7840 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:46:58.0582 7840 Ntfs - ok
14:46:58.0629 7840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:46:58.0629 7840 Null - ok
14:46:58.0660 7840 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:46:58.0660 7840 nvraid - ok
14:46:58.0769 7840 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:46:58.0769 7840 nvstor - ok
14:46:58.0800 7840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:46:58.0800 7840 nv_agp - ok
14:46:58.0894 7840 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:46:58.0909 7840 odserv - ok
14:46:58.0941 7840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:46:58.0956 7840 ohci1394 - ok
14:46:59.0065 7840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:46:59.0065 7840 ose - ok
14:46:59.0705 7840 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:46:59.0892 7840 osppsvc - ok
14:47:00.0001 7840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:47:00.0001 7840 p2pimsvc - ok
14:47:00.0095 7840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:47:00.0095 7840 p2psvc - ok
14:47:00.0111 7840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:47:00.0111 7840 Parport - ok
14:47:00.0157 7840 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:47:00.0157 7840 partmgr - ok
14:47:00.0189 7840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:47:00.0189 7840 PcaSvc - ok
14:47:00.0235 7840 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:47:00.0235 7840 pci - ok
14:47:00.0298 7840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:47:00.0298 7840 pciide - ok
14:47:00.0376 7840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:47:00.0391 7840 pcmcia - ok
14:47:00.0407 7840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:47:00.0423 7840 pcw - ok
14:47:00.0485 7840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:47:00.0485 7840 PEAUTH - ok
14:47:00.0625 7840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:47:00.0625 7840 PerfHost - ok
14:47:00.0735 7840 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:47:00.0750 7840 pla - ok
14:47:00.0828 7840 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:47:00.0828 7840 PlugPlay - ok
14:47:00.0969 7840 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:47:00.0969 7840 Pml Driver HPZ12 - ok
14:47:00.0984 7840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:47:01.0000 7840 PNRPAutoReg - ok
14:47:01.0015 7840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:47:01.0015 7840 PNRPsvc - ok
14:47:01.0109 7840 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
14:47:01.0109 7840 Point64 - ok
14:47:01.0140 7840 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:47:01.0156 7840 PolicyAgent - ok
14:47:01.0187 7840 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:47:01.0187 7840 Power - ok
14:47:01.0296 7840 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:47:01.0296 7840 PptpMiniport - ok
14:47:01.0327 7840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:47:01.0327 7840 Processor - ok
14:47:01.0499 7840 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
14:47:01.0515 7840 ProfSvc - ok
14:47:01.0546 7840 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:47:01.0546 7840 ProtectedStorage - ok
14:47:01.0608 7840 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:47:01.0608 7840 Psched - ok
14:47:01.0686 7840 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:47:01.0686 7840 PSI_SVC_2 - ok
14:47:01.0780 7840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:47:01.0795 7840 ql2300 - ok
14:47:01.0858 7840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:47:01.0873 7840 ql40xx - ok
14:47:01.0920 7840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:47:01.0920 7840 QWAVE - ok
14:47:01.0936 7840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:47:01.0936 7840 QWAVEdrv - ok
14:47:01.0951 7840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:47:01.0967 7840 RasAcd - ok
14:47:02.0045 7840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:47:02.0045 7840 RasAgileVpn - ok
14:47:02.0061 7840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:47:02.0061 7840 RasAuto - ok
14:47:02.0123 7840 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:47:02.0123 7840 Rasl2tp - ok
14:47:02.0201 7840 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:47:02.0201 7840 RasMan - ok
14:47:02.0248 7840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:47:02.0248 7840 RasPppoe - ok
14:47:02.0295 7840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:47:02.0295 7840 RasSstp - ok
14:47:02.0341 7840 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:47:02.0341 7840 rdbss - ok
14:47:02.0419 7840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:47:02.0419 7840 rdpbus - ok
14:47:02.0466 7840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:47:02.0466 7840 RDPCDD - ok
14:47:02.0529 7840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:47:02.0529 7840 RDPENCDD - ok
14:47:02.0544 7840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:47:02.0544 7840 RDPREFMP - ok
14:47:02.0638 7840 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:47:02.0638 7840 RDPWD - ok
14:47:02.0731 7840 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:47:02.0731 7840 rdyboost - ok
14:47:02.0794 7840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:47:02.0794 7840 RemoteAccess - ok
14:47:02.0825 7840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:47:02.0825 7840 RemoteRegistry - ok
14:47:02.0919 7840 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:47:02.0919 7840 RFCOMM - ok
14:47:02.0981 7840 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
14:47:02.0981 7840 RoxioNow Service - ok
14:47:03.0012 7840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:47:03.0012 7840 RpcEptMapper - ok
14:47:03.0059 7840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:47:03.0059 7840 RpcLocator - ok
14:47:03.0153 7840 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:47:03.0153 7840 RpcSs - ok
14:47:03.0199 7840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:47:03.0199 7840 rspndr - ok
14:47:03.0262 7840 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:47:03.0262 7840 RSUSBSTOR - ok
14:47:03.0309 7840 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:47:03.0309 7840 RTL8167 - ok
14:47:03.0340 7840 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:47:03.0340 7840 SamSs - ok
14:47:03.0387 7840 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:47:03.0387 7840 sbp2port - ok
14:47:03.0418 7840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:47:03.0418 7840 SCardSvr - ok
14:47:03.0433 7840 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:47:03.0433 7840 scfilter - ok
14:47:03.0558 7840 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:47:03.0574 7840 Schedule - ok
14:47:03.0621 7840 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:47:03.0621 7840 SCPolicySvc - ok
14:47:03.0699 7840 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:47:03.0699 7840 sdbus - ok
14:47:03.0745 7840 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:47:03.0745 7840 SDRSVC - ok
14:47:03.0792 7840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:47:03.0792 7840 secdrv - ok
14:47:03.0839 7840 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:47:03.0839 7840 seclogon - ok
14:47:03.0886 7840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:47:03.0886 7840 SENS - ok
14:47:03.0917 7840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:47:03.0917 7840 SensrSvc - ok
14:47:03.0933 7840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:47:03.0933 7840 Serenum - ok
14:47:04.0011 7840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:47:04.0011 7840 Serial - ok
14:47:04.0104 7840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:47:04.0104 7840 sermouse - ok
14:47:04.0853 7840 [ 83EFA8F38974E4776595A4ADD3D2CC49 ] Service1 C:\Data RM Main\My Documents\PrintScape\Development\InvoicePrint2\mmnmsvc.exe
14:47:05.0071 7840 Service1 - ok
14:47:05.0103 7840 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:47:05.0118 7840 SessionEnv - ok
14:47:05.0149 7840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:47:05.0149 7840 sffdisk - ok
14:47:05.0212 7840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:47:05.0212 7840 sffp_mmc - ok
14:47:05.0259 7840 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:47:05.0259 7840 sffp_sd - ok
14:47:05.0274 7840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:47:05.0274 7840 sfloppy - ok
14:47:05.0321 7840 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:47:05.0321 7840 SharedAccess - ok
14:47:05.0368 7840 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:47:05.0368 7840 ShellHWDetection - ok
14:47:05.0430 7840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:47:05.0430 7840 SiSRaid2 - ok
14:47:05.0508 7840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:47:05.0508 7840 SiSRaid4 - ok
14:47:05.0571 7840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:47:05.0571 7840 Smb - ok
14:47:05.0633 7840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:47:05.0633 7840 SNMPTRAP - ok
14:47:05.0664 7840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:47:05.0664 7840 spldr - ok
14:47:05.0727 7840 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
14:47:05.0742 7840 Spooler - ok
14:47:05.0992 7840 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:47:06.0085 7840 sppsvc - ok
14:47:06.0132 7840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:47:06.0132 7840 sppuinotify - ok
14:47:06.0319 7840 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:47:06.0319 7840 SQLBrowser - ok
14:47:06.0491 7840 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:47:06.0491 7840 SQLWriter - ok
14:47:06.0616 7840 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:47:06.0631 7840 srv - ok
14:47:06.0647 7840 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:47:06.0663 7840 srv2 - ok
14:47:06.0694 7840 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:47:06.0694 7840 SrvHsfHDA - ok
14:47:06.0756 7840 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:47:06.0803 7840 SrvHsfV92 - ok
14:47:06.0865 7840 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:47:06.0865 7840 SrvHsfWinac - ok
14:47:06.0928 7840 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:47:06.0943 7840 srvnet - ok
14:47:07.0037 7840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:47:07.0053 7840 SSDPSRV - ok
14:47:07.0068 7840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:47:07.0068 7840 SstpSvc - ok
14:47:07.0224 7840 [ B00068BA94F5F306911B14B425AAEB56 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
14:47:07.0240 7840 STacSV - ok
14:47:07.0349 7840 Steam Client Service - ok
14:47:07.0380 7840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:47:07.0380 7840 stexstor - ok
14:47:07.0521 7840 [ DA40D9C9CCB9836D6ABD1706935A2277 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:47:07.0536 7840 STHDA - ok
14:47:07.0614 7840 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:47:07.0614 7840 StillCam - ok
14:47:07.0677 7840 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:47:07.0692 7840 stisvc - ok
14:47:07.0723 7840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:47:07.0723 7840 swenum - ok
14:47:07.0770 7840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:47:07.0770 7840 swprv - ok
14:47:07.0895 7840 [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:47:07.0911 7840 SynTP - ok
14:47:08.0566 7840 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:47:08.0628 7840 SysMain - ok
14:47:08.0706 7840 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:47:08.0706 7840 TabletInputService - ok
14:47:08.0722 7840 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:47:08.0737 7840 TapiSrv - ok
14:47:08.0753 7840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:47:08.0753 7840 TBS - ok
14:47:08.0971 7840 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:47:09.0018 7840 Tcpip - ok
14:47:09.0127 7840 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:47:09.0143 7840 TCPIP6 - ok
14:47:09.0190 7840 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:47:09.0190 7840 tcpipreg - ok
14:47:09.0221 7840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:47:09.0221 7840 TDPIPE - ok
14:47:09.0268 7840 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:47:09.0268 7840 TDTCP - ok
14:47:09.0299 7840 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:47:09.0299 7840 tdx - ok
14:47:09.0315 7840 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:47:09.0330 7840 TermDD - ok
14:47:09.0408 7840 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:47:09.0424 7840 TermService - ok
14:47:09.0455 7840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:47:09.0471 7840 Themes - ok
14:47:09.0517 7840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:47:09.0533 7840 THREADORDER - ok
14:47:09.0580 7840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:47:09.0595 7840 TrkWks - ok
14:47:09.0736 7840 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:47:09.0736 7840 TrustedInstaller - ok
14:47:09.0751 7840 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:47:09.0751 7840 tssecsrv - ok
14:47:09.0798 7840 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:47:09.0798 7840 tunnel - ok
14:47:09.0829 7840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:47:09.0829 7840 uagp35 - ok
14:47:09.0861 7840 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:47:09.0861 7840 udfs - ok
14:47:09.0939 7840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:47:09.0939 7840 UI0Detect - ok
14:47:10.0001 7840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:47:10.0001 7840 uliagpkx - ok
14:47:10.0079 7840 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:47:10.0079 7840 umbus - ok
14:47:10.0126 7840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:47:10.0126 7840 UmPass - ok
14:47:10.0173 7840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:47:10.0173 7840 upnphost - ok
14:47:10.0235 7840 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:47:10.0235 7840 USBAAPL64 - ok
14:47:10.0297 7840 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:47:10.0297 7840 usbccgp - ok
14:47:10.0391 7840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:47:10.0391 7840 usbcir - ok
14:47:10.0469 7840 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:47:10.0469 7840 usbehci - ok
14:47:10.0641 7840 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:47:10.0641 7840 usbfilter - ok
14:47:10.0734 7840 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:47:10.0734 7840 usbhub - ok
14:47:10.0750 7840 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:47:10.0765 7840 usbohci - ok
14:47:10.0797 7840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:47:10.0797 7840 usbprint - ok
14:47:10.0828 7840 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:47:10.0843 7840 usbscan - ok
14:47:10.0921 7840 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:47:10.0921 7840 USBSTOR - ok
14:47:10.0937 7840 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:47:10.0937 7840 usbuhci - ok
14:47:10.0999 7840 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:47:10.0999 7840 usbvideo - ok
14:47:11.0109 7840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:47:11.0124 7840 UxSms - ok
14:47:11.0171 7840 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:47:11.0171 7840 VaultSvc - ok
14:47:11.0389 7840 [ 2662F24C7AEE2A32CEBDEC907A5366F1 ] vcsFPService C:\Windows\system32\vcsFPService.exe
14:47:11.0436 7840 vcsFPService - ok
14:47:11.0467 7840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:47:11.0467 7840 vdrvroot - ok
14:47:11.0514 7840 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:47:11.0530 7840 vds - ok
14:47:11.0561 7840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:47:11.0577 7840 vga - ok
14:47:11.0592 7840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:47:11.0592 7840 VgaSave - ok
14:47:11.0639 7840 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:47:11.0655 7840 vhdmp - ok
14:47:11.0748 7840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:47:11.0748 7840 viaide - ok
14:47:11.0811 7840 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:47:11.0811 7840 volmgr - ok
14:47:11.0842 7840 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:47:11.0842 7840 volmgrx - ok
14:47:11.0873 7840 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:47:11.0873 7840 volsnap - ok
14:47:11.0904 7840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:47:11.0904 7840 vsmraid - ok
14:47:12.0091 7840 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:47:12.0123 7840 VSS - ok
14:47:12.0138 7840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:47:12.0138 7840 vwifibus - ok
14:47:12.0232 7840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:47:12.0232 7840 vwififlt - ok
14:47:12.0325 7840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:47:12.0325 7840 W32Time - ok
14:47:12.0357 7840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:47:12.0357 7840 WacomPen - ok
14:47:12.0404 7840 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:47:12.0404 7840 WANARP - ok
14:47:12.0404 7840 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:47:12.0404 7840 Wanarpv6 - ok
14:47:12.0575 7840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:47:12.0669 7840 WatAdminSvc - ok
14:47:12.0809 7840 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:47:12.0825 7840 wbengine - ok
14:47:12.0887 7840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:47:12.0887 7840 WbioSrvc - ok
14:47:12.0950 7840 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:47:12.0965 7840 wcncsvc - ok
14:47:13.0012 7840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:47:13.0028 7840 WcsPlugInService - ok
14:47:13.0043 7840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:47:13.0043 7840 Wd - ok
14:47:13.0106 7840 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:47:13.0106 7840 Wdf01000 - ok
14:47:13.0152 7840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:47:13.0152 7840 WdiServiceHost - ok
14:47:13.0152 7840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:47:13.0152 7840 WdiSystemHost - ok
14:47:13.0199 7840 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
14:47:13.0199 7840 WebClient - ok
14:47:13.0230 7840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:47:13.0246 7840 Wecsvc - ok
14:47:13.0308 7840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:47:13.0308 7840 wercplsupport - ok
14:47:13.0324 7840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:47:13.0324 7840 WerSvc - ok
14:47:13.0386 7840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:47:13.0386 7840 WfpLwf - ok
14:47:13.0402 7840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:47:13.0418 7840 WIMMount - ok
14:47:13.0433 7840 WinDefend - ok
14:47:13.0433 7840 WinHttpAutoProxySvc - ok
14:47:13.0667 7840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:47:13.0683 7840 Winmgmt - ok
14:47:13.0823 7840 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:47:13.0901 7840 WinRM - ok
14:47:13.0948 7840 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
14:47:13.0948 7840 WinUSB - ok
14:47:13.0995 7840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:47:14.0010 7840 Wlansvc - ok
14:47:14.0229 7840 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:47:14.0276 7840 wlidsvc - ok
14:47:14.0322 7840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:47:14.0322 7840 WmiAcpi - ok
14:47:14.0354 7840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:47:14.0369 7840 wmiApSrv - ok
14:47:14.0447 7840 WMPNetworkSvc - ok
14:47:14.0478 7840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:47:14.0478 7840 WPCSvc - ok
14:47:14.0510 7840 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:47:14.0525 7840 WPDBusEnum - ok
14:47:14.0619 7840 [ B40CEF9AC9A29A9CBF767571172DB993 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
14:47:14.0619 7840 WRkrn - ok
14:47:14.0681 7840 [ FA473DF8D8E9DAAFEACE8965B5A64EDC ] WRSVC C:\Program Files\Webroot\WRSA.exe
14:47:14.0681 7840 WRSVC - ok
14:47:14.0712 7840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:47:14.0712 7840 ws2ifsl - ok
14:47:14.0775 7840 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
14:47:14.0775 7840 wscsvc - ok
14:47:14.0790 7840 WSearch - ok
14:47:14.0931 7840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:47:14.0993 7840 wuauserv - ok
14:47:15.0056 7840 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:47:15.0056 7840 WudfPf - ok
14:47:15.0087 7840 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:47:15.0087 7840 WUDFRd - ok
14:47:15.0134 7840 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:47:15.0134 7840 wudfsvc - ok
14:47:15.0149 7840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:47:15.0149 7840 WwanSvc - ok
14:47:15.0196 7840 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:47:15.0196 7840 yukonw7 - ok
14:47:15.0212 7840 ================ Scan global ===============================
14:47:15.0274 7840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:47:15.0336 7840 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
14:47:15.0352 7840 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
14:47:15.0399 7840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:47:15.0461 7840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:47:15.0477 7840 [Global] - ok
14:47:15.0477 7840 ================ Scan MBR ==================================
14:47:15.0492 7840 [ DB6BAF4E404E5B51B4BD0444162B0C28 ] \Device\Harddisk0\DR0
14:47:15.0820 7840 \Device\Harddisk0\DR0 - ok
14:47:15.0851 7840 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:47:15.0867 7840 \Device\Harddisk1\DR1 - ok
14:47:15.0867 7840 ================ Scan VBR ==================================
14:47:15.0898 7840 [ 3E8CFE6234C090E72A59B67F8D0D21BC ] \Device\Harddisk0\DR0\Partition1
14:47:15.0898 7840 \Device\Harddisk0\DR0\Partition1 - ok
14:47:15.0945 7840 [ 31B7528E894DD44A2D13F1FBB17EDBF6 ] \Device\Harddisk0\DR0\Partition2
14:47:15.0945 7840 \Device\Harddisk0\DR0\Partition2 - ok
14:47:16.0179 7840 [ 21D9112F855CCF3F51E2B9CACE5AC510 ] \Device\Harddisk0\DR0\Partition3
14:47:16.0179 7840 \Device\Harddisk0\DR0\Partition3 - ok
14:47:16.0210 7840 [ 98A6DA330788FCC84ECD95B5ABDE79B1 ] \Device\Harddisk0\DR0\Partition4
14:47:16.0210 7840 \Device\Harddisk0\DR0\Partition4 - ok
14:47:16.0210 7840 [ 181EFC0222B36B24131684E8F807451D ] \Device\Harddisk1\DR1\Partition1
14:47:16.0226 7840 \Device\Harddisk1\DR1\Partition1 - ok
14:47:16.0226 7840 ============================================================
14:47:16.0226 7840 Scan finished
14:47:16.0226 7840 ============================================================
14:47:16.0241 6192 Detected object count: 0
14:47:16.0241 6192 Actual detected object count: 0
14:49:33.0974 6712 ============================================================
14:49:33.0974 6712 Scan started
14:49:33.0974 6712 Mode: Manual;
14:49:33.0974 6712 ============================================================
14:49:35.0674 6712 ================ Scan system memory ========================
14:49:35.0674 6712 System memory - ok
14:49:35.0674 6712 ================ Scan services =============================
14:49:36.0111 6712 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:49:36.0111 6712 1394ohci - ok
14:49:36.0236 6712 [ 5AA055FE5AE506E19E9A8F537756EE10 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
14:49:36.0236 6712 Accelerometer - ok
14:49:36.0314 6712 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:49:36.0314 6712 ACPI - ok
14:49:36.0501 6712 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:49:36.0501 6712 AcpiPmi - ok
14:49:36.0938 6712 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:49:36.0938 6712 AdobeARMservice - ok
14:49:37.0078 6712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:49:37.0078 6712 adp94xx - ok
14:49:37.0172 6712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:49:37.0172 6712 adpahci - ok
14:49:37.0219 6712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:49:37.0219 6712 adpu320 - ok
14:49:37.0328 6712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:49:37.0328 6712 AeLookupSvc - ok
14:49:37.0702 6712 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
14:49:37.0702 6712 AESTFilters - ok
14:49:37.0921 6712 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:49:37.0936 6712 AFD - ok
14:49:37.0967 6712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:49:37.0967 6712 agp440 - ok
14:49:37.0983 6712 AirPrint - ok
14:49:38.0061 6712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:49:38.0061 6712 ALG - ok
14:49:38.0092 6712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:49:38.0092 6712 aliide - ok
14:49:38.0233 6712 [ 09FCD2C758F1AD3DF931AB9D944FE348 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:49:38.0233 6712 AMD External Events Utility - ok
14:49:38.0420 6712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:49:38.0420 6712 amdide - ok
14:49:38.0467 6712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:49:38.0467 6712 AmdK8 - ok
14:49:39.0933 6712 [ 2E76D0A912AB09CA5586AB23E466A25F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:49:39.0980 6712 amdkmdag - ok
14:49:40.0229 6712 [ DD3C0C1B62DA0736482501C4BCDCD1F8 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:49:40.0229 6712 amdkmdap - ok
14:49:40.0541 6712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:49:40.0541 6712 AmdPPM - ok
14:49:40.0604 6712 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:49:40.0604 6712 amdsata - ok
14:49:40.0885 6712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:49:40.0885 6712 amdsbs - ok
14:49:40.0994 6712 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:49:40.0994 6712 amdxata - ok
14:49:41.0243 6712 [ 349E929757AA980335E4618C9D291190 ] Apache2.2 C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
14:49:41.0243 6712 Apache2.2 - ok
14:49:41.0306 6712 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:49:41.0306 6712 AppID - ok
14:49:41.0446 6712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:49:41.0446 6712 AppIDSvc - ok
14:49:41.0493 6712 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:49:41.0493 6712 Appinfo - ok
14:49:42.0195 6712 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:49:42.0195 6712 Apple Mobile Device - ok
14:49:42.0335 6712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:49:42.0335 6712 arc - ok
14:49:42.0507 6712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:49:42.0507 6712 arcsas - ok
14:49:42.0725 6712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:49:42.0725 6712 AsyncMac - ok
14:49:42.0866 6712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:49:42.0866 6712 atapi - ok
14:49:43.0615 6712 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:49:43.0615 6712 athr - ok
14:49:43.0833 6712 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:49:43.0833 6712 AtiHdmiService - ok
14:49:44.0036 6712 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:49:44.0036 6712 AtiPcie - ok
14:49:44.0161 6712 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:49:44.0176 6712 AudioEndpointBuilder - ok
14:49:44.0176 6712 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:49:44.0192 6712 AudioSrv - ok
14:49:44.0254 6712 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:49:44.0254 6712 AxInstSV - ok
14:49:44.0441 6712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:49:44.0441 6712 b06bdrv - ok
14:49:44.0488 6712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:49:44.0488 6712 b57nd60a - ok
14:49:44.0831 6712 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
14:49:44.0831 6712 BBSvc - ok
14:49:44.0863 6712 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
14:49:44.0863 6712 BBUpdate - ok
14:49:45.0128 6712 [ 810BE94A9E42309B3F74217AC28BC6AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:49:45.0159 6712 BCM43XX - ok
14:49:45.0253 6712 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:49:45.0253 6712 BcmSqlStartupSvc - ok
14:49:45.0299 6712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:49:45.0299 6712 BDESVC - ok
14:49:45.0346 6712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:49:45.0346 6712 Beep - ok
14:49:45.0471 6712 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:49:45.0487 6712 BFE - ok
14:49:45.0643 6712 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
14:49:45.0643 6712 BITS - ok
14:49:45.0783 6712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:49:45.0783 6712 blbdrive - ok
14:49:45.0877 6712 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:49:45.0877 6712 Bonjour Service - ok
14:49:46.0001 6712 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:49:46.0001 6712 bowser - ok
14:49:46.0064 6712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:49:46.0064 6712 BrFiltLo - ok
14:49:46.0079 6712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:49:46.0079 6712 BrFiltUp - ok
14:49:46.0267 6712 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:49:46.0267 6712 BridgeMP - ok
14:49:46.0438 6712 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:49:46.0454 6712 Browser - ok
14:49:46.0485 6712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:49:46.0485 6712 Brserid - ok
14:49:46.0501 6712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:49:46.0501 6712 BrSerWdm - ok
14:49:46.0610 6712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:49:46.0610 6712 BrUsbMdm - ok
14:49:46.0813 6712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:49:46.0813 6712 BrUsbSer - ok
14:49:47.0047 6712 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:49:47.0047 6712 BthEnum - ok
14:49:47.0156 6712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:49:47.0156 6712 BTHMODEM - ok
14:49:47.0203 6712 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:49:47.0203 6712 BthPan - ok
14:49:47.0312 6712 [ E10D1912634974EA273A1588C75CCB76 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:49:47.0312 6712 BTHPORT - ok
14:49:47.0359 6712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:49:47.0359 6712 bthserv - ok
14:49:47.0452 6712 [ 19B784B6ECBB3ADBB2242700FEE90BEC ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:49:47.0452 6712 BTHUSB - ok
14:49:47.0515 6712 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
14:49:47.0515 6712 btwampfl - ok
14:49:47.0577 6712 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:49:47.0577 6712 btwaudio - ok
14:49:47.0686 6712 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
14:49:47.0686 6712 btwavdt - ok
14:49:47.0889 6712 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:49:47.0905 6712 btwdins - ok
14:49:47.0967 6712 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:49:47.0967 6712 btwl2cap - ok
14:49:48.0061 6712 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:49:48.0061 6712 btwrchid - ok
14:49:48.0061 6712 catchme - ok
14:49:48.0123 6712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:49:48.0123 6712 cdfs - ok
14:49:48.0154 6712 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:49:48.0154 6712 cdrom - ok
14:49:48.0248 6712 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:49:48.0248 6712 CertPropSvc - ok
14:49:48.0404 6712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:49:48.0404 6712 circlass - ok
14:49:48.0529 6712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:49:48.0544 6712 CLFS - ok
14:49:48.0809 6712 [ DEDE5EC7DC09D840D5D74E06FF4DE127 ] CLKMSVC10_C6F09094 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
14:49:48.0825 6712 CLKMSVC10_C6F09094 - ok
14:49:49.0121 6712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:49:49.0121 6712 clr_optimization_v2.0.50727_32 - ok
14:49:49.0277 6712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:49:49.0277 6712 clr_optimization_v2.0.50727_64 - ok
14:49:49.0699 6712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:49:49.0699 6712 clr_optimization_v4.0.30319_32 - ok
14:49:49.0808 6712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:49:49.0808 6712 clr_optimization_v4.0.30319_64 - ok
14:49:49.0839 6712 [ D68D9F4D53010B7E84D4E80A2E485554 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
14:49:49.0839 6712 clwvd - ok
14:49:49.0933 6712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:49:49.0933 6712 CmBatt - ok
14:49:50.0057 6712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:49:50.0057 6712 cmdide - ok
14:49:50.0167 6712 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:49:50.0167 6712 CNG - ok
14:49:50.0182 6712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:49:50.0182 6712 Compbatt - ok
14:49:50.0245 6712 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:49:50.0245 6712 CompositeBus - ok
14:49:50.0260 6712 COMSysApp - ok
14:49:50.0416 6712 [ 2CCC97E81FFB6263A038709D3D28DD48 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe
14:49:50.0416 6712 CrashPlanService - ok
14:49:50.0588 6712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:49:50.0588 6712 crcdisk - ok
14:49:50.0681 6712 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:49:50.0681 6712 CryptSvc - ok
14:49:50.0837 6712 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:49:50.0837 6712 DcomLaunch - ok
14:49:50.0915 6712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:49:50.0915 6712 defragsvc - ok
14:49:51.0025 6712 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:49:51.0025 6712 DfsC - ok
14:49:51.0134 6712 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:49:51.0134 6712 Dhcp - ok
14:49:51.0274 6712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:49:51.0274 6712 discache - ok
14:49:51.0430 6712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:49:51.0430 6712 Disk - ok
14:49:51.0461 6712 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:49:51.0461 6712 Dnscache - ok
14:49:51.0555 6712 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:49:51.0555 6712 dot3svc - ok
14:49:51.0805 6712 [ EAC9D9868D37C8785D12475A9BB65A11 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
14:49:51.0820 6712 DpHost - ok
14:49:51.0851 6712 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:49:51.0851 6712 DPS - ok
14:49:51.0929 6712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:49:51.0929 6712 drmkaud - ok
14:49:52.0195 6712 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:49:52.0304 6712 DXGKrnl - ok
14:49:52.0569 6712 [ 62A4B8B414A53E426B0028CA53AC6419 ] DymoPnpService C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
14:49:52.0569 6712 DymoPnpService - ok
14:49:52.0725 6712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:49:52.0725 6712 EapHost - ok
14:49:53.0162 6712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:49:53.0224 6712 ebdrv - ok
14:49:53.0365 6712 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:49:53.0365 6712 EFS - ok
14:49:53.0989 6712 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:49:54.0160 6712 ehRecvr - ok
14:49:54.0191 6712 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:49:54.0191 6712 ehSched - ok
14:49:54.0238 6712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:49:54.0238 6712 elxstor - ok
14:49:54.0332 6712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:49:54.0332 6712 ErrDev - ok
14:49:54.0472 6712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:49:54.0472 6712 EventSystem - ok
14:49:54.0503 6712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:49:54.0503 6712 exfat - ok
14:49:54.0535 6712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:49:54.0535 6712 fastfat - ok
14:49:54.0613 6712 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:49:54.0613 6712 Fax - ok
14:49:54.0659 6712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:49:54.0659 6712 fdc - ok
14:49:54.0691 6712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:49:54.0706 6712 fdPHost - ok
14:49:54.0753 6712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:49:54.0753 6712 FDResPub - ok
14:49:54.0800 6712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:49:54.0800 6712 FileInfo - ok
14:49:54.0847 6712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:49:54.0847 6712 Filetrace - ok
14:49:54.0971 6712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:49:54.0971 6712 flpydisk - ok
14:49:54.0987 6712 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:49:55.0003 6712 FltMgr - ok
14:49:55.0174 6712 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
14:49:55.0252 6712 FontCache - ok
14:49:55.0315 6712 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:49:55.0315 6712 FontCache3.0.0.0 - ok
14:49:55.0361 6712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:49:55.0361 6712 FsDepends - ok
14:49:55.0486 6712 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:49:55.0486 6712 Fs_Rec - ok
14:49:55.0549 6712 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:49:55.0549 6712 fvevol - ok
14:49:55.0549 6712 g7dc_device - ok
14:49:55.0580 6712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:49:55.0580 6712 gagp30kx - ok
14:49:55.0689 6712 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:49:55.0689 6712 GameConsoleService - ok
14:49:55.0767 6712 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:49:55.0767 6712 GEARAspiWDM - ok
14:49:56.0017 6712 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:49:56.0095 6712 gpsvc - ok
14:49:56.0516 6712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:56.0516 6712 gupdate - ok
14:49:56.0516 6712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:56.0516 6712 gupdatem - ok
14:49:56.0563 6712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:49:56.0563 6712 hcw85cir - ok
14:49:56.0750 6712 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:49:56.0797 6712 HdAudAddService - ok
14:49:56.0906 6712 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:49:56.0906 6712 HDAudBus - ok
14:49:56.0921 6712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:49:56.0921 6712 HidBatt - ok
14:49:56.0953 6712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:49:56.0953 6712 HidBth - ok
14:49:56.0984 6712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:49:56.0984 6712 HidIr - ok
14:49:57.0062 6712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:49:57.0062 6712 hidserv - ok
14:49:57.0171 6712 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:49:57.0171 6712 HidUsb - ok
14:49:57.0327 6712 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:49:57.0327 6712 hkmsvc - ok
14:49:57.0358 6712 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:49:57.0358 6712 HomeGroupListener - ok
14:49:57.0467 6712 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:49:57.0467 6712 HomeGroupProvider - ok
14:49:57.0623 6712 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
14:49:57.0623 6712 HP LaserJet Service - ok
14:49:57.0686 6712 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:49:57.0686 6712 HP Support Assistant Service - ok
14:49:57.0779 6712 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:49:57.0795 6712 HP Wireless Assistant Service - ok
14:49:57.0857 6712 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
14:49:57.0857 6712 HPClientSvc - ok
14:49:57.0982 6712 [ C958976C7DAAF47084A33EBBC6E28B84 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:49:57.0982 6712 HPDrvMntSvc.exe - ok
14:49:58.0123 6712 [ 0AC88FBE4BF315F5F8FD862426C11540 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
14:49:58.0123 6712 hpdskflt - ok
14:49:58.0372 6712 [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:49:58.0388 6712 hpqwmiex - ok
14:49:58.0466 6712 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:49:58.0466 6712 HpSAMD - ok
14:49:58.0481 6712 [ 778CE2C015DEC896C5C9323342BD71D4 ] hpsrv C:\Windows\system32\Hpservice.exe
14:49:58.0481 6712 hpsrv - ok
14:49:58.0637 6712 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:49:58.0637 6712 HPWMISVC - ok
14:49:58.0700 6712 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:49:58.0700 6712 HTTP - ok
14:49:58.0715 6712 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:49:58.0715 6712 hwpolicy - ok
14:49:58.0887 6712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:49:58.0887 6712 i8042prt - ok
14:49:59.0012 6712 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:49:59.0027 6712 iaStorV - ok
14:49:59.0246 6712 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:49:59.0246 6712 idsvc - ok
14:49:59.0885 6712 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:50:00.0010 6712 igfx - ok
14:50:00.0073 6712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:50:00.0073 6712 iirsp - ok
14:50:00.0197 6712 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:50:00.0213 6712 IKEEXT - ok
14:50:00.0291 6712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:50:00.0291 6712 intelide - ok
14:50:00.0385 6712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:50:00.0400 6712 intelppm - ok
14:50:00.0572 6712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:50:00.0587 6712 IPBusEnum - ok
14:50:00.0650 6712 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:50:00.0650 6712 IpFilterDriver - ok
14:50:00.0775 6712 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:50:00.0775 6712 iphlpsvc - ok
14:50:00.0946 6712 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:50:00.0946 6712 IPMIDRV - ok
14:50:01.0009 6712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:50:01.0009 6712 IPNAT - ok
14:50:01.0243 6712 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:50:01.0258 6712 iPod Service - ok
14:50:01.0289 6712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:50:01.0289 6712 IRENUM - ok
14:50:01.0445 6712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:50:01.0461 6712 isapnp - ok
14:50:01.0508 6712 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:50:01.0508 6712 iScsiPrt - ok
14:50:01.0539 6712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:50:01.0539 6712 kbdclass - ok
14:50:01.0555 6712 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:50:01.0555 6712 kbdhid - ok
14:50:01.0601 6712 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:50:01.0617 6712 KeyIso - ok
14:50:01.0757 6712 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:50:01.0757 6712 KSecDD - ok
14:50:01.0820 6712 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:50:01.0820 6712 KSecPkg - ok
14:50:01.0867 6712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:50:01.0867 6712 ksthunk - ok
14:50:01.0945 6712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:50:01.0960 6712 KtmRm - ok
14:50:02.0038 6712 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:50:02.0038 6712 LanmanServer - ok
14:50:02.0303 6712 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:50:02.0303 6712 LanmanWorkstation - ok
14:50:02.0584 6712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:50:02.0584 6712 lltdio - ok
14:50:02.0678 6712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:50:02.0678 6712 lltdsvc - ok
14:50:02.0709 6712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:50:02.0709 6712 lmhosts - ok
14:50:02.0818 6712 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
14:50:02.0834 6712 LMIGuardianSvc - ok
14:50:02.0927 6712 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
14:50:02.0927 6712 LMIInfo - ok
14:50:03.0037 6712 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
14:50:03.0037 6712 LMIMaint - ok
14:50:03.0083 6712 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
14:50:03.0083 6712 lmimirr - ok
14:50:03.0099 6712 LMIRfsClientNP - ok
14:50:03.0161 6712 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
14:50:03.0177 6712 LMIRfsDriver - ok
14:50:03.0349 6712 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
14:50:03.0349 6712 LogMeIn - ok
14:50:03.0411 6712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:50:03.0427 6712 LSI_FC - ok
14:50:03.0473 6712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:50:03.0473 6712 LSI_SAS - ok
14:50:03.0505 6712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:50:03.0505 6712 LSI_SAS2 - ok
14:50:03.0567 6712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:50:03.0567 6712 LSI_SCSI - ok
14:50:03.0692 6712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:50:03.0707 6712 luafv - ok
14:50:04.0051 6712 [ 1F02B554DDC4086D786537A3BF6488F1 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
14:50:04.0051 6712 lxecCATSCustConnectService - ok
14:50:04.0051 6712 lxec_device - ok
14:50:04.0082 6712 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:50:04.0097 6712 Mcx2Svc - ok
14:50:04.0628 6712 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:50:04.0628 6712 MDM - ok
14:50:04.0706 6712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:50:04.0768 6712 megasas - ok
14:50:04.0799 6712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:50:04.0815 6712 MegaSR - ok
14:50:04.0893 6712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:50:04.0893 6712 MMCSS - ok
14:50:04.0971 6712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:50:04.0971 6712 Modem - ok
14:50:05.0018 6712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:50:05.0018 6712 monitor - ok
14:50:05.0049 6712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:50:05.0049 6712 mouclass - ok
14:50:05.0127 6712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:50:05.0127 6712 mouhid - ok
14:50:05.0174 6712 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:50:05.0174 6712 mountmgr - ok
14:50:05.0267 6712 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:50:05.0267 6712 MozillaMaintenance - ok
14:50:05.0377 6712 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:50:05.0377 6712 mpio - ok
14:50:05.0423 6712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:50:05.0423 6712 mpsdrv - ok
14:50:05.0564 6712 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:50:05.0564 6712 MpsSvc - ok
14:50:05.0595 6712 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:50:05.0595 6712 MRxDAV - ok
14:50:05.0657 6712 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:50:05.0657 6712 mrxsmb - ok
14:50:05.0735 6712 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:50:05.0751 6712 mrxsmb10 - ok
14:50:05.0845 6712 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:50:05.0845 6712 mrxsmb20 - ok
14:50:05.0860 6712 [ D1318D7B87B71003A5C6C7C31EC80288 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:50:05.0860 6712 msahci - ok
14:50:05.0907 6712 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:50:05.0907 6712 msdsm - ok
14:50:05.0923 6712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:50:05.0923 6712 MSDTC - ok
14:50:05.0985 6712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:50:05.0985 6712 Msfs - ok
14:50:06.0032 6712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:50:06.0032 6712 mshidkmdf - ok
14:50:06.0094 6712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:50:06.0094 6712 msisadrv - ok
14:50:06.0157 6712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:50:06.0157 6712 MSiSCSI - ok
14:50:06.0157 6712 msiserver - ok
14:50:06.0250 6712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:50:06.0250 6712 MSKSSRV - ok
14:50:06.0266 6712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:50:06.0266 6712 MSPCLOCK - ok
14:50:06.0266 6712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:50:06.0266 6712 MSPQM - ok
14:50:06.0344 6712 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:50:06.0344 6712 MsRPC - ok
14:50:06.0406 6712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:50:06.0406 6712 mssmbios - ok
14:50:06.0547 6712 MSSQL$MSSMLBIZ - ok
14:50:06.0609 6712 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:50:06.0609 6712 MSSQLServerADHelper - ok
14:50:06.0656 6712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:50:06.0656 6712 MSTEE - ok
14:50:06.0687 6712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:50:06.0687 6712 MTConfig - ok
14:50:06.0765 6712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:50:06.0765 6712 Mup - ok
14:50:06.0905 6712 MySQL - ok
14:50:07.0124 6712 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:50:07.0233 6712 napagent - ok
14:50:07.0327 6712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:50:07.0327 6712 NativeWifiP - ok
14:50:07.0467 6712 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:50:07.0483 6712 NDIS - ok
14:50:07.0529 6712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:50:07.0545 6712 NdisCap - ok
14:50:07.0592 6712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:50:07.0592 6712 NdisTapi - ok
14:50:07.0639 6712 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:50:07.0639 6712 Ndisuio - ok
14:50:07.0670 6712 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:50:07.0670 6712 NdisWan - ok
14:50:07.0685 6712 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:50:07.0685 6712 NDProxy - ok
14:50:07.0748 6712 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:50:07.0748 6712 Net Driver HPZ12 - ok
14:50:07.0795 6712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:50:07.0795 6712 NetBIOS - ok
14:50:07.0888 6712 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:50:07.0888 6712 NetBT - ok
14:50:07.0935 6712 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:50:07.0951 6712 Netlogon - ok
14:50:08.0060 6712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:50:08.0060 6712 Netman - ok
14:50:08.0122 6712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:50:08.0138 6712 netprofm - ok
14:50:08.0185 6712 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:50:08.0185 6712 NetTcpPortSharing - ok
14:50:08.0684 6712 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:50:08.0809 6712 netw5v64 - ok
14:50:09.0011 6712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:50:09.0011 6712 nfrd960 - ok
14:50:09.0074 6712 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:50:09.0074 6712 NlaSvc - ok
14:50:09.0776 6712 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:50:09.0791 6712 NOBU - ok
14:50:09.0994 6712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:50:09.0994 6712 Npfs - ok
14:50:10.0088 6712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:50:10.0088 6712 nsi - ok
14:50:10.0119 6712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:50:10.0119 6712 nsiproxy - ok
14:50:10.0306 6712 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:50:10.0322 6712 Ntfs - ok
14:50:10.0353 6712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:50:10.0353 6712 Null - ok
14:50:10.0400 6712 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:50:10.0415 6712 nvraid - ok
14:50:10.0462 6712 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:50:10.0462 6712 nvstor - ok
14:50:10.0493 6712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:50:10.0493 6712 nv_agp - ok
14:50:10.0837 6712 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:50:10.0837 6712 odserv - ok
14:50:10.0868 6712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:50:10.0868 6712 ohci1394 - ok
14:50:10.0961 6712 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:50:10.0977 6712 ose - ok
14:50:11.0679 6712 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:50:11.0726 6712 osppsvc - ok
14:50:11.0835 6712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:50:11.0835 6712 p2pimsvc - ok
14:50:11.0960 6712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:50:11.0960 6712 p2psvc - ok
14:50:12.0116 6712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:50:12.0116 6712 Parport - ok
14:50:12.0178 6712 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:50:12.0178 6712 partmgr - ok
14:50:12.0194 6712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:50:12.0209 6712 PcaSvc - ok
14:50:12.0365 6712 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:50:12.0428 6712 pci - ok
14:50:12.0475 6712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:50:12.0475 6712 pciide - ok
14:50:12.0521 6712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:50:12.0521 6712 pcmcia - ok
14:50:12.0677 6712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:50:12.0677 6712 pcw - ok
14:50:12.0724 6712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:50:12.0724 6712 PEAUTH - ok
14:50:12.0943 6712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:50:13.0021 6712 PerfHost - ok
14:50:13.0161 6712 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:50:13.0208 6712 pla - ok
14:50:13.0364 6712 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:50:13.0379 6712 PlugPlay - ok
14:50:13.0411 6712 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:50:13.0411 6712 Pml Driver HPZ12 - ok
14:50:13.0426 6712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:50:13.0442 6712 PNRPAutoReg - ok
14:50:13.0520 6712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:50:13.0535 6712 PNRPsvc - ok
14:50:13.0551 6712 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
14:50:13.0551 6712 Point64 - ok
14:50:13.0691 6712 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:50:13.0691 6712 PolicyAgent - ok
14:50:13.0738 6712 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:50:13.0738 6712 Power - ok
14:50:13.0769 6712 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:50:13.0769 6712 PptpMiniport - ok
14:50:13.0879 6712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:50:13.0879 6712 Processor - ok
14:50:13.0972 6712 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
14:50:13.0988 6712 ProfSvc - ok
14:50:14.0003 6712 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:50:14.0019 6712 ProtectedStorage - ok
14:50:14.0050 6712 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:50:14.0050 6712 Psched - ok
14:50:14.0113 6712 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:50:14.0113 6712 PSI_SVC_2 - ok
14:50:14.0284 6712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:50:14.0300 6712 ql2300 - ok
14:50:14.0378 6712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:50:14.0378 6712 ql40xx - ok
14:50:14.0440 6712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:50:14.0440 6712 QWAVE - ok
14:50:14.0487 6712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:50:14.0487 6712 QWAVEdrv - ok
14:50:14.0549 6712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:50:14.0549 6712 RasAcd - ok
14:50:14.0581 6712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:50:14.0581 6712 RasAgileVpn - ok
14:50:14.0643 6712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:50:14.0643 6712 RasAuto - ok
14:50:14.0690 6712 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:50:14.0705 6712 Rasl2tp - ok
14:50:14.0752 6712 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:50:14.0752 6712 RasMan - ok
14:50:14.0799 6712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:50:14.0799 6712 RasPppoe - ok
14:50:14.0830 6712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:50:14.0830 6712 RasSstp - ok
14:50:14.0924 6712 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:50:14.0939 6712 rdbss - ok
14:50:15.0095 6712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:50:15.0142 6712 rdpbus - ok
14:50:15.0173 6712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:50:15.0173 6712 RDPCDD - ok
14:50:15.0392 6712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:50:15.0392 6712 RDPENCDD - ok
14:50:15.0454 6712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:50:15.0454 6712 RDPREFMP - ok
14:50:15.0579 6712 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:50:15.0579 6712 RDPWD - ok
14:50:15.0657 6712 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:50:15.0657 6712 rdyboost - ok
14:50:15.0704 6712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:50:15.0704 6712 RemoteAccess - ok
14:50:15.0797 6712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:50:15.0797 6712 RemoteRegistry - ok
14:50:15.0844 6712 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:50:15.0844 6712 RFCOMM - ok
14:50:15.0922 6712 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
14:50:15.0922 6712 RoxioNow Service - ok
14:50:16.0000 6712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:50:16.0000 6712 RpcEptMapper - ok
14:50:16.0109 6712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:50:16.0109 6712 RpcLocator - ok
14:50:16.0172 6712 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:50:16.0172 6712 RpcSs - ok
14:50:16.0203 6712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:50:16.0203 6712 rspndr - ok
14:50:16.0250 6712 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:50:16.0250 6712 RSUSBSTOR - ok
14:50:16.0297 6712 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:50:16.0312 6712 RTL8167 - ok
14:50:16.0328 6712 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:50:16.0328 6712 SamSs - ok
14:50:16.0390 6712 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:50:16.0390 6712 sbp2port - ok
14:50:16.0515 6712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:50:16.0515 6712 SCardSvr - ok
14:50:16.0609 6712 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:50:16.0609 6712 scfilter - ok
14:50:16.0811 6712 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:50:16.0811 6712 Schedule - ok
14:50:16.0952 6712 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:50:16.0952 6712 SCPolicySvc - ok
14:50:17.0092 6712 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:50:17.0092 6712 sdbus - ok
14:50:17.0139 6712 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:50:17.0139 6712 SDRSVC - ok
14:50:17.0217 6712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:50:17.0217 6712 secdrv - ok
14:50:17.0248 6712 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:50:17.0248 6712 seclogon - ok
14:50:17.0264 6712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:50:17.0264 6712 SENS - ok
14:50:17.0279 6712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:50:17.0279 6712 SensrSvc - ok
14:50:17.0295 6712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:50:17.0295 6712 Serenum - ok
14:50:17.0404 6712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:50:17.0404 6712 Serial - ok
14:50:17.0482 6712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:50:17.0482 6712 sermouse - ok
14:50:18.0247 6712 [ 83EFA8F38974E4776595A4ADD3D2CC49 ] Service1 C:\Data RM Main\My Documents\PrintScape\Development\InvoicePrint2\mmnmsvc.exe
14:50:18.0247 6712 Service1 - ok
14:50:18.0325 6712 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:50:18.0325 6712 SessionEnv - ok
14:50:18.0356 6712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:50:18.0356 6712 sffdisk - ok
14:50:18.0387 6712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:50:18.0387 6712 sffp_mmc - ok
14:50:18.0418 6712 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:50:18.0418 6712 sffp_sd - ok
14:50:18.0527 6712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:50:18.0527 6712 sfloppy - ok
14:50:18.0637 6712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:50:18.0637 6712 SharedAccess - ok
14:50:18.0683 6712 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:50:18.0683 6712 ShellHWDetection - ok
14:50:18.0715 6712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:50:18.0715 6712 SiSRaid2 - ok
14:50:18.0761 6712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:50:18.0761 6712 SiSRaid4 - ok
14:50:18.0777 6712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:50:18.0777 6712 Smb - ok
14:50:18.0933 6712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:50:18.0933 6712 SNMPTRAP - ok
14:50:18.0964 6712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:50:18.0964 6712 spldr - ok
14:50:19.0073 6712 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
14:50:19.0073 6712 Spooler - ok
14:50:19.0432 6712 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:50:19.0541 6712 sppsvc - ok
14:50:19.0588 6712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:50:19.0588 6712 sppuinotify - ok
14:50:19.0807 6712 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:50:19.0822 6712 SQLBrowser - ok
14:50:20.0056 6712 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:50:20.0056 6712 SQLWriter - ok
14:50:20.0150 6712 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:50:20.0165 6712 srv - ok
14:50:20.0353 6712 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:50:20.0353 6712 srv2 - ok
14:50:20.0415 6712 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:50:20.0415 6712 SrvHsfHDA - ok
14:50:20.0789 6712 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:50:20.0836 6712 SrvHsfV92 - ok
14:50:20.0914 6712 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:50:20.0930 6712 SrvHsfWinac - ok
14:50:21.0008 6712 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:50:21.0008 6712 srvnet - ok
14:50:21.0242 6712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:50:21.0242 6712 SSDPSRV - ok
14:50:21.0273 6712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:50:21.0273 6712 SstpSvc - ok
14:50:21.0429 6712 [ B00068BA94F5F306911B14B425AAEB56 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
14:50:21.0429 6712 STacSV - ok
14:50:21.0491 6712 Steam Client Service - ok
14:50:21.0569 6712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:50:21.0569 6712 stexstor - ok
14:50:21.0741 6712 [ DA40D9C9CCB9836D6ABD1706935A2277 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:50:21.0741 6712 STHDA - ok
14:50:21.0803 6712 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:50:21.0803 6712 StillCam - ok
14:50:22.0053 6712 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:50:22.0053 6712 stisvc - ok
14:50:22.0100 6712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:50:22.0100 6712 swenum - ok
14:50:22.0193 6712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:50:22.0209 6712 swprv - ok
14:50:22.0365 6712 [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:50:22.0396 6712 SynTP - ok
14:50:22.0459 6712 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:50:22.0474 6712 SysMain - ok
14:50:22.0552 6712 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:50:22.0568 6712 TabletInputService - ok
14:50:22.0630 6712 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:50:22.0630 6712 TapiSrv - ok
14:50:22.0677 6712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:50:22.0677 6712 TBS - ok
14:50:22.0895 6712 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:50:22.0895 6712 Tcpip - ok
14:50:23.0083 6712 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:50:23.0098 6712 TCPIP6 - ok
14:50:23.0223 6712 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:50:23.0223 6712 tcpipreg - ok
14:50:23.0270 6712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:50:23.0270 6712 TDPIPE - ok
14:50:23.0317 6712 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:50:23.0317 6712 TDTCP - ok
14:50:23.0363 6712 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:50:23.0363 6712 tdx - ok
14:50:23.0395 6712 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:50:23.0395 6712 TermDD - ok
14:50:23.0504 6712 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:50:23.0504 6712 TermService - ok
14:50:23.0597 6712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:50:23.0613 6712 Themes - ok
14:50:23.0629 6712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:50:23.0629 6712 THREADORDER - ok
14:50:23.0722 6712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:50:23.0722 6712 TrkWks - ok
14:50:23.0831 6712 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:50:23.0831 6712 TrustedInstaller - ok
14:50:23.0847 6712 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:50:23.0863 6712 tssecsrv - ok
14:50:23.0925 6712 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:50:23.0925 6712 tunnel - ok
14:50:24.0003 6712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:50:24.0003 6712 uagp35 - ok
14:50:24.0065 6712 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:50:24.0081 6712 udfs - ok
14:50:24.0143 6712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:50:24.0159 6712 UI0Detect - ok
14:50:24.0206 6712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:50:24.0206 6712 uliagpkx - ok
14:50:24.0253 6712 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:50:24.0253 6712 umbus - ok
14:50:24.0377 6712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:50:24.0393 6712 UmPass - ok
14:50:24.0424 6712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:50:24.0440 6712 upnphost - ok
14:50:24.0487 6712 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:50:24.0487 6712 USBAAPL64 - ok
14:50:24.0549 6712 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:50:24.0549 6712 usbccgp - ok
14:50:24.0627 6712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:50:24.0627 6712 usbcir - ok
14:50:24.0705 6712 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:50:24.0705 6712 usbehci - ok
14:50:24.0783 6712 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:50:24.0799 6712 usbfilter - ok
14:50:24.0845 6712 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:50:24.0861 6712 usbhub - ok
14:50:24.0892 6712 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:50:24.0892 6712 usbohci - ok
14:50:25.0033 6712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:50:25.0033 6712 usbprint - ok
14:50:25.0095 6712 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:50:25.0095 6712 usbscan - ok
14:50:25.0189 6712 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:50:25.0189 6712 USBSTOR - ok
14:50:25.0220 6712 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:50:25.0235 6712 usbuhci - ok
14:50:25.0313 6712 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:50:25.0313 6712 usbvideo - ok
14:50:25.0391 6712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:50:25.0391 6712 UxSms - ok
14:50:25.0438 6712 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:50:25.0438 6712 VaultSvc - ok
14:50:25.0735 6712 [ 2662F24C7AEE2A32CEBDEC907A5366F1 ] vcsFPService C:\Windows\system32\vcsFPService.exe
14:50:25.0828 6712 vcsFPService - ok
14:50:25.0969 6712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:50:25.0984 6712 vdrvroot - ok
14:50:26.0015 6712 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:50:26.0031 6712 vds - ok
14:50:26.0140 6712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:50:26.0140 6712 vga - ok
14:50:26.0187 6712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:50:26.0187 6712 VgaSave - ok
14:50:26.0312 6712 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:50:26.0312 6712 vhdmp - ok
14:50:26.0374 6712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:50:26.0374 6712 viaide - ok
14:50:26.0405 6712 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:50:26.0405 6712 volmgr - ok
14:50:26.0452 6712 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:50:26.0468 6712 volmgrx - ok
14:50:26.0499 6712 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:50:26.0515 6712 volsnap - ok
14:50:26.0561 6712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:50:26.0577 6712 vsmraid - ok
14:50:26.0702 6712 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:50:26.0717 6712 VSS - ok
14:50:26.0764 6712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:50:26.0780 6712 vwifibus - ok
14:50:26.0920 6712 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:50:26.0920 6712 vwififlt - ok
14:50:27.0123 6712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:50:27.0123 6712 W32Time - ok
14:50:27.0201 6712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:50:27.0201 6712 WacomPen - ok
14:50:27.0263 6712 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:50:27.0263 6712 WANARP - ok
14:50:27.0263 6712 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:50:27.0263 6712 Wanarpv6 - ok
14:50:27.0419 6712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:50:27.0435 6712 WatAdminSvc - ok
14:50:27.0747 6712 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:50:27.0825 6712 wbengine - ok
14:50:27.0903 6712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:50:27.0903 6712 WbioSrvc - ok
14:50:27.0997 6712 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:50:27.0997 6712 wcncsvc - ok
14:50:28.0059 6712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:50:28.0059 6712 WcsPlugInService - ok
14:50:28.0231 6712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:50:28.0231 6712 Wd - ok
14:50:28.0355 6712 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:50:28.0355 6712 Wdf01000 - ok
14:50:28.0402 6712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:50:28.0418 6712 WdiServiceHost - ok
14:50:28.0418 6712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:50:28.0418 6712 WdiSystemHost - ok
14:50:28.0543 6712 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
14:50:28.0543 6712 WebClient - ok
14:50:28.0574 6712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:50:28.0574 6712 Wecsvc - ok
14:50:28.0605 6712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:50:28.0605 6712 wercplsupport - ok
14:50:28.0621 6712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:50:28.0621 6712 WerSvc - ok
14:50:28.0667 6712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:50:28.0667 6712 WfpLwf - ok
14:50:28.0714 6712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:50:28.0714 6712 WIMMount - ok
14:50:28.0839 6712 WinDefend - ok
14:50:28.0839 6712 WinHttpAutoProxySvc - ok
14:50:28.0995 6712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:50:28.0995 6712 Winmgmt - ok
14:50:29.0385 6712 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:50:29.0447 6712 WinRM - ok
14:50:29.0494 6712 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
14:50:29.0494 6712 WinUSB - ok
14:50:29.0666 6712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:50:29.0681 6712 Wlansvc - ok
14:50:30.0056 6712 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:50:30.0071 6712 wlidsvc - ok
14:50:30.0181 6712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:50:30.0181 6712 WmiAcpi - ok
14:50:30.0274 6712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:50:30.0290 6712 wmiApSrv - ok
14:50:30.0383 6712 WMPNetworkSvc - ok
14:50:30.0446 6712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:50:30.0446 6712 WPCSvc - ok
14:50:30.0477 6712 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:50:30.0477 6712 WPDBusEnum - ok
14:50:30.0524 6712 [ B40CEF9AC9A29A9CBF767571172DB993 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
14:50:30.0539 6712 WRkrn - ok
14:50:30.0602 6712 [ FA473DF8D8E9DAAFEACE8965B5A64EDC ] WRSVC C:\Program Files\Webroot\WRSA.exe
14:50:30.0617 6712 WRSVC - ok
14:50:30.0649 6712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:50:30.0649 6712 ws2ifsl - ok
14:50:30.0727 6712 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
14:50:30.0727 6712 wscsvc - ok
14:50:30.0742 6712 WSearch - ok
14:50:31.0117 6712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:50:31.0179 6712 wuauserv - ok
14:50:31.0210 6712 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:50:31.0210 6712 WudfPf - ok
14:50:31.0241 6712 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:50:31.0257 6712 WUDFRd - ok
14:50:31.0382 6712 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:50:31.0382 6712 wudfsvc - ok
14:50:31.0429 6712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:50:31.0444 6712 WwanSvc - ok
14:50:31.0491 6712 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:50:31.0491 6712 yukonw7 - ok
14:50:31.0507 6712 ================ Scan global ===============================
14:50:31.0585 6712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:50:31.0678 6712 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
14:50:31.0678 6712 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
14:50:31.0756 6712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:50:32.0021 6712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:50:32.0021 6712 [Global] - ok
14:50:32.0021 6712 ================ Scan MBR ==================================
14:50:32.0053 6712 [ DB6BAF4E404E5B51B4BD0444162B0C28 ] \Device\Harddisk0\DR0
14:50:32.0521 6712 \Device\Harddisk0\DR0 - ok
14:50:32.0536 6712 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:50:32.0536 6712 \Device\Harddisk1\DR1 - ok
14:50:32.0536 6712 ================ Scan VBR ==================================
14:50:32.0583 6712 [ 3E8CFE6234C090E72A59B67F8D0D21BC ] \Device\Harddisk0\DR0\Partition1
14:50:32.0583 6712 \Device\Harddisk0\DR0\Partition1 - ok
14:50:32.0645 6712 [ 31B7528E894DD44A2D13F1FBB17EDBF6 ] \Device\Harddisk0\DR0\Partition2
14:50:32.0645 6712 \Device\Harddisk0\DR0\Partition2 - ok
14:50:32.0692 6712 [ 21D9112F855CCF3F51E2B9CACE5AC510 ] \Device\Harddisk0\DR0\Partition3
14:50:32.0692 6712 \Device\Harddisk0\DR0\Partition3 - ok
14:50:32.0848 6712 [ 98A6DA330788FCC84ECD95B5ABDE79B1 ] \Device\Harddisk0\DR0\Partition4
14:50:32.0848 6712 \Device\Harddisk0\DR0\Partition4 - ok
14:50:32.0864 6712 [ 181EFC0222B36B24131684E8F807451D ] \Device\Harddisk1\DR1\Partition1
14:50:32.0864 6712 \Device\Harddisk1\DR1\Partition1 - ok
14:50:32.0864 6712 ============================================================
14:50:32.0864 6712 Scan finished
14:50:32.0864 6712 ============================================================
14:50:32.0879 5644 Detected object count: 0
14:50:32.0879 5644 Actual detected object count: 0

#13 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 30 October 2012 - 02:30 PM

I tried to run the aswMBR, and about 20 minutes in got a blue screen. I couldn't catch all of the details, but it was an IRQL_NOT_LESS_OR_EQUAL error. After reboot, this is what windows reported back. Let me know if you need anything from them. I have to run right now, but I will attempt to run aswMBR again tonight.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: a
BCP1: 0000000000000000
BCP2: 0000000000000002
BCP3: 0000000000000000
BCP4: FFFFF800032D6756
OS Version: 6_1_7600
Service Pack: 0_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\103012-31153-01.dmp
C:\Users\Rob\AppData\Local\Temp\WER-73663-0.sysdata.xml

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:01 AM

Posted 30 October 2012 - 02:56 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 romosumo

romosumo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 30 October 2012 - 07:53 PM

Hi Gringo,

I ran ComboFix with the CFScript.txt file. It seemed to be running fine - I noticed that it removed another jna****.dll file from my windows\temp directory. While it was running, I noticed that the CFScript.txt file disappeared. I was away for a bit, and came back to an error message stating that the log.txt file couldn't be found.

I re-ran Combofix with the CFScript.txt file, and was successful the second time, although I didn't see it remove the jna*****.dll file this time... Here are the results of the second scan:

ComboFix 12-10-30.03 - Rob 10/30/2012 20:28:36.4.3 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3835.1457 [GMT -4:00]
Running from: c:\users\Rob\Desktop\ComboFix.exe
Command switches used :: c:\users\Rob\Desktop\CFScript.txt
AV: Webroot SecureAnywhere *Disabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Webroot SecureAnywhere *Disabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-31 )))))))))))))))))))))))))))))))
.
.
2012-10-31 00:38 . 2012-10-31 00:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-30 12:40 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7934C85F-3117-44FB-8873-D2E4AAACC6B7}\mpengine.dll
2012-10-16 18:00 . 2012-10-16 18:00 -------- d-----w- c:\users\Rob\AppData\Local\Sanford,_L.P
2012-10-16 17:58 . 2012-10-16 18:00 -------- d-----w- c:\users\Rob\AppData\Local\DYMO
2012-10-16 17:53 . 2012-10-16 17:53 -------- d-----w- c:\program files (x86)\DYMO
2012-10-16 17:52 . 2012-10-16 17:52 -------- d-----w- c:\programdata\DYMO
2012-10-16 17:36 . 2012-10-16 17:36 -------- d-----w- c:\program files\DYMO LabelWriter Drivers
2012-10-10 16:09 . 2012-10-10 16:09 -------- d-----w- c:\program files\SyncToy 2.1
2012-10-10 16:06 . 2012-10-10 16:06 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-10-10 04:33 . 2012-08-31 18:02 1656688 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 04:33 . 2012-08-30 18:11 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 04:33 . 2012-08-30 17:18 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 04:33 . 2012-08-30 17:18 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 04:33 . 2012-08-18 15:37 425984 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-10 04:33 . 2012-08-18 15:37 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-10-10 04:31 . 2012-09-14 19:23 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 04:31 . 2012-09-14 18:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 04:30 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 04:30 . 2012-08-24 17:10 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 04:30 . 2012-08-11 00:53 714752 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 04:30 . 2012-08-10 23:54 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 04:30 . 2012-06-02 05:25 1462784 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 04:30 . 2012-06-02 05:25 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 04:30 . 2012-06-02 04:45 1157632 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 04:30 . 2012-06-02 05:25 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 04:30 . 2012-06-02 04:45 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 04:30 . 2012-06-02 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 14:59 . 2012-10-04 14:59 -------- d-----w- c:\users\Rob\AppData\Local\PDF Writer
2012-10-04 14:53 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-10-04 14:43 . 2012-10-04 14:43 -------- d-----w- c:\program files\Common Files\Bullzip
2012-10-04 14:43 . 2012-10-04 14:43 -------- d-----w- c:\users\Rob\AppData\Roaming\PDF Writer
2012-10-04 14:43 . 2008-10-30 20:04 227840 ----a-w- c:\windows\SysWow64\bzFlRdr.dll
2012-10-04 14:43 . 2008-07-09 20:04 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll
2012-10-04 14:43 . 2012-10-04 14:43 -------- d-----w- c:\programdata\PDF Writer
2012-10-04 14:43 . 2010-09-27 20:04 135168 ----a-w- c:\windows\SysWow64\bzpdfc.dll
2012-10-04 14:42 . 2012-03-27 20:04 216064 ----a-w- c:\windows\system32\bzpdf.dll
2012-10-04 14:42 . 2012-10-04 14:42 -------- d-----w- c:\program files\Bullzip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 14:20 . 2012-08-10 19:24 103344 ----a-w- c:\windows\system32\WRusr.dll
2012-10-12 14:20 . 2012-08-10 19:24 150712 ----a-w- c:\windows\SysWow64\WRusr.dll
2012-10-12 14:20 . 2012-08-10 19:24 110608 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2012-10-02 12:42 . 2012-03-28 23:28 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-02 12:42 . 2011-05-17 18:50 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-29 00:24 . 2012-08-20 12:36 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-29 00:24 . 2010-10-23 18:00 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-24 11:15 . 2012-09-21 20:14 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-21 20:14 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-21 20:14 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-21 20:14 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-21 20:14 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-21 20:14 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-21 20:14 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-21 20:14 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-21 20:14 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-21 20:14 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-21 20:14 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-21 20:14 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-21 20:14 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-21 20:14 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-21 20:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-21 20:14 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-21 20:14 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-21 20:14 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-21 20:14 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-21 20:14 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-21 20:14 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-21 20:14 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-21 17:01 . 2012-09-20 12:45 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 17:01 . 2011-05-18 23:07 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 17:01 . 2011-05-18 23:07 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-18 11:19 . 2012-10-10 04:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:55 . 2012-09-12 10:12 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 17:05 . 2012-09-12 10:12 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RockMelt Update"="c:\users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2011-05-17 136336]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-03 1353080]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-10-25 16052192]
"DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2012-06-20 1865840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"ToolboxFX"="c:\program files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" [2010-10-25 58936]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-10-12 726472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"BCSSync"="c:\program files (x86)\Microsoft Office 2010\Office14\BCSSync.exe" [2010-03-13 91520]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
c:\users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-10-25 1017184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-3-26 217088]
Monitor Apache Servers.lnk - c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2011-5-11 41051]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/03/12 01:07;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-09-21 245232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 116648]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-10-12 726472]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 116648]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-13 114144]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-09-15 239136]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-15 344680]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-18 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-10-12 110608]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2010-09-14 89600]
S2 AirPrint;AirPrint;c:\program files (x86)\AirPrint\airprint.exe [2011-06-06 234784]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-08 203264]
S2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-05-11 20549]
S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2012-03-26 222720]
S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-06-20 32368]
S2 g7dc_device;g7dc_device;c:\windows\system32\g7dccoms.exe [2007-06-19 562176]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-06-15 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-12 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2012-04-02 15928]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-23 2192176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-08 7767552]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-08 279040]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-09-04 31088]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-10-08 38528]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_C6F09094
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 14:26]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-27 14:26]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000Core.job
- c:\users\Rob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-17 18:47]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000UA.job
- c:\users\Rob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-17 18:47]
.
2012-10-13 c:\windows\Tasks\HPCeeScheduleForROB-DV7$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-10-17 c:\windows\Tasks\HPCeeScheduleForRob.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-10-30 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000Core.job
- c:\users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-05-17 18:48]
.
2012-10-30 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-985251314-3411903506-1817651601-1000UA.job
- c:\users\Rob\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-05-17 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-14 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-01 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-23 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2011-01-23 148280]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-04-02 57928]
"HP LaserJet Professional CM1410 Series Fax"="c:\program files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe" [2010-08-24 3706424]
"g7dcmon.exe"="c:\program files (x86)\VersaJette M300-V08\g7dcmon.exe" [BU]
"g7dcamon"="c:\program files (x86)\VersaJette M300-V08\g7dcamon.exe" [2007-05-01 20480]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences Pro\FencesMenu64.dll" [2010-09-16 464744]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: LastPass - file://c:\users\Rob\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\users\Rob\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}: NameServer = 8.8.8.8,4.2.2.1
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\05279667164756: NameServer = 4.2.2.1,8.8.8.8
TCP: Interfaces\{A1FB2588-9B41-4268-84A1-8ED23AB6DF3B}\8497164747: NameServer = 4.2.2.1,8.8.8.8
FF - ProfilePath - c:\users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\qxo8123q.default\
FF - ExtSQL: 2012-09-04 08:04; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-30 20:41:51
ComboFix-quarantined-files.txt 2012-10-31 00:41
ComboFix2.txt 2012-10-30 21:35
ComboFix3.txt 2012-10-27 19:47
ComboFix4.txt 2012-10-20 20:38
.
Pre-Run: 212,986,552,320 bytes free
Post-Run: 212,901,453,824 bytes free
.
- - End Of File - - 0607E17E303C9C9593E3D86295E07E61




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users