Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Extremely slow internet with a lot of ads showing up

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Sun May 13, 2012 8:32 am    Post subject: Extremely slow internet with a lot of ads showing up Reply with quote

Hello,

I recently have been having a problem with my internet. It has been running really slow and there are a lot of ads that are taking over all the web pages that I open. For instance, my home page is yahoo and there is a banner ad on the top and another large ad on the side of the page that both say "ads not by this site". There is also this thing where some of the words are highlighted on the websites and when I move the mouse over the highlighted word it prompts me to go to some other website. I think that one is called "Text Enhance". These things happen on all the websites that I go to and it is incredibly annoying to see advertisements all over my webpages and to have such a slow computer all of a sudden. Any help that you can give me would be greatly appreciated.

Thanks a lot,
Eric

Here are my DDS logs:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Owner at 9:15:12 on 2012-05-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1022.181 [GMT -7:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe
C:\Windows\System32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Windows\system32\taskhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-V4.8-delta.exe
c:\8bc62980881886f77b78c0c7\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\19.7.0.9\ips\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Codecv Class: {a2d77e5d-5792-4bc2-8642-57cc72384ad1} - c:\programdata\codecv\bhoclass.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_2_202_233_Plugin.exe -update plugin
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{53a01cc6-14b0-4512-a2e7-10d39bf83dc4}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{94615972-A6E6-4196-9CD6-B5055A3C9FE8} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{A0C3577D-C024-439E-8435-15F1A539ED31} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\cfcyc0de.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\owner\appdata\roaming\move networks\plugins\npqmp071502000008.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1307000.009\symds.sys [2012-4-23 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1307000.009\symefa.sys [2012-4-23 905336]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.6.2.10\definitions\bashdefs\20120507.001\BHDrvx86.sys [2012-5-12 821880]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\nav\1307000.009\ccsetx86.sys [2012-4-23 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.6.2.10\definitions\ipsdefs\20120511.001\IDSvix86.sys [2012-5-12 368248]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1307000.009\ironx86.sys [2012-4-23 149624]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nav\1307000.009\symnets.sys [2012-4-23 318584]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-2-7 106104]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-2-15 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-13 257696]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-25 52224]
.
=============== Created Last 30 ================
.
2012-05-13 16:04:09 -------- d-----w- C:\8bc62980881886f77b78c0c7
2012-04-28 23:33:13 -------- d-----w- c:\program files\StreamTorrent 1.0
2012-04-25 00:26:50 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-25 00:26:43 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-04-25 00:26:43 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-04-24 03:56:18 -------- d-----w- c:\users\owner\appdata\roaming\StreamTorrent
2012-04-23 21:42:39 905336 ----a-w- c:\windows\system32\drivers\nav\1307000.009\symefa.sys
2012-04-23 21:42:39 574072 ----a-w- c:\windows\system32\drivers\nav\1307000.009\srtsp.sys
2012-04-23 21:42:39 340088 ----a-r- c:\windows\system32\drivers\nav\1307000.009\symds.sys
2012-04-23 21:42:39 32888 ----a-w- c:\windows\system32\drivers\nav\1307000.009\srtspx.sys
2012-04-23 21:42:39 318584 ----a-w- c:\windows\system32\drivers\nav\1307000.009\symnets.sys
2012-04-23 21:42:38 149624 ----a-w- c:\windows\system32\drivers\nav\1307000.009\ironx86.sys
2012-04-23 21:42:38 132744 ----a-w- c:\windows\system32\drivers\nav\1307000.009\ccsetx86.sys
2012-04-23 21:42:30 4782 ----a-w- c:\windows\system32\drivers\nav\1307000.009\symvtcer.dat
2012-04-23 21:42:30 -------- d-----w- c:\windows\system32\drivers\nav\1307000.009
.
==================== Find3M ====================
.
2012-05-13 00:07:52 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-13 00:07:52 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-09 15:19:31 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-01 01:46:36 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-03-06 05:59:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-06 05:59:41 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-01 05:46:57 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37:41 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 18:01:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 18:01:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
.
============= FINISH: 9:21:38.72 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 11/28/2009 7:51:51 PM
System Uptime: 5/13/2012 4:44:54 AM (5 hours ago)
.
Motherboard: Dell Inc. | | 0YD479
Processor: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz | Microprocessor | 1000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 62 GiB total, 21.123 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.863 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Photosmart C4700 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
AOL Install
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Control Center Ex
AVS Update Manager 1.0
AVS Video Editor 4
AVS Video Recorder 2.4
AVS YouTube Uploader version 2.1
AVS4YOU Software Navigator 1.4
Bonjour
BufferChm
C4700
Codecv
Conexant HDA D110 MDC V.92 Modem
D3DX10
Dell System Customization Wizard
Dell Wireless WLAN Card
DellSupport
Destinations
DeviceDiscovery
Digital Line Detect
DiskAid 3.24
DivX Setup
Documentation & Support Launcher
EarthLink Setup Files
Games, Music, & Photos Launcher
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
HP Print Projects 1.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
Internet Service Offers Launcher
iTunes
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) SE Runtime Environment 6
MarketResearch
MediaDirect
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
Move Media Player
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
Network
NetZeroInstallers
Norton AntiVirus
OGA Notifier 2.0.0048.0
OutlookAddinSetup
PS_AIO_06_C4700_SW_Min
Qualxserve Service Agreement
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Shop for HP Supplies
SigmaTel Audio
SmartWebPrinting
SolutionCenter
Sonic Activation Module
Status
StreamTorrent 1.0
Synaptics Pointing Device Driver
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
URL Assistant
User's Guides
VC80CRTRedist - 8.0.50727.6195
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
5/13/2012 8:25:05 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.
5/12/2012 8:37:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.
5/12/2012 6:09:33 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
5/12/2012 3:21:23 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 30 Jul 2014
Posts: 4578
Location: Land Of The Leprechauns

PostPosted: Mon May 14, 2012 2:43 am    Post subject: Reply with quote

Hi and welcome to Spyware Warrior Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!
Note: If you haven't done so already, please read this topic Things to know before you post where the conditions for receiving help here are explained.
Quote:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Windows 7 Advice:
  • All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.
  • Your Operating System in use comes with a inbuilt utility called User Access Control(UAC).
  • When prompted by this with anything I ask you to do carry out please select the option Allow.


Remove P2P Programs
  • I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
    Quote:
    StreamTorrent 1.0

  • Please read the Use of P2P (Person to Person) file sharing programmes where we explain why it's not a good idea to have them.

  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

While you are in Add/remove programs uninstall the following also.
Quote:
Java(TM) SE Runtime Environment 6

Next.

Please download Malwarebytes' Anti-Malware and save to your desktop.
  • Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Next.

Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
      Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.


Logs/Information to Post in your Next Reply
  • Malwarebytes log.
  • OTL.txt and Extra.txt contents.

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Wed May 16, 2012 8:14 am    Post subject: Reply with quote

I ran the scans and deleted the P2P program. Here are the logs.


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.16.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

5/16/2012 8:00:23 AM
mbam-log-2012-05-16 (08-00-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199857
Time elapsed: 32 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Owner\Downloads\Codec-C.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.

(end)



OTL logfile created on: 5/16/2012 8:54:38 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Owner\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.44 Mb Total Physical Memory | 209.09 Mb Available Physical Memory | 20.45% Memory free
2.00 Gb Paging File | 0.93 Gb Available in Paging File | 46.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.48 Gb Total Space | 22.04 Gb Free Space | 35.27% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.86 Gb Free Space | 58.63% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/16 08:53:12 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\otl.exe
PRC - [2012/04/24 17:26:43 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/03/27 16:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccsvchst.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/05/21 18:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
PRC - [2006/12/01 14:40:44 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/12/01 14:40:40 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2006/11/08 18:47:14 | 001,066,528 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/10/13 10:31:34 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/04/28 08:14:44 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/13 10:20:30 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/13 10:12:15 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
MOD - [2012/05/13 10:11:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/13 10:08:20 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/13 10:07:43 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/13 10:06:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/13 10:05:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/13 10:05:53 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/13 10:05:31 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/12 17:07:52 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/24 17:26:42 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 20:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 20:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2006/11/27 15:55:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2006/11/08 18:47:34 | 000,091,680 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL


========== Win32 Services (SafeList) ==========

SRV - [2012/05/12 17:07:54 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/24 17:26:43 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/27 16:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe -- (NAV)
SRV - [2010/05/05 04:53:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/07 08:38:30 | 000,081,408 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2006/12/01 14:40:40 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2006/11/07 12:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2012/05/15 19:46:45 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120515.024\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/05/15 19:46:45 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120515.024\NAVENG.SYS -- (NAVENG)
DRV - [2012/04/27 17:18:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\IPSDefs\20120515.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/04/02 16:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\BASHDefs\20120507.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/03/31 18:46:36 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/03/28 23:28:38 | 000,318,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\symnets.sys -- (SymNetS)
DRV - [2012/03/28 23:28:30 | 000,905,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\symefa.sys -- (SymEFA)
DRV - [2012/03/28 23:06:25 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\ironx86.sys -- (SymIRON)
DRV - [2012/03/28 23:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\srtsp.sys -- (SRTSP)
DRV - [2012/03/28 23:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2012/02/04 11:15:19 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/04 11:15:18 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/17 15:45:55 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\symds.sys -- (SymDS)
DRV - [2011/11/29 15:44:14 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\ccsetx86.sys -- (ccSet_NAV)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 15:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/12/01 14:40:46 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/11/20 12:13:58 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/20 12:13:58 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/20 12:13:56 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/11 16:10:40 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 21:53:08 | 002,068,992 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/17 14:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071502000008.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\IPSFFPlgn\ [2012/03/31 19:01:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/01 06:35:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/15 12:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/24 17:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 08:22:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Owner\AppData\Roaming\Move Networks [2009/12/09 23:25:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/01 06:35:51 | 000,000,000 | ---D | M]

[2010/12/15 09:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2012/05/01 21:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\cfcyc0de.default\extensions
[2012/04/02 13:17:57 | 000,000,000 | ---D | M] (Codecv) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\cfcyc0de.default\extensions\info@allpremiumplay.info
[2012/04/24 17:26:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/15 12:16:40 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/03/31 19:01:50 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\IPSFFPLGN
[2009/12/09 23:25:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\OWNER\APPDATA\ROAMING\MOVE NETWORKS
[2012/04/24 17:26:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/09 08:19:31 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/04 09:56:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 11:14:45 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Codecv = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnkkfjdnhgkjefnnohgfackfninikjo\1.0_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Codecv Class) - {A2D77E5D-5792-4BC2-8642-57CC72384AD1} - C:\ProgramData\Codecv\bhoclass.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_31.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94615972-A6E6-4196-9CD6-B5055A3C9FE8}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0C3577D-C024-439E-8435-15F1A539ED31}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\Shell - "" = AutoRun
O33 - MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\Shell - "" = AutoRun
O33 - MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/16 07:58:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2012/05/16 07:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/16 07:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/16 07:58:33 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/16 07:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/13 09:11:22 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/05/12 15:48:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/12 15:48:10 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/12 15:48:09 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/12 15:47:49 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/04/24 17:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/24 17:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/23 20:56:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\StreamTorrent

========== Files - Modified Within 30 Days ==========

[2012/05/16 09:07:22 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/16 08:45:38 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/16 08:45:38 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/16 08:38:22 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/16 08:38:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/16 08:37:54 | 804,077,568 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/16 08:27:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/16 07:58:38 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/13 12:59:10 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/13 12:59:10 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/13 10:03:21 | 000,347,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/13 09:12:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/05/13 08:39:49 | 001,473,273 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1307000.009\Cat.DB
[2012/05/12 17:07:52 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/12 17:07:52 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/04/24 08:01:56 | 000,002,312 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/04/24 08:01:21 | 000,008,942 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1307000.009\VT20120410.034
[2012/04/18 20:50:55 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1307000.009\isolate.ini

========== Files Created - No Company Name ==========

[2012/05/16 07:58:38 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/10/24 18:13:36 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2010/10/14 14:39:32 | 000,001,940 | ---- | C] () -- C:\Users\Owner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/13 15:38:41 | 005,289,720 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\iTunesDB
[2010/10/13 15:38:15 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\smartpathdb.ini
[2010/08/12 14:39:55 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/01 06:35:11 | 000,023,112 | ---- | C] () -- C:\Windows\hpqins15.dat

< End of report >




OTL Extras logfile created on: 5/16/2012 8:54:38 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Owner\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.44 Mb Total Physical Memory | 209.09 Mb Available Physical Memory | 20.45% Memory free
2.00 Gb Paging File | 0.93 Gb Available in Paging File | 46.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.48 Gb Total Space | 22.04 Gb Free Space | 35.27% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.86 Gb Free Space | 58.63% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2215074468-3965224828-2189432076-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2813C219-9CF8-42AE-8C2C-6B8E6ACA54A5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2D110414-265F-496B-A61C-F41E86430251}" = lport=2869 | protocol=6 | dir=in | app=system |
"{390E0D9E-7322-4B1E-B777-05F98B20A5BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C0D32A9-B1E8-4D84-BEA3-39AAB1490EF7}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FD53811-DB56-40DC-AFCF-CA14142240B0}" = rport=139 | protocol=6 | dir=out | app=system |
"{47ACA9D9-7F7F-44E0-84EE-3B29B37A974F}" = rport=137 | protocol=17 | dir=out | app=system |
"{49D9B922-A8EB-4D68-841C-85A0A099C072}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{5031EDC9-F9BA-44CD-AF80-296CAFF4E868}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51F85F29-F8B4-4BBC-94F4-2EA2040A24F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63181B62-4CD3-4BBD-A289-D9B224ACA92D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{821C6521-34C5-47C0-9561-46185E0EC803}" = lport=137 | protocol=17 | dir=in | app=system |
"{852C038C-D07D-49BF-B175-A245DA6AC11B}" = lport=139 | protocol=6 | dir=in | app=system |
"{859FFF39-C439-45E9-B9DE-191044C9AF09}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8F05C2D7-4233-4B84-AF81-DE66D8F850DF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6C1983B-B442-49F6-88DA-852CD80C9B19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8D61581-E597-4853-A05E-0C2A09B530DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D059C7F4-F8AC-4CDF-ACB0-E2D708A55C31}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D304A35A-983A-4E15-AD61-9F27569752C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5AD777A-8AF2-4CA6-BFD1-B7F6301A01BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D72116A1-526E-4635-8E78-C0D457B3CC20}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E437B38A-7601-4EC5-B10B-B3C448642A00}" = rport=138 | protocol=17 | dir=out | app=system |
"{EFE14ABE-2114-4052-8A00-5395D1D53B96}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2308262-72E9-4DE4-9BC6-94FB68141D29}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F42EECD3-AFB2-422D-B36E-5AEA2804502E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0134C1EA-F6FF-4FFF-94DF-64D1118C18A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{037FE71E-7D28-411D-BB9D-14E566EF796B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{1310EBAE-D452-4CCA-B5F3-442EB99ACF2D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{134C8E3B-C2E0-45A2-B866-35EF724A8F39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{194D11ED-43B0-4924-8908-405B357DD3C7}" = protocol=6 | dir=out | app=system |
"{1F354AD2-25C2-4B4A-8E41-943BEF7BB69A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{33FF89E1-1A5C-41EE-B5DE-B6E1608D99FD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3A9FCB46-3ACF-4E71-802A-CC5F9FA20647}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{411EA2F9-154A-481C-9E3B-791CFE687653}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{422F4C3C-BBEE-4070-A6FC-DAB10A275896}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4766024B-EAED-4FA0-A7B5-8529E5B75102}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{56FA09E5-18D4-4A14-BEEB-11A044A2B0ED}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5CDB3DEE-69BE-4143-9167-9A0C8A27776D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5DF9E649-4466-4FB8-9A14-4D72D23B9DC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61A4F493-DDE5-424B-A56F-8485648E72AE}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{660C333E-BA49-4E13-A600-FE5A9F4CB2A8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{723F9947-A434-4B46-9912-35CDC5534111}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{75965D13-78FD-4833-9F50-6EF9AF3DB3FD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{761609C8-BFAD-4E3A-BF75-E5701954ACE9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7C8C18D9-1D9B-45F7-819E-086CD7B0F493}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81DDAFC1-F23A-4A97-A893-F57E961258A4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{831BEBB1-C891-42B5-954F-3CB1E6F4135E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E14926B-A016-4A5E-9F7A-E3B4C6B998F7}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{93FCCD09-B3D6-46D8-A69A-A9F78001CAB6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A58B2515-5790-4706-B989-2DA3619D9EDE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{BCA213BC-85D8-4154-9D3B-D9F8C9353D68}" = dir=in | app=e:\setup\hpznui01.exe |
"{BDBF8A6D-D621-408A-A80A-E588D70F2EF1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{C38C4DD3-3B6D-474C-AD61-38CF6FDDC014}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{C79C5D2A-7BB5-4915-A11F-39983B628C08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE1C1A5D-3E9A-4EE6-99B6-24DEFFD92462}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CF1C96B7-FF9D-44EA-9B19-30EAC291C2A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D34858E1-EDC3-4D88-90E3-8C0E006563B0}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D3EF7243-F29A-411A-A393-5E5D5016CBE2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{DA5E54F4-C3C8-4D18-9936-EE550AC651A5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{DBE3F04D-93DF-4B44-BB5A-7A525F793871}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{DC2657C4-EFAD-4999-9B19-769D8754B1CD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{F0373815-0BDC-468E-9D58-E44E26FC0C7E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F127152D-5593-418E-8465-BAFE7D708671}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F1FA0F02-9909-4F57-BB28-ED27171241E1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{19B39632-9094-4C2A-9847-A8F674A9F958}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{FD640488-5DC0-4B36-B95A-1FD55D44E015}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = Codecv
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{493BAF04-DA99-9257-B343-E17BB5E687A3}" = ATI Catalyst Control Center Ex
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}" = QuickSet
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Documentation & Support Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor 4_is1" = AVS Video Editor 4
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DiskAid_is1" = DiskAid 3.24
"DivX Setup" = DivX Setup
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAV" = Norton AntiVirus
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2215074468-3965224828-2189432076-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Back to top
View user's profile Send private message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Wed May 16, 2012 8:15 am    Post subject: Reply with quote

I ran the scans and deleted the P2P program. Here are the logs.


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.16.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

5/16/2012 8:00:23 AM
mbam-log-2012-05-16 (08-00-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199857
Time elapsed: 32 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Owner\Downloads\Codec-C.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.

(end)



OTL logfile created on: 5/16/2012 8:54:38 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Owner\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.44 Mb Total Physical Memory | 209.09 Mb Available Physical Memory | 20.45% Memory free
2.00 Gb Paging File | 0.93 Gb Available in Paging File | 46.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.48 Gb Total Space | 22.04 Gb Free Space | 35.27% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.86 Gb Free Space | 58.63% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/16 08:53:12 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\otl.exe
PRC - [2012/04/24 17:26:43 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/03/27 16:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccsvchst.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/05/21 18:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
PRC - [2006/12/01 14:40:44 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/12/01 14:40:40 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2006/11/08 18:47:14 | 001,066,528 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/10/13 10:31:34 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/04/28 08:14:44 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/13 10:20:30 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/13 10:12:15 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
MOD - [2012/05/13 10:11:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/13 10:08:20 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/13 10:07:43 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/13 10:06:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/13 10:05:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/13 10:05:53 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/13 10:05:31 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/12 17:07:52 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/24 17:26:42 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 20:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 20:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2006/11/27 15:55:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2006/11/08 18:47:34 | 000,091,680 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL


========== Win32 Services (SafeList) ==========

SRV - [2012/05/12 17:07:54 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/24 17:26:43 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/27 16:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe -- (NAV)
SRV - [2010/05/05 04:53:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/07 08:38:30 | 000,081,408 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2006/12/01 14:40:40 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2006/11/07 12:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2012/05/15 19:46:45 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120515.024\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/05/15 19:46:45 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120515.024\NAVENG.SYS -- (NAVENG)
DRV - [2012/04/27 17:18:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\IPSDefs\20120515.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/04/02 16:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\BASHDefs\20120507.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/03/31 18:46:36 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/03/28 23:28:38 | 000,318,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\symnets.sys -- (SymNetS)
DRV - [2012/03/28 23:28:30 | 000,905,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\symefa.sys -- (SymEFA)
DRV - [2012/03/28 23:06:25 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\ironx86.sys -- (SymIRON)
DRV - [2012/03/28 23:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\srtsp.sys -- (SRTSP)
DRV - [2012/03/28 23:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2012/02/04 11:15:19 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/04 11:15:18 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/17 15:45:55 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\symds.sys -- (SymDS)
DRV - [2011/11/29 15:44:14 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1307000.009\ccsetx86.sys -- (ccSet_NAV)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 15:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/12/01 14:40:46 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/11/20 12:13:58 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/20 12:13:58 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/20 12:13:56 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/11 16:10:40 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 21:53:08 | 002,068,992 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/17 14:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Owner\AppData\Roaming\Move Networks\plugins\npqmp071502000008.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\IPSFFPlgn\ [2012/03/31 19:01:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/01 06:35:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/15 12:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/24 17:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 08:22:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Owner\AppData\Roaming\Move Networks [2009/12/09 23:25:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/01 06:35:51 | 000,000,000 | ---D | M]

[2010/12/15 09:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2012/05/01 21:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\cfcyc0de.default\extensions
[2012/04/02 13:17:57 | 000,000,000 | ---D | M] (Codecv) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\cfcyc0de.default\extensions\info@allpremiumplay.info
[2012/04/24 17:26:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/15 12:16:40 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/03/31 19:01:50 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\IPSFFPLGN
[2009/12/09 23:25:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\OWNER\APPDATA\ROAMING\MOVE NETWORKS
[2012/04/24 17:26:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/09 08:19:31 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/04 09:56:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 11:14:45 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Codecv = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnkkfjdnhgkjefnnohgfackfninikjo\1.0_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Codecv Class) - {A2D77E5D-5792-4BC2-8642-57CC72384AD1} - C:\ProgramData\Codecv\bhoclass.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_31.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94615972-A6E6-4196-9CD6-B5055A3C9FE8}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0C3577D-C024-439E-8435-15F1A539ED31}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\Shell - "" = AutoRun
O33 - MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\Shell - "" = AutoRun
O33 - MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/16 07:58:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2012/05/16 07:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/16 07:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/16 07:58:33 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/16 07:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/13 09:11:22 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/05/12 15:48:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/12 15:48:10 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/12 15:48:09 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/12 15:47:49 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/04/24 17:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/24 17:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/23 20:56:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\StreamTorrent

========== Files - Modified Within 30 Days ==========

[2012/05/16 09:07:22 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/16 08:45:38 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/16 08:45:38 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/16 08:38:22 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/16 08:38:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/16 08:37:54 | 804,077,568 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/16 08:27:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/16 07:58:38 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/13 12:59:10 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/13 12:59:10 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/13 10:03:21 | 000,347,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/13 09:12:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/05/13 08:39:49 | 001,473,273 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1307000.009\Cat.DB
[2012/05/12 17:07:52 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/12 17:07:52 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/04/24 08:01:56 | 000,002,312 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/04/24 08:01:21 | 000,008,942 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1307000.009\VT20120410.034
[2012/04/18 20:50:55 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1307000.009\isolate.ini

========== Files Created - No Company Name ==========

[2012/05/16 07:58:38 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/10/24 18:13:36 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2010/10/14 14:39:32 | 000,001,940 | ---- | C] () -- C:\Users\Owner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/13 15:38:41 | 005,289,720 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\iTunesDB
[2010/10/13 15:38:15 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\smartpathdb.ini
[2010/08/12 14:39:55 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/01 06:35:11 | 000,023,112 | ---- | C] () -- C:\Windows\hpqins15.dat

< End of report >




OTL Extras logfile created on: 5/16/2012 8:54:38 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Owner\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.44 Mb Total Physical Memory | 209.09 Mb Available Physical Memory | 20.45% Memory free
2.00 Gb Paging File | 0.93 Gb Available in Paging File | 46.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.48 Gb Total Space | 22.04 Gb Free Space | 35.27% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.86 Gb Free Space | 58.63% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2215074468-3965224828-2189432076-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2813C219-9CF8-42AE-8C2C-6B8E6ACA54A5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2D110414-265F-496B-A61C-F41E86430251}" = lport=2869 | protocol=6 | dir=in | app=system |
"{390E0D9E-7322-4B1E-B777-05F98B20A5BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C0D32A9-B1E8-4D84-BEA3-39AAB1490EF7}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FD53811-DB56-40DC-AFCF-CA14142240B0}" = rport=139 | protocol=6 | dir=out | app=system |
"{47ACA9D9-7F7F-44E0-84EE-3B29B37A974F}" = rport=137 | protocol=17 | dir=out | app=system |
"{49D9B922-A8EB-4D68-841C-85A0A099C072}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{5031EDC9-F9BA-44CD-AF80-296CAFF4E868}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51F85F29-F8B4-4BBC-94F4-2EA2040A24F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63181B62-4CD3-4BBD-A289-D9B224ACA92D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{821C6521-34C5-47C0-9561-46185E0EC803}" = lport=137 | protocol=17 | dir=in | app=system |
"{852C038C-D07D-49BF-B175-A245DA6AC11B}" = lport=139 | protocol=6 | dir=in | app=system |
"{859FFF39-C439-45E9-B9DE-191044C9AF09}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8F05C2D7-4233-4B84-AF81-DE66D8F850DF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6C1983B-B442-49F6-88DA-852CD80C9B19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8D61581-E597-4853-A05E-0C2A09B530DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D059C7F4-F8AC-4CDF-ACB0-E2D708A55C31}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D304A35A-983A-4E15-AD61-9F27569752C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5AD777A-8AF2-4CA6-BFD1-B7F6301A01BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D72116A1-526E-4635-8E78-C0D457B3CC20}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E437B38A-7601-4EC5-B10B-B3C448642A00}" = rport=138 | protocol=17 | dir=out | app=system |
"{EFE14ABE-2114-4052-8A00-5395D1D53B96}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2308262-72E9-4DE4-9BC6-94FB68141D29}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F42EECD3-AFB2-422D-B36E-5AEA2804502E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0134C1EA-F6FF-4FFF-94DF-64D1118C18A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{037FE71E-7D28-411D-BB9D-14E566EF796B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{1310EBAE-D452-4CCA-B5F3-442EB99ACF2D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{134C8E3B-C2E0-45A2-B866-35EF724A8F39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{194D11ED-43B0-4924-8908-405B357DD3C7}" = protocol=6 | dir=out | app=system |
"{1F354AD2-25C2-4B4A-8E41-943BEF7BB69A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{33FF89E1-1A5C-41EE-B5DE-B6E1608D99FD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3A9FCB46-3ACF-4E71-802A-CC5F9FA20647}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{411EA2F9-154A-481C-9E3B-791CFE687653}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{422F4C3C-BBEE-4070-A6FC-DAB10A275896}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4766024B-EAED-4FA0-A7B5-8529E5B75102}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{56FA09E5-18D4-4A14-BEEB-11A044A2B0ED}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5CDB3DEE-69BE-4143-9167-9A0C8A27776D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5DF9E649-4466-4FB8-9A14-4D72D23B9DC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61A4F493-DDE5-424B-A56F-8485648E72AE}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{660C333E-BA49-4E13-A600-FE5A9F4CB2A8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{723F9947-A434-4B46-9912-35CDC5534111}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{75965D13-78FD-4833-9F50-6EF9AF3DB3FD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{761609C8-BFAD-4E3A-BF75-E5701954ACE9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7C8C18D9-1D9B-45F7-819E-086CD7B0F493}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81DDAFC1-F23A-4A97-A893-F57E961258A4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{831BEBB1-C891-42B5-954F-3CB1E6F4135E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E14926B-A016-4A5E-9F7A-E3B4C6B998F7}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{93FCCD09-B3D6-46D8-A69A-A9F78001CAB6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A58B2515-5790-4706-B989-2DA3619D9EDE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{BCA213BC-85D8-4154-9D3B-D9F8C9353D68}" = dir=in | app=e:\setup\hpznui01.exe |
"{BDBF8A6D-D621-408A-A80A-E588D70F2EF1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{C38C4DD3-3B6D-474C-AD61-38CF6FDDC014}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{C79C5D2A-7BB5-4915-A11F-39983B628C08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE1C1A5D-3E9A-4EE6-99B6-24DEFFD92462}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CF1C96B7-FF9D-44EA-9B19-30EAC291C2A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D34858E1-EDC3-4D88-90E3-8C0E006563B0}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D3EF7243-F29A-411A-A393-5E5D5016CBE2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{DA5E54F4-C3C8-4D18-9936-EE550AC651A5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{DBE3F04D-93DF-4B44-BB5A-7A525F793871}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{DC2657C4-EFAD-4999-9B19-769D8754B1CD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{F0373815-0BDC-468E-9D58-E44E26FC0C7E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F127152D-5593-418E-8465-BAFE7D708671}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F1FA0F02-9909-4F57-BB28-ED27171241E1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{19B39632-9094-4C2A-9847-A8F674A9F958}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{FD640488-5DC0-4B36-B95A-1FD55D44E015}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = Codecv
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{493BAF04-DA99-9257-B343-E17BB5E687A3}" = ATI Catalyst Control Center Ex
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}" = QuickSet
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Documentation & Support Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor 4_is1" = AVS Video Editor 4
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DiskAid_is1" = DiskAid 3.24
"DivX Setup" = DivX Setup
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAV" = Norton AntiVirus
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2215074468-3965224828-2189432076-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 30 Jul 2014
Posts: 4578
Location: Land Of The Leprechauns

PostPosted: Wed May 16, 2012 9:23 am    Post subject: Reply with quote

Hi epepps14,
Quote:
there are a lot of ads that are taking over all the web pages that I open. For instance, my home page is yahoo and there is a banner ad on the top and another large ad on the side of the page that both say "ads not by this site".
Can you tell me which browser you are using when this happens, Internet Explorer FireFox or both?
Let me know in your next reply.

Create a new System Restore point
  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection > Create.
  • Give this restore point a descriptive name and click Create.
  • Click Apply and OK.

Next.

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Quote:
Adobe Reader 9.5.1
Java(TM) 6 Update 31
Java(TM) SE Runtime Environment 6

Next.

We need to run an OTL Fix
  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following code into the textbox. Do not include the word Code
    Code:

    :processes
    killallprocesses

    :otl
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-2215074468-3965224828-2189432076-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O33 - MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\Shell - "" = AutoRun
    O33 - MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\Shell - "" = AutoRun
    O33 - MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true

    :files
    C:\Users\Owner\AppData\Roaming\StreamTorrent
    C:\Windows\hpomdl43.dat.temp
    ipconfig /flushdns /c

    :commands
    [emptytemp]
    [clearallrestorepoints]


  • Then click the Run Fix button at the top.
  • Click .
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Next.

TDSSKiller

Please download TDSSKiller.exe and save it to your Desktop.
  • Right - click on TDSSKiller.exe and select " Run as administrator " to run it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT


Logs/Information to Post in your Next Reply
  • Which browser are you having problems with?
  • OTL Fix log.
  • TDSSKiller log.

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Fri May 18, 2012 8:56 am    Post subject: Reply with quote

I am having problems with firefox, which is the main browser that I use. Here are the logs that you requested. I will also be going away this weekend and will not be able to respond to your next post until monday. thanks for your help so far


All processes killed
========== PROCESSES ==========
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-2215074468-3965224828-2189432076-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
C:\Program Files\BAE\BAE.dll moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5654787-df85-11de-9e64-00188bb4d48a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5654787-df85-11de-9e64-00188bb4d48a}\ not found.
File "F:\WD SmartWare.exe" autoplay=true not found.
========== FILES ==========
C:\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config folder moved successfully.
C:\Users\Owner\AppData\Roaming\StreamTorrent\1.0 folder moved successfully.
C:\Users\Owner\AppData\Roaming\StreamTorrent folder moved successfully.
C:\Windows\hpomdl43.dat.temp moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Downloads\cmd.bat deleted successfully.
C:\Users\Owner\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Owner
->Temp folder emptied: 3361615397 bytes
->Temporary Internet Files folder emptied: 4870440 bytes
->Java cache emptied: 850632 bytes
->FireFox cache emptied: 170475387 bytes
->Google Chrome cache emptied: 7936162 bytes
->Flash cache emptied: 1999122 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128357369 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,506.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05182012_083549

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\HPV8C1E.tmp.vdf moved successfully.
C:\Users\Owner\AppData\Local\Temp\HPV8C2F.tmp.vdf moved successfully.
C:\Users\Owner\AppData\Local\Temp\HPV8EA0.tmp.vdf moved successfully.
C:\Users\Owner\AppData\Local\Temp\HPVB087.tmp.vdf moved successfully.

Registry entries deleted on Reboot...





09:11:41.0726 4804 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
09:11:42.0876 4804 ============================================================
09:11:42.0876 4804 Current date / time: 2012/05/18 09:11:42.0876
09:11:42.0876 4804 SystemInfo:
09:11:42.0876 4804
09:11:42.0877 4804 OS Version: 6.1.7601 ServicePack: 1.0
09:11:42.0877 4804 Product type: Workstation
09:11:42.0877 4804 ComputerName: OWNER-PC
09:11:42.0877 4804 UserName: Owner
09:11:42.0878 4804 Windows directory: C:\Windows
09:11:42.0878 4804 System windows directory: C:\Windows
09:11:42.0878 4804 Processor architecture: Intel x86
09:11:42.0878 4804 Number of processors: 2
09:11:42.0878 4804 Page size: 0x1000
09:11:42.0878 4804 Boot type: Normal boot
09:11:42.0878 4804 ============================================================
09:11:45.0517 4804 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:11:45.0524 4804 ============================================================
09:11:45.0524 4804 \Device\Harddisk0\DR0:
09:11:45.0538 4804 MBR partitions:
09:11:45.0538 4804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
09:11:45.0538 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x7CF7000
09:11:45.0581 4804 ============================================================
09:11:45.0628 4804 C: <-> \Device\Harddisk0\DR0\Partition1
09:11:45.0659 4804 D: <-> \Device\Harddisk0\DR0\Partition0
09:11:45.0660 4804 ============================================================
09:11:45.0660 4804 Initialize success
09:11:45.0660 4804 ============================================================
09:12:20.0547 3164 ============================================================
09:12:20.0548 3164 Scan started
09:12:20.0548 3164 Mode: Manual;
09:12:20.0548 3164 ============================================================
09:12:23.0584 3164 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:12:23.0631 3164 1394ohci - ok
09:12:23.0683 3164 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:12:23.0716 3164 ACPI - ok
09:12:23.0748 3164 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:12:23.0775 3164 AcpiPmi - ok
09:12:23.0923 3164 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:12:23.0944 3164 AdobeFlashPlayerUpdateSvc - ok
09:12:24.0077 3164 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:12:24.0156 3164 adp94xx - ok
09:12:24.0214 3164 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:12:24.0238 3164 adpahci - ok
09:12:24.0263 3164 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:12:24.0283 3164 adpu320 - ok
09:12:24.0324 3164 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:12:24.0328 3164 AeLookupSvc - ok
09:12:24.0423 3164 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:12:24.0484 3164 AFD - ok
09:12:24.0542 3164 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:12:24.0577 3164 agp440 - ok
09:12:24.0632 3164 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:12:24.0651 3164 aic78xx - ok
09:12:24.0706 3164 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:12:24.0723 3164 ALG - ok
09:12:24.0748 3164 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:12:24.0753 3164 aliide - ok
09:12:24.0777 3164 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:12:24.0801 3164 amdagp - ok
09:12:24.0824 3164 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:12:24.0829 3164 amdide - ok
09:12:24.0875 3164 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:12:24.0898 3164 AmdK8 - ok
09:12:24.0927 3164 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:12:24.0931 3164 AmdPPM - ok
09:12:24.0976 3164 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:12:24.0995 3164 amdsata - ok
09:12:25.0047 3164 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:12:25.0060 3164 amdsbs - ok
09:12:25.0084 3164 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:12:25.0111 3164 amdxata - ok
09:12:25.0170 3164 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:12:25.0190 3164 AppID - ok
09:12:25.0235 3164 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:12:25.0271 3164 AppIDSvc - ok
09:12:25.0498 3164 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:12:25.0501 3164 Appinfo - ok
09:12:25.0717 3164 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:12:25.0723 3164 Apple Mobile Device - ok
09:12:25.0770 3164 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:12:25.0784 3164 arc - ok
09:12:25.0810 3164 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:12:25.0824 3164 arcsas - ok
09:12:25.0853 3164 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:12:25.0857 3164 AsyncMac - ok
09:12:25.0900 3164 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:12:25.0902 3164 atapi - ok
09:12:25.0971 3164 Ati External Event Utility (796f5a6263404c0fc473adcad61f2788) C:\Windows\system32\Ati2evxx.exe
09:12:26.0014 3164 Ati External Event Utility - ok
09:12:26.0115 3164 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:26.0159 3164 AudioEndpointBuilder - ok
09:12:26.0181 3164 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:26.0190 3164 Audiosrv - ok
09:12:26.0255 3164 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:12:26.0320 3164 AxInstSV - ok
09:12:26.0551 3164 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:12:26.0611 3164 b06bdrv - ok
09:12:26.0672 3164 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:12:26.0690 3164 b57nd60x - ok
09:12:26.0847 3164 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys
09:12:26.0939 3164 BCM43XX - ok
09:12:26.0990 3164 bcm4sbxp (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
09:12:27.0029 3164 bcm4sbxp - ok
09:12:27.0060 3164 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:12:27.0094 3164 BDESVC - ok
09:12:27.0168 3164 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:12:27.0175 3164 Beep - ok
09:12:27.0268 3164 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
09:12:27.0295 3164 BFE - ok
09:12:27.0563 3164 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\BASHDefs\20120507.001\BHDrvx86.sys
09:12:27.0639 3164 BHDrvx86 - ok
09:12:27.0720 3164 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:12:27.0794 3164 BITS - ok
09:12:27.0855 3164 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:12:27.0859 3164 blbdrive - ok
09:12:28.0060 3164 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
09:12:28.0082 3164 Bonjour Service - ok
09:12:28.0129 3164 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:12:28.0147 3164 bowser - ok
09:12:28.0246 3164 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:12:28.0288 3164 BrFiltLo - ok
09:12:28.0328 3164 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:12:28.0332 3164 BrFiltUp - ok
09:12:28.0388 3164 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:12:28.0402 3164 Browser - ok
09:12:28.0441 3164 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:12:28.0458 3164 Brserid - ok
09:12:28.0493 3164 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:12:28.0498 3164 BrSerWdm - ok
09:12:28.0551 3164 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:12:28.0555 3164 BrUsbMdm - ok
09:12:28.0597 3164 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:12:28.0601 3164 BrUsbSer - ok
09:12:28.0622 3164 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:12:28.0627 3164 BTHMODEM - ok
09:12:28.0685 3164 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:12:28.0704 3164 bthserv - ok
09:12:28.0788 3164 ccSet_NAV (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\NAV\1307010.005\ccSetx86.sys
09:12:28.0826 3164 ccSet_NAV - ok
09:12:28.0876 3164 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:12:28.0882 3164 cdfs - ok
09:12:28.0950 3164 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:12:28.0988 3164 cdrom - ok
09:12:29.0040 3164 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:29.0060 3164 CertPropSvc - ok
09:12:29.0106 3164 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:12:29.0111 3164 circlass - ok
09:12:29.0169 3164 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:12:29.0213 3164 CLFS - ok
09:12:29.0313 3164 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:12:29.0338 3164 clr_optimization_v2.0.50727_32 - ok
09:12:29.0438 3164 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:12:29.0490 3164 clr_optimization_v4.0.30319_32 - ok
09:12:29.0509 3164 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:12:29.0526 3164 CmBatt - ok
09:12:29.0568 3164 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:12:29.0572 3164 cmdide - ok
09:12:29.0719 3164 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
09:12:29.0786 3164 CNG - ok
09:12:29.0823 3164 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:12:29.0827 3164 Compbatt - ok
09:12:29.0866 3164 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
09:12:29.0870 3164 CompositeBus - ok
09:12:29.0889 3164 COMSysApp - ok
09:12:29.0920 3164 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:12:29.0924 3164 crcdisk - ok
09:12:29.0986 3164 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
09:12:30.0000 3164 CryptSvc - ok
09:12:30.0084 3164 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:30.0130 3164 DcomLaunch - ok
09:12:30.0176 3164 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:12:30.0218 3164 defragsvc - ok
09:12:30.0277 3164 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:12:30.0302 3164 DfsC - ok
09:12:30.0385 3164 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:12:30.0404 3164 Dhcp - ok
09:12:30.0444 3164 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:12:30.0449 3164 discache - ok
09:12:30.0496 3164 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:12:30.0501 3164 Disk - ok
09:12:30.0558 3164 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\Windows\system32\DLA\DLABMFSM.SYS
09:12:30.0593 3164 DLABMFSM - ok
09:12:30.0756 3164 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\Windows\system32\DLA\DLABOIOM.SYS
09:12:30.0827 3164 DLABOIOM - ok
09:12:30.0889 3164 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\Windows\system32\DLA\DLADResM.SYS
09:12:30.0903 3164 DLADResM - ok
09:12:31.0007 3164 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\Windows\system32\DLA\DLAIFS_M.SYS
09:12:31.0058 3164 DLAIFS_M - ok
09:12:31.0095 3164 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\Windows\system32\DLA\DLAOPIOM.SYS
09:12:31.0100 3164 DLAOPIOM - ok
09:12:31.0156 3164 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\Windows\system32\DLA\DLAPoolM.SYS
09:12:31.0165 3164 DLAPoolM - ok
09:12:31.0262 3164 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\Windows\system32\Drivers\DLARTL_M.SYS
09:12:31.0272 3164 DLARTL_M - ok
09:12:31.0407 3164 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\Windows\system32\DLA\DLAUDFAM.SYS
09:12:31.0424 3164 DLAUDFAM - ok
09:12:31.0496 3164 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\Windows\system32\DLA\DLAUDF_M.SYS
09:12:31.0511 3164 DLAUDF_M - ok
09:12:31.0559 3164 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
09:12:31.0593 3164 Dnscache - ok
09:12:31.0652 3164 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:12:31.0704 3164 dot3svc - ok
09:12:31.0775 3164 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
09:12:31.0813 3164 Dot4 - ok
09:12:31.0851 3164 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:12:31.0872 3164 Dot4Print - ok
09:12:31.0901 3164 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
09:12:31.0921 3164 dot4usb - ok
09:12:31.0973 3164 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:12:31.0985 3164 DPS - ok
09:12:32.0025 3164 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:12:32.0030 3164 drmkaud - ok
09:12:32.0080 3164 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\Windows\system32\Drivers\DRVMCDB.SYS
09:12:32.0120 3164 DRVMCDB - ok
09:12:32.0142 3164 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\Windows\system32\Drivers\DRVNDDM.SYS
09:12:32.0148 3164 DRVNDDM - ok
09:12:32.0216 3164 DSBrokerService (01d5b95d0a12a916bbdc258629113258) C:\Program Files\DellSupport\brkrsvc.exe
09:12:32.0238 3164 DSBrokerService - ok
09:12:32.0272 3164 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
09:12:32.0296 3164 DSproct - ok
09:12:32.0320 3164 dsunidrv (64fa28c15dd71a80bef3527e1ef07df6) C:\Program Files\DellSupport\Drivers\dsunidrv.sys
09:12:32.0339 3164 dsunidrv - ok
09:12:32.0451 3164 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:12:32.0516 3164 DXGKrnl - ok
09:12:32.0571 3164 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:12:32.0586 3164 EapHost - ok
09:12:32.0881 3164 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:12:33.0023 3164 ebdrv - ok
09:12:33.0125 3164 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:12:33.0181 3164 eeCtrl - ok
09:12:33.0284 3164 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:12:33.0290 3164 EFS - ok
09:12:33.0502 3164 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:12:33.0587 3164 ehRecvr - ok
09:12:33.0633 3164 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:12:33.0689 3164 ehSched - ok
09:12:33.0782 3164 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:12:33.0826 3164 elxstor - ok
09:12:33.0933 3164 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:12:33.0988 3164 EraserUtilRebootDrv - ok
09:12:34.0012 3164 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:12:34.0018 3164 ErrDev - ok
09:12:34.0083 3164 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:12:34.0100 3164 EventSystem - ok
09:12:34.0164 3164 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:12:34.0185 3164 exfat - ok
09:12:34.0273 3164 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:12:34.0296 3164 fastfat - ok
09:12:34.0589 3164 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:12:34.0672 3164 Fax - ok
09:12:34.0696 3164 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:12:34.0728 3164 fdc - ok
09:12:34.0782 3164 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:12:34.0786 3164 fdPHost - ok
09:12:34.0813 3164 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:12:34.0854 3164 FDResPub - ok
09:12:34.0923 3164 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:12:34.0941 3164 FileInfo - ok
09:12:34.0961 3164 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:12:34.0967 3164 Filetrace - ok
09:12:34.0983 3164 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:12:34.0988 3164 flpydisk - ok
09:12:35.0078 3164 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:12:35.0093 3164 FltMgr - ok
09:12:35.0193 3164 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:12:35.0232 3164 FontCache - ok
09:12:35.0314 3164 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:12:35.0331 3164 FontCache3.0.0.0 - ok
09:12:35.0359 3164 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:12:35.0364 3164 FsDepends - ok
09:12:35.0392 3164 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:12:35.0414 3164 Fs_Rec - ok
09:12:35.0498 3164 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:12:35.0556 3164 fvevol - ok
09:12:35.0616 3164 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:12:35.0621 3164 gagp30kx - ok
09:12:35.0672 3164 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:12:35.0692 3164 GEARAspiWDM - ok
09:12:35.0784 3164 GoogleDesktopManager (51e92d44f20a241d3e352a1f6e76ac98) C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
09:12:35.0809 3164 GoogleDesktopManager - ok
09:12:35.0959 3164 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:12:36.0010 3164 gpsvc - ok
09:12:36.0118 3164 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:36.0157 3164 gupdate - ok
09:12:36.0177 3164 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:36.0184 3164 gupdatem - ok
09:12:36.0253 3164 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:12:36.0276 3164 hcw85cir - ok
09:12:36.0317 3164 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
09:12:36.0366 3164 HDAudBus - ok
09:12:36.0414 3164 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:12:36.0419 3164 HidBatt - ok
09:12:36.0447 3164 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:12:36.0461 3164 HidBth - ok
09:12:36.0506 3164 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:12:36.0510 3164 HidIr - ok
09:12:36.0547 3164 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:12:36.0574 3164 hidserv - ok
09:12:36.0624 3164 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:12:36.0630 3164 HidUsb - ok
09:12:36.0682 3164 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:12:36.0710 3164 hkmsvc - ok
09:12:36.0762 3164 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:12:36.0781 3164 HomeGroupListener - ok
09:12:36.0836 3164 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:12:36.0856 3164 HomeGroupProvider - ok
09:12:36.0973 3164 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:12:36.0990 3164 hpqcxs08 - ok
09:12:37.0019 3164 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:12:37.0033 3164 hpqddsvc - ok
09:12:37.0079 3164 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:12:37.0085 3164 HpSAMD - ok
09:12:37.0149 3164 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
09:12:37.0186 3164 HPSLPSVC - ok
09:12:37.0302 3164 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:12:37.0360 3164 HSF_DPV - ok
09:12:37.0408 3164 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:12:37.0427 3164 HSXHWAZL - ok
09:12:37.0521 3164 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:12:37.0581 3164 HTTP - ok
09:12:37.0629 3164 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:12:37.0652 3164 hwpolicy - ok
09:12:37.0714 3164 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:12:37.0721 3164 i8042prt - ok
09:12:37.0807 3164 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:12:37.0831 3164 iaStorV - ok
09:12:37.0913 3164 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:12:37.0956 3164 IDriverT - ok
09:12:38.0116 3164 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:12:38.0165 3164 idsvc - ok
09:12:38.0378 3164 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\IPSDefs\20120517.001\IDSvix86.sys
09:12:38.0427 3164 IDSVix86 - ok
09:12:38.0590 3164 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:12:38.0612 3164 iirsp - ok
09:12:38.0722 3164 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:12:38.0782 3164 IKEEXT - ok
09:12:38.0828 3164 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:12:38.0833 3164 intelide - ok
09:12:38.0886 3164 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:12:38.0891 3164 intelppm - ok
09:12:38.0926 3164 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:12:38.0956 3164 IPBusEnum - ok
09:12:39.0027 3164 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:12:39.0031 3164 IpFilterDriver - ok
09:12:39.0128 3164 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
09:12:39.0164 3164 iphlpsvc - ok
09:12:39.0199 3164 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:12:39.0205 3164 IPMIDRV - ok
09:12:39.0243 3164 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:12:39.0257 3164 IPNAT - ok
09:12:39.0386 3164 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
09:12:39.0451 3164 iPod Service - ok
09:12:39.0488 3164 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:12:39.0493 3164 IRENUM - ok
09:12:39.0538 3164 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:12:39.0544 3164 isapnp - ok
09:12:39.0584 3164 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:12:39.0635 3164 iScsiPrt - ok
09:12:39.0692 3164 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
09:12:39.0697 3164 kbdclass - ok
09:12:39.0725 3164 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
09:12:39.0730 3164 kbdhid - ok
09:12:39.0757 3164 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:39.0762 3164 KeyIso - ok
09:12:39.0782 3164 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
09:12:39.0803 3164 KSecDD - ok
09:12:39.0835 3164 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
09:12:39.0872 3164 KSecPkg - ok
09:12:39.0927 3164 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:12:39.0977 3164 KtmRm - ok
09:12:40.0045 3164 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:12:40.0064 3164 LanmanServer - ok
09:12:40.0118 3164 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:12:40.0160 3164 LanmanWorkstation - ok
09:12:40.0213 3164 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:12:40.0232 3164 lltdio - ok
09:12:40.0276 3164 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:12:40.0319 3164 lltdsvc - ok
09:12:40.0345 3164 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:12:40.0352 3164 lmhosts - ok
09:12:40.0393 3164 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:12:40.0406 3164 LSI_FC - ok
09:12:40.0426 3164 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:12:40.0441 3164 LSI_SAS - ok
09:12:40.0468 3164 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:12:40.0489 3164 LSI_SAS2 - ok
09:12:40.0562 3164 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:12:40.0576 3164 LSI_SCSI - ok
09:12:40.0620 3164 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:12:40.0634 3164 luafv - ok
09:12:40.0679 3164 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:12:40.0700 3164 Mcx2Svc - ok
09:12:40.0735 3164 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:12:40.0739 3164 mdmxsdk - ok
09:12:40.0761 3164 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:12:40.0767 3164 megasas - ok
09:12:40.0815 3164 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:12:40.0831 3164 MegaSR - ok
09:12:40.0868 3164 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:12:40.0896 3164 MMCSS - ok
09:12:40.0920 3164 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:12:40.0936 3164 Modem - ok
09:12:41.0003 3164 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:12:41.0017 3164 monitor - ok
09:12:41.0075 3164 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:12:41.0080 3164 mouclass - ok
09:12:41.0119 3164 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:12:41.0123 3164 mouhid - ok
09:12:41.0177 3164 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:12:41.0199 3164 mountmgr - ok
09:12:41.0284 3164 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:12:41.0297 3164 MozillaMaintenance - ok
09:12:41.0335 3164 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:12:41.0347 3164 mpio - ok
09:12:41.0393 3164 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:12:41.0413 3164 mpsdrv - ok
09:12:41.0491 3164 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
09:12:41.0539 3164 MpsSvc - ok
09:12:41.0598 3164 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:12:41.0637 3164 MRxDAV - ok
09:12:41.0683 3164 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:12:41.0730 3164 mrxsmb - ok
09:12:41.0806 3164 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:12:41.0850 3164 mrxsmb10 - ok
09:12:41.0877 3164 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:12:41.0889 3164 mrxsmb20 - ok
09:12:41.0921 3164 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:12:41.0926 3164 msahci - ok
09:12:41.0967 3164 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:12:41.0981 3164 msdsm - ok
09:12:42.0022 3164 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:12:42.0043 3164 MSDTC - ok
09:12:42.0098 3164 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:12:42.0103 3164 Msfs - ok
09:12:42.0143 3164 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:12:42.0147 3164 mshidkmdf - ok
09:12:42.0193 3164 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:12:42.0197 3164 msisadrv - ok
09:12:42.0249 3164 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:12:42.0296 3164 MSiSCSI - ok
09:12:42.0306 3164 msiserver - ok
09:12:42.0376 3164 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:12:42.0380 3164 MSKSSRV - ok
09:12:42.0426 3164 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:12:42.0430 3164 MSPCLOCK - ok
09:12:42.0446 3164 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:12:42.0468 3164 MSPQM - ok
09:12:42.0504 3164 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:12:42.0522 3164 MsRPC - ok
09:12:42.0561 3164 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
09:12:42.0567 3164 mssmbios - ok
09:12:42.0599 3164 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:12:42.0604 3164 MSTEE - ok
09:12:42.0654 3164 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:12:42.0659 3164 MTConfig - ok
09:12:42.0721 3164 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:12:42.0725 3164 Mup - ok
09:12:42.0830 3164 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:12:42.0856 3164 napagent - ok
09:12:42.0912 3164 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:12:42.0983 3164 NativeWifiP - ok
09:12:43.0421 3164 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
09:12:43.0449 3164 NAV - ok
09:12:43.0744 3164 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120517.023\NAVENG.SYS
09:12:43.0835 3164 NAVENG - ok
09:12:46.0618 3164 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120517.023\NAVEX15.SYS
09:12:46.0731 3164 NAVEX15 - ok
09:12:47.0051 3164 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:12:47.0120 3164 NDIS - ok
09:12:47.0196 3164 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:12:47.0217 3164 NdisCap - ok
09:12:47.0272 3164 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:12:47.0278 3164 NdisTapi - ok
09:12:47.0339 3164 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:12:47.0379 3164 Ndisuio - ok
09:12:47.0464 3164 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:12:47.0500 3164 NdisWan - ok
09:12:47.0553 3164 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:12:47.0577 3164 NDProxy - ok
09:12:47.0654 3164 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
09:12:47.0668 3164 Net Driver HPZ12 - ok
09:12:47.0751 3164 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:12:47.0772 3164 NetBIOS - ok
09:12:47.0825 3164 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:12:47.0872 3164 NetBT - ok
09:12:47.0934 3164 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:47.0943 3164 Netlogon - ok
09:12:48.0030 3164 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:12:48.0057 3164 Netman - ok
09:12:48.0120 3164 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:12:48.0152 3164 netprofm - ok
09:12:48.0265 3164 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:12:48.0296 3164 NetTcpPortSharing - ok
09:12:48.0342 3164 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:12:48.0358 3164 nfrd960 - ok
09:12:48.0417 3164 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:12:48.0440 3164 NlaSvc - ok
09:12:48.0486 3164 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:12:48.0492 3164 Npfs - ok
09:12:48.0564 3164 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:12:48.0585 3164 nsi - ok
09:12:48.0609 3164 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:12:48.0615 3164 nsiproxy - ok
09:12:48.0757 3164 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:12:48.0846 3164 Ntfs - ok
09:12:48.0896 3164 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:12:48.0907 3164 Null - ok
09:12:48.0941 3164 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:12:48.0954 3164 nvraid - ok
09:12:48.0978 3164 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:12:49.0000 3164 nvstor - ok
09:12:49.0051 3164 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:12:49.0065 3164 nv_agp - ok
09:12:49.0217 3164 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:12:49.0271 3164 odserv - ok
09:12:49.0314 3164 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:12:49.0320 3164 ohci1394 - ok
09:12:49.0418 3164 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:12:49.0461 3164 ose - ok
09:12:49.0533 3164 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:12:49.0557 3164 p2pimsvc - ok
09:12:49.0618 3164 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:12:49.0668 3164 p2psvc - ok
09:12:49.0707 3164 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:12:49.0715 3164 Parport - ok
09:12:49.0748 3164 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
09:12:49.0768 3164 partmgr - ok
09:12:49.0798 3164 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:12:49.0802 3164 Parvdm - ok
09:12:49.0840 3164 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:12:49.0893 3164 PcaSvc - ok
09:12:49.0970 3164 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:12:49.0981 3164 pci - ok
09:12:50.0086 3164 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:12:50.0106 3164 pciide - ok
09:12:50.0155 3164 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:12:50.0173 3164 pcmcia - ok
09:12:50.0266 3164 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:12:50.0289 3164 pcw - ok
09:12:50.0369 3164 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:12:50.0399 3164 PEAUTH - ok
09:12:50.0583 3164 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:12:50.0690 3164 pla - ok
09:12:50.0841 3164 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:12:50.0866 3164 PlugPlay - ok
09:12:50.0905 3164 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
09:12:50.0911 3164 Pml Driver HPZ12 - ok
09:12:50.0945 3164 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:12:50.0971 3164 PNRPAutoReg - ok
09:12:51.0020 3164 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:12:51.0031 3164 PNRPsvc - ok
09:12:51.0100 3164 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:12:51.0122 3164 PolicyAgent - ok
09:12:51.0187 3164 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:12:51.0208 3164 Power - ok
09:12:51.0279 3164 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:12:51.0303 3164 PptpMiniport - ok
09:12:51.0340 3164 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:12:51.0345 3164 Processor - ok
09:12:51.0413 3164 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
09:12:51.0432 3164 ProfSvc - ok
09:12:51.0465 3164 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:51.0471 3164 ProtectedStorage - ok
09:12:51.0516 3164 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:12:51.0529 3164 Psched - ok
09:12:51.0594 3164 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
09:12:51.0655 3164 PxHelp20 - ok
09:12:51.0799 3164 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:12:51.0872 3164 ql2300 - ok
09:12:52.0003 3164 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:12:52.0017 3164 ql40xx - ok
09:12:52.0065 3164 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:12:52.0116 3164 QWAVE - ok
09:12:52.0141 3164 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:12:52.0147 3164 QWAVEdrv - ok
09:12:52.0325 3164 R300 (8766b8f65459c37e20d525645e30e466) C:\Windows\system32\DRIVERS\atikmdag.sys
09:12:52.0432 3164 R300 - ok
09:12:52.0684 3164 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:12:52.0689 3164 RasAcd - ok
09:12:52.0732 3164 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:12:52.0738 3164 RasAgileVpn - ok
09:12:52.0774 3164 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:12:52.0821 3164 RasAuto - ok
09:12:52.0851 3164 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:12:52.0857 3164 Rasl2tp - ok
09:12:52.0938 3164 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:12:52.0997 3164 RasMan - ok
09:12:53.0035 3164 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:12:53.0041 3164 RasPppoe - ok
09:12:53.0066 3164 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:12:53.0072 3164 RasSstp - ok
09:12:53.0138 3164 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:12:53.0188 3164 rdbss - ok
09:12:53.0216 3164 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:12:53.0220 3164 rdpbus - ok
09:12:53.0273 3164 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:12:53.0295 3164 RDPCDD - ok
09:12:53.0342 3164 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:12:53.0346 3164 RDPENCDD - ok
09:12:53.0404 3164 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:12:53.0408 3164 RDPREFMP - ok
09:12:53.0458 3164 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
09:12:53.0503 3164 RDPWD - ok
09:12:53.0608 3164 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:12:53.0654 3164 rdyboost - ok
09:12:53.0696 3164 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:12:53.0719 3164 RemoteAccess - ok
09:12:53.0768 3164 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:12:53.0823 3164 RemoteRegistry - ok
09:12:54.0002 3164 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
09:12:54.0054 3164 rimmptsk - ok
09:12:54.0235 3164 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
09:12:54.0270 3164 rimsptsk - ok
09:12:54.0387 3164 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
09:12:54.0394 3164 rismxdp - ok
09:12:54.0813 3164 RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:12:54.0900 3164 RoxMediaDB9 - ok
09:12:54.0993 3164 RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
09:12:55.0012 3164 RoxWatch9 - ok
09:12:55.0067 3164 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:12:55.0078 3164 RpcEptMapper - ok
09:12:55.0117 3164 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:12:55.0135 3164 RpcLocator - ok
09:12:55.0217 3164 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:55.0232 3164 RpcSs - ok
09:12:55.0308 3164 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:12:55.0328 3164 rspndr - ok
09:12:55.0365 3164 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:55.0371 3164 SamSs - ok
09:12:55.0413 3164 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:12:55.0427 3164 sbp2port - ok
09:12:55.0473 3164 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:12:55.0520 3164 SCardSvr - ok
09:12:55.0582 3164 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:12:55.0587 3164 scfilter - ok
09:12:55.0826 3164 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:12:55.0872 3164 Schedule - ok
09:12:55.0919 3164 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:55.0922 3164 SCPolicySvc - ok
09:12:55.0973 3164 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
09:12:55.0987 3164 sdbus - ok
09:12:56.0020 3164 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:12:56.0040 3164 SDRSVC - ok
09:12:56.0079 3164 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:12:56.0085 3164 secdrv - ok
09:12:56.0114 3164 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:12:56.0140 3164 seclogon - ok
09:12:56.0179 3164 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:12:56.0188 3164 SENS - ok
09:12:56.0220 3164 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:12:56.0249 3164 SensrSvc - ok
09:12:56.0276 3164 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:12:56.0282 3164 Serenum - ok
09:12:56.0324 3164 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:12:56.0337 3164 Serial - ok
09:12:56.0377 3164 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:12:56.0387 3164 sermouse - ok
09:12:56.0492 3164 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:12:56.0544 3164 SessionEnv - ok
09:12:56.0565 3164 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:12:56.0574 3164 sffdisk - ok
09:12:56.0593 3164 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:12:56.0597 3164 sffp_mmc - ok
09:12:56.0618 3164 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:12:56.0625 3164 sffp_sd - ok
09:12:56.0684 3164 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:12:56.0720 3164 sfloppy - ok
09:12:56.0828 3164 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
09:12:56.0880 3164 SharedAccess - ok
09:12:56.0963 3164 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:12:56.0986 3164 ShellHWDetection - ok
09:12:57.0014 3164 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:12:57.0020 3164 sisagp - ok
09:12:57.0063 3164 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:12:57.0068 3164 SiSRaid2 - ok
09:12:57.0092 3164 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:12:57.0098 3164 SiSRaid4 - ok
09:12:57.0146 3164 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:12:57.0152 3164 Smb - ok
09:12:57.0214 3164 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:12:57.0239 3164 SNMPTRAP - ok
09:12:57.0284 3164 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:12:57.0289 3164 spldr - ok
09:12:57.0374 3164 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:12:57.0409 3164 Spooler - ok
09:12:57.0751 3164 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:12:57.0945 3164 sppsvc - ok
09:12:58.0081 3164 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:12:58.0092 3164 sppuinotify - ok
09:12:58.0224 3164 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\NAV\1307010.005\SRTSP.SYS
09:12:58.0283 3164 SRTSP - ok
09:12:58.0316 3164 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\NAV\1307010.005\SRTSPX.SYS
09:12:58.0340 3164 SRTSPX - ok
09:12:58.0403 3164 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:12:58.0452 3164 srv - ok
09:12:58.0507 3164 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:12:58.0556 3164 srv2 - ok
09:12:58.0584 3164 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:12:58.0623 3164 srvnet - ok
09:12:58.0691 3164 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:12:58.0710 3164 SSDPSRV - ok
09:12:58.0749 3164 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:12:58.0798 3164 SstpSvc - ok
09:12:58.0847 3164 STacSV (81693e83a44136327110237239a94f18) C:\Windows\System32\STacSV.exe
09:12:58.0869 3164 STacSV - ok
09:12:58.0910 3164 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:12:58.0934 3164 stexstor - ok
09:12:59.0015 3164 STHDA (ab2059ae6d9243c502c86824bc40439e) C:\Windows\system32\drivers\stwrt.sys
09:12:59.0077 3164 STHDA - ok
09:12:59.0161 3164 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
09:12:59.0210 3164 StillCam - ok
09:12:59.0310 3164 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:12:59.0346 3164 StiSvc - ok
09:12:59.0460 3164 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:12:59.0482 3164 stllssvr - ok
09:12:59.0526 3164 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
09:12:59.0531 3164 swenum - ok
09:12:59.0605 3164 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:12:59.0661 3164 swprv - ok
09:12:59.0772 3164 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NAV\1307010.005\SYMDS.SYS
09:12:59.0818 3164 SymDS - ok
09:12:59.0930 3164 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\NAV\1307010.005\SYMEFA.SYS
09:12:59.0988 3164 SymEFA - ok
09:13:00.0059 3164 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS
09:13:00.0072 3164 SymEvent - ok
09:13:00.0114 3164 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\NAV\1307010.005\Ironx86.SYS
09:13:00.0160 3164 SymIRON - ok
09:13:00.0207 3164 SymNetS (3ee215d6fe821e3edf0f7134d9ae905a) C:\Windows\System32\Drivers\NAV\1307010.005\SYMNETS.SYS
09:13:00.0255 3164 SymNetS - ok
09:13:00.0326 3164 SynTP (1f5192248a364d4ab68db063d18a2139) C:\Windows\system32\DRIVERS\SynTP.sys
09:13:00.0380 3164 SynTP - ok
09:13:00.0512 3164 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:13:00.0589 3164 SysMain - ok
09:13:00.0648 3164 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:13:00.0660 3164 TabletInputService - ok
09:13:00.0728 3164 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:13:00.0779 3164 TapiSrv - ok
09:13:00.0827 3164 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:13:00.0856 3164 TBS - ok
09:13:01.0027 3164 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
09:13:01.0122 3164 Tcpip - ok
09:13:01.0190 3164 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
09:13:01.0214 3164 TCPIP6 - ok
09:13:01.0292 3164 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:13:01.0313 3164 tcpipreg - ok
09:13:01.0392 3164 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:13:01.0404 3164 TDPIPE - ok
09:13:01.0454 3164 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:13:01.0475 3164 TDTCP - ok
09:13:01.0526 3164 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:13:01.0545 3164 tdx - ok
09:13:01.0586 3164 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
09:13:01.0591 3164 TermDD - ok
09:13:01.0693 3164 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:13:01.0735 3164 TermService - ok
09:13:01.0779 3164 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:13:01.0792 3164 Themes - ok
09:13:01.0829 3164 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:13:01.0837 3164 THREADORDER - ok
09:13:01.0878 3164 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:13:01.0889 3164 TrkWks - ok
09:13:02.0092 3164 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:13:02.0124 3164 TrustedInstaller - ok
09:13:02.0210 3164 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:13:02.0253 3164 tssecsrv - ok
09:13:02.0334 3164 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:13:02.0359 3164 TsUsbFlt - ok
09:13:02.0435 3164 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:13:02.0449 3164 tunnel - ok
09:13:02.0495 3164 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:13:02.0500 3164 uagp35 - ok
09:13:02.0569 3164 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:13:02.0587 3164 udfs - ok
09:13:02.0640 3164 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:13:02.0683 3164 UI0Detect - ok
09:13:02.0721 3164 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:13:02.0728 3164 uliagpkx - ok
09:13:02.0749 3164 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
09:13:02.0755 3164 umbus - ok
09:13:02.0804 3164 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:13:02.0827 3164 UmPass - ok
09:13:02.0889 3164 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:13:02.0913 3164 upnphost - ok
09:13:02.0974 3164 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
09:13:02.0998 3164 USBAAPL - ok
09:13:03.0039 3164 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:13:03.0059 3164 usbccgp - ok
09:13:03.0116 3164 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:13:03.0131 3164 usbcir - ok
09:13:03.0172 3164 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
09:13:03.0193 3164 usbehci - ok
09:13:03.0255 3164 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:13:03.0305 3164 usbhub - ok
09:13:03.0339 3164 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
09:13:03.0357 3164 usbohci - ok
09:13:03.0397 3164 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:13:03.0402 3164 usbprint - ok
09:13:03.0437 3164 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
09:13:03.0462 3164 usbscan - ok
09:13:03.0500 3164 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:13:03.0507 3164 USBSTOR - ok
09:13:03.0551 3164 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
09:13:03.0572 3164 usbuhci - ok
09:13:03.0611 3164 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:13:03.0622 3164 UxSms - ok
09:13:03.0658 3164 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:03.0666 3164 VaultSvc - ok
09:13:03.0702 3164 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:13:03.0708 3164 vdrvroot - ok
09:13:03.0835 3164 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:13:03.0904 3164 vds - ok
09:13:03.0973 3164 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:13:03.0998 3164 vga - ok
09:13:04.0030 3164 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:13:04.0034 3164 VgaSave - ok
09:13:04.0084 3164 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:13:04.0105 3164 vhdmp - ok
09:13:04.0150 3164 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:13:04.0156 3164 viaagp - ok
09:13:04.0199 3164 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:13:04.0204 3164 ViaC7 - ok
09:13:04.0228 3164 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:13:04.0233 3164 viaide - ok
09:13:04.0259 3164 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:13:04.0266 3164 volmgr - ok
09:13:04.0332 3164 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:13:04.0357 3164 volmgrx - ok
09:13:04.0401 3164 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:13:04.0418 3164 volsnap - ok
09:13:04.
Back to top
View user's profile Send private message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Fri May 18, 2012 8:57 am    Post subject: Reply with quote

I am having problems with firefox, which is the main browser that I use. Here are the logs that you requested. I will also be going away this weekend and will not be able to respond to your next post until monday. thanks for your help so far


All processes killed
========== PROCESSES ==========
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-2215074468-3965224828-2189432076-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
C:\Program Files\BAE\BAE.dll moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{954dfd84-9ff5-11df-b2a1-00188bb4d48a}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5654787-df85-11de-9e64-00188bb4d48a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5654787-df85-11de-9e64-00188bb4d48a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5654787-df85-11de-9e64-00188bb4d48a}\ not found.
File "F:\WD SmartWare.exe" autoplay=true not found.
========== FILES ==========
C:\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config folder moved successfully.
C:\Users\Owner\AppData\Roaming\StreamTorrent\1.0 folder moved successfully.
C:\Users\Owner\AppData\Roaming\StreamTorrent folder moved successfully.
C:\Windows\hpomdl43.dat.temp moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Downloads\cmd.bat deleted successfully.
C:\Users\Owner\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Owner
->Temp folder emptied: 3361615397 bytes
->Temporary Internet Files folder emptied: 4870440 bytes
->Java cache emptied: 850632 bytes
->FireFox cache emptied: 170475387 bytes
->Google Chrome cache emptied: 7936162 bytes
->Flash cache emptied: 1999122 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128357369 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,506.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05182012_083549

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\HPV8C1E.tmp.vdf moved successfully.
C:\Users\Owner\AppData\Local\Temp\HPV8C2F.tmp.vdf moved successfully.
C:\Users\Owner\AppData\Local\Temp\HPV8EA0.tmp.vdf moved successfully.
C:\Users\Owner\AppData\Local\Temp\HPVB087.tmp.vdf moved successfully.

Registry entries deleted on Reboot...





09:11:41.0726 4804 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
09:11:42.0876 4804 ============================================================
09:11:42.0876 4804 Current date / time: 2012/05/18 09:11:42.0876
09:11:42.0876 4804 SystemInfo:
09:11:42.0876 4804
09:11:42.0877 4804 OS Version: 6.1.7601 ServicePack: 1.0
09:11:42.0877 4804 Product type: Workstation
09:11:42.0877 4804 ComputerName: OWNER-PC
09:11:42.0877 4804 UserName: Owner
09:11:42.0878 4804 Windows directory: C:\Windows
09:11:42.0878 4804 System windows directory: C:\Windows
09:11:42.0878 4804 Processor architecture: Intel x86
09:11:42.0878 4804 Number of processors: 2
09:11:42.0878 4804 Page size: 0x1000
09:11:42.0878 4804 Boot type: Normal boot
09:11:42.0878 4804 ============================================================
09:11:45.0517 4804 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:11:45.0524 4804 ============================================================
09:11:45.0524 4804 \Device\Harddisk0\DR0:
09:11:45.0538 4804 MBR partitions:
09:11:45.0538 4804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
09:11:45.0538 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x7CF7000
09:11:45.0581 4804 ============================================================
09:11:45.0628 4804 C: <-> \Device\Harddisk0\DR0\Partition1
09:11:45.0659 4804 D: <-> \Device\Harddisk0\DR0\Partition0
09:11:45.0660 4804 ============================================================
09:11:45.0660 4804 Initialize success
09:11:45.0660 4804 ============================================================
09:12:20.0547 3164 ============================================================
09:12:20.0548 3164 Scan started
09:12:20.0548 3164 Mode: Manual;
09:12:20.0548 3164 ============================================================
09:12:23.0584 3164 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:12:23.0631 3164 1394ohci - ok
09:12:23.0683 3164 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:12:23.0716 3164 ACPI - ok
09:12:23.0748 3164 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:12:23.0775 3164 AcpiPmi - ok
09:12:23.0923 3164 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:12:23.0944 3164 AdobeFlashPlayerUpdateSvc - ok
09:12:24.0077 3164 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:12:24.0156 3164 adp94xx - ok
09:12:24.0214 3164 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:12:24.0238 3164 adpahci - ok
09:12:24.0263 3164 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:12:24.0283 3164 adpu320 - ok
09:12:24.0324 3164 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:12:24.0328 3164 AeLookupSvc - ok
09:12:24.0423 3164 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:12:24.0484 3164 AFD - ok
09:12:24.0542 3164 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:12:24.0577 3164 agp440 - ok
09:12:24.0632 3164 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:12:24.0651 3164 aic78xx - ok
09:12:24.0706 3164 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:12:24.0723 3164 ALG - ok
09:12:24.0748 3164 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:12:24.0753 3164 aliide - ok
09:12:24.0777 3164 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:12:24.0801 3164 amdagp - ok
09:12:24.0824 3164 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:12:24.0829 3164 amdide - ok
09:12:24.0875 3164 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:12:24.0898 3164 AmdK8 - ok
09:12:24.0927 3164 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:12:24.0931 3164 AmdPPM - ok
09:12:24.0976 3164 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:12:24.0995 3164 amdsata - ok
09:12:25.0047 3164 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:12:25.0060 3164 amdsbs - ok
09:12:25.0084 3164 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:12:25.0111 3164 amdxata - ok
09:12:25.0170 3164 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:12:25.0190 3164 AppID - ok
09:12:25.0235 3164 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:12:25.0271 3164 AppIDSvc - ok
09:12:25.0498 3164 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:12:25.0501 3164 Appinfo - ok
09:12:25.0717 3164 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:12:25.0723 3164 Apple Mobile Device - ok
09:12:25.0770 3164 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:12:25.0784 3164 arc - ok
09:12:25.0810 3164 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:12:25.0824 3164 arcsas - ok
09:12:25.0853 3164 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:12:25.0857 3164 AsyncMac - ok
09:12:25.0900 3164 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:12:25.0902 3164 atapi - ok
09:12:25.0971 3164 Ati External Event Utility (796f5a6263404c0fc473adcad61f2788) C:\Windows\system32\Ati2evxx.exe
09:12:26.0014 3164 Ati External Event Utility - ok
09:12:26.0115 3164 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:26.0159 3164 AudioEndpointBuilder - ok
09:12:26.0181 3164 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:26.0190 3164 Audiosrv - ok
09:12:26.0255 3164 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:12:26.0320 3164 AxInstSV - ok
09:12:26.0551 3164 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:12:26.0611 3164 b06bdrv - ok
09:12:26.0672 3164 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:12:26.0690 3164 b57nd60x - ok
09:12:26.0847 3164 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys
09:12:26.0939 3164 BCM43XX - ok
09:12:26.0990 3164 bcm4sbxp (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
09:12:27.0029 3164 bcm4sbxp - ok
09:12:27.0060 3164 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:12:27.0094 3164 BDESVC - ok
09:12:27.0168 3164 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:12:27.0175 3164 Beep - ok
09:12:27.0268 3164 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
09:12:27.0295 3164 BFE - ok
09:12:27.0563 3164 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\BASHDefs\20120507.001\BHDrvx86.sys
09:12:27.0639 3164 BHDrvx86 - ok
09:12:27.0720 3164 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:12:27.0794 3164 BITS - ok
09:12:27.0855 3164 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:12:27.0859 3164 blbdrive - ok
09:12:28.0060 3164 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
09:12:28.0082 3164 Bonjour Service - ok
09:12:28.0129 3164 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:12:28.0147 3164 bowser - ok
09:12:28.0246 3164 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:12:28.0288 3164 BrFiltLo - ok
09:12:28.0328 3164 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:12:28.0332 3164 BrFiltUp - ok
09:12:28.0388 3164 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:12:28.0402 3164 Browser - ok
09:12:28.0441 3164 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:12:28.0458 3164 Brserid - ok
09:12:28.0493 3164 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:12:28.0498 3164 BrSerWdm - ok
09:12:28.0551 3164 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:12:28.0555 3164 BrUsbMdm - ok
09:12:28.0597 3164 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:12:28.0601 3164 BrUsbSer - ok
09:12:28.0622 3164 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:12:28.0627 3164 BTHMODEM - ok
09:12:28.0685 3164 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:12:28.0704 3164 bthserv - ok
09:12:28.0788 3164 ccSet_NAV (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\NAV\1307010.005\ccSetx86.sys
09:12:28.0826 3164 ccSet_NAV - ok
09:12:28.0876 3164 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:12:28.0882 3164 cdfs - ok
09:12:28.0950 3164 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:12:28.0988 3164 cdrom - ok
09:12:29.0040 3164 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:29.0060 3164 CertPropSvc - ok
09:12:29.0106 3164 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:12:29.0111 3164 circlass - ok
09:12:29.0169 3164 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:12:29.0213 3164 CLFS - ok
09:12:29.0313 3164 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:12:29.0338 3164 clr_optimization_v2.0.50727_32 - ok
09:12:29.0438 3164 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:12:29.0490 3164 clr_optimization_v4.0.30319_32 - ok
09:12:29.0509 3164 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:12:29.0526 3164 CmBatt - ok
09:12:29.0568 3164 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:12:29.0572 3164 cmdide - ok
09:12:29.0719 3164 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
09:12:29.0786 3164 CNG - ok
09:12:29.0823 3164 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:12:29.0827 3164 Compbatt - ok
09:12:29.0866 3164 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
09:12:29.0870 3164 CompositeBus - ok
09:12:29.0889 3164 COMSysApp - ok
09:12:29.0920 3164 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:12:29.0924 3164 crcdisk - ok
09:12:29.0986 3164 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
09:12:30.0000 3164 CryptSvc - ok
09:12:30.0084 3164 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:30.0130 3164 DcomLaunch - ok
09:12:30.0176 3164 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:12:30.0218 3164 defragsvc - ok
09:12:30.0277 3164 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:12:30.0302 3164 DfsC - ok
09:12:30.0385 3164 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:12:30.0404 3164 Dhcp - ok
09:12:30.0444 3164 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:12:30.0449 3164 discache - ok
09:12:30.0496 3164 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:12:30.0501 3164 Disk - ok
09:12:30.0558 3164 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\Windows\system32\DLA\DLABMFSM.SYS
09:12:30.0593 3164 DLABMFSM - ok
09:12:30.0756 3164 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\Windows\system32\DLA\DLABOIOM.SYS
09:12:30.0827 3164 DLABOIOM - ok
09:12:30.0889 3164 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\Windows\system32\DLA\DLADResM.SYS
09:12:30.0903 3164 DLADResM - ok
09:12:31.0007 3164 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\Windows\system32\DLA\DLAIFS_M.SYS
09:12:31.0058 3164 DLAIFS_M - ok
09:12:31.0095 3164 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\Windows\system32\DLA\DLAOPIOM.SYS
09:12:31.0100 3164 DLAOPIOM - ok
09:12:31.0156 3164 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\Windows\system32\DLA\DLAPoolM.SYS
09:12:31.0165 3164 DLAPoolM - ok
09:12:31.0262 3164 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\Windows\system32\Drivers\DLARTL_M.SYS
09:12:31.0272 3164 DLARTL_M - ok
09:12:31.0407 3164 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\Windows\system32\DLA\DLAUDFAM.SYS
09:12:31.0424 3164 DLAUDFAM - ok
09:12:31.0496 3164 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\Windows\system32\DLA\DLAUDF_M.SYS
09:12:31.0511 3164 DLAUDF_M - ok
09:12:31.0559 3164 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
09:12:31.0593 3164 Dnscache - ok
09:12:31.0652 3164 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:12:31.0704 3164 dot3svc - ok
09:12:31.0775 3164 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
09:12:31.0813 3164 Dot4 - ok
09:12:31.0851 3164 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:12:31.0872 3164 Dot4Print - ok
09:12:31.0901 3164 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
09:12:31.0921 3164 dot4usb - ok
09:12:31.0973 3164 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:12:31.0985 3164 DPS - ok
09:12:32.0025 3164 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:12:32.0030 3164 drmkaud - ok
09:12:32.0080 3164 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\Windows\system32\Drivers\DRVMCDB.SYS
09:12:32.0120 3164 DRVMCDB - ok
09:12:32.0142 3164 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\Windows\system32\Drivers\DRVNDDM.SYS
09:12:32.0148 3164 DRVNDDM - ok
09:12:32.0216 3164 DSBrokerService (01d5b95d0a12a916bbdc258629113258) C:\Program Files\DellSupport\brkrsvc.exe
09:12:32.0238 3164 DSBrokerService - ok
09:12:32.0272 3164 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
09:12:32.0296 3164 DSproct - ok
09:12:32.0320 3164 dsunidrv (64fa28c15dd71a80bef3527e1ef07df6) C:\Program Files\DellSupport\Drivers\dsunidrv.sys
09:12:32.0339 3164 dsunidrv - ok
09:12:32.0451 3164 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:12:32.0516 3164 DXGKrnl - ok
09:12:32.0571 3164 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:12:32.0586 3164 EapHost - ok
09:12:32.0881 3164 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:12:33.0023 3164 ebdrv - ok
09:12:33.0125 3164 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:12:33.0181 3164 eeCtrl - ok
09:12:33.0284 3164 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:12:33.0290 3164 EFS - ok
09:12:33.0502 3164 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:12:33.0587 3164 ehRecvr - ok
09:12:33.0633 3164 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:12:33.0689 3164 ehSched - ok
09:12:33.0782 3164 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:12:33.0826 3164 elxstor - ok
09:12:33.0933 3164 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:12:33.0988 3164 EraserUtilRebootDrv - ok
09:12:34.0012 3164 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:12:34.0018 3164 ErrDev - ok
09:12:34.0083 3164 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:12:34.0100 3164 EventSystem - ok
09:12:34.0164 3164 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:12:34.0185 3164 exfat - ok
09:12:34.0273 3164 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:12:34.0296 3164 fastfat - ok
09:12:34.0589 3164 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:12:34.0672 3164 Fax - ok
09:12:34.0696 3164 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:12:34.0728 3164 fdc - ok
09:12:34.0782 3164 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:12:34.0786 3164 fdPHost - ok
09:12:34.0813 3164 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:12:34.0854 3164 FDResPub - ok
09:12:34.0923 3164 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:12:34.0941 3164 FileInfo - ok
09:12:34.0961 3164 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:12:34.0967 3164 Filetrace - ok
09:12:34.0983 3164 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:12:34.0988 3164 flpydisk - ok
09:12:35.0078 3164 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:12:35.0093 3164 FltMgr - ok
09:12:35.0193 3164 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:12:35.0232 3164 FontCache - ok
09:12:35.0314 3164 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:12:35.0331 3164 FontCache3.0.0.0 - ok
09:12:35.0359 3164 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:12:35.0364 3164 FsDepends - ok
09:12:35.0392 3164 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:12:35.0414 3164 Fs_Rec - ok
09:12:35.0498 3164 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:12:35.0556 3164 fvevol - ok
09:12:35.0616 3164 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:12:35.0621 3164 gagp30kx - ok
09:12:35.0672 3164 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:12:35.0692 3164 GEARAspiWDM - ok
09:12:35.0784 3164 GoogleDesktopManager (51e92d44f20a241d3e352a1f6e76ac98) C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
09:12:35.0809 3164 GoogleDesktopManager - ok
09:12:35.0959 3164 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:12:36.0010 3164 gpsvc - ok
09:12:36.0118 3164 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:36.0157 3164 gupdate - ok
09:12:36.0177 3164 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:36.0184 3164 gupdatem - ok
09:12:36.0253 3164 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:12:36.0276 3164 hcw85cir - ok
09:12:36.0317 3164 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
09:12:36.0366 3164 HDAudBus - ok
09:12:36.0414 3164 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:12:36.0419 3164 HidBatt - ok
09:12:36.0447 3164 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:12:36.0461 3164 HidBth - ok
09:12:36.0506 3164 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:12:36.0510 3164 HidIr - ok
09:12:36.0547 3164 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:12:36.0574 3164 hidserv - ok
09:12:36.0624 3164 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:12:36.0630 3164 HidUsb - ok
09:12:36.0682 3164 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:12:36.0710 3164 hkmsvc - ok
09:12:36.0762 3164 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:12:36.0781 3164 HomeGroupListener - ok
09:12:36.0836 3164 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:12:36.0856 3164 HomeGroupProvider - ok
09:12:36.0973 3164 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:12:36.0990 3164 hpqcxs08 - ok
09:12:37.0019 3164 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:12:37.0033 3164 hpqddsvc - ok
09:12:37.0079 3164 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:12:37.0085 3164 HpSAMD - ok
09:12:37.0149 3164 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
09:12:37.0186 3164 HPSLPSVC - ok
09:12:37.0302 3164 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:12:37.0360 3164 HSF_DPV - ok
09:12:37.0408 3164 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:12:37.0427 3164 HSXHWAZL - ok
09:12:37.0521 3164 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:12:37.0581 3164 HTTP - ok
09:12:37.0629 3164 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:12:37.0652 3164 hwpolicy - ok
09:12:37.0714 3164 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:12:37.0721 3164 i8042prt - ok
09:12:37.0807 3164 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:12:37.0831 3164 iaStorV - ok
09:12:37.0913 3164 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:12:37.0956 3164 IDriverT - ok
09:12:38.0116 3164 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:12:38.0165 3164 idsvc - ok
09:12:38.0378 3164 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\IPSDefs\20120517.001\IDSvix86.sys
09:12:38.0427 3164 IDSVix86 - ok
09:12:38.0590 3164 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:12:38.0612 3164 iirsp - ok
09:12:38.0722 3164 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:12:38.0782 3164 IKEEXT - ok
09:12:38.0828 3164 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:12:38.0833 3164 intelide - ok
09:12:38.0886 3164 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:12:38.0891 3164 intelppm - ok
09:12:38.0926 3164 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:12:38.0956 3164 IPBusEnum - ok
09:12:39.0027 3164 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:12:39.0031 3164 IpFilterDriver - ok
09:12:39.0128 3164 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
09:12:39.0164 3164 iphlpsvc - ok
09:12:39.0199 3164 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:12:39.0205 3164 IPMIDRV - ok
09:12:39.0243 3164 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:12:39.0257 3164 IPNAT - ok
09:12:39.0386 3164 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
09:12:39.0451 3164 iPod Service - ok
09:12:39.0488 3164 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:12:39.0493 3164 IRENUM - ok
09:12:39.0538 3164 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:12:39.0544 3164 isapnp - ok
09:12:39.0584 3164 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:12:39.0635 3164 iScsiPrt - ok
09:12:39.0692 3164 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
09:12:39.0697 3164 kbdclass - ok
09:12:39.0725 3164 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
09:12:39.0730 3164 kbdhid - ok
09:12:39.0757 3164 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:39.0762 3164 KeyIso - ok
09:12:39.0782 3164 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
09:12:39.0803 3164 KSecDD - ok
09:12:39.0835 3164 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
09:12:39.0872 3164 KSecPkg - ok
09:12:39.0927 3164 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:12:39.0977 3164 KtmRm - ok
09:12:40.0045 3164 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:12:40.0064 3164 LanmanServer - ok
09:12:40.0118 3164 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:12:40.0160 3164 LanmanWorkstation - ok
09:12:40.0213 3164 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:12:40.0232 3164 lltdio - ok
09:12:40.0276 3164 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:12:40.0319 3164 lltdsvc - ok
09:12:40.0345 3164 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:12:40.0352 3164 lmhosts - ok
09:12:40.0393 3164 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:12:40.0406 3164 LSI_FC - ok
09:12:40.0426 3164 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:12:40.0441 3164 LSI_SAS - ok
09:12:40.0468 3164 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:12:40.0489 3164 LSI_SAS2 - ok
09:12:40.0562 3164 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:12:40.0576 3164 LSI_SCSI - ok
09:12:40.0620 3164 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:12:40.0634 3164 luafv - ok
09:12:40.0679 3164 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:12:40.0700 3164 Mcx2Svc - ok
09:12:40.0735 3164 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:12:40.0739 3164 mdmxsdk - ok
09:12:40.0761 3164 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:12:40.0767 3164 megasas - ok
09:12:40.0815 3164 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:12:40.0831 3164 MegaSR - ok
09:12:40.0868 3164 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:12:40.0896 3164 MMCSS - ok
09:12:40.0920 3164 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:12:40.0936 3164 Modem - ok
09:12:41.0003 3164 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:12:41.0017 3164 monitor - ok
09:12:41.0075 3164 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:12:41.0080 3164 mouclass - ok
09:12:41.0119 3164 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:12:41.0123 3164 mouhid - ok
09:12:41.0177 3164 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:12:41.0199 3164 mountmgr - ok
09:12:41.0284 3164 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:12:41.0297 3164 MozillaMaintenance - ok
09:12:41.0335 3164 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:12:41.0347 3164 mpio - ok
09:12:41.0393 3164 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:12:41.0413 3164 mpsdrv - ok
09:12:41.0491 3164 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
09:12:41.0539 3164 MpsSvc - ok
09:12:41.0598 3164 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:12:41.0637 3164 MRxDAV - ok
09:12:41.0683 3164 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:12:41.0730 3164 mrxsmb - ok
09:12:41.0806 3164 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:12:41.0850 3164 mrxsmb10 - ok
09:12:41.0877 3164 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:12:41.0889 3164 mrxsmb20 - ok
09:12:41.0921 3164 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:12:41.0926 3164 msahci - ok
09:12:41.0967 3164 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:12:41.0981 3164 msdsm - ok
09:12:42.0022 3164 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:12:42.0043 3164 MSDTC - ok
09:12:42.0098 3164 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:12:42.0103 3164 Msfs - ok
09:12:42.0143 3164 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:12:42.0147 3164 mshidkmdf - ok
09:12:42.0193 3164 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:12:42.0197 3164 msisadrv - ok
09:12:42.0249 3164 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:12:42.0296 3164 MSiSCSI - ok
09:12:42.0306 3164 msiserver - ok
09:12:42.0376 3164 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:12:42.0380 3164 MSKSSRV - ok
09:12:42.0426 3164 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:12:42.0430 3164 MSPCLOCK - ok
09:12:42.0446 3164 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:12:42.0468 3164 MSPQM - ok
09:12:42.0504 3164 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:12:42.0522 3164 MsRPC - ok
09:12:42.0561 3164 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
09:12:42.0567 3164 mssmbios - ok
09:12:42.0599 3164 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:12:42.0604 3164 MSTEE - ok
09:12:42.0654 3164 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:12:42.0659 3164 MTConfig - ok
09:12:42.0721 3164 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:12:42.0725 3164 Mup - ok
09:12:42.0830 3164 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:12:42.0856 3164 napagent - ok
09:12:42.0912 3164 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:12:42.0983 3164 NativeWifiP - ok
09:12:43.0421 3164 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
09:12:43.0449 3164 NAV - ok
09:12:43.0744 3164 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120517.023\NAVENG.SYS
09:12:43.0835 3164 NAVENG - ok
09:12:46.0618 3164 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120517.023\NAVEX15.SYS
09:12:46.0731 3164 NAVEX15 - ok
09:12:47.0051 3164 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:12:47.0120 3164 NDIS - ok
09:12:47.0196 3164 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:12:47.0217 3164 NdisCap - ok
09:12:47.0272 3164 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:12:47.0278 3164 NdisTapi - ok
09:12:47.0339 3164 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:12:47.0379 3164 Ndisuio - ok
09:12:47.0464 3164 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:12:47.0500 3164 NdisWan - ok
09:12:47.0553 3164 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:12:47.0577 3164 NDProxy - ok
09:12:47.0654 3164 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
09:12:47.0668 3164 Net Driver HPZ12 - ok
09:12:47.0751 3164 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:12:47.0772 3164 NetBIOS - ok
09:12:47.0825 3164 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:12:47.0872 3164 NetBT - ok
09:12:47.0934 3164 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:47.0943 3164 Netlogon - ok
09:12:48.0030 3164 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:12:48.0057 3164 Netman - ok
09:12:48.0120 3164 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:12:48.0152 3164 netprofm - ok
09:12:48.0265 3164 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:12:48.0296 3164 NetTcpPortSharing - ok
09:12:48.0342 3164 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:12:48.0358 3164 nfrd960 - ok
09:12:48.0417 3164 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:12:48.0440 3164 NlaSvc - ok
09:12:48.0486 3164 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:12:48.0492 3164 Npfs - ok
09:12:48.0564 3164 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:12:48.0585 3164 nsi - ok
09:12:48.0609 3164 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:12:48.0615 3164 nsiproxy - ok
09:12:48.0757 3164 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:12:48.0846 3164 Ntfs - ok
09:12:48.0896 3164 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:12:48.0907 3164 Null - ok
09:12:48.0941 3164 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:12:48.0954 3164 nvraid - ok
09:12:48.0978 3164 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:12:49.0000 3164 nvstor - ok
09:12:49.0051 3164 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:12:49.0065 3164 nv_agp - ok
09:12:49.0217 3164 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:12:49.0271 3164 odserv - ok
09:12:49.0314 3164 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:12:49.0320 3164 ohci1394 - ok
09:12:49.0418 3164 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:12:49.0461 3164 ose - ok
09:12:49.0533 3164 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:12:49.0557 3164 p2pimsvc - ok
09:12:49.0618 3164 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:12:49.0668 3164 p2psvc - ok
09:12:49.0707 3164 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:12:49.0715 3164 Parport - ok
09:12:49.0748 3164 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
09:12:49.0768 3164 partmgr - ok
09:12:49.0798 3164 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:12:49.0802 3164 Parvdm - ok
09:12:49.0840 3164 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:12:49.0893 3164 PcaSvc - ok
09:12:49.0970 3164 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:12:49.0981 3164 pci - ok
09:12:50.0086 3164 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:12:50.0106 3164 pciide - ok
09:12:50.0155 3164 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:12:50.0173 3164 pcmcia - ok
09:12:50.0266 3164 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:12:50.0289 3164 pcw - ok
09:12:50.0369 3164 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:12:50.0399 3164 PEAUTH - ok
09:12:50.0583 3164 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:12:50.0690 3164 pla - ok
09:12:50.0841 3164 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:12:50.0866 3164 PlugPlay - ok
09:12:50.0905 3164 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
09:12:50.0911 3164 Pml Driver HPZ12 - ok
09:12:50.0945 3164 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:12:50.0971 3164 PNRPAutoReg - ok
09:12:51.0020 3164 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:12:51.0031 3164 PNRPsvc - ok
09:12:51.0100 3164 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:12:51.0122 3164 PolicyAgent - ok
09:12:51.0187 3164 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:12:51.0208 3164 Power - ok
09:12:51.0279 3164 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:12:51.0303 3164 PptpMiniport - ok
09:12:51.0340 3164 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:12:51.0345 3164 Processor - ok
09:12:51.0413 3164 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
09:12:51.0432 3164 ProfSvc - ok
09:12:51.0465 3164 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:51.0471 3164 ProtectedStorage - ok
09:12:51.0516 3164 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:12:51.0529 3164 Psched - ok
09:12:51.0594 3164 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
09:12:51.0655 3164 PxHelp20 - ok
09:12:51.0799 3164 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:12:51.0872 3164 ql2300 - ok
09:12:52.0003 3164 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:12:52.0017 3164 ql40xx - ok
09:12:52.0065 3164 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:12:52.0116 3164 QWAVE - ok
09:12:52.0141 3164 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:12:52.0147 3164 QWAVEdrv - ok
09:12:52.0325 3164 R300 (8766b8f65459c37e20d525645e30e466) C:\Windows\system32\DRIVERS\atikmdag.sys
09:12:52.0432 3164 R300 - ok
09:12:52.0684 3164 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:12:52.0689 3164 RasAcd - ok
09:12:52.0732 3164 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:12:52.0738 3164 RasAgileVpn - ok
09:12:52.0774 3164 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:12:52.0821 3164 RasAuto - ok
09:12:52.0851 3164 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:12:52.0857 3164 Rasl2tp - ok
09:12:52.0938 3164 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:12:52.0997 3164 RasMan - ok
09:12:53.0035 3164 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:12:53.0041 3164 RasPppoe - ok
09:12:53.0066 3164 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:12:53.0072 3164 RasSstp - ok
09:12:53.0138 3164 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:12:53.0188 3164 rdbss - ok
09:12:53.0216 3164 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:12:53.0220 3164 rdpbus - ok
09:12:53.0273 3164 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:12:53.0295 3164 RDPCDD - ok
09:12:53.0342 3164 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:12:53.0346 3164 RDPENCDD - ok
09:12:53.0404 3164 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:12:53.0408 3164 RDPREFMP - ok
09:12:53.0458 3164 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
09:12:53.0503 3164 RDPWD - ok
09:12:53.0608 3164 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:12:53.0654 3164 rdyboost - ok
09:12:53.0696 3164 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:12:53.0719 3164 RemoteAccess - ok
09:12:53.0768 3164 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:12:53.0823 3164 RemoteRegistry - ok
09:12:54.0002 3164 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
09:12:54.0054 3164 rimmptsk - ok
09:12:54.0235 3164 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
09:12:54.0270 3164 rimsptsk - ok
09:12:54.0387 3164 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
09:12:54.0394 3164 rismxdp - ok
09:12:54.0813 3164 RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:12:54.0900 3164 RoxMediaDB9 - ok
09:12:54.0993 3164 RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
09:12:55.0012 3164 RoxWatch9 - ok
09:12:55.0067 3164 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:12:55.0078 3164 RpcEptMapper - ok
09:12:55.0117 3164 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:12:55.0135 3164 RpcLocator - ok
09:12:55.0217 3164 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:55.0232 3164 RpcSs - ok
09:12:55.0308 3164 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:12:55.0328 3164 rspndr - ok
09:12:55.0365 3164 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:55.0371 3164 SamSs - ok
09:12:55.0413 3164 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:12:55.0427 3164 sbp2port - ok
09:12:55.0473 3164 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:12:55.0520 3164 SCardSvr - ok
09:12:55.0582 3164 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:12:55.0587 3164 scfilter - ok
09:12:55.0826 3164 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:12:55.0872 3164 Schedule - ok
09:12:55.0919 3164 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:55.0922 3164 SCPolicySvc - ok
09:12:55.0973 3164 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
09:12:55.0987 3164 sdbus - ok
09:12:56.0020 3164 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:12:56.0040 3164 SDRSVC - ok
09:12:56.0079 3164 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:12:56.0085 3164 secdrv - ok
09:12:56.0114 3164 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:12:56.0140 3164 seclogon - ok
09:12:56.0179 3164 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:12:56.0188 3164 SENS - ok
09:12:56.0220 3164 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:12:56.0249 3164 SensrSvc - ok
09:12:56.0276 3164 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:12:56.0282 3164 Serenum - ok
09:12:56.0324 3164 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:12:56.0337 3164 Serial - ok
09:12:56.0377 3164 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:12:56.0387 3164 sermouse - ok
09:12:56.0492 3164 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:12:56.0544 3164 SessionEnv - ok
09:12:56.0565 3164 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:12:56.0574 3164 sffdisk - ok
09:12:56.0593 3164 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:12:56.0597 3164 sffp_mmc - ok
09:12:56.0618 3164 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:12:56.0625 3164 sffp_sd - ok
09:12:56.0684 3164 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:12:56.0720 3164 sfloppy - ok
09:12:56.0828 3164 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
09:12:56.0880 3164 SharedAccess - ok
09:12:56.0963 3164 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:12:56.0986 3164 ShellHWDetection - ok
09:12:57.0014 3164 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:12:57.0020 3164 sisagp - ok
09:12:57.0063 3164 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:12:57.0068 3164 SiSRaid2 - ok
09:12:57.0092 3164 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:12:57.0098 3164 SiSRaid4 - ok
09:12:57.0146 3164 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:12:57.0152 3164 Smb - ok
09:12:57.0214 3164 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:12:57.0239 3164 SNMPTRAP - ok
09:12:57.0284 3164 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:12:57.0289 3164 spldr - ok
09:12:57.0374 3164 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:12:57.0409 3164 Spooler - ok
09:12:57.0751 3164 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:12:57.0945 3164 sppsvc - ok
09:12:58.0081 3164 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:12:58.0092 3164 sppuinotify - ok
09:12:58.0224 3164 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\NAV\1307010.005\SRTSP.SYS
09:12:58.0283 3164 SRTSP - ok
09:12:58.0316 3164 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\NAV\1307010.005\SRTSPX.SYS
09:12:58.0340 3164 SRTSPX - ok
09:12:58.0403 3164 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:12:58.0452 3164 srv - ok
09:12:58.0507 3164 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:12:58.0556 3164 srv2 - ok
09:12:58.0584 3164 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:12:58.0623 3164 srvnet - ok
09:12:58.0691 3164 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:12:58.0710 3164 SSDPSRV - ok
09:12:58.0749 3164 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:12:58.0798 3164 SstpSvc - ok
09:12:58.0847 3164 STacSV (81693e83a44136327110237239a94f18) C:\Windows\System32\STacSV.exe
09:12:58.0869 3164 STacSV - ok
09:12:58.0910 3164 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:12:58.0934 3164 stexstor - ok
09:12:59.0015 3164 STHDA (ab2059ae6d9243c502c86824bc40439e) C:\Windows\system32\drivers\stwrt.sys
09:12:59.0077 3164 STHDA - ok
09:12:59.0161 3164 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
09:12:59.0210 3164 StillCam - ok
09:12:59.0310 3164 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:12:59.0346 3164 StiSvc - ok
09:12:59.0460 3164 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:12:59.0482 3164 stllssvr - ok
09:12:59.0526 3164 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
09:12:59.0531 3164 swenum - ok
09:12:59.0605 3164 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:12:59.0661 3164 swprv - ok
09:12:59.0772 3164 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NAV\1307010.005\SYMDS.SYS
09:12:59.0818 3164 SymDS - ok
09:12:59.0930 3164 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\NAV\1307010.005\SYMEFA.SYS
09:12:59.0988 3164 SymEFA - ok
09:13:00.0059 3164 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS
09:13:00.0072 3164 SymEvent - ok
09:13:00.0114 3164 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\NAV\1307010.005\Ironx86.SYS
09:13:00.0160 3164 SymIRON - ok
09:13:00.0207 3164 SymNetS (3ee215d6fe821e3edf0f7134d9ae905a) C:\Windows\System32\Drivers\NAV\1307010.005\SYMNETS.SYS
09:13:00.0255 3164 SymNetS - ok
09:13:00.0326 3164 SynTP (1f5192248a364d4ab68db063d18a2139) C:\Windows\system32\DRIVERS\SynTP.sys
09:13:00.0380 3164 SynTP - ok
09:13:00.0512 3164 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:13:00.0589 3164 SysMain - ok
09:13:00.0648 3164 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:13:00.0660 3164 TabletInputService - ok
09:13:00.0728 3164 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:13:00.0779 3164 TapiSrv - ok
09:13:00.0827 3164 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:13:00.0856 3164 TBS - ok
09:13:01.0027 3164 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
09:13:01.0122 3164 Tcpip - ok
09:13:01.0190 3164 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
09:13:01.0214 3164 TCPIP6 - ok
09:13:01.0292 3164 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:13:01.0313 3164 tcpipreg - ok
09:13:01.0392 3164 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:13:01.0404 3164 TDPIPE - ok
09:13:01.0454 3164 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:13:01.0475 3164 TDTCP - ok
09:13:01.0526 3164 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:13:01.0545 3164 tdx - ok
09:13:01.0586 3164 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
09:13:01.0591 3164 TermDD - ok
09:13:01.0693 3164 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:13:01.0735 3164 TermService - ok
09:13:01.0779 3164 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:13:01.0792 3164 Themes - ok
09:13:01.0829 3164 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:13:01.0837 3164 THREADORDER - ok
09:13:01.0878 3164 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:13:01.0889 3164 TrkWks - ok
09:13:02.0092 3164 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:13:02.0124 3164 TrustedInstaller - ok
09:13:02.0210 3164 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:13:02.0253 3164 tssecsrv - ok
09:13:02.0334 3164 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:13:02.0359 3164 TsUsbFlt - ok
09:13:02.0435 3164 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:13:02.0449 3164 tunnel - ok
09:13:02.0495 3164 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:13:02.0500 3164 uagp35 - ok
09:13:02.0569 3164 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:13:02.0587 3164 udfs - ok
09:13:02.0640 3164 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:13:02.0683 3164 UI0Detect - ok
09:13:02.0721 3164 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:13:02.0728 3164 uliagpkx - ok
09:13:02.0749 3164 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
09:13:02.0755 3164 umbus - ok
09:13:02.0804 3164 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:13:02.0827 3164 UmPass - ok
09:13:02.0889 3164 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:13:02.0913 3164 upnphost - ok
09:13:02.0974 3164 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
09:13:02.0998 3164 USBAAPL - ok
09:13:03.0039 3164 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:13:03.0059 3164 usbccgp - ok
09:13:03.0116 3164 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:13:03.0131 3164 usbcir - ok
09:13:03.0172 3164 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
09:13:03.0193 3164 usbehci - ok
09:13:03.0255 3164 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:13:03.0305 3164 usbhub - ok
09:13:03.0339 3164 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
09:13:03.0357 3164 usbohci - ok
09:13:03.0397 3164 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:13:03.0402 3164 usbprint - ok
09:13:03.0437 3164 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
09:13:03.0462 3164 usbscan - ok
09:13:03.0500 3164 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:13:03.0507 3164 USBSTOR - ok
09:13:03.0551 3164 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
09:13:03.0572 3164 usbuhci - ok
09:13:03.0611 3164 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:13:03.0622 3164 UxSms - ok
09:13:03.0658 3164 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:03.0666 3164 VaultSvc - ok
09:13:03.0702 3164 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:13:03.0708 3164 vdrvroot - ok
09:13:03.0835 3164 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:13:03.0904 3164 vds - ok
09:13:03.0973 3164 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:13:03.0998 3164 vga - ok
09:13:04.0030 3164 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:13:04.0034 3164 VgaSave - ok
09:13:04.0084 3164 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:13:04.0105 3164 vhdmp - ok
09:13:04.0150 3164 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:13:04.0156 3164 viaagp - ok
09:13:04.0199 3164 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:13:04.0204 3164 ViaC7 - ok
09:13:04.0228 3164 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:13:04.0233 3164 viaide - ok
09:13:04.0259 3164 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:13:04.0266 3164 volmgr - ok
09:13:04.0332 3164 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:13:04.0357 3164 volmgrx - ok
09:13:04.0401 3164 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:13:04.0418 3164 volsnap - ok
09:13:04.
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 30 Jul 2014
Posts: 4578
Location: Land Of The Leprechauns

PostPosted: Sat May 19, 2012 1:23 am    Post subject: Reply with quote

Hi epepps14,
Quote:
thanks for your help so far

You're welcome.
Quote:
I will also be going away this weekend and will not be able to respond to your next post until monday.

No problem, thanks for letting me know.
The TDSSKiller log you posted is incomplete/cut off, could you post it again please.
To find the log go to Start > Computer > C:
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 30 Jul 2014
Posts: 4578
Location: Land Of The Leprechauns

PostPosted: Tue May 22, 2012 1:40 am    Post subject: Reply with quote

Hi epepps14,
Are you still with me?
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Tue May 22, 2012 8:54 am    Post subject: Reply with quote

Hello,

Im still here. Here is the TDSS killer log again.


09:11:41.0726 4804 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
09:11:42.0876 4804 ============================================================
09:11:42.0876 4804 Current date / time: 2012/05/18 09:11:42.0876
09:11:42.0876 4804 SystemInfo:
09:11:42.0876 4804
09:11:42.0877 4804 OS Version: 6.1.7601 ServicePack: 1.0
09:11:42.0877 4804 Product type: Workstation
09:11:42.0877 4804 ComputerName: OWNER-PC
09:11:42.0877 4804 UserName: Owner
09:11:42.0878 4804 Windows directory: C:\Windows
09:11:42.0878 4804 System windows directory: C:\Windows
09:11:42.0878 4804 Processor architecture: Intel x86
09:11:42.0878 4804 Number of processors: 2
09:11:42.0878 4804 Page size: 0x1000
09:11:42.0878 4804 Boot type: Normal boot
09:11:42.0878 4804 ============================================================
09:11:45.0517 4804 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:11:45.0524 4804 ============================================================
09:11:45.0524 4804 \Device\Harddisk0\DR0:
09:11:45.0538 4804 MBR partitions:
09:11:45.0538 4804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
09:11:45.0538 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x7CF7000
09:11:45.0581 4804 ============================================================
09:11:45.0628 4804 C: <-> \Device\Harddisk0\DR0\Partition1
09:11:45.0659 4804 D: <-> \Device\Harddisk0\DR0\Partition0
09:11:45.0660 4804 ============================================================
09:11:45.0660 4804 Initialize success
09:11:45.0660 4804 ============================================================
09:12:20.0547 3164 ============================================================
09:12:20.0548 3164 Scan started
09:12:20.0548 3164 Mode: Manual;
09:12:20.0548 3164 ============================================================
09:12:23.0584 3164 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:12:23.0631 3164 1394ohci - ok
09:12:23.0683 3164 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:12:23.0716 3164 ACPI - ok
09:12:23.0748 3164 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:12:23.0775 3164 AcpiPmi - ok
09:12:23.0923 3164 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:12:23.0944 3164 AdobeFlashPlayerUpdateSvc - ok
09:12:24.0077 3164 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:12:24.0156 3164 adp94xx - ok
09:12:24.0214 3164 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:12:24.0238 3164 adpahci - ok
09:12:24.0263 3164 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:12:24.0283 3164 adpu320 - ok
09:12:24.0324 3164 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:12:24.0328 3164 AeLookupSvc - ok
09:12:24.0423 3164 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:12:24.0484 3164 AFD - ok
09:12:24.0542 3164 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:12:24.0577 3164 agp440 - ok
09:12:24.0632 3164 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:12:24.0651 3164 aic78xx - ok
09:12:24.0706 3164 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:12:24.0723 3164 ALG - ok
09:12:24.0748 3164 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:12:24.0753 3164 aliide - ok
09:12:24.0777 3164 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:12:24.0801 3164 amdagp - ok
09:12:24.0824 3164 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:12:24.0829 3164 amdide - ok
09:12:24.0875 3164 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:12:24.0898 3164 AmdK8 - ok
09:12:24.0927 3164 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:12:24.0931 3164 AmdPPM - ok
09:12:24.0976 3164 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:12:24.0995 3164 amdsata - ok
09:12:25.0047 3164 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:12:25.0060 3164 amdsbs - ok
09:12:25.0084 3164 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:12:25.0111 3164 amdxata - ok
09:12:25.0170 3164 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:12:25.0190 3164 AppID - ok
09:12:25.0235 3164 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:12:25.0271 3164 AppIDSvc - ok
09:12:25.0498 3164 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:12:25.0501 3164 Appinfo - ok
09:12:25.0717 3164 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:12:25.0723 3164 Apple Mobile Device - ok
09:12:25.0770 3164 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:12:25.0784 3164 arc - ok
09:12:25.0810 3164 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:12:25.0824 3164 arcsas - ok
09:12:25.0853 3164 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:12:25.0857 3164 AsyncMac - ok
09:12:25.0900 3164 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:12:25.0902 3164 atapi - ok
09:12:25.0971 3164 Ati External Event Utility (796f5a6263404c0fc473adcad61f2788) C:\Windows\system32\Ati2evxx.exe
09:12:26.0014 3164 Ati External Event Utility - ok
09:12:26.0115 3164 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:26.0159 3164 AudioEndpointBuilder - ok
09:12:26.0181 3164 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:12:26.0190 3164 Audiosrv - ok
09:12:26.0255 3164 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:12:26.0320 3164 AxInstSV - ok
09:12:26.0551 3164 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:12:26.0611 3164 b06bdrv - ok
09:12:26.0672 3164 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:12:26.0690 3164 b57nd60x - ok
09:12:26.0847 3164 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys
09:12:26.0939 3164 BCM43XX - ok
09:12:26.0990 3164 bcm4sbxp (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
09:12:27.0029 3164 bcm4sbxp - ok
09:12:27.0060 3164 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:12:27.0094 3164 BDESVC - ok
09:12:27.0168 3164 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:12:27.0175 3164 Beep - ok
09:12:27.0268 3164 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
09:12:27.0295 3164 BFE - ok
09:12:27.0563 3164 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\BASHDefs\20120507.001\BHDrvx86.sys
09:12:27.0639 3164 BHDrvx86 - ok
09:12:27.0720 3164 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:12:27.0794 3164 BITS - ok
09:12:27.0855 3164 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:12:27.0859 3164 blbdrive - ok
09:12:28.0060 3164 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
09:12:28.0082 3164 Bonjour Service - ok
09:12:28.0129 3164 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:12:28.0147 3164 bowser - ok
09:12:28.0246 3164 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:12:28.0288 3164 BrFiltLo - ok
09:12:28.0328 3164 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:12:28.0332 3164 BrFiltUp - ok
09:12:28.0388 3164 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:12:28.0402 3164 Browser - ok
09:12:28.0441 3164 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:12:28.0458 3164 Brserid - ok
09:12:28.0493 3164 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:12:28.0498 3164 BrSerWdm - ok
09:12:28.0551 3164 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:12:28.0555 3164 BrUsbMdm - ok
09:12:28.0597 3164 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:12:28.0601 3164 BrUsbSer - ok
09:12:28.0622 3164 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:12:28.0627 3164 BTHMODEM - ok
09:12:28.0685 3164 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:12:28.0704 3164 bthserv - ok
09:12:28.0788 3164 ccSet_NAV (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\NAV\1307010.005\ccSetx86.sys
09:12:28.0826 3164 ccSet_NAV - ok
09:12:28.0876 3164 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:12:28.0882 3164 cdfs - ok
09:12:28.0950 3164 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:12:28.0988 3164 cdrom - ok
09:12:29.0040 3164 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:29.0060 3164 CertPropSvc - ok
09:12:29.0106 3164 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:12:29.0111 3164 circlass - ok
09:12:29.0169 3164 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:12:29.0213 3164 CLFS - ok
09:12:29.0313 3164 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:12:29.0338 3164 clr_optimization_v2.0.50727_32 - ok
09:12:29.0438 3164 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:12:29.0490 3164 clr_optimization_v4.0.30319_32 - ok
09:12:29.0509 3164 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:12:29.0526 3164 CmBatt - ok
09:12:29.0568 3164 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:12:29.0572 3164 cmdide - ok
09:12:29.0719 3164 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
09:12:29.0786 3164 CNG - ok
09:12:29.0823 3164 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:12:29.0827 3164 Compbatt - ok
09:12:29.0866 3164 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
09:12:29.0870 3164 CompositeBus - ok
09:12:29.0889 3164 COMSysApp - ok
09:12:29.0920 3164 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:12:29.0924 3164 crcdisk - ok
09:12:29.0986 3164 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
09:12:30.0000 3164 CryptSvc - ok
09:12:30.0084 3164 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:30.0130 3164 DcomLaunch - ok
09:12:30.0176 3164 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:12:30.0218 3164 defragsvc - ok
09:12:30.0277 3164 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:12:30.0302 3164 DfsC - ok
09:12:30.0385 3164 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:12:30.0404 3164 Dhcp - ok
09:12:30.0444 3164 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:12:30.0449 3164 discache - ok
09:12:30.0496 3164 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:12:30.0501 3164 Disk - ok
09:12:30.0558 3164 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\Windows\system32\DLA\DLABMFSM.SYS
09:12:30.0593 3164 DLABMFSM - ok
09:12:30.0756 3164 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\Windows\system32\DLA\DLABOIOM.SYS
09:12:30.0827 3164 DLABOIOM - ok
09:12:30.0889 3164 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\Windows\system32\DLA\DLADResM.SYS
09:12:30.0903 3164 DLADResM - ok
09:12:31.0007 3164 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\Windows\system32\DLA\DLAIFS_M.SYS
09:12:31.0058 3164 DLAIFS_M - ok
09:12:31.0095 3164 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\Windows\system32\DLA\DLAOPIOM.SYS
09:12:31.0100 3164 DLAOPIOM - ok
09:12:31.0156 3164 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\Windows\system32\DLA\DLAPoolM.SYS
09:12:31.0165 3164 DLAPoolM - ok
09:12:31.0262 3164 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\Windows\system32\Drivers\DLARTL_M.SYS
09:12:31.0272 3164 DLARTL_M - ok
09:12:31.0407 3164 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\Windows\system32\DLA\DLAUDFAM.SYS
09:12:31.0424 3164 DLAUDFAM - ok
09:12:31.0496 3164 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\Windows\system32\DLA\DLAUDF_M.SYS
09:12:31.0511 3164 DLAUDF_M - ok
09:12:31.0559 3164 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
09:12:31.0593 3164 Dnscache - ok
09:12:31.0652 3164 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:12:31.0704 3164 dot3svc - ok
09:12:31.0775 3164 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
09:12:31.0813 3164 Dot4 - ok
09:12:31.0851 3164 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:12:31.0872 3164 Dot4Print - ok
09:12:31.0901 3164 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
09:12:31.0921 3164 dot4usb - ok
09:12:31.0973 3164 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:12:31.0985 3164 DPS - ok
09:12:32.0025 3164 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:12:32.0030 3164 drmkaud - ok
09:12:32.0080 3164 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\Windows\system32\Drivers\DRVMCDB.SYS
09:12:32.0120 3164 DRVMCDB - ok
09:12:32.0142 3164 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\Windows\system32\Drivers\DRVNDDM.SYS
09:12:32.0148 3164 DRVNDDM - ok
09:12:32.0216 3164 DSBrokerService (01d5b95d0a12a916bbdc258629113258) C:\Program Files\DellSupport\brkrsvc.exe
09:12:32.0238 3164 DSBrokerService - ok
09:12:32.0272 3164 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
09:12:32.0296 3164 DSproct - ok
09:12:32.0320 3164 dsunidrv (64fa28c15dd71a80bef3527e1ef07df6) C:\Program Files\DellSupport\Drivers\dsunidrv.sys
09:12:32.0339 3164 dsunidrv - ok
09:12:32.0451 3164 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:12:32.0516 3164 DXGKrnl - ok
09:12:32.0571 3164 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:12:32.0586 3164 EapHost - ok
09:12:32.0881 3164 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:12:33.0023 3164 ebdrv - ok
09:12:33.0125 3164 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:12:33.0181 3164 eeCtrl - ok
09:12:33.0284 3164 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:12:33.0290 3164 EFS - ok
09:12:33.0502 3164 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:12:33.0587 3164 ehRecvr - ok
09:12:33.0633 3164 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:12:33.0689 3164 ehSched - ok
09:12:33.0782 3164 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:12:33.0826 3164 elxstor - ok
09:12:33.0933 3164 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:12:33.0988 3164 EraserUtilRebootDrv - ok
09:12:34.0012 3164 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:12:34.0018 3164 ErrDev - ok
09:12:34.0083 3164 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:12:34.0100 3164 EventSystem - ok
09:12:34.0164 3164 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:12:34.0185 3164 exfat - ok
09:12:34.0273 3164 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:12:34.0296 3164 fastfat - ok
09:12:34.0589 3164 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:12:34.0672 3164 Fax - ok
09:12:34.0696 3164 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:12:34.0728 3164 fdc - ok
09:12:34.0782 3164 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:12:34.0786 3164 fdPHost - ok
09:12:34.0813 3164 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:12:34.0854 3164 FDResPub - ok
09:12:34.0923 3164 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:12:34.0941 3164 FileInfo - ok
09:12:34.0961 3164 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:12:34.0967 3164 Filetrace - ok
09:12:34.0983 3164 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:12:34.0988 3164 flpydisk - ok
09:12:35.0078 3164 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:12:35.0093 3164 FltMgr - ok
09:12:35.0193 3164 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:12:35.0232 3164 FontCache - ok
09:12:35.0314 3164 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:12:35.0331 3164 FontCache3.0.0.0 - ok
09:12:35.0359 3164 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:12:35.0364 3164 FsDepends - ok
09:12:35.0392 3164 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:12:35.0414 3164 Fs_Rec - ok
09:12:35.0498 3164 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:12:35.0556 3164 fvevol - ok
09:12:35.0616 3164 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:12:35.0621 3164 gagp30kx - ok
09:12:35.0672 3164 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:12:35.0692 3164 GEARAspiWDM - ok
09:12:35.0784 3164 GoogleDesktopManager (51e92d44f20a241d3e352a1f6e76ac98) C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
09:12:35.0809 3164 GoogleDesktopManager - ok
09:12:35.0959 3164 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:12:36.0010 3164 gpsvc - ok
09:12:36.0118 3164 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:36.0157 3164 gupdate - ok
09:12:36.0177 3164 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:36.0184 3164 gupdatem - ok
09:12:36.0253 3164 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:12:36.0276 3164 hcw85cir - ok
09:12:36.0317 3164 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
09:12:36.0366 3164 HDAudBus - ok
09:12:36.0414 3164 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:12:36.0419 3164 HidBatt - ok
09:12:36.0447 3164 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:12:36.0461 3164 HidBth - ok
09:12:36.0506 3164 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:12:36.0510 3164 HidIr - ok
09:12:36.0547 3164 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:12:36.0574 3164 hidserv - ok
09:12:36.0624 3164 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:12:36.0630 3164 HidUsb - ok
09:12:36.0682 3164 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:12:36.0710 3164 hkmsvc - ok
09:12:36.0762 3164 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:12:36.0781 3164 HomeGroupListener - ok
09:12:36.0836 3164 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:12:36.0856 3164 HomeGroupProvider - ok
09:12:36.0973 3164 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:12:36.0990 3164 hpqcxs08 - ok
09:12:37.0019 3164 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:12:37.0033 3164 hpqddsvc - ok
09:12:37.0079 3164 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:12:37.0085 3164 HpSAMD - ok
09:12:37.0149 3164 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
09:12:37.0186 3164 HPSLPSVC - ok
09:12:37.0302 3164 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:12:37.0360 3164 HSF_DPV - ok
09:12:37.0408 3164 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:12:37.0427 3164 HSXHWAZL - ok
09:12:37.0521 3164 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:12:37.0581 3164 HTTP - ok
09:12:37.0629 3164 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:12:37.0652 3164 hwpolicy - ok
09:12:37.0714 3164 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:12:37.0721 3164 i8042prt - ok
09:12:37.0807 3164 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:12:37.0831 3164 iaStorV - ok
09:12:37.0913 3164 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:12:37.0956 3164 IDriverT - ok
09:12:38.0116 3164 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:12:38.0165 3164 idsvc - ok
09:12:38.0378 3164 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\IPSDefs\20120517.001\IDSvix86.sys
09:12:38.0427 3164 IDSVix86 - ok
09:12:38.0590 3164 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:12:38.0612 3164 iirsp - ok
09:12:38.0722 3164 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:12:38.0782 3164 IKEEXT - ok
09:12:38.0828 3164 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:12:38.0833 3164 intelide - ok
09:12:38.0886 3164 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:12:38.0891 3164 intelppm - ok
09:12:38.0926 3164 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:12:38.0956 3164 IPBusEnum - ok
09:12:39.0027 3164 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:12:39.0031 3164 IpFilterDriver - ok
09:12:39.0128 3164 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
09:12:39.0164 3164 iphlpsvc - ok
09:12:39.0199 3164 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:12:39.0205 3164 IPMIDRV - ok
09:12:39.0243 3164 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:12:39.0257 3164 IPNAT - ok
09:12:39.0386 3164 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
09:12:39.0451 3164 iPod Service - ok
09:12:39.0488 3164 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:12:39.0493 3164 IRENUM - ok
09:12:39.0538 3164 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:12:39.0544 3164 isapnp - ok
09:12:39.0584 3164 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:12:39.0635 3164 iScsiPrt - ok
09:12:39.0692 3164 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
09:12:39.0697 3164 kbdclass - ok
09:12:39.0725 3164 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
09:12:39.0730 3164 kbdhid - ok
09:12:39.0757 3164 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:39.0762 3164 KeyIso - ok
09:12:39.0782 3164 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
09:12:39.0803 3164 KSecDD - ok
09:12:39.0835 3164 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
09:12:39.0872 3164 KSecPkg - ok
09:12:39.0927 3164 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:12:39.0977 3164 KtmRm - ok
09:12:40.0045 3164 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:12:40.0064 3164 LanmanServer - ok
09:12:40.0118 3164 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:12:40.0160 3164 LanmanWorkstation - ok
09:12:40.0213 3164 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:12:40.0232 3164 lltdio - ok
09:12:40.0276 3164 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:12:40.0319 3164 lltdsvc - ok
09:12:40.0345 3164 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:12:40.0352 3164 lmhosts - ok
09:12:40.0393 3164 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:12:40.0406 3164 LSI_FC - ok
09:12:40.0426 3164 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:12:40.0441 3164 LSI_SAS - ok
09:12:40.0468 3164 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:12:40.0489 3164 LSI_SAS2 - ok
09:12:40.0562 3164 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:12:40.0576 3164 LSI_SCSI - ok
09:12:40.0620 3164 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:12:40.0634 3164 luafv - ok
09:12:40.0679 3164 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:12:40.0700 3164 Mcx2Svc - ok
09:12:40.0735 3164 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:12:40.0739 3164 mdmxsdk - ok
09:12:40.0761 3164 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:12:40.0767 3164 megasas - ok
09:12:40.0815 3164 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:12:40.0831 3164 MegaSR - ok
09:12:40.0868 3164 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:12:40.0896 3164 MMCSS - ok
09:12:40.0920 3164 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:12:40.0936 3164 Modem - ok
09:12:41.0003 3164 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:12:41.0017 3164 monitor - ok
09:12:41.0075 3164 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:12:41.0080 3164 mouclass - ok
09:12:41.0119 3164 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:12:41.0123 3164 mouhid - ok
09:12:41.0177 3164 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:12:41.0199 3164 mountmgr - ok
09:12:41.0284 3164 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:12:41.0297 3164 MozillaMaintenance - ok
09:12:41.0335 3164 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:12:41.0347 3164 mpio - ok
09:12:41.0393 3164 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:12:41.0413 3164 mpsdrv - ok
09:12:41.0491 3164 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
09:12:41.0539 3164 MpsSvc - ok
09:12:41.0598 3164 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:12:41.0637 3164 MRxDAV - ok
09:12:41.0683 3164 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:12:41.0730 3164 mrxsmb - ok
09:12:41.0806 3164 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:12:41.0850 3164 mrxsmb10 - ok
09:12:41.0877 3164 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:12:41.0889 3164 mrxsmb20 - ok
09:12:41.0921 3164 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:12:41.0926 3164 msahci - ok
09:12:41.0967 3164 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:12:41.0981 3164 msdsm - ok
09:12:42.0022 3164 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:12:42.0043 3164 MSDTC - ok
09:12:42.0098 3164 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:12:42.0103 3164 Msfs - ok
09:12:42.0143 3164 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:12:42.0147 3164 mshidkmdf - ok
09:12:42.0193 3164 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:12:42.0197 3164 msisadrv - ok
09:12:42.0249 3164 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:12:42.0296 3164 MSiSCSI - ok
09:12:42.0306 3164 msiserver - ok
09:12:42.0376 3164 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:12:42.0380 3164 MSKSSRV - ok
09:12:42.0426 3164 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:12:42.0430 3164 MSPCLOCK - ok
09:12:42.0446 3164 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:12:42.0468 3164 MSPQM - ok
09:12:42.0504 3164 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:12:42.0522 3164 MsRPC - ok
09:12:42.0561 3164 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
09:12:42.0567 3164 mssmbios - ok
09:12:42.0599 3164 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:12:42.0604 3164 MSTEE - ok
09:12:42.0654 3164 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:12:42.0659 3164 MTConfig - ok
09:12:42.0721 3164 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:12:42.0725 3164 Mup - ok
09:12:42.0830 3164 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:12:42.0856 3164 napagent - ok
09:12:42.0912 3164 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:12:42.0983 3164 NativeWifiP - ok
09:12:43.0421 3164 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
09:12:43.0449 3164 NAV - ok
09:12:43.0744 3164 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120517.023\NAVENG.SYS
09:12:43.0835 3164 NAVENG - ok
09:12:46.0618 3164 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120517.023\NAVEX15.SYS
09:12:46.0731 3164 NAVEX15 - ok
09:12:47.0051 3164 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:12:47.0120 3164 NDIS - ok
09:12:47.0196 3164 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:12:47.0217 3164 NdisCap - ok
09:12:47.0272 3164 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:12:47.0278 3164 NdisTapi - ok
09:12:47.0339 3164 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:12:47.0379 3164 Ndisuio - ok
09:12:47.0464 3164 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:12:47.0500 3164 NdisWan - ok
09:12:47.0553 3164 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:12:47.0577 3164 NDProxy - ok
09:12:47.0654 3164 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
09:12:47.0668 3164 Net Driver HPZ12 - ok
09:12:47.0751 3164 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:12:47.0772 3164 NetBIOS - ok
09:12:47.0825 3164 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:12:47.0872 3164 NetBT - ok
09:12:47.0934 3164 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:47.0943 3164 Netlogon - ok
09:12:48.0030 3164 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:12:48.0057 3164 Netman - ok
09:12:48.0120 3164 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:12:48.0152 3164 netprofm - ok
09:12:48.0265 3164 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:12:48.0296 3164 NetTcpPortSharing - ok
09:12:48.0342 3164 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:12:48.0358 3164 nfrd960 - ok
09:12:48.0417 3164 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:12:48.0440 3164 NlaSvc - ok
09:12:48.0486 3164 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:12:48.0492 3164 Npfs - ok
09:12:48.0564 3164 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:12:48.0585 3164 nsi - ok
09:12:48.0609 3164 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:12:48.0615 3164 nsiproxy - ok
09:12:48.0757 3164 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:12:48.0846 3164 Ntfs - ok
09:12:48.0896 3164 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:12:48.0907 3164 Null - ok
09:12:48.0941 3164 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:12:48.0954 3164 nvraid - ok
09:12:48.0978 3164 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:12:49.0000 3164 nvstor - ok
09:12:49.0051 3164 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:12:49.0065 3164 nv_agp - ok
09:12:49.0217 3164 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:12:49.0271 3164 odserv - ok
09:12:49.0314 3164 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:12:49.0320 3164 ohci1394 - ok
09:12:49.0418 3164 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:12:49.0461 3164 ose - ok
09:12:49.0533 3164 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:12:49.0557 3164 p2pimsvc - ok
09:12:49.0618 3164 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:12:49.0668 3164 p2psvc - ok
09:12:49.0707 3164 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:12:49.0715 3164 Parport - ok
09:12:49.0748 3164 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
09:12:49.0768 3164 partmgr - ok
09:12:49.0798 3164 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:12:49.0802 3164 Parvdm - ok
09:12:49.0840 3164 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:12:49.0893 3164 PcaSvc - ok
09:12:49.0970 3164 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:12:49.0981 3164 pci - ok
09:12:50.0086 3164 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:12:50.0106 3164 pciide - ok
09:12:50.0155 3164 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:12:50.0173 3164 pcmcia - ok
09:12:50.0266 3164 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:12:50.0289 3164 pcw - ok
09:12:50.0369 3164 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:12:50.0399 3164 PEAUTH - ok
09:12:50.0583 3164 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:12:50.0690 3164 pla - ok
09:12:50.0841 3164 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:12:50.0866 3164 PlugPlay - ok
09:12:50.0905 3164 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
09:12:50.0911 3164 Pml Driver HPZ12 - ok
09:12:50.0945 3164 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:12:50.0971 3164 PNRPAutoReg - ok
09:12:51.0020 3164 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:12:51.0031 3164 PNRPsvc - ok
09:12:51.0100 3164 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:12:51.0122 3164 PolicyAgent - ok
09:12:51.0187 3164 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:12:51.0208 3164 Power - ok
09:12:51.0279 3164 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:12:51.0303 3164 PptpMiniport - ok
09:12:51.0340 3164 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:12:51.0345 3164 Processor - ok
09:12:51.0413 3164 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
09:12:51.0432 3164 ProfSvc - ok
09:12:51.0465 3164 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:51.0471 3164 ProtectedStorage - ok
09:12:51.0516 3164 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:12:51.0529 3164 Psched - ok
09:12:51.0594 3164 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
09:12:51.0655 3164 PxHelp20 - ok
09:12:51.0799 3164 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:12:51.0872 3164 ql2300 - ok
09:12:52.0003 3164 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:12:52.0017 3164 ql40xx - ok
09:12:52.0065 3164 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:12:52.0116 3164 QWAVE - ok
09:12:52.0141 3164 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:12:52.0147 3164 QWAVEdrv - ok
09:12:52.0325 3164 R300 (8766b8f65459c37e20d525645e30e466) C:\Windows\system32\DRIVERS\atikmdag.sys
09:12:52.0432 3164 R300 - ok
09:12:52.0684 3164 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:12:52.0689 3164 RasAcd - ok
09:12:52.0732 3164 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:12:52.0738 3164 RasAgileVpn - ok
09:12:52.0774 3164 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:12:52.0821 3164 RasAuto - ok
09:12:52.0851 3164 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:12:52.0857 3164 Rasl2tp - ok
09:12:52.0938 3164 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:12:52.0997 3164 RasMan - ok
09:12:53.0035 3164 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:12:53.0041 3164 RasPppoe - ok
09:12:53.0066 3164 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:12:53.0072 3164 RasSstp - ok
09:12:53.0138 3164 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:12:53.0188 3164 rdbss - ok
09:12:53.0216 3164 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:12:53.0220 3164 rdpbus - ok
09:12:53.0273 3164 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:12:53.0295 3164 RDPCDD - ok
09:12:53.0342 3164 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:12:53.0346 3164 RDPENCDD - ok
09:12:53.0404 3164 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:12:53.0408 3164 RDPREFMP - ok
09:12:53.0458 3164 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
09:12:53.0503 3164 RDPWD - ok
09:12:53.0608 3164 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:12:53.0654 3164 rdyboost - ok
09:12:53.0696 3164 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:12:53.0719 3164 RemoteAccess - ok
09:12:53.0768 3164 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:12:53.0823 3164 RemoteRegistry - ok
09:12:54.0002 3164 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
09:12:54.0054 3164 rimmptsk - ok
09:12:54.0235 3164 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
09:12:54.0270 3164 rimsptsk - ok
09:12:54.0387 3164 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
09:12:54.0394 3164 rismxdp - ok
09:12:54.0813 3164 RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:12:54.0900 3164 RoxMediaDB9 - ok
09:12:54.0993 3164 RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
09:12:55.0012 3164 RoxWatch9 - ok
09:12:55.0067 3164 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:12:55.0078 3164 RpcEptMapper - ok
09:12:55.0117 3164 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:12:55.0135 3164 RpcLocator - ok
09:12:55.0217 3164 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:12:55.0232 3164 RpcSs - ok
09:12:55.0308 3164 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:12:55.0328 3164 rspndr - ok
09:12:55.0365 3164 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:12:55.0371 3164 SamSs - ok
09:12:55.0413 3164 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:12:55.0427 3164 sbp2port - ok
09:12:55.0473 3164 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:12:55.0520 3164 SCardSvr - ok
09:12:55.0582 3164 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:12:55.0587 3164 scfilter - ok
09:12:55.0826 3164 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:12:55.0872 3164 Schedule - ok
09:12:55.0919 3164 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:12:55.0922 3164 SCPolicySvc - ok
09:12:55.0973 3164 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
09:12:55.0987 3164 sdbus - ok
09:12:56.0020 3164 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:12:56.0040 3164 SDRSVC - ok
09:12:56.0079 3164 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:12:56.0085 3164 secdrv - ok
09:12:56.0114 3164 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:12:56.0140 3164 seclogon - ok
09:12:56.0179 3164 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:12:56.0188 3164 SENS - ok
09:12:56.0220 3164 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:12:56.0249 3164 SensrSvc - ok
09:12:56.0276 3164 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:12:56.0282 3164 Serenum - ok
09:12:56.0324 3164 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:12:56.0337 3164 Serial - ok
09:12:56.0377 3164 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:12:56.0387 3164 sermouse - ok
09:12:56.0492 3164 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:12:56.0544 3164 SessionEnv - ok
09:12:56.0565 3164 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:12:56.0574 3164 sffdisk - ok
09:12:56.0593 3164 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:12:56.0597 3164 sffp_mmc - ok
09:12:56.0618 3164 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:12:56.0625 3164 sffp_sd - ok
09:12:56.0684 3164 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:12:56.0720 3164 sfloppy - ok
09:12:56.0828 3164 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
09:12:56.0880 3164 SharedAccess - ok
09:12:56.0963 3164 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:12:56.0986 3164 ShellHWDetection - ok
09:12:57.0014 3164 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:12:57.0020 3164 sisagp - ok
09:12:57.0063 3164 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:12:57.0068 3164 SiSRaid2 - ok
09:12:57.0092 3164 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:12:57.0098 3164 SiSRaid4 - ok
09:12:57.0146 3164 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:12:57.0152 3164 Smb - ok
09:12:57.0214 3164 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:12:57.0239 3164 SNMPTRAP - ok
09:12:57.0284 3164 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:12:57.0289 3164 spldr - ok
09:12:57.0374 3164 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:12:57.0409 3164 Spooler - ok
09:12:57.0751 3164 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:12:57.0945 3164 sppsvc - ok
09:12:58.0081 3164 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:12:58.0092 3164 sppuinotify - ok
09:12:58.0224 3164 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\NAV\1307010.005\SRTSP.SYS
09:12:58.0283 3164 SRTSP - ok
09:12:58.0316 3164 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\NAV\1307010.005\SRTSPX.SYS
09:12:58.0340 3164 SRTSPX - ok
09:12:58.0403 3164 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:12:58.0452 3164 srv - ok
09:12:58.0507 3164 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:12:58.0556 3164 srv2 - ok
09:12:58.0584 3164 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:12:58.0623 3164 srvnet - ok
09:12:58.0691 3164 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:12:58.0710 3164 SSDPSRV - ok
09:12:58.0749 3164 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:12:58.0798 3164 SstpSvc - ok
09:12:58.0847 3164 STacSV (81693e83a44136327110237239a94f18) C:\Windows\System32\STacSV.exe
09:12:58.0869 3164 STacSV - ok
09:12:58.0910 3164 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:12:58.0934 3164 stexstor - ok
09:12:59.0015 3164 STHDA (ab2059ae6d9243c502c86824bc40439e) C:\Windows\system32\drivers\stwrt.sys
09:12:59.0077 3164 STHDA - ok
09:12:59.0161 3164 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
09:12:59.0210 3164 StillCam - ok
09:12:59.0310 3164 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:12:59.0346 3164 StiSvc - ok
09:12:59.0460 3164 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:12:59.0482 3164 stllssvr - ok
09:12:59.0526 3164 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
09:12:59.0531 3164 swenum - ok
09:12:59.0605 3164 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:12:59.0661 3164 swprv - ok
09:12:59.0772 3164 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NAV\1307010.005\SYMDS.SYS
09:12:59.0818 3164 SymDS - ok
09:12:59.0930 3164 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\NAV\1307010.005\SYMEFA.SYS
09:12:59.0988 3164 SymEFA - ok
09:13:00.0059 3164 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS
09:13:00.0072 3164 SymEvent - ok
09:13:00.0114 3164 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\NAV\1307010.005\Ironx86.SYS
09:13:00.0160 3164 SymIRON - ok
09:13:00.0207 3164 SymNetS (3ee215d6fe821e3edf0f7134d9ae905a) C:\Windows\System32\Drivers\NAV\1307010.005\SYMNETS.SYS
09:13:00.0255 3164 SymNetS - ok
09:13:00.0326 3164 SynTP (1f5192248a364d4ab68db063d18a2139) C:\Windows\system32\DRIVERS\SynTP.sys
09:13:00.0380 3164 SynTP - ok
09:13:00.0512 3164 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:13:00.0589 3164 SysMain - ok
09:13:00.0648 3164 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:13:00.0660 3164 TabletInputService - ok
09:13:00.0728 3164 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:13:00.0779 3164 TapiSrv - ok
09:13:00.0827 3164 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:13:00.0856 3164 TBS - ok
09:13:01.0027 3164 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
09:13:01.0122 3164 Tcpip - ok
09:13:01.0190 3164 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
09:13:01.0214 3164 TCPIP6 - ok
09:13:01.0292 3164 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:13:01.0313 3164 tcpipreg - ok
09:13:01.0392 3164 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:13:01.0404 3164 TDPIPE - ok
09:13:01.0454 3164 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:13:01.0475 3164 TDTCP - ok
09:13:01.0526 3164 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:13:01.0545 3164 tdx - ok
09:13:01.0586 3164 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
09:13:01.0591 3164 TermDD - ok
09:13:01.0693 3164 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:13:01.0735 3164 TermService - ok
09:13:01.0779 3164 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:13:01.0792 3164 Themes - ok
09:13:01.0829 3164 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:13:01.0837 3164 THREADORDER - ok
09:13:01.0878 3164 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:13:01.0889 3164 TrkWks - ok
09:13:02.0092 3164 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:13:02.0124 3164 TrustedInstaller - ok
09:13:02.0210 3164 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:13:02.0253 3164 tssecsrv - ok
09:13:02.0334 3164 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:13:02.0359 3164 TsUsbFlt - ok
09:13:02.0435 3164 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:13:02.0449 3164 tunnel - ok
09:13:02.0495 3164 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:13:02.0500 3164 uagp35 - ok
09:13:02.0569 3164 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:13:02.0587 3164 udfs - ok
09:13:02.0640 3164 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:13:02.0683 3164 UI0Detect - ok
09:13:02.0721 3164 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:13:02.0728 3164 uliagpkx - ok
09:13:02.0749 3164 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
09:13:02.0755 3164 umbus - ok
09:13:02.0804 3164 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:13:02.0827 3164 UmPass - ok
09:13:02.0889 3164 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:13:02.0913 3164 upnphost - ok
09:13:02.0974 3164 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
09:13:02.0998 3164 USBAAPL - ok
09:13:03.0039 3164 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:13:03.0059 3164 usbccgp - ok
09:13:03.0116 3164 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:13:03.0131 3164 usbcir - ok
09:13:03.0172 3164 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
09:13:03.0193 3164 usbehci - ok
09:13:03.0255 3164 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:13:03.0305 3164 usbhub - ok
09:13:03.0339 3164 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
09:13:03.0357 3164 usbohci - ok
09:13:03.0397 3164 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:13:03.0402 3164 usbprint - ok
09:13:03.0437 3164 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
09:13:03.0462 3164 usbscan - ok
09:13:03.0500 3164 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:13:03.0507 3164 USBSTOR - ok
09:13:03.0551 3164 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
09:13:03.0572 3164 usbuhci - ok
09:13:03.0611 3164 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:13:03.0622 3164 UxSms - ok
09:13:03.0658 3164 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:13:03.0666 3164 VaultSvc - ok
09:13:03.0702 3164 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:13:03.0708 3164 vdrvroot - ok
09:13:03.0835 3164 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:13:03.0904 3164 vds - ok
09:13:03.0973 3164 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:13:03.0998 3164 vga - ok
09:13:04.0030 3164 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:13:04.0034 3164 VgaSave - ok
09:13:04.0084 3164 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:13:04.0105 3164 vhdmp - ok
09:13:04.0150 3164 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:13:04.0156 3164 viaagp - ok
09:13:04.0199 3164 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:13:04.0204 3164 ViaC7 - ok
09:13:04.0228 3164 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:13:04.0233 3164 viaide - ok
09:13:04.0259 3164 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:13:04.0266 3164 volmgr - ok
09:13:04.0332 3164 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:13:04.0357 3164 volmgrx - ok
09:13:04.0401 3164 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:13:04.0418 3164 volsnap - ok
09:13:04.0467 3164 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
09:13:04.0479 3164 vsmraid - ok
09:13:04.0602 3164 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
09:13:04.0687 3164 VSS - ok
09:13:04.0714 3164 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
09:13:04.0718 3164 vwifibus - ok
09:13:04.0754 3164 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
09:13:04.0760 3164 vwififlt - ok
09:13:04.0818 3164 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
09:13:04.0876 3164 W32Time - ok
09:13:04.0922 3164 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
09:13:04.0927 3164 WacomPen - ok
09:13:04.0985 3164 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:13:04.0991 3164 WANARP - ok
09:13:05.0000 3164 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:13:05.0007 3164 Wanarpv6 - ok
09:13:05.0152 3164 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
09:13:05.0242 3164 WatAdminSvc - ok
09:13:05.0376 3164 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
09:13:05.0473 3164 wbengine - ok
09:13:05.0746 3164 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
09:13:07.0704 3164 WbioSrvc - ok
09:13:07.0769 3164 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
09:13:07.0827 3164 wcncsvc - ok
09:13:07.0865 3164 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
09:13:07.0895 3164 WcsPlugInService - ok
09:13:07.0956 3164 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
09:13:07.0961 3164 Wd - ok
09:13:08.0018 3164 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:13:08.0046 3164 Wdf01000 - ok
09:13:08.0088 3164 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:13:08.0100 3164 WdiServiceHost - ok
09:13:08.0113 3164 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:13:08.0123 3164 WdiSystemHost - ok
09:13:08.0177 3164 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
09:13:08.0204 3164 WebClient - ok
09:13:08.0233 3164 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
09:13:08.0286 3164 Wecsvc - ok
09:13:08.0316 3164 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
09:13:08.0329 3164 wercplsupport - ok
09:13:08.0368 3164 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
09:13:08.0394 3164 WerSvc - ok
09:13:08.0426 3164 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
09:13:08.0431 3164 WfpLwf - ok
09:13:08.0467 3164 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
09:13:08.0472 3164 WIMMount - ok
09:13:08.0557 3164 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:13:08.0600 3164 winachsf - ok
09:13:08.0722 3164 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
09:13:08.0760 3164 WinDefend - ok
09:13:08.0779 3164 WinHttpAutoProxySvc - ok
09:13:08.0935 3164 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
09:13:08.0954 3164 Winmgmt - ok
09:13:09.0089 3164 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
09:13:09.0171 3164 WinRM - ok
09:13:09.0248 3164 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
09:13:09.0271 3164 WinUsb - ok
09:13:09.0367 3164 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
09:13:09.0426 3164 Wlansvc - ok
09:13:09.0644 3164 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:13:09.0726 3164 wlidsvc - ok
09:13:09.0814 3164 wltrysvc - ok
09:13:09.0890 3164 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
09:13:09.0895 3164 WmiAcpi - ok
09:13:09.0974 3164 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
09:13:10.0011 3164 wmiApSrv - ok
09:13:10.0201 3164 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:13:10.0264 3164 WMPNetworkSvc - ok
09:13:10.0316 3164 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
09:13:10.0367 3164 WPCSvc - ok
09:13:10.0500 3164 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
09:13:10.0543 3164 WPDBusEnum - ok
09:13:10.0608 3164 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
09:13:10.0614 3164 ws2ifsl - ok
09:13:10.0659 3164 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
09:13:10.0673 3164 wscsvc - ok
09:13:10.0683 3164 WSearch - ok
09:13:10.0875 3164 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
09:13:10.0973 3164 wuauserv - ok
09:13:11.0124 3164 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
09:13:11.0137 3164 WudfPf - ok
09:13:11.0208 3164 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.s
Back to top
View user's profile Send private message
epepps14
Newbie


Joined: 13 May 2012
Last Visit: 28 May 2012
Posts: 3

PostPosted: Tue May 22, 2012 8:57 am    Post subject: Reply with quote

for some reason it cut it off again. here is the bottom section of the log.




09:13:11.0124 3164 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
09:13:11.0137 3164 WudfPf - ok
09:13:11.0208 3164 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:13:11.0221 3164 WUDFRd - ok
09:13:11.0285 3164 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
09:13:11.0299 3164 wudfsvc - ok
09:13:11.0349 3164 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
09:13:11.0419 3164 WwanSvc - ok
09:13:11.0463 3164 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
09:13:11.0471 3164 XAudio - ok
09:13:11.0529 3164 XAudioService (28dc5d626e036a75a572556f0a6eb1f6) C:\Windows\system32\DRIVERS\xaudio.exe
09:13:11.0560 3164 XAudioService - ok
09:13:11.0612 3164 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:13:11.0889 3164 \Device\Harddisk0\DR0 - ok
09:13:11.0917 3164 Boot (0x1200) (1ed3fc7ccf06dfc2911134e359eca07e) \Device\Harddisk0\DR0\Partition0
09:13:11.0920 3164 \Device\Harddisk0\DR0\Partition0 - ok
09:13:11.0933 3164 Boot (0x1200) (547e47f4a03434c35a73a4dcecc6b8fc) \Device\Harddisk0\DR0\Partition1
09:13:11.0936 3164 \Device\Harddisk0\DR0\Partition1 - ok
09:13:11.0938 3164 ============================================================
09:13:11.0938 3164 Scan finished
09:13:11.0938 3164 ============================================================
09:13:12.0080 6008 Detected object count: 0
09:13:12.0081 6008 Actual detected object count: 0
09:56:17.0117 0712 Deinitialize success
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 30 Jul 2014
Posts: 4578
Location: Land Of The Leprechauns

PostPosted: Tue May 22, 2012 9:05 am    Post subject: Reply with quote

Hi epepps14,
Quote:
I am having problems with firefox, which is the main browser that I use.

lets try reinstalling FireFox first to see if that solves the problem, we will Backup your Firefox Bookmarks first.

Make a Backup of Firefox Bookmarks
  • Please open your FireFox browser.
  • Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
  • In the Library window, click the Import and Backup button and then select Backup....
  • In the Bookmarks backup filename window that opens, choose a your Desktop as a location to save the file, which is named bookmarks-"date".json by default.
  • Save the bookmarks json file. The Bookmarks backup filename window will close and you can close the Library window.

Next.

Please download a fresh copy of Firefox
  • Using Internet Explorer download FireFox from Here.
  • Save it to your desktop.

Next.

Uninstall Firefox
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Quote:
Mozilla Firefox 8.0

Next.

Install Firefox
  • Right click on Firefox Setup 11.0.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  • Then follow installation prompts...

Next.

Restore your Firefox Bookmarks
  • Please open your FireFox browser.
  • Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
  • In the Library window, click the Import and Backup button and then select Restore....
  • Choose bookmarks .json file you saved on your Desktop.
  • After choosing a backup, your bookmarks from that file will be restored. Close the Library window.

Now try using FireFox and let me know if you are still having problems.
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 30 Jul 2014
Posts: 4578
Location: Land Of The Leprechauns

PostPosted: Fri May 25, 2012 6:23 am    Post subject: Reply with quote

Quote:
Due to a lack of response this topic is now closed.

If you still need help you must open a new thread in the Help with spyware removal forum, post a new set of DDS logs, and wait for a new helper.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group