Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22
  1. #11
    Member
    Join Date
    Mar 2012
    Posts
    10
    Points
    0

    Default

    RogueKiller V7.3.2 [03/20/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: RogueKiller - Geeks to Go Forums
    Blog: tigzy-RK

    Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Allison [Admin rights]
    Mode: HOSTSFix -- Date: 04/04/2012 15:48:30

    Bad processes: 2
    [SUSP PATH] ibsvc.exe -- C:\ProgramData\IBUpdaterService\ibsvc.exe -> KILLED [TermProc]
    [RESIDUE] ibsvc.exe -- C:\ProgramData\IBUpdaterService\ibsvc.exe -> KILLED [TermProc]

    Driver: [LOADED]

    HOSTS File:
    127.0.0.1 localhost
    ::1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 008k.com
    127.0.0.1 00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 ͨ,,𱦲188,ͨ,ټ,ټ
    [...]


    Resetted HOSTS:
    127.0.0.1 localhost

    Finished : << RKreport[6].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
    RKreport[6].txt




    15:59:25.0703 3516 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
    15:59:26.0187 3516 ============================================================
    15:59:26.0187 3516 Current date / time: 2012/04/04 15:59:26.0187
    15:59:26.0187 3516 SystemInfo:
    15:59:26.0187 3516
    15:59:26.0187 3516 OS Version: 6.0.6002 ServicePack: 2.0
    15:59:26.0187 3516 Product type: Workstation
    15:59:26.0187 3516 ComputerName: ALLISON-PC
    15:59:26.0187 3516 UserName: Allison
    15:59:26.0187 3516 Windows directory: C:\Windows
    15:59:26.0187 3516 System windows directory: C:\Windows
    15:59:26.0187 3516 Processor architecture: Intel x86
    15:59:26.0187 3516 Number of processors: 2
    15:59:26.0187 3516 Page size: 0x1000
    15:59:26.0187 3516 Boot type: Normal boot
    15:59:26.0187 3516 ============================================================
    15:59:26.0936 3516 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    15:59:27.0092 3516 \Device\Harddisk0\DR0:
    15:59:27.0092 3516 MBR used
    15:59:27.0092 3516 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23C85A7A
    15:59:27.0092 3516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23C85AB9, BlocksNum 0x17A7C08
    15:59:27.0170 3516 Initialize success
    15:59:27.0170 3516 ============================================================
    16:00:58.0898 2848 ============================================================
    16:00:58.0898 2848 Scan started
    16:00:58.0898 2848 Mode: Manual;
    16:00:58.0898 2848 ============================================================
    16:00:59.0225 2848 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    16:00:59.0225 2848 !SASCORE - ok
    16:00:59.0350 2848 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    16:00:59.0350 2848 ACPI - ok
    16:00:59.0475 2848 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    16:00:59.0475 2848 adp94xx - ok
    16:00:59.0522 2848 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    16:00:59.0522 2848 adpahci - ok
    16:00:59.0553 2848 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    16:00:59.0553 2848 adpu160m - ok
    16:00:59.0600 2848 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    16:00:59.0600 2848 adpu320 - ok
    16:00:59.0678 2848 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    16:00:59.0678 2848 AeLookupSvc - ok
    16:00:59.0771 2848 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    16:00:59.0771 2848 AFD - ok
    16:00:59.0803 2848 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    16:00:59.0803 2848 agp440 - ok
    16:00:59.0834 2848 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    16:00:59.0834 2848 aic78xx - ok
    16:00:59.0865 2848 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    16:00:59.0865 2848 ALG - ok
    16:00:59.0927 2848 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    16:00:59.0943 2848 aliide - ok
    16:00:59.0990 2848 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    16:00:59.0990 2848 amdagp - ok
    16:00:59.0990 2848 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    16:00:59.0990 2848 amdide - ok
    16:01:00.0037 2848 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    16:01:00.0037 2848 AmdK7 - ok
    16:01:00.0068 2848 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    16:01:00.0068 2848 AmdK8 - ok
    16:01:00.0130 2848 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
    16:01:00.0130 2848 androidusb - ok
    16:01:00.0177 2848 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    16:01:00.0177 2848 Appinfo - ok
    16:01:00.0302 2848 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    16:01:00.0302 2848 Apple Mobile Device - ok
    16:01:00.0349 2848 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    16:01:00.0349 2848 arc - ok
    16:01:00.0380 2848 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    16:01:00.0380 2848 arcsas - ok
    16:01:00.0442 2848 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    16:01:00.0442 2848 AsyncMac - ok
    16:01:00.0520 2848 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    16:01:00.0520 2848 atapi - ok
    16:01:00.0567 2848 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    16:01:00.0583 2848 AudioEndpointBuilder - ok
    16:01:00.0598 2848 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    16:01:00.0598 2848 Audiosrv - ok
    16:01:00.0817 2848 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    16:01:00.0926 2848 AVGIDSAgent - ok
    16:01:00.0957 2848 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    16:01:00.0957 2848 avgwd - ok
    16:01:01.0129 2848 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
    16:01:01.0129 2848 BCM43XV - ok
    16:01:01.0160 2848 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    16:01:01.0175 2848 Beep - ok
    16:01:01.0222 2848 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    16:01:01.0222 2848 BFE - ok
    16:01:01.0285 2848 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    16:01:01.0300 2848 BITS - ok
    16:01:01.0363 2848 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    16:01:01.0363 2848 blbdrive - ok
    16:01:01.0503 2848 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    16:01:01.0503 2848 Bonjour Service - ok
    16:01:01.0628 2848 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    16:01:01.0628 2848 bowser - ok
    16:01:01.0721 2848 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    16:01:01.0721 2848 BrFiltLo - ok
    16:01:01.0784 2848 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    16:01:01.0784 2848 BrFiltUp - ok
    16:01:01.0846 2848 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    16:01:01.0846 2848 Browser - ok
    16:01:01.0877 2848 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    16:01:01.0893 2848 Brserid - ok
    16:01:01.0909 2848 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    16:01:01.0909 2848 BrSerWdm - ok
    16:01:01.0955 2848 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    16:01:01.0955 2848 BrUsbMdm - ok
    16:01:02.0002 2848 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    16:01:02.0002 2848 BrUsbSer - ok
    16:01:02.0033 2848 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    16:01:02.0033 2848 BTHMODEM - ok
    16:01:02.0080 2848 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
    16:01:02.0080 2848 BthServ - ok
    16:01:02.0127 2848 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    16:01:02.0127 2848 cdfs - ok
    16:01:02.0189 2848 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    16:01:02.0189 2848 cdrom - ok
    16:01:02.0252 2848 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    16:01:02.0252 2848 CertPropSvc - ok
    16:01:02.0299 2848 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    16:01:02.0299 2848 circlass - ok
    16:01:02.0377 2848 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    16:01:02.0377 2848 CLFS - ok
    16:01:02.0439 2848 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    16:01:02.0455 2848 clr_optimization_v2.0.50727_32 - ok
    16:01:02.0564 2848 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    16:01:02.0564 2848 clr_optimization_v4.0.30319_32 - ok
    16:01:02.0673 2848 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    16:01:02.0673 2848 CmBatt - ok
    16:01:02.0735 2848 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    16:01:02.0735 2848 cmdide - ok
    16:01:02.0829 2848 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    16:01:02.0907 2848 Com4Qlb - ok
    16:01:03.0016 2848 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    16:01:03.0016 2848 Compbatt - ok
    16:01:03.0047 2848 COMSysApp - ok
    16:01:03.0047 2848 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    16:01:03.0047 2848 crcdisk - ok
    16:01:03.0079 2848 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    16:01:03.0079 2848 Crusoe - ok
    16:01:03.0157 2848 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    16:01:03.0157 2848 CryptSvc - ok
    16:01:03.0219 2848 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    16:01:03.0219 2848 DcomLaunch - ok
    16:01:03.0281 2848 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    16:01:03.0297 2848 DfsC - ok
    16:01:03.0391 2848 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    16:01:03.0469 2848 DFSR - ok
    16:01:03.0578 2848 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    16:01:03.0593 2848 Dhcp - ok
    16:01:03.0656 2848 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    16:01:03.0656 2848 disk - ok
    16:01:03.0718 2848 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
    16:01:03.0718 2848 Dnscache - ok
    16:01:03.0765 2848 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    16:01:03.0765 2848 dot3svc - ok
    16:01:03.0812 2848 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    16:01:03.0812 2848 DPS - ok
    16:01:03.0859 2848 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    16:01:03.0859 2848 drmkaud - ok
    16:01:03.0937 2848 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    16:01:03.0952 2848 DXGKrnl - ok
    16:01:04.0030 2848 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    16:01:04.0030 2848 E1G60 - ok
    16:01:04.0093 2848 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    16:01:04.0093 2848 EapHost - ok
    16:01:04.0217 2848 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    16:01:04.0217 2848 Ecache - ok
    16:01:04.0295 2848 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    16:01:04.0311 2848 ehRecvr - ok
    16:01:04.0327 2848 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    16:01:04.0327 2848 ehSched - ok
    16:01:04.0342 2848 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    16:01:04.0342 2848 ehstart - ok
    16:01:04.0436 2848 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    16:01:04.0436 2848 elxstor - ok
    16:01:04.0561 2848 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    16:01:04.0576 2848 EMDMgmt - ok
    16:01:04.0670 2848 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    16:01:04.0670 2848 ErrDev - ok
    16:01:04.0717 2848 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    16:01:04.0732 2848 EventSystem - ok
    16:01:04.0810 2848 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    16:01:04.0810 2848 exfat - ok
    16:01:04.0857 2848 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    16:01:04.0857 2848 fastfat - ok
    16:01:04.0904 2848 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    16:01:04.0904 2848 fdc - ok
    16:01:04.0951 2848 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    16:01:04.0951 2848 fdPHost - ok
    16:01:04.0966 2848 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    16:01:04.0966 2848 FDResPub - ok
    16:01:05.0029 2848 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    16:01:05.0029 2848 FileInfo - ok
    16:01:05.0060 2848 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    16:01:05.0060 2848 Filetrace - ok
    16:01:05.0075 2848 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    16:01:05.0075 2848 flpydisk - ok
    16:01:05.0138 2848 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    16:01:05.0138 2848 FltMgr - ok
    16:01:05.0263 2848 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
    16:01:05.0278 2848 FontCache - ok
    16:01:05.0341 2848 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    16:01:05.0341 2848 FontCache3.0.0.0 - ok
    16:01:05.0434 2848 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    16:01:05.0450 2848 Fs_Rec - ok
    16:01:05.0481 2848 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    16:01:05.0481 2848 gagp30kx - ok
    16:01:05.0606 2848 GameConsoleService (44d07e5a444692e9b6a5cdd7401b4402) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    16:01:05.0731 2848 GameConsoleService - ok
    16:01:05.0855 2848 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    16:01:05.0855 2848 GEARAspiWDM - ok
    16:01:05.0933 2848 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    16:01:05.0965 2848 gpsvc - ok
    16:01:06.0089 2848 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    16:01:06.0089 2848 HdAudAddService - ok
    16:01:06.0167 2848 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    16:01:06.0167 2848 HDAudBus - ok
    16:01:06.0199 2848 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    16:01:06.0199 2848 HidBth - ok
    16:01:06.0230 2848 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    16:01:06.0230 2848 HidIr - ok
    16:01:06.0308 2848 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    16:01:06.0308 2848 hidserv - ok
    16:01:06.0339 2848 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    16:01:06.0355 2848 HidUsb - ok
    16:01:06.0386 2848 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    16:01:06.0386 2848 hkmsvc - ok
    16:01:06.0495 2848 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    16:01:06.0511 2848 HP Health Check Service - ok
    16:01:06.0589 2848 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    16:01:06.0589 2848 HpCISSs - ok
    16:01:06.0713 2848 hpqcxs08 (682358f730b84b63e09c6b4edc1de7ae) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    16:01:06.0729 2848 hpqcxs08 - ok
    16:01:06.0745 2848 hpqddsvc (2e7bee4aa776cf1c37836b26d1d29403) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    16:01:06.0745 2848 hpqddsvc - ok
    16:01:06.0854 2848 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
    16:01:06.0854 2848 HpqKbFiltr - ok
    16:01:06.0885 2848 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
    16:01:06.0885 2848 HpqRemHid - ok
    16:01:06.0963 2848 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    16:01:06.0963 2848 hpqwmiex - ok
    16:01:07.0072 2848 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    16:01:07.0072 2848 HSFHWAZL - ok
    16:01:07.0135 2848 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    16:01:07.0135 2848 HSF_DPV - ok
    16:01:07.0213 2848 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    16:01:07.0213 2848 HTTP - ok
    16:01:07.0322 2848 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    16:01:07.0322 2848 i2omp - ok
    16:01:07.0493 2848 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    16:01:07.0493 2848 i8042prt - ok
    16:01:07.0587 2848 IAANTMON (681ef6e0cc7bbaa0c09acabeb91f669e) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    16:01:07.0587 2848 IAANTMON - ok
    16:01:07.0727 2848 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
    16:01:07.0727 2848 iaStor - ok
    16:01:07.0868 2848 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    16:01:07.0868 2848 iaStorV - ok
    16:01:07.0930 2848 IBUpdaterService (1da072a112fff778ba3b5b7366aa3516) C:\ProgramData\IBUpdaterService\ibsvc.exe
    16:01:08.0336 2848 IBUpdaterService - ok
    16:01:08.0461 2848 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    16:01:08.0461 2848 IDriverT - ok
    16:01:08.0585 2848 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    16:01:08.0617 2848 idsvc - ok
    16:01:08.0695 2848 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    16:01:08.0695 2848 iirsp - ok
    16:01:08.0757 2848 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    16:01:08.0773 2848 IKEEXT - ok
    16:01:08.0882 2848 IntcAzAudAddService (1f10ed6f98c57efb4e7fb9972b2dbb71) C:\Windows\system32\drivers\RTKVHDA.sys
    16:01:08.0897 2848 IntcAzAudAddService - ok
    16:01:08.0944 2848 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    16:01:08.0944 2848 intelide - ok
    16:01:08.0960 2848 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    16:01:08.0960 2848 intelppm - ok
    16:01:08.0991 2848 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    16:01:08.0991 2848 IPBusEnum - ok
    16:01:09.0022 2848 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    16:01:09.0022 2848 IpFilterDriver - ok
    16:01:09.0069 2848 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
    16:01:09.0069 2848 iphlpsvc - ok
    16:01:09.0085 2848 IpInIp - ok
    16:01:09.0131 2848 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    16:01:09.0131 2848 IPMIDRV - ok
    16:01:09.0163 2848 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    16:01:09.0163 2848 IPNAT - ok
    16:01:09.0256 2848 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
    16:01:09.0272 2848 iPod Service - ok
    16:01:09.0412 2848 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    16:01:09.0412 2848 IRENUM - ok
    16:01:09.0475 2848 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    16:01:09.0475 2848 isapnp - ok
    16:01:09.0521 2848 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    16:01:09.0521 2848 iScsiPrt - ok
    16:01:09.0584 2848 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    16:01:09.0584 2848 iteatapi - ok
    16:01:09.0646 2848 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    16:01:09.0646 2848 iteraid - ok
    16:01:09.0662 2848 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    16:01:09.0662 2848 kbdclass - ok
    16:01:09.0709 2848 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    16:01:09.0709 2848 kbdhid - ok
    16:01:09.0740 2848 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:09.0740 2848 KeyIso - ok
    16:01:09.0787 2848 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
    16:01:09.0787 2848 KSecDD - ok
    16:01:09.0833 2848 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    16:01:09.0833 2848 KtmRm - ok
    16:01:09.0880 2848 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
    16:01:09.0880 2848 LanmanServer - ok
    16:01:09.0927 2848 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    16:01:09.0927 2848 LanmanWorkstation - ok
    16:01:10.0036 2848 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    16:01:10.0036 2848 LightScribeService - ok
    16:01:10.0130 2848 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    16:01:10.0130 2848 lltdio - ok
    16:01:10.0177 2848 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    16:01:10.0192 2848 lltdsvc - ok
    16:01:10.0208 2848 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    16:01:10.0208 2848 lmhosts - ok
    16:01:10.0239 2848 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    16:01:10.0239 2848 LSI_FC - ok
    16:01:10.0270 2848 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    16:01:10.0270 2848 LSI_SAS - ok
    16:01:10.0286 2848 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    16:01:10.0286 2848 LSI_SCSI - ok
    16:01:10.0317 2848 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    16:01:10.0317 2848 luafv - ok
    16:01:10.0364 2848 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
    16:01:10.0364 2848 MBAMSwissArmy - ok
    16:01:10.0473 2848 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files\Common Files\Motive\McciCMService.exe
    16:01:10.0489 2848 McciCMService - ok
    16:01:10.0520 2848 McciServiceHost (eee1ea23c4777adb268a36196a631200) C:\Program Files\Common Files\Motive\McciServiceHost.exe
    16:01:10.0738 2848 McciServiceHost - ok
    16:01:10.0832 2848 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    16:01:10.0832 2848 Mcx2Svc - ok
    16:01:10.0894 2848 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    16:01:10.0894 2848 megasas - ok
    16:01:10.0957 2848 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    16:01:10.0972 2848 MegaSR - ok
    16:01:11.0066 2848 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
    16:01:11.0081 2848 Microsoft Office Groove Audit Service - ok
    16:01:11.0144 2848 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    16:01:11.0144 2848 MMCSS - ok
    16:01:11.0206 2848 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    16:01:11.0206 2848 Modem - ok
    16:01:11.0269 2848 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
    16:01:11.0269 2848 MODEMCSA - ok
    16:01:11.0284 2848 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    16:01:11.0284 2848 monitor - ok
    16:01:11.0331 2848 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    16:01:11.0331 2848 mouclass - ok
    16:01:11.0347 2848 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    16:01:11.0393 2848 mouhid - ok
    16:01:11.0440 2848 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    16:01:11.0440 2848 MountMgr - ok
    16:01:11.0503 2848 MozillaMaintenance (750babaabb49a8a2238fa4b58ac09af8) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    16:01:11.0518 2848 MozillaMaintenance - ok
    16:01:11.0612 2848 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
    16:01:11.0612 2848 MpFilter - ok
    16:01:11.0705 2848 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    16:01:11.0705 2848 mpio - ok
    16:01:11.0846 2848 MpKsl75655a01 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16AC8B7B-48E6-463D-83CB-2A1995AF313C}\MpKsl75655a01.sys
    16:01:11.0846 2848 MpKsl75655a01 - ok
    16:01:11.0955 2848 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
    16:01:11.0955 2848 MpNWMon - ok
    16:01:12.0002 2848 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    16:01:12.0002 2848 mpsdrv - ok
    16:01:12.0049 2848 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    16:01:12.0049 2848 MpsSvc - ok
    16:01:12.0095 2848 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    16:01:12.0095 2848 Mraid35x - ok
    16:01:12.0205 2848 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    16:01:12.0205 2848 MREMP50 - ok
    16:01:12.0236 2848 MREMPR5 - ok
    16:01:12.0251 2848 MRENDIS5 - ok
    16:01:12.0251 2848 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    16:01:12.0267 2848 MRESP50 - ok
    16:01:12.0361 2848 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    16:01:12.0361 2848 MRxDAV - ok
    16:01:12.0423 2848 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    16:01:12.0423 2848 mrxsmb - ok
    16:01:12.0470 2848 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    16:01:12.0485 2848 mrxsmb10 - ok
    16:01:12.0517 2848 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    16:01:12.0517 2848 mrxsmb20 - ok
    16:01:12.0548 2848 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    16:01:12.0563 2848 msahci - ok
    16:01:12.0579 2848 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    16:01:12.0579 2848 msdsm - ok
    16:01:12.0610 2848 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    16:01:12.0610 2848 MSDTC - ok
    16:01:12.0626 2848 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    16:01:12.0626 2848 Msfs - ok
    16:01:12.0657 2848 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    16:01:12.0657 2848 msisadrv - ok
    16:01:12.0766 2848 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    16:01:12.0766 2848 MSiSCSI - ok
    16:01:12.0844 2848 msiserver - ok
    16:01:12.0891 2848 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    16:01:12.0907 2848 MSKSSRV - ok
    16:01:13.0063 2848 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    16:01:13.0063 2848 MsMpSvc - ok
    16:01:13.0156 2848 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    16:01:13.0156 2848 MSPCLOCK - ok
    16:01:13.0203 2848 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    16:01:13.0203 2848 MSPQM - ok
    16:01:13.0250 2848 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    16:01:13.0250 2848 MsRPC - ok
    16:01:13.0297 2848 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    16:01:13.0297 2848 mssmbios - ok
    16:01:13.0312 2848 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    16:01:13.0312 2848 MSTEE - ok
    16:01:13.0359 2848 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    16:01:13.0359 2848 Mup - ok
    16:01:13.0421 2848 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    16:01:13.0437 2848 napagent - ok
    16:01:13.0484 2848 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    16:01:13.0499 2848 NativeWifiP - ok
    16:01:13.0546 2848 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    16:01:13.0562 2848 NDIS - ok
    16:01:13.0624 2848 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    16:01:13.0624 2848 NdisTapi - ok
    16:01:13.0655 2848 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    16:01:13.0671 2848 Ndisuio - ok
    16:01:13.0718 2848 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    16:01:13.0718 2848 NdisWan - ok
    16:01:13.0749 2848 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    16:01:13.0749 2848 NDProxy - ok
    16:01:13.0796 2848 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
    16:01:13.0796 2848 Net Driver HPZ12 - ok
    16:01:13.0843 2848 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    16:01:13.0843 2848 NetBIOS - ok
    16:01:13.0889 2848 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    16:01:13.0889 2848 netbt - ok
    16:01:13.0921 2848 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:13.0921 2848 Netlogon - ok
    16:01:13.0952 2848 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    16:01:13.0967 2848 Netman - ok
    16:01:13.0999 2848 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    16:01:14.0014 2848 netprofm - ok
    16:01:14.0061 2848 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    16:01:14.0061 2848 NetTcpPortSharing - ok
    16:01:14.0201 2848 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
    16:01:14.0217 2848 NETw3v32 - ok
    16:01:14.0357 2848 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
    16:01:14.0373 2848 NETw4v32 - ok
    16:01:14.0560 2848 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
    16:01:14.0576 2848 NETw5v32 - ok
    16:01:14.0654 2848 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    16:01:14.0654 2848 nfrd960 - ok
    16:01:14.0701 2848 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    16:01:14.0701 2848 NisDrv - ok
    16:01:14.0794 2848 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    16:01:14.0794 2848 NisSrv - ok
    16:01:14.0888 2848 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    16:01:14.0888 2848 NlaSvc - ok
    16:01:14.0950 2848 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    16:01:14.0950 2848 Npfs - ok
    16:01:14.0981 2848 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    16:01:14.0981 2848 nsi - ok
    16:01:15.0028 2848 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    16:01:15.0028 2848 nsiproxy - ok
    16:01:15.0106 2848 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    16:01:15.0106 2848 Ntfs - ok
    16:01:15.0137 2848 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    16:01:15.0137 2848 ntrigdigi - ok
    16:01:15.0200 2848 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
    16:01:15.0200 2848 NuidFltr - ok
    16:01:15.0215 2848 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    16:01:15.0215 2848 Null - ok
    16:01:15.0262 2848 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
    16:01:15.0278 2848 NVENETFD - ok
    16:01:15.0527 2848 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    16:01:15.0605 2848 nvlddmkm - ok
    16:01:15.0668 2848 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    16:01:15.0668 2848 nvraid - ok
    16:01:15.0699 2848 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    16:01:15.0699 2848 nvstor - ok
    16:01:15.0730 2848 nvsvc (c4d17f11526f87bc762f31da5bd2580b) C:\Windows\system32\nvvsvc.exe
    16:01:15.0746 2848 nvsvc - ok
    16:01:15.0777 2848 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    16:01:15.0777 2848 nv_agp - ok
    16:01:15.0793 2848 NwlnkFlt - ok
    16:01:15.0793 2848 NwlnkFwd - ok
    16:01:15.0886 2848 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    16:01:15.0902 2848 odserv - ok
    16:01:15.0964 2848 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    16:01:15.0964 2848 ohci1394 - ok
    16:01:16.0058 2848 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    16:01:16.0058 2848 ose - ok
    16:01:16.0105 2848 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0151 2848 p2pimsvc - ok
    16:01:16.0167 2848 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0167 2848 p2psvc - ok
    16:01:16.0214 2848 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    16:01:16.0214 2848 Parport - ok
    16:01:16.0261 2848 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    16:01:16.0261 2848 partmgr - ok
    16:01:16.0276 2848 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    16:01:16.0276 2848 Parvdm - ok
    16:01:16.0323 2848 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    16:01:16.0339 2848 PcaSvc - ok
    16:01:16.0370 2848 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    16:01:16.0370 2848 pci - ok
    16:01:16.0417 2848 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
    16:01:16.0417 2848 pciide - ok
    16:01:16.0448 2848 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    16:01:16.0448 2848 pcmcia - ok
    16:01:16.0510 2848 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    16:01:16.0510 2848 PEAUTH - ok
    16:01:16.0573 2848 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    16:01:16.0619 2848 pla - ok
    16:01:16.0666 2848 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    16:01:16.0666 2848 PlugPlay - ok
    16:01:16.0729 2848 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
    16:01:16.0729 2848 Pml Driver HPZ12 - ok
    16:01:16.0791 2848 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0807 2848 PNRPAutoReg - ok
    16:01:16.0822 2848 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0838 2848 PNRPsvc - ok
    16:01:16.0885 2848 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    16:01:16.0885 2848 PolicyAgent - ok
    16:01:16.0931 2848 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    16:01:16.0931 2848 PptpMiniport - ok
    16:01:16.0978 2848 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    16:01:16.0978 2848 Processor - ok
    16:01:17.0041 2848 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    16:01:17.0041 2848 ProfSvc - ok
    16:01:17.0072 2848 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:17.0072 2848 ProtectedStorage - ok
    16:01:17.0134 2848 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    16:01:17.0134 2848 PSched - ok
    16:01:17.0197 2848 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    16:01:17.0212 2848 ql2300 - ok
    16:01:17.0243 2848 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    16:01:17.0243 2848 ql40xx - ok
    16:01:17.0399 2848 QPCapSvc (ba396d1c71934e22679d3f4dac17e7ab) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    16:01:17.0399 2848 QPCapSvc - ok
    16:01:17.0431 2848 QPSched (4b455e8c41cad3219ccf53024dcad604) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    16:01:17.0431 2848 QPSched - ok
    16:01:17.0509 2848 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    16:01:17.0509 2848 QWAVE - ok
    16:01:17.0571 2848 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    16:01:17.0571 2848 QWAVEdrv - ok
    16:01:17.0618 2848 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
    16:01:17.0618 2848 RapiMgr - ok
    16:01:17.0649 2848 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    16:01:17.0649 2848 RasAcd - ok
    16:01:17.0680 2848 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    16:01:17.0696 2848 RasAuto - ok
    16:01:17.0727 2848 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    16:01:17.0727 2848 Rasl2tp - ok
    16:01:17.0758 2848 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    16:01:17.0774 2848 RasMan - ok
    16:01:17.0805 2848 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    16:01:17.0805 2848 RasPppoe - ok
    16:01:17.0867 2848 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    16:01:17.0867 2848 RasSstp - ok
    16:01:17.0914 2848 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    16:01:17.0914 2848 rdbss - ok
    16:01:17.0961 2848 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    16:01:17.0961 2848 RDPCDD - ok
    16:01:17.0992 2848 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    16:01:17.0992 2848 rdpdr - ok
    16:01:18.0008 2848 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    16:01:18.0023 2848 RDPENCDD - ok
    16:01:18.0070 2848 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    16:01:18.0070 2848 RDPWD - ok
    16:01:18.0117 2848 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    16:01:18.0133 2848 RemoteAccess - ok
    16:01:18.0164 2848 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    16:01:18.0179 2848 RemoteRegistry - ok
    16:01:18.0304 2848 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    16:01:18.0304 2848 RichVideo - ok
    16:01:18.0460 2848 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
    16:01:18.0460 2848 rimmptsk - ok
    16:01:18.0491 2848 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
    16:01:18.0491 2848 rimsptsk - ok
    16:01:18.0491 2848 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
    16:01:18.0507 2848 rismxdp - ok
    16:01:18.0523 2848 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    16:01:18.0523 2848 RpcLocator - ok
    16:01:18.0585 2848 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    16:01:18.0585 2848 RpcSs - ok
    16:01:18.0647 2848 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    16:01:18.0647 2848 rspndr - ok
    16:01:18.0694 2848 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
    16:01:18.0694 2848 RTL8169 - ok
    16:01:18.0757 2848 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:18.0757 2848 SamSs - ok
    16:01:18.0835 2848 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    16:01:18.0835 2848 SASDIFSV - ok
    16:01:18.0835 2848 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    16:01:18.0835 2848 SASKUTIL - ok
    16:01:18.0944 2848 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    16:01:18.0944 2848 sbp2port - ok
    16:01:19.0069 2848 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    16:01:19.0069 2848 SBSDWSCService - ok
    16:01:19.0162 2848 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    16:01:19.0178 2848 SCardSvr - ok
    16:01:19.0240 2848 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
    16:01:19.0240 2848 Schedule - ok
    16:01:19.0287 2848 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    16:01:19.0287 2848 SCPolicySvc - ok
    16:01:19.0349 2848 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    16:01:19.0349 2848 sdbus - ok
    16:01:19.0412 2848 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    16:01:19.0412 2848 SDRSVC - ok
    16:01:19.0521 2848 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    16:01:19.0521 2848 secdrv - ok
    16:01:19.0552 2848 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    16:01:19.0568 2848 seclogon - ok
    16:01:19.0583 2848 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    16:01:19.0583 2848 SENS - ok
    16:01:19.0646 2848 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    16:01:19.0646 2848 Serenum - ok
    16:01:19.0677 2848 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    16:01:19.0677 2848 Serial - ok
    16:01:19.0708 2848 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    16:01:19.0708 2848 sermouse - ok
    16:01:19.0755 2848 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    16:01:19.0771 2848 SessionEnv - ok
    16:01:19.0802 2848 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
    16:01:19.0802 2848 sffdisk - ok
    16:01:19.0849 2848 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    16:01:19.0849 2848 sffp_mmc - ok
    16:01:19.0880 2848 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
    16:01:19.0880 2848 sffp_sd - ok
    16:01:19.0911 2848 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    16:01:19.0911 2848 sfloppy - ok
    16:01:19.0989 2848 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    16:01:19.0989 2848 SharedAccess - ok
    16:01:20.0051 2848 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
    16:01:20.0067 2848 ShellHWDetection - ok
    16:01:20.0114 2848 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    16:01:20.0114 2848 sisagp - ok
    16:01:20.0145 2848 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    16:01:20.0145 2848 SiSRaid2 - ok
    16:01:20.0207 2848 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    16:01:20.0207 2848 SiSRaid4 - ok
    16:01:20.0332 2848 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    16:01:20.0426 2848 slsvc - ok
    16:01:20.0535 2848 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    16:01:20.0535 2848 SLUINotify - ok
    16:01:20.0629 2848 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    16:01:20.0644 2848 Smb - ok
    16:01:20.0738 2848 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
    16:01:20.0738 2848 smserial - ok
    16:01:20.0831 2848 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    16:01:20.0831 2848 SNMPTRAP - ok
    16:01:20.0894 2848 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    16:01:20.0894 2848 spldr - ok
    16:01:20.0987 2848 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
    16:01:20.0987 2848 Spooler - ok
    16:01:21.0034 2848 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    16:01:21.0034 2848 srv - ok
    16:01:21.0128 2848 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    16:01:21.0143 2848 srv2 - ok
    16:01:21.0190 2848 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    16:01:21.0190 2848 srvnet - ok
    16:01:21.0315 2848 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\Windows\system32\DRIVERS\ssadbus.sys
    16:01:21.0331 2848 ssadbus - ok
    16:01:21.0424 2848 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\Windows\system32\DRIVERS\ssadmdfl.sys
    16:01:21.0424 2848 ssadmdfl - ok
    16:01:21.0502 2848 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\Windows\system32\DRIVERS\ssadmdm.sys
    16:01:21.0502 2848 ssadmdm - ok
    16:01:21.0627 2848 ssadserd (8e6f645a098aa8e2e0947eee70dccb89) C:\Windows\system32\DRIVERS\ssadserd.sys
    16:01:21.0627 2848 ssadserd - ok
    16:01:21.0705 2848 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys
    16:01:21.0705 2848 sscdbus - ok
    16:01:21.0799 2848 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
    16:01:21.0799 2848 sscdmdfl - ok
    16:01:21.0861 2848 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys
    16:01:21.0861 2848 sscdmdm - ok
    16:01:21.0892 2848 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    16:01:21.0892 2848 SSDPSRV - ok
    16:01:22.0001 2848 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    16:01:22.0001 2848 SstpSvc - ok
    16:01:22.0126 2848 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    16:01:22.0126 2848 stisvc - ok
    16:01:22.0189 2848 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    16:01:22.0189 2848 swenum - ok
    16:01:22.0298 2848 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    16:01:22.0298 2848 swprv - ok
    16:01:22.0391 2848 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    16:01:22.0391 2848 Symc8xx - ok
    16:01:22.0485 2848 SymIM - ok
    16:01:22.0532 2848 SymIMMP - ok
    16:01:22.0953 2848 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    16:01:22.0953 2848 Sym_hi - ok
    16:01:23.0062 2848 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    16:01:23.0062 2848 Sym_u3 - ok
    16:01:23.0171 2848 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
    16:01:23.0171 2848 SynTP - ok
    16:01:23.0249 2848 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    16:01:23.0281 2848 SysMain - ok
    16:01:23.0390 2848 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    16:01:23.0405 2848 TabletInputService - ok
    16:01:23.0515 2848 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    16:01:23.0530 2848 TapiSrv - ok
    16:01:23.0608 2848 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    16:01:23.0608 2848 TBS - ok
    16:01:23.0733 2848 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
    16:01:23.0733 2848 Tcpip - ok
    16:01:23.0873 2848 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
    16:01:23.0889 2848 Tcpip6 - ok
    16:01:24.0139 2848 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
    16:01:24.0139 2848 tcpipreg - ok
    16:01:24.0263 2848 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    16:01:24.0263 2848 TDPIPE - ok
    16:01:24.0357 2848 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    16:01:24.0357 2848 TDTCP - ok
    16:01:24.0451 2848 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    16:01:24.0451 2848 tdx - ok
    16:01:24.0591 2848 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    16:01:24.0591 2848 TermDD - ok
    16:01:24.0731 2848 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    16:01:24.0731 2848 TermService - ok
    16:01:24.0856 2848 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
    16:01:24.0856 2848 Themes - ok
    16:01:24.0965 2848 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    16:01:24.0965 2848 THREADORDER - ok
    16:01:25.0075 2848 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    16:01:25.0090 2848 TrkWks - ok
    16:01:25.0184 2848 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    16:01:25.0184 2848 TrustedInstaller - ok
    16:01:25.0293 2848 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    16:01:25.0293 2848 tssecsrv - ok
    16:01:25.0387 2848 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    16:01:25.0402 2848 tunmp - ok
    16:01:25.0543 2848 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    16:01:25.0543 2848 tunnel - ok
    16:01:25.0667 2848 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    16:01:25.0683 2848 uagp35 - ok
    16:01:25.0839 2848 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    16:01:25.0839 2848 udfs - ok
    16:01:25.0964 2848 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    16:01:25.0964 2848 UI0Detect - ok
    16:01:26.0089 2848 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    16:01:26.0089 2848 uliagpkx - ok
    16:01:26.0213 2848 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    16:01:26.0213 2848 uliahci - ok
    16:01:26.0338 2848 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    16:01:26.0338 2848 UlSata - ok
    16:01:26.0447 2848 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    16:01:26.0447 2848 ulsata2 - ok
    16:01:26.0572 2848 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    16:01:26.0572 2848 umbus - ok
    16:01:26.0666 2848 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    16:01:26.0681 2848 upnphost - ok
    16:01:26.0931 2848 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
    16:01:26.0931 2848 USBAAPL - ok
    16:01:27.0056 2848 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    16:01:27.0056 2848 usbccgp - ok
    16:01:27.0165 2848 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    16:01:27.0165 2848 usbcir - ok
    16:01:27.0290 2848 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    16:01:27.0290 2848 usbehci - ok
    16:01:27.0415 2848 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    16:01:27.0415 2848 usbhub - ok
    16:01:27.0555 2848 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
    16:01:27.0555 2848 usbohci - ok
    16:01:27.0695 2848 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    16:01:27.0695 2848 usbprint - ok
    16:01:27.0992 2848 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    16:01:27.0992 2848 USBSTOR - ok
    16:01:28.0070 2848 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    16:01:28.0070 2848 usbuhci - ok
    16:01:28.0148 2848 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
    16:01:28.0148 2848 usbvideo - ok
    16:01:28.0273 2848 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
    16:01:28.0273 2848 usb_rndisx - ok
    16:01:28.0335 2848 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    16:01:28.0335 2848 UxSms - ok
    16:01:28.0382 2848 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    16:01:28.0397 2848 vds - ok
    16:01:28.0522 2848 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    16:01:28.0522 2848 vga - ok
    16:01:28.0663 2848 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    16:01:28.0663 2848 VgaSave - ok
    16:01:28.0819 2848 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    16:01:28.0819 2848 viaagp - ok
    16:01:28.0959 2848 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    16:01:28.0959 2848 ViaC7 - ok
    16:01:29.0068 2848 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    16:01:29.0068 2848 viaide - ok
    16:01:29.0193 2848 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    16:01:29.0193 2848 volmgr - ok
    16:01:29.0302 2848 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    16:01:29.0318 2848 volmgrx - ok
    16:01:29.0427 2848 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    16:01:29.0443 2848 volsnap - ok
    16:01:29.0567 2848 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    16:01:29.0567 2848 vsmraid - ok
    16:01:29.0708 2848 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    16:01:29.0739 2848 VSS - ok
    16:01:29.0848 2848 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    16:01:29.0864 2848 W32Time - ok
    16:01:29.0973 2848 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    16:01:29.0973 2848 WacomPen - ok
    16:01:30.0113 2848 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    16:01:30.0113 2848 Wanarp - ok
    16:01:30.0113 2848 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    16:01:30.0113 2848 Wanarpv6 - ok
    16:01:30.0191 2848 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
    16:01:30.0191 2848 WcesComm - ok
    16:01:30.0301 2848 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    16:01:30.0301 2848 wcncsvc - ok
    16:01:30.0441 2848 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    16:01:30.0457 2848 WcsPlugInService - ok
    16:01:30.0566 2848 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    16:01:30.0566 2848 Wd - ok
    16:01:30.0878 2848 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    16:01:30.0893 2848 Wdf01000 - ok
    16:01:31.0096 2848 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    16:01:31.0096 2848 WdiServiceHost - ok
    16:01:31.0112 2848 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    16:01:31.0112 2848 WdiSystemHost - ok
    16:01:31.0252 2848 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    16:01:31.0252 2848 WebClient - ok
    16:01:31.0346 2848 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
    16:01:31.0346 2848 Wecsvc - ok
    16:01:31.0439 2848 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    16:01:31.0439 2848 wercplsupport - ok
    16:01:31.0580 2848 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    16:01:31.0580 2848 WerSvc - ok
    16:01:31.0720 2848 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    16:01:31.0736 2848 winachsf - ok
    16:01:31.0907 2848 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    16:01:31.0923 2848 WinDefend - ok
    16:01:31.0923 2848 WinHttpAutoProxySvc - ok
    16:01:32.0063 2848 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    16:01:32.0063 2848 Winmgmt - ok
    16:01:32.0188 2848 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
    16:01:32.0235 2848 WinRM - ok
    16:01:32.0391 2848 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
    16:01:32.0391 2848 winusb - ok
    16:01:32.0531 2848 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    16:01:32.0563 2848 Wlansvc - ok
    16:01:32.0703 2848 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    16:01:32.0703 2848 WmiAcpi - ok
    16:01:32.0890 2848 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    16:01:32.0890 2848 wmiApSrv - ok
    16:01:32.0984 2848 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    16:01:32.0999 2848 WMPNetworkSvc - ok
    16:01:33.0280 2848 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    16:01:33.0280 2848 WPCSvc - ok
    16:01:33.0389 2848 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    16:01:33.0405 2848 WPDBusEnum - ok
    16:01:33.0499 2848 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    16:01:33.0499 2848 WpdUsb - ok
    16:01:33.0701 2848 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    16:01:33.0717 2848 WPFFontCache_v0400 - ok
    16:01:33.0857 2848 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    16:01:33.0857 2848 ws2ifsl - ok
    16:01:33.0982 2848 WsAudio_DeviceS(1) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
    16:01:33.0998 2848 WsAudio_DeviceS(1) - ok
    16:01:34.0154 2848 WsAudio_DeviceS(2) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
    16:01:34.0169 2848 WsAudio_DeviceS(2) - ok
    16:01:34.0419 2848 WsAudio_DeviceS(3) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
    16:01:34.0435 2848 WsAudio_DeviceS(3) - ok
    16:01:34.0559 2848 WsAudio_DeviceS(4) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
    16:01:34.0591 2848 WsAudio_DeviceS(4) - ok
    16:01:34.0715 2848 WsAudio_DeviceS(5) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
    16:01:34.0747 2848 WsAudio_DeviceS(5) - ok
    16:01:34.0934 2848 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    16:01:34.0934 2848 wscsvc - ok
    16:01:34.0965 2848 WSearch - ok
    16:01:35.0043 2848 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
    16:01:35.0090 2848 wuauserv - ok
    16:01:35.0152 2848 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    16:01:35.0168 2848 WUDFRd - ok
    16:01:35.0199 2848 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    16:01:35.0199 2848 wudfsvc - ok
    16:01:35.0308 2848 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    16:01:35.0324 2848 YahooAUService - ok
    16:01:35.0339 2848 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
    16:01:35.0371 2848 \Device\Harddisk0\DR0 - ok
    16:01:35.0386 2848 Boot (0x1200) (e8add1cac59de5e50ad472f262885053) \Device\Harddisk0\DR0\Partition0
    16:01:35.0386 2848 \Device\Harddisk0\DR0\Partition0 - ok
    16:01:35.0386 2848 Boot (0x1200) (459e374a477f9269f777e6a789f1d535) \Device\Harddisk0\DR0\Partition1
    16:01:35.0386 2848 \Device\Harddisk0\DR0\Partition1 - ok
    16:01:35.0386 2848 ============================================================
    16:01:35.0386 2848 Scan finished
    16:01:35.0386 2848 ============================================================
    16:01:35.0402 1428 Detected object count: 0
    16:01:35.0402 1428 Actual detected object count: 0





    ComboFix 12-04-04.02 - Allison 04/04/2012 16:26:34.1.2 - x86
    Microsoft Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3070.1980 [GMT -4:00]
    Running from: c:\users\Allison\Desktop\ComboFix.exe
    AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\users\Allison\Documents\~WRL0005.tmp
    c:\windows\system32\KBL.LOG
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-03-04 to 2012-04-04 )))))))))))))))))))))))))))))))
    .
    .
    2012-04-04 20:34 . 2012-04-04 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-04-04 20:34 . 2012-04-04 20:34 -------- d-----w- c:\users\Administrator\AppData\Local\temp
    2012-04-04 19:59 . 2012-04-04 19:59 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{16AC8B7B-48E6-463D-83CB-2A1995AF313C}\MpKsl75655a01.sys
    2012-04-04 19:55 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{16AC8B7B-48E6-463D-83CB-2A1995AF313C}\mpengine.dll
    2012-03-30 23:29 . 2012-03-31 02:06 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2012-03-30 23:29 . 2012-03-30 23:29 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
    2012-03-30 23:29 . 2012-03-30 23:29 -------- d-----w- c:\programdata\Malwarebytes
    2012-03-30 23:29 . 2012-03-30 23:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-03-30 23:29 . 2011-12-10 19:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-03-30 22:04 . 2012-03-30 22:04 -------- d-----w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
    2012-03-30 22:04 . 2012-03-30 22:04 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-03-30 22:04 . 2012-03-30 22:04 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2012-03-30 21:52 . 2012-03-30 21:52 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-03-30 21:42 . 2012-03-30 21:42 388096 ----a-r- c:\users\Allison\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-03-30 21:42 . 2012-03-30 21:42 -------- d-----w- c:\program files\Trend Micro
    2012-03-28 13:33 . 2012-03-31 15:23 -------- d-----w- c:\program files\Mozilla Maintenance Service
    2012-03-26 23:07 . 2012-03-26 23:07 -------- d-----w- c:\users\Allison\AppData\Local\Amazon
    2012-03-26 02:26 . 2012-01-11 16:01 6745392 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report0fc5e503\spybotsd_includes.exe
    2012-03-21 14:48 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
    2012-03-21 14:48 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2012-03-21 14:48 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2012-03-21 14:48 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2012-03-21 14:48 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
    2012-03-21 14:48 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
    2012-03-21 14:48 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2012-03-21 14:47 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
    2012-03-21 14:47 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-03-12 19:49 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
    2012-03-12 19:49 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
    2012-03-12 19:40 . 2012-03-12 19:40 -------- d-----w- c:\users\Allison\AppData\Local\HP
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-03-14 02:15 . 2012-01-14 00:17 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-03-02 20:30 . 2011-06-04 01:44 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-02-10 08:29 . 2012-02-10 08:30 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F0CB537-E1C7-468F-A2D9-1E55ABF3BA2A}\gapaengine.dll
    2012-01-31 12:44 . 2011-01-20 00:02 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-01-12 23:48 . 2012-02-10 08:31 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Allison\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Allison\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Allison\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
    .
    c:\users\Allison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Allison\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^Users^Allison^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
    path=c:\users\Allison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-11-02 04:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATT-SST_McciTrayApp]
    2010-07-27 10:15 1573888 ----a-w- c:\program files\ATT-SST\McciTrayApp.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
    2012-01-24 22:24 2416480 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
    2011-03-11 05:05 4772720 ----a-w- c:\users\Allison\Downloads\BitTorrent-7.2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
    2011-03-03 07:40 11509760 ----a-w- c:\program files\Electronic Arts\EADM\EADMUI\EADMUI.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2011-01-19 23:02 136176 ----atw- c:\users\Allison\AppData\Local\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
    2009-02-26 23:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2006-12-11 02:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
    2007-08-23 00:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
    2007-09-13 16:47 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
    2007-10-24 10:02 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
    2012-02-28 19:43 1667072 ----a-w- c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2012-01-16 22:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2007-08-23 22:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    2009-10-03 16:40 13826664 ----a-w- c:\windows\System32\nvcpl.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
    2007-09-04 20:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
    2007-09-19 21:31 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
    2007-12-20 02:27 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 18:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    2009-06-09 15:25 7539232 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2011-01-26 22:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 21:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 18:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2010-05-28 03:31 1721640 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
    2007-08-17 06:13 218408 ----a-w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2011-03-18 19:42 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]
    2007-01-08 23:53 311296 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
    2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
    2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - 84782192
    *NewlyCreated* - MPKSL75655A01
    *Deregistered* - 84782192
    *Deregistered* - TrueSight
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    bthsvcs REG_MULTI_SZ BthServ
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-08-23 22:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137733965-995500835-2909134128-1000Core.job
    - c:\users\Allison\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-19 23:02]
    .
    2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137733965-995500835-2909134128-1000UA.job
    - c:\users\Allison\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-19 23:02]
    .
    2012-03-30 c:\windows\Tasks\HPCeeScheduleForAllison.job
    - c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-18 19:58]
    .
    2012-01-03 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
    - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2011-01-29 20:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://att.my.yahoo.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
    uInternet Settings,ProxyServer = http=127.0.0.1:57616
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\SpecialSavings\SpecialSavingsSinged.dll
    Trusted Zone: $talisma_url$
    TCP: DhcpNameServer = 192.168.1.254
    FF - ProfilePath - c:\users\Allison\AppData\Roaming\Mozilla\Firefox\Profiles\jczke6f3.default\
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 57616
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    - - - - ORPHANS REMOVED - - - -
    .
    MSConfigStartUp-Aimersoft Helper Compact - c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
    MSConfigStartUp-conhost - c:\users\Allison\AppData\Roaming\Microsoft\conhost.exe
    MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
    MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    MSConfigStartUp-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    MSConfigStartUp-isCfgWiz - c:\program files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe
    MSConfigStartUp-SMSERIAL - c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
    AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
    AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
    AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
    Rootkit scan 2012-04-04 16:36
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Completion time: 2012-04-04 16:39:41
    ComboFix-quarantined-files.txt 2012-04-04 20:39
    .
    Pre-Run: 203,752,308,736 bytes free
    Post-Run: 203,837,386,752 bytes free
    .
    - - End Of File - - C8757794B829768AC2E05B6EE7A152EE


    Havent been using the computer enough to comment on whether its condition has changed any.

  2. #12
    Member
    Join Date
    Mar 2012
    Posts
    10
    Points
    0

    Default

    RogueKiller V7.3.2 [03/20/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: RogueKiller - Geeks to Go Forums
    Blog: tigzy-RK

    Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Allison [Admin rights]
    Mode: HOSTSFix -- Date: 04/04/2012 15:48:30

    Bad processes: 2
    [SUSP PATH] ibsvc.exe -- C:\ProgramData\IBUpdaterService\ibsvc.exe -> KILLED [TermProc]
    [RESIDUE] ibsvc.exe -- C:\ProgramData\IBUpdaterService\ibsvc.exe -> KILLED [TermProc]

    Driver: [LOADED]

    HOSTS File:
    127.0.0.1 localhost
    ::1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 008k.com
    127.0.0.1 00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 ͨ,,𱦲188,ͨ,ټ,ټ
    [...]


    Resetted HOSTS:
    127.0.0.1 localhost

    Finished : << RKreport[6].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
    RKreport[6].txt




    15:59:25.0703 3516 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
    15:59:26.0187 3516 ============================================================
    15:59:26.0187 3516 Current date / time: 2012/04/04 15:59:26.0187
    15:59:26.0187 3516 SystemInfo:
    15:59:26.0187 3516
    15:59:26.0187 3516 OS Version: 6.0.6002 ServicePack: 2.0
    15:59:26.0187 3516 Product type: Workstation
    15:59:26.0187 3516 ComputerName: ALLISON-PC
    15:59:26.0187 3516 UserName: Allison
    15:59:26.0187 3516 Windows directory: C:\Windows
    15:59:26.0187 3516 System windows directory: C:\Windows
    15:59:26.0187 3516 Processor architecture: Intel x86
    15:59:26.0187 3516 Number of processors: 2
    15:59:26.0187 3516 Page size: 0x1000
    15:59:26.0187 3516 Boot type: Normal boot
    15:59:26.0187 3516 ============================================================
    15:59:26.0936 3516 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    15:59:27.0092 3516 \Device\Harddisk0\DR0:
    15:59:27.0092 3516 MBR used
    15:59:27.0092 3516 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23C85A7A
    15:59:27.0092 3516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23C85AB9, BlocksNum 0x17A7C08
    15:59:27.0170 3516 Initialize success
    15:59:27.0170 3516 ============================================================
    16:00:58.0898 2848 ============================================================
    16:00:58.0898 2848 Scan started
    16:00:58.0898 2848 Mode: Manual;
    16:00:58.0898 2848 ============================================================
    16:00:59.0225 2848 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    16:00:59.0225 2848 !SASCORE - ok
    16:00:59.0350 2848 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    16:00:59.0350 2848 ACPI - ok
    16:00:59.0475 2848 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    16:00:59.0475 2848 adp94xx - ok
    16:00:59.0522 2848 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    16:00:59.0522 2848 adpahci - ok
    16:00:59.0553 2848 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    16:00:59.0553 2848 adpu160m - ok
    16:00:59.0600 2848 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    16:00:59.0600 2848 adpu320 - ok
    16:00:59.0678 2848 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    16:00:59.0678 2848 AeLookupSvc - ok
    16:00:59.0771 2848 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    16:00:59.0771 2848 AFD - ok
    16:00:59.0803 2848 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    16:00:59.0803 2848 agp440 - ok
    16:00:59.0834 2848 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    16:00:59.0834 2848 aic78xx - ok
    16:00:59.0865 2848 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    16:00:59.0865 2848 ALG - ok
    16:00:59.0927 2848 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    16:00:59.0943 2848 aliide - ok
    16:00:59.0990 2848 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    16:00:59.0990 2848 amdagp - ok
    16:00:59.0990 2848 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    16:00:59.0990 2848 amdide - ok
    16:01:00.0037 2848 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    16:01:00.0037 2848 AmdK7 - ok
    16:01:00.0068 2848 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    16:01:00.0068 2848 AmdK8 - ok
    16:01:00.0130 2848 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
    16:01:00.0130 2848 androidusb - ok
    16:01:00.0177 2848 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    16:01:00.0177 2848 Appinfo - ok
    16:01:00.0302 2848 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    16:01:00.0302 2848 Apple Mobile Device - ok
    16:01:00.0349 2848 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    16:01:00.0349 2848 arc - ok
    16:01:00.0380 2848 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    16:01:00.0380 2848 arcsas - ok
    16:01:00.0442 2848 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    16:01:00.0442 2848 AsyncMac - ok
    16:01:00.0520 2848 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    16:01:00.0520 2848 atapi - ok
    16:01:00.0567 2848 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    16:01:00.0583 2848 AudioEndpointBuilder - ok
    16:01:00.0598 2848 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    16:01:00.0598 2848 Audiosrv - ok
    16:01:00.0817 2848 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    16:01:00.0926 2848 AVGIDSAgent - ok
    16:01:00.0957 2848 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    16:01:00.0957 2848 avgwd - ok
    16:01:01.0129 2848 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
    16:01:01.0129 2848 BCM43XV - ok
    16:01:01.0160 2848 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    16:01:01.0175 2848 Beep - ok
    16:01:01.0222 2848 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    16:01:01.0222 2848 BFE - ok
    16:01:01.0285 2848 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    16:01:01.0300 2848 BITS - ok
    16:01:01.0363 2848 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    16:01:01.0363 2848 blbdrive - ok
    16:01:01.0503 2848 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    16:01:01.0503 2848 Bonjour Service - ok
    16:01:01.0628 2848 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    16:01:01.0628 2848 bowser - ok
    16:01:01.0721 2848 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    16:01:01.0721 2848 BrFiltLo - ok
    16:01:01.0784 2848 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    16:01:01.0784 2848 BrFiltUp - ok
    16:01:01.0846 2848 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    16:01:01.0846 2848 Browser - ok
    16:01:01.0877 2848 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    16:01:01.0893 2848 Brserid - ok
    16:01:01.0909 2848 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    16:01:01.0909 2848 BrSerWdm - ok
    16:01:01.0955 2848 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    16:01:01.0955 2848 BrUsbMdm - ok
    16:01:02.0002 2848 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    16:01:02.0002 2848 BrUsbSer - ok
    16:01:02.0033 2848 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    16:01:02.0033 2848 BTHMODEM - ok
    16:01:02.0080 2848 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
    16:01:02.0080 2848 BthServ - ok
    16:01:02.0127 2848 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    16:01:02.0127 2848 cdfs - ok
    16:01:02.0189 2848 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    16:01:02.0189 2848 cdrom - ok
    16:01:02.0252 2848 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    16:01:02.0252 2848 CertPropSvc - ok
    16:01:02.0299 2848 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    16:01:02.0299 2848 circlass - ok
    16:01:02.0377 2848 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    16:01:02.0377 2848 CLFS - ok
    16:01:02.0439 2848 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    16:01:02.0455 2848 clr_optimization_v2.0.50727_32 - ok
    16:01:02.0564 2848 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    16:01:02.0564 2848 clr_optimization_v4.0.30319_32 - ok
    16:01:02.0673 2848 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    16:01:02.0673 2848 CmBatt - ok
    16:01:02.0735 2848 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    16:01:02.0735 2848 cmdide - ok
    16:01:02.0829 2848 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    16:01:02.0907 2848 Com4Qlb - ok
    16:01:03.0016 2848 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    16:01:03.0016 2848 Compbatt - ok
    16:01:03.0047 2848 COMSysApp - ok
    16:01:03.0047 2848 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    16:01:03.0047 2848 crcdisk - ok
    16:01:03.0079 2848 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    16:01:03.0079 2848 Crusoe - ok
    16:01:03.0157 2848 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    16:01:03.0157 2848 CryptSvc - ok
    16:01:03.0219 2848 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    16:01:03.0219 2848 DcomLaunch - ok
    16:01:03.0281 2848 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    16:01:03.0297 2848 DfsC - ok
    16:01:03.0391 2848 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    16:01:03.0469 2848 DFSR - ok
    16:01:03.0578 2848 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    16:01:03.0593 2848 Dhcp - ok
    16:01:03.0656 2848 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    16:01:03.0656 2848 disk - ok
    16:01:03.0718 2848 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
    16:01:03.0718 2848 Dnscache - ok
    16:01:03.0765 2848 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    16:01:03.0765 2848 dot3svc - ok
    16:01:03.0812 2848 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    16:01:03.0812 2848 DPS - ok
    16:01:03.0859 2848 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    16:01:03.0859 2848 drmkaud - ok
    16:01:03.0937 2848 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    16:01:03.0952 2848 DXGKrnl - ok
    16:01:04.0030 2848 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    16:01:04.0030 2848 E1G60 - ok
    16:01:04.0093 2848 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    16:01:04.0093 2848 EapHost - ok
    16:01:04.0217 2848 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    16:01:04.0217 2848 Ecache - ok
    16:01:04.0295 2848 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    16:01:04.0311 2848 ehRecvr - ok
    16:01:04.0327 2848 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    16:01:04.0327 2848 ehSched - ok
    16:01:04.0342 2848 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    16:01:04.0342 2848 ehstart - ok
    16:01:04.0436 2848 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    16:01:04.0436 2848 elxstor - ok
    16:01:04.0561 2848 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    16:01:04.0576 2848 EMDMgmt - ok
    16:01:04.0670 2848 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    16:01:04.0670 2848 ErrDev - ok
    16:01:04.0717 2848 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    16:01:04.0732 2848 EventSystem - ok
    16:01:04.0810 2848 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    16:01:04.0810 2848 exfat - ok
    16:01:04.0857 2848 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    16:01:04.0857 2848 fastfat - ok
    16:01:04.0904 2848 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    16:01:04.0904 2848 fdc - ok
    16:01:04.0951 2848 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    16:01:04.0951 2848 fdPHost - ok
    16:01:04.0966 2848 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    16:01:04.0966 2848 FDResPub - ok
    16:01:05.0029 2848 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    16:01:05.0029 2848 FileInfo - ok
    16:01:05.0060 2848 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    16:01:05.0060 2848 Filetrace - ok
    16:01:05.0075 2848 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    16:01:05.0075 2848 flpydisk - ok
    16:01:05.0138 2848 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    16:01:05.0138 2848 FltMgr - ok
    16:01:05.0263 2848 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
    16:01:05.0278 2848 FontCache - ok
    16:01:05.0341 2848 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    16:01:05.0341 2848 FontCache3.0.0.0 - ok
    16:01:05.0434 2848 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    16:01:05.0450 2848 Fs_Rec - ok
    16:01:05.0481 2848 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    16:01:05.0481 2848 gagp30kx - ok
    16:01:05.0606 2848 GameConsoleService (44d07e5a444692e9b6a5cdd7401b4402) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    16:01:05.0731 2848 GameConsoleService - ok
    16:01:05.0855 2848 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    16:01:05.0855 2848 GEARAspiWDM - ok
    16:01:05.0933 2848 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    16:01:05.0965 2848 gpsvc - ok
    16:01:06.0089 2848 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    16:01:06.0089 2848 HdAudAddService - ok
    16:01:06.0167 2848 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    16:01:06.0167 2848 HDAudBus - ok
    16:01:06.0199 2848 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    16:01:06.0199 2848 HidBth - ok
    16:01:06.0230 2848 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    16:01:06.0230 2848 HidIr - ok
    16:01:06.0308 2848 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    16:01:06.0308 2848 hidserv - ok
    16:01:06.0339 2848 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    16:01:06.0355 2848 HidUsb - ok
    16:01:06.0386 2848 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    16:01:06.0386 2848 hkmsvc - ok
    16:01:06.0495 2848 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    16:01:06.0511 2848 HP Health Check Service - ok
    16:01:06.0589 2848 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    16:01:06.0589 2848 HpCISSs - ok
    16:01:06.0713 2848 hpqcxs08 (682358f730b84b63e09c6b4edc1de7ae) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    16:01:06.0729 2848 hpqcxs08 - ok
    16:01:06.0745 2848 hpqddsvc (2e7bee4aa776cf1c37836b26d1d29403) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    16:01:06.0745 2848 hpqddsvc - ok
    16:01:06.0854 2848 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
    16:01:06.0854 2848 HpqKbFiltr - ok
    16:01:06.0885 2848 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
    16:01:06.0885 2848 HpqRemHid - ok
    16:01:06.0963 2848 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    16:01:06.0963 2848 hpqwmiex - ok
    16:01:07.0072 2848 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    16:01:07.0072 2848 HSFHWAZL - ok
    16:01:07.0135 2848 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    16:01:07.0135 2848 HSF_DPV - ok
    16:01:07.0213 2848 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    16:01:07.0213 2848 HTTP - ok
    16:01:07.0322 2848 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    16:01:07.0322 2848 i2omp - ok
    16:01:07.0493 2848 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    16:01:07.0493 2848 i8042prt - ok
    16:01:07.0587 2848 IAANTMON (681ef6e0cc7bbaa0c09acabeb91f669e) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    16:01:07.0587 2848 IAANTMON - ok
    16:01:07.0727 2848 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
    16:01:07.0727 2848 iaStor - ok
    16:01:07.0868 2848 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    16:01:07.0868 2848 iaStorV - ok
    16:01:07.0930 2848 IBUpdaterService (1da072a112fff778ba3b5b7366aa3516) C:\ProgramData\IBUpdaterService\ibsvc.exe
    16:01:08.0336 2848 IBUpdaterService - ok
    16:01:08.0461 2848 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    16:01:08.0461 2848 IDriverT - ok
    16:01:08.0585 2848 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    16:01:08.0617 2848 idsvc - ok
    16:01:08.0695 2848 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    16:01:08.0695 2848 iirsp - ok
    16:01:08.0757 2848 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    16:01:08.0773 2848 IKEEXT - ok
    16:01:08.0882 2848 IntcAzAudAddService (1f10ed6f98c57efb4e7fb9972b2dbb71) C:\Windows\system32\drivers\RTKVHDA.sys
    16:01:08.0897 2848 IntcAzAudAddService - ok
    16:01:08.0944 2848 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    16:01:08.0944 2848 intelide - ok
    16:01:08.0960 2848 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    16:01:08.0960 2848 intelppm - ok
    16:01:08.0991 2848 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    16:01:08.0991 2848 IPBusEnum - ok
    16:01:09.0022 2848 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    16:01:09.0022 2848 IpFilterDriver - ok
    16:01:09.0069 2848 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
    16:01:09.0069 2848 iphlpsvc - ok
    16:01:09.0085 2848 IpInIp - ok
    16:01:09.0131 2848 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    16:01:09.0131 2848 IPMIDRV - ok
    16:01:09.0163 2848 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    16:01:09.0163 2848 IPNAT - ok
    16:01:09.0256 2848 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
    16:01:09.0272 2848 iPod Service - ok
    16:01:09.0412 2848 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    16:01:09.0412 2848 IRENUM - ok
    16:01:09.0475 2848 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    16:01:09.0475 2848 isapnp - ok
    16:01:09.0521 2848 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    16:01:09.0521 2848 iScsiPrt - ok
    16:01:09.0584 2848 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    16:01:09.0584 2848 iteatapi - ok
    16:01:09.0646 2848 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    16:01:09.0646 2848 iteraid - ok
    16:01:09.0662 2848 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    16:01:09.0662 2848 kbdclass - ok
    16:01:09.0709 2848 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    16:01:09.0709 2848 kbdhid - ok
    16:01:09.0740 2848 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:09.0740 2848 KeyIso - ok
    16:01:09.0787 2848 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
    16:01:09.0787 2848 KSecDD - ok
    16:01:09.0833 2848 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    16:01:09.0833 2848 KtmRm - ok
    16:01:09.0880 2848 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
    16:01:09.0880 2848 LanmanServer - ok
    16:01:09.0927 2848 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    16:01:09.0927 2848 LanmanWorkstation - ok
    16:01:10.0036 2848 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    16:01:10.0036 2848 LightScribeService - ok
    16:01:10.0130 2848 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    16:01:10.0130 2848 lltdio - ok
    16:01:10.0177 2848 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    16:01:10.0192 2848 lltdsvc - ok
    16:01:10.0208 2848 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    16:01:10.0208 2848 lmhosts - ok
    16:01:10.0239 2848 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    16:01:10.0239 2848 LSI_FC - ok
    16:01:10.0270 2848 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    16:01:10.0270 2848 LSI_SAS - ok
    16:01:10.0286 2848 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    16:01:10.0286 2848 LSI_SCSI - ok
    16:01:10.0317 2848 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    16:01:10.0317 2848 luafv - ok
    16:01:10.0364 2848 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
    16:01:10.0364 2848 MBAMSwissArmy - ok
    16:01:10.0473 2848 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files\Common Files\Motive\McciCMService.exe
    16:01:10.0489 2848 McciCMService - ok
    16:01:10.0520 2848 McciServiceHost (eee1ea23c4777adb268a36196a631200) C:\Program Files\Common Files\Motive\McciServiceHost.exe
    16:01:10.0738 2848 McciServiceHost - ok
    16:01:10.0832 2848 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    16:01:10.0832 2848 Mcx2Svc - ok
    16:01:10.0894 2848 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    16:01:10.0894 2848 megasas - ok
    16:01:10.0957 2848 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    16:01:10.0972 2848 MegaSR - ok
    16:01:11.0066 2848 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
    16:01:11.0081 2848 Microsoft Office Groove Audit Service - ok
    16:01:11.0144 2848 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    16:01:11.0144 2848 MMCSS - ok
    16:01:11.0206 2848 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    16:01:11.0206 2848 Modem - ok
    16:01:11.0269 2848 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
    16:01:11.0269 2848 MODEMCSA - ok
    16:01:11.0284 2848 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    16:01:11.0284 2848 monitor - ok
    16:01:11.0331 2848 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    16:01:11.0331 2848 mouclass - ok
    16:01:11.0347 2848 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    16:01:11.0393 2848 mouhid - ok
    16:01:11.0440 2848 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    16:01:11.0440 2848 MountMgr - ok
    16:01:11.0503 2848 MozillaMaintenance (750babaabb49a8a2238fa4b58ac09af8) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    16:01:11.0518 2848 MozillaMaintenance - ok
    16:01:11.0612 2848 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
    16:01:11.0612 2848 MpFilter - ok
    16:01:11.0705 2848 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    16:01:11.0705 2848 mpio - ok
    16:01:11.0846 2848 MpKsl75655a01 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16AC8B7B-48E6-463D-83CB-2A1995AF313C}\MpKsl75655a01.sys
    16:01:11.0846 2848 MpKsl75655a01 - ok
    16:01:11.0955 2848 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
    16:01:11.0955 2848 MpNWMon - ok
    16:01:12.0002 2848 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    16:01:12.0002 2848 mpsdrv - ok
    16:01:12.0049 2848 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    16:01:12.0049 2848 MpsSvc - ok
    16:01:12.0095 2848 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    16:01:12.0095 2848 Mraid35x - ok
    16:01:12.0205 2848 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    16:01:12.0205 2848 MREMP50 - ok
    16:01:12.0236 2848 MREMPR5 - ok
    16:01:12.0251 2848 MRENDIS5 - ok
    16:01:12.0251 2848 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    16:01:12.0267 2848 MRESP50 - ok
    16:01:12.0361 2848 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    16:01:12.0361 2848 MRxDAV - ok
    16:01:12.0423 2848 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    16:01:12.0423 2848 mrxsmb - ok
    16:01:12.0470 2848 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    16:01:12.0485 2848 mrxsmb10 - ok
    16:01:12.0517 2848 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    16:01:12.0517 2848 mrxsmb20 - ok
    16:01:12.0548 2848 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    16:01:12.0563 2848 msahci - ok
    16:01:12.0579 2848 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    16:01:12.0579 2848 msdsm - ok
    16:01:12.0610 2848 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    16:01:12.0610 2848 MSDTC - ok
    16:01:12.0626 2848 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    16:01:12.0626 2848 Msfs - ok
    16:01:12.0657 2848 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    16:01:12.0657 2848 msisadrv - ok
    16:01:12.0766 2848 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    16:01:12.0766 2848 MSiSCSI - ok
    16:01:12.0844 2848 msiserver - ok
    16:01:12.0891 2848 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    16:01:12.0907 2848 MSKSSRV - ok
    16:01:13.0063 2848 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    16:01:13.0063 2848 MsMpSvc - ok
    16:01:13.0156 2848 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    16:01:13.0156 2848 MSPCLOCK - ok
    16:01:13.0203 2848 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    16:01:13.0203 2848 MSPQM - ok
    16:01:13.0250 2848 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    16:01:13.0250 2848 MsRPC - ok
    16:01:13.0297 2848 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    16:01:13.0297 2848 mssmbios - ok
    16:01:13.0312 2848 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    16:01:13.0312 2848 MSTEE - ok
    16:01:13.0359 2848 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    16:01:13.0359 2848 Mup - ok
    16:01:13.0421 2848 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    16:01:13.0437 2848 napagent - ok
    16:01:13.0484 2848 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    16:01:13.0499 2848 NativeWifiP - ok
    16:01:13.0546 2848 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    16:01:13.0562 2848 NDIS - ok
    16:01:13.0624 2848 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    16:01:13.0624 2848 NdisTapi - ok
    16:01:13.0655 2848 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    16:01:13.0671 2848 Ndisuio - ok
    16:01:13.0718 2848 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    16:01:13.0718 2848 NdisWan - ok
    16:01:13.0749 2848 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    16:01:13.0749 2848 NDProxy - ok
    16:01:13.0796 2848 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
    16:01:13.0796 2848 Net Driver HPZ12 - ok
    16:01:13.0843 2848 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    16:01:13.0843 2848 NetBIOS - ok
    16:01:13.0889 2848 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    16:01:13.0889 2848 netbt - ok
    16:01:13.0921 2848 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:13.0921 2848 Netlogon - ok
    16:01:13.0952 2848 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    16:01:13.0967 2848 Netman - ok
    16:01:13.0999 2848 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    16:01:14.0014 2848 netprofm - ok
    16:01:14.0061 2848 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    16:01:14.0061 2848 NetTcpPortSharing - ok
    16:01:14.0201 2848 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
    16:01:14.0217 2848 NETw3v32 - ok
    16:01:14.0357 2848 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
    16:01:14.0373 2848 NETw4v32 - ok
    16:01:14.0560 2848 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
    16:01:14.0576 2848 NETw5v32 - ok
    16:01:14.0654 2848 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    16:01:14.0654 2848 nfrd960 - ok
    16:01:14.0701 2848 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    16:01:14.0701 2848 NisDrv - ok
    16:01:14.0794 2848 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    16:01:14.0794 2848 NisSrv - ok
    16:01:14.0888 2848 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    16:01:14.0888 2848 NlaSvc - ok
    16:01:14.0950 2848 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    16:01:14.0950 2848 Npfs - ok
    16:01:14.0981 2848 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    16:01:14.0981 2848 nsi - ok
    16:01:15.0028 2848 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    16:01:15.0028 2848 nsiproxy - ok
    16:01:15.0106 2848 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    16:01:15.0106 2848 Ntfs - ok
    16:01:15.0137 2848 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    16:01:15.0137 2848 ntrigdigi - ok
    16:01:15.0200 2848 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
    16:01:15.0200 2848 NuidFltr - ok
    16:01:15.0215 2848 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    16:01:15.0215 2848 Null - ok
    16:01:15.0262 2848 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
    16:01:15.0278 2848 NVENETFD - ok
    16:01:15.0527 2848 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    16:01:15.0605 2848 nvlddmkm - ok
    16:01:15.0668 2848 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    16:01:15.0668 2848 nvraid - ok
    16:01:15.0699 2848 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    16:01:15.0699 2848 nvstor - ok
    16:01:15.0730 2848 nvsvc (c4d17f11526f87bc762f31da5bd2580b) C:\Windows\system32\nvvsvc.exe
    16:01:15.0746 2848 nvsvc - ok
    16:01:15.0777 2848 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    16:01:15.0777 2848 nv_agp - ok
    16:01:15.0793 2848 NwlnkFlt - ok
    16:01:15.0793 2848 NwlnkFwd - ok
    16:01:15.0886 2848 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    16:01:15.0902 2848 odserv - ok
    16:01:15.0964 2848 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    16:01:15.0964 2848 ohci1394 - ok
    16:01:16.0058 2848 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    16:01:16.0058 2848 ose - ok
    16:01:16.0105 2848 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0151 2848 p2pimsvc - ok
    16:01:16.0167 2848 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0167 2848 p2psvc - ok
    16:01:16.0214 2848 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    16:01:16.0214 2848 Parport - ok
    16:01:16.0261 2848 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    16:01:16.0261 2848 partmgr - ok
    16:01:16.0276 2848 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    16:01:16.0276 2848 Parvdm - ok
    16:01:16.0323 2848 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    16:01:16.0339 2848 PcaSvc - ok
    16:01:16.0370 2848 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    16:01:16.0370 2848 pci - ok
    16:01:16.0417 2848 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
    16:01:16.0417 2848 pciide - ok
    16:01:16.0448 2848 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    16:01:16.0448 2848 pcmcia - ok
    16:01:16.0510 2848 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    16:01:16.0510 2848 PEAUTH - ok
    16:01:16.0573 2848 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    16:01:16.0619 2848 pla - ok
    16:01:16.0666 2848 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    16:01:16.0666 2848 PlugPlay - ok
    16:01:16.0729 2848 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
    16:01:16.0729 2848 Pml Driver HPZ12 - ok
    16:01:16.0791 2848 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0807 2848 PNRPAutoReg - ok
    16:01:16.0822 2848 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    16:01:16.0838 2848 PNRPsvc - ok
    16:01:16.0885 2848 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    16:01:16.0885 2848 PolicyAgent - ok
    16:01:16.0931 2848 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    16:01:16.0931 2848 PptpMiniport - ok
    16:01:16.0978 2848 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    16:01:16.0978 2848 Processor - ok
    16:01:17.0041 2848 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    16:01:17.0041 2848 ProfSvc - ok
    16:01:17.0072 2848 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:17.0072 2848 ProtectedStorage - ok
    16:01:17.0134 2848 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    16:01:17.0134 2848 PSched - ok
    16:01:17.0197 2848 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    16:01:17.0212 2848 ql2300 - ok
    16:01:17.0243 2848 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    16:01:17.0243 2848 ql40xx - ok
    16:01:17.0399 2848 QPCapSvc (ba396d1c71934e22679d3f4dac17e7ab) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    16:01:17.0399 2848 QPCapSvc - ok
    16:01:17.0431 2848 QPSched (4b455e8c41cad3219ccf53024dcad604) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    16:01:17.0431 2848 QPSched - ok
    16:01:17.0509 2848 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    16:01:17.0509 2848 QWAVE - ok
    16:01:17.0571 2848 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    16:01:17.0571 2848 QWAVEdrv - ok
    16:01:17.0618 2848 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
    16:01:17.0618 2848 RapiMgr - ok
    16:01:17.0649 2848 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    16:01:17.0649 2848 RasAcd - ok
    16:01:17.0680 2848 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    16:01:17.0696 2848 RasAuto - ok
    16:01:17.0727 2848 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    16:01:17.0727 2848 Rasl2tp - ok
    16:01:17.0758 2848 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    16:01:17.0774 2848 RasMan - ok
    16:01:17.0805 2848 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    16:01:17.0805 2848 RasPppoe - ok
    16:01:17.0867 2848 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    16:01:17.0867 2848 RasSstp - ok
    16:01:17.0914 2848 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    16:01:17.0914 2848 rdbss - ok
    16:01:17.0961 2848 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    16:01:17.0961 2848 RDPCDD - ok
    16:01:17.0992 2848 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    16:01:17.0992 2848 rdpdr - ok
    16:01:18.0008 2848 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    16:01:18.0023 2848 RDPENCDD - ok
    16:01:18.0070 2848 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    16:01:18.0070 2848 RDPWD - ok
    16:01:18.0117 2848 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    16:01:18.0133 2848 RemoteAccess - ok
    16:01:18.0164 2848 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    16:01:18.0179 2848 RemoteRegistry - ok
    16:01:18.0304 2848 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    16:01:18.0304 2848 RichVideo - ok
    16:01:18.0460 2848 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
    16:01:18.0460 2848 rimmptsk - ok
    16:01:18.0491 2848 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
    16:01:18.0491 2848 rimsptsk - ok
    16:01:18.0491 2848 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
    16:01:18.0507 2848 rismxdp - ok
    16:01:18.0523 2848 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    16:01:18.0523 2848 RpcLocator - ok
    16:01:18.0585 2848 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    16:01:18.0585 2848 RpcSs - ok
    16:01:18.0647 2848 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    16:01:18.0647 2848 rspndr - ok
    16:01:18.0694 2848 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
    16:01:18.0694 2848 RTL8169 - ok
    16:01:18.0757 2848 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    16:01:18.0757 2848 SamSs - ok
    16:01:18.0835 2848 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    16:01:18.0835 2848 SASDIFSV - ok
    16:01:18.0835 2848 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    16:01:18.0835 2848 SASKUTIL - ok
    16:01:18.0944 2848 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    16:01:18.0944 2848 sbp2port - ok
    16:01:19.0069 2848 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    16:01:19.0069 2848 SBSDWSCService - ok
    16:01:19.0162 2848 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    16:01:19.0178 2848 SCardSvr - ok
    16:01:19.0240 2848 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
    16:01:19.0240 2848 Schedule - ok
    16:01:19.0287 2848 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    16:01:19.0287 2848 SCPolicySvc - ok
    16:01:19.0349 2848 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    16:01:19.0349 2848 sdbus - ok
    16:01:19.0412 2848 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    16:01:19.0412 2848 SDRSVC - ok
    16:01:19.0521 2848 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    16:01:19.0521 2848 secdrv - ok
    16:01:19.0552 2848 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    16:01:19.0568 2848 seclogon - ok
    16:01:19.0583 2848 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    16:01:19.0583 2848 SENS - ok
    16:01:19.0646 2848 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    16:01:19.0646 2848 Serenum - ok
    16:01:19.0677 2848 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    16:01:19.0677 2848 Serial - ok
    16:01:19.0708 2848 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    16:01:19.0708 2848 sermouse - ok
    16:01:19.0755 2848 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    16:01:19.0771 2848 SessionEnv - ok
    16:01:19.0802 2848 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
    16:01:19.0802 2848 sffdisk - ok
    16:01:19.0849 2848 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    16:01:19.0849 2848 sffp_mmc - ok
    16:01:19.0880 2848 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
    16:01:19.0880 2848 sffp_sd - ok
    16:01:19.0911 2848 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    16:01:19.0911 2848 sfloppy - ok
    16:01:19.0989 2848 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    16:01:19.0989 2848 SharedAccess - ok
    16:01:20.0051 2848 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
    16:01:20.0067 2848 ShellHWDetection - ok
    16:01:20.0114 2848 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    16:01:20.0114 2848 sisagp - ok
    16:01:20.0145 2848 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    16:01:20.0145 2848 SiSRaid2 - ok
    16:01:20.0207 2848 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    16:01:20.0207 2848 SiSRaid4 - ok
    16:01:20.0332 2848 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    16:01:20.0426 2848 slsvc - ok
    16:01:20.0535 2848 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    16:01:20.0535 2848 SLUINotify - ok
    16:01:20.0629 2848 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    16:01:20.0644 2848 Smb - ok
    16:01:20.0738 2848 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
    16:01:20.0738 2848 smserial - ok
    16:01:20.0831 2848 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    16:01:20.0831 2848 SNMPTRAP - ok
    16:01:20.0894 2848 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    16:01:20.0894 2848 spldr - ok
    16:01:20.0987 2848 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
    16:01:20.0987 2848 Spooler - ok
    16:01:21.0034 2848 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    16:01:21.0034 2848 srv - ok
    16:01:21.0128 2848 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    16:01:21.0143 2848 srv2 - ok
    16:01:21.0190 2848 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    16:01:21.0190 2848 srvnet - ok
    16:01:21.0315 2848 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\Windows\system32\DRIVERS\ssadbus.sys
    16:01:21.0331 2848 ssadbus - ok
    16:01:21.0424 2848 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\Windows\system32\DRIVERS\ssadmdfl.sys
    16:01:21.0424 2848 ssadmdfl - ok
    16:01:21.0502 2848 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\Windows\system32\DRIVERS\ssadmdm.sys
    16:01:21.0502 2848 ssadmdm - ok
    16:01:21.0627 2848 ssadserd (8e6f645a098aa8e2e0947eee70dccb89) C:\Windows\system32\DRIVERS\ssadserd.sys
    16:01:21.0627 2848 ssadserd - ok
    16:01:21.0705 2848 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys
    16:01:21.0705 2848 sscdbus - ok
    16:01:21.0799 2848 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
    16:01:21.0799 2848 sscdmdfl - ok
    16:01:21.0861 2848 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys
    16:01:21.0861 2848 sscdmdm - ok
    16:01:21.0892 2848 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    16:01:21.0892 2848 SSDPSRV - ok
    16:01:22.0001 2848 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    16:01:22.0001 2848 SstpSvc - ok
    16:01:22.0126 2848 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    16:01:22.0126 2848 stisvc - ok
    16:01:22.0189 2848 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    16:01:22.0189 2848 swenum - ok
    16:01:22.0298 2848 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    16:01:22.0298 2848 swprv - ok
    16:01:22.0391 2848 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    16:01:22.0391 2848 Symc8xx - ok
    16:01:22.0485 2848 SymIM - ok
    16:01:22.0532 2848 SymIMMP - ok
    16:01:22.0953 2848 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    16:01:22.0953 2848 Sym_hi - ok
    16:01:23.0062 2848 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    16:01:23.0062 2848 Sym_u3 - ok
    16:01:23.0171 2848 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
    16:01:23.0171 2848 SynTP - ok
    16:01:23.0249 2848 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    16:01:23.0281 2848 SysMain - ok
    16:01:23.0390 2848 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    16:01:23.0405 2848 TabletInputService - ok
    16:01:23.0515 2848 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    16:01:23.0530 2848 TapiSrv - ok
    16:01:23.0608 2848 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    16:01:23.0608 2848 TBS - ok
    16:01:23.0733 2848 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
    16:01:23.0733 2848 Tcpip - ok
    16:01:23.0873 2848 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
    16:01:23.0889 2848 Tcpip6 - ok
    16:01:24.0139 2848 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
    16:01:24.0139 2848 tcpipreg - ok
    16:01:24.0263 2848 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    16:01:24.0263 2848 TDPIPE - ok
    16:01:24.0357 2848 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    16:01:24.0357 2848 TDTCP - ok
    16:01:24.0451 2848 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    16:01:24.0451 2848 tdx - ok
    16:01:24.0591 2848 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    16:01:24.0591 2848 TermDD - ok
    16:01:24.0731 2848 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    16:01:24.0731 2848 TermService - ok
    16:01:24.0856 2848 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
    16:01:24.0856 2848 Themes - ok
    16:01:24.0965 2848 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    16:01:24.0965 2848 THREADORDER - ok
    16:01:25.0075 2848 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    16:01:25.0090 2848 TrkWks - ok
    16:01:25.0184 2848 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    16:01:25.0184 2848 TrustedInstaller - ok
    16:01:25.0293 2848 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    16:01:25.0293 2848 tssecsrv - ok
    16:01:25.0387 2848 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    16:01:25.0402 2848 tunmp - ok
    16:01:25.0543 2848 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    16:01:25.0543 2848 tunnel - ok
    16:01:25.0667 2848 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    16:01:25.0683 2848 uagp35 - ok
    16:01:25.0839 2848 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    16:01:25.0839 2848 udfs - ok
    16:01:25.0964 2848 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    16:01:25.0964 2848 UI0Detect - ok
    16:01:26.0089 2848 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    16:01:26.0089 2848 uliagpkx - ok
    16:01:26.0213 2848 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    16:01:26.0213 2848 uliahci - ok
    16:01:26.0338 2848 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    16:01:26.0338 2848 UlSata - ok
    16:01:26.0447 2848 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    16:01:26.0447 2848 ulsata2 - ok
    16:01:26.0572 2848 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    16:01:26.0572 2848 umbus - ok
    16:01:26.0666 2848 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    16:01:26.0681 2848 upnphost - ok
    16:01:26.0931 2848 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
    16:01:26.0931 2848 USBAAPL - ok
    16:01:27.0056 2848 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    16:01:27.0056 2848 usbccgp - ok
    16:01:27.0165 2848 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    16:01:27.0165 2848 usbcir - ok
    16:01:27.0290 2848 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    16:01:27.0290 2848 usbehci - ok
    16:01:27.0415 2848 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    16:01:27.0415 2848 usbhub - ok
    16:01:27.0555 2848 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
    16:01:27.0555 2848 usbohci - ok
    16:01:27.0695 2848 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    16:01:27.0695 2848 usbprint - ok
    16:01:27.0992 2848 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    16:01:27.0992 2848 USBSTOR - ok
    16:01:28.0070 2848 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    16:01:28.0070 2848 usbuhci - ok
    16:01:28.0148 2848 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
    16:01:28.0148 2848 usbvideo - ok
    16:01:28.0273 2848 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
    16:01:28.0273 2848 usb_rndisx - ok
    16:01:28.0335 2848 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    16:01:28.0335 2848 UxSms - ok
    16:01:28.0382 2848 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    16:01:28.0397 2848 vds - ok
    16:01:28.0522 2848 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    16:01:28.0522 2848 vga - ok
    16:01:28.0663 2848 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    16:01:28.0663 2848 VgaSave - ok
    16:01:28.0819 2848 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    16:01:28.0819 2848 viaagp - ok
    16:01:28.0959 2848 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    16:01:28.0959 2848 ViaC7 - ok
    16:01:29.0068 2848 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    16:01:29.0068 2848 viaide - ok
    16:01:29.0193 2848 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    16:01:29.0193 2848 volmgr - ok
    16:01:29.0302 2848 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    16:01:29.0318 2848 volmgrx - ok
    16:01:29.0427 2848 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    16:01:29.0443 2848 volsnap - ok
    16:01:29.0567 2848 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    16:01:29.0567 2848 vsmraid - ok
    16:01:29.0708 2848 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    16:01:29.0739 2848 VSS - ok
    16:01:29.0848 2848 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    16:01:29.0864 2848 W32Time - ok
    16:01:29.0973 2848 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    16:01:29.0973 2848 WacomPen - ok
    16:01:30.0113 2848 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    16:01:30.0113 2848 Wanarp - ok
    16:01:30.0113 2848 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    16:01:30.0113 2848 Wanarpv6 - ok
    16:01:30.0191 2848 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
    16:01:30.0191 2848 WcesComm - ok
    16:01:30.0301 2848 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    16:01:30.0301 2848 wcncsvc - ok
    16:01:30.0441 2848 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    16:01:30.0457 2848 WcsPlugInService - ok
    16:01:30.0566 2848 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    16:01:30.0566 2848 Wd - ok
    16:01:30.0878 2848 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    16:01:30.0893 2848 Wdf01000 - ok
    16:01:31.0096 2848 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    16:01:31.0096 2848 WdiServiceHost - ok
    16:01:31.0112 2848 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    16:01:31.0112 2848 WdiSystemHost - ok
    16:01:31.0252 2848 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    16:01:31.0252 2848 WebClient - ok
    16:01:31.0346 2848 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
    16:01:31.0346 2848 Wecsvc - ok
    16:01:31.0439 2848 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    16:01:31.0439 2848 wercplsupport - ok
    16:01:31.0580 2848 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    16:01:31.0580 2848 WerSvc - ok
    16:01:31.0720 2848 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    16:01:31.0736 2848 winachsf - ok
    16:01:31.0907 2848 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    16:01:31.0923 2848 WinDefend - ok
    16:01:31.0923 2848 WinHttpAutoProxySvc - ok
    16:01:32.0063 2848 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    16:01:32.0063 2848 Winmgmt - ok
    16:01:32.0188 2848 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
    16:01:32.0235 2848 WinRM - ok
    16:01:32.0391 2848 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
    16:01:32.0391 2848 winusb - ok
    16:01:32.0531 2848 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    16:01:32.0563 2848 Wlansvc - ok
    16:01:32.0703 2848 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    16:01:32.0703 2848 WmiAcpi - ok
    16:01:32.0890 2848 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    16:01:32.0890 2848 wmiApSrv - ok
    16:01:32.0984 2848 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    16:01:32.0999 2848 WMPNetworkSvc - ok
    16:01:33.0280 2848 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    16:01:33.0280 2848 WPCSvc - ok
    16:01:33.0389 2848 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    16:01:33.0405 2848 WPDBusEnum - ok
    16:01:33.0499 2848 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    16:01:33.0499 2848 WpdUsb - ok
    16:01:33.0701 2848 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    16:01:33.0717 2848 WPFFontCache_v0400 - ok
    16:01:33.0857 2848 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    16:01:33.0857 2848 ws2ifsl - ok
    16:01:33.0982 2848 WsAudio_DeviceS(1) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
    16:01:33.0998 2848 WsAudio_DeviceS(1) - ok
    16:01:34.0154 2848 WsAudio_DeviceS(2) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
    16:01:34.0169 2848 WsAudio_DeviceS(2) - ok
    16:01:34.0419 2848 WsAudio_DeviceS(3) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
    16:01:34.0435 2848 WsAudio_DeviceS(3) - ok
    16:01:34.0559 2848 WsAudio_DeviceS(4) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
    16:01:34.0591 2848 WsAudio_DeviceS(4) - ok
    16:01:34.0715 2848 WsAudio_DeviceS(5) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
    16:01:34.0747 2848 WsAudio_DeviceS(5) - ok
    16:01:34.0934 2848 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    16:01:34.0934 2848 wscsvc - ok
    16:01:34.0965 2848 WSearch - ok
    16:01:35.0043 2848 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
    16:01:35.0090 2848 wuauserv - ok
    16:01:35.0152 2848 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    16:01:35.0168 2848 WUDFRd - ok
    16:01:35.0199 2848 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    16:01:35.0199 2848 wudfsvc - ok
    16:01:35.0308 2848 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    16:01:35.0324 2848 YahooAUService - ok
    16:01:35.0339 2848 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
    16:01:35.0371 2848 \Device\Harddisk0\DR0 - ok
    16:01:35.0386 2848 Boot (0x1200) (e8add1cac59de5e50ad472f262885053) \Device\Harddisk0\DR0\Partition0
    16:01:35.0386 2848 \Device\Harddisk0\DR0\Partition0 - ok
    16:01:35.0386 2848 Boot (0x1200) (459e374a477f9269f777e6a789f1d535) \Device\Harddisk0\DR0\Partition1
    16:01:35.0386 2848 \Device\Harddisk0\DR0\Partition1 - ok
    16:01:35.0386 2848 ============================================================
    16:01:35.0386 2848 Scan finished
    16:01:35.0386 2848 ============================================================
    16:01:35.0402 1428 Detected object count: 0
    16:01:35.0402 1428 Actual detected object count: 0





    ComboFix 12-04-04.02 - Allison 04/04/2012 16:26:34.1.2 - x86
    Microsoft Windows Vista Home Premium 6.0.6002.2.1252.1.1033.18.3070.1980 [GMT -4:00]
    Running from: c:\users\Allison\Desktop\ComboFix.exe
    AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\users\Allison\Documents\~WRL0005.tmp
    c:\windows\system32\KBL.LOG
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-03-04 to 2012-04-04 )))))))))))))))))))))))))))))))
    .
    .
    2012-04-04 20:34 . 2012-04-04 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-04-04 20:34 . 2012-04-04 20:34 -------- d-----w- c:\users\Administrator\AppData\Local\temp
    2012-04-04 19:59 . 2012-04-04 19:59 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{16AC8B7B-48E6-463D-83CB-2A1995AF313C}\MpKsl75655a01.sys
    2012-04-04 19:55 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{16AC8B7B-48E6-463D-83CB-2A1995AF313C}\mpengine.dll
    2012-03-30 23:29 . 2012-03-31 02:06 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2012-03-30 23:29 . 2012-03-30 23:29 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
    2012-03-30 23:29 . 2012-03-30 23:29 -------- d-----w- c:\programdata\Malwarebytes
    2012-03-30 23:29 . 2012-03-30 23:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-03-30 23:29 . 2011-12-10 19:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-03-30 22:04 . 2012-03-30 22:04 -------- d-----w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
    2012-03-30 22:04 . 2012-03-30 22:04 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-03-30 22:04 . 2012-03-30 22:04 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2012-03-30 21:52 . 2012-03-30 21:52 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-03-30 21:42 . 2012-03-30 21:42 388096 ----a-r- c:\users\Allison\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-03-30 21:42 . 2012-03-30 21:42 -------- d-----w- c:\program files\Trend Micro
    2012-03-28 13:33 . 2012-03-31 15:23 -------- d-----w- c:\program files\Mozilla Maintenance Service
    2012-03-26 23:07 . 2012-03-26 23:07 -------- d-----w- c:\users\Allison\AppData\Local\Amazon
    2012-03-26 02:26 . 2012-01-11 16:01 6745392 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report0fc5e503\spybotsd_includes.exe
    2012-03-21 14:48 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
    2012-03-21 14:48 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2012-03-21 14:48 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2012-03-21 14:48 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2012-03-21 14:48 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
    2012-03-21 14:48 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
    2012-03-21 14:48 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2012-03-21 14:47 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
    2012-03-21 14:47 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-03-12 19:49 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
    2012-03-12 19:49 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
    2012-03-12 19:40 . 2012-03-12 19:40 -------- d-----w- c:\users\Allison\AppData\Local\HP
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-03-14 02:15 . 2012-01-14 00:17 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-03-02 20:30 . 2011-06-04 01:44 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-02-10 08:29 . 2012-02-10 08:30 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F0CB537-E1C7-468F-A2D9-1E55ABF3BA2A}\gapaengine.dll
    2012-01-31 12:44 . 2011-01-20 00:02 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-01-12 23:48 . 2012-02-10 08:31 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Allison\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Allison\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Allison\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
    .
    c:\users\Allison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Allison\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^Users^Allison^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
    path=c:\users\Allison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-11-02 04:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATT-SST_McciTrayApp]
    2010-07-27 10:15 1573888 ----a-w- c:\program files\ATT-SST\McciTrayApp.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
    2012-01-24 22:24 2416480 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
    2011-03-11 05:05 4772720 ----a-w- c:\users\Allison\Downloads\BitTorrent-7.2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
    2011-03-03 07:40 11509760 ----a-w- c:\program files\Electronic Arts\EADM\EADMUI\EADMUI.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2011-01-19 23:02 136176 ----atw- c:\users\Allison\AppData\Local\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
    2009-02-26 23:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2006-12-11 02:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
    2007-08-23 00:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
    2007-09-13 16:47 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
    2007-10-24 10:02 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSkysoft Helper Compact.exe]
    2012-02-28 19:43 1667072 ----a-w- c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2012-01-16 22:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2007-08-23 22:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    2009-10-03 16:40 13826664 ----a-w- c:\windows\System32\nvcpl.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
    2007-09-04 20:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
    2007-09-19 21:31 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
    2007-12-20 02:27 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 18:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    2009-06-09 15:25 7539232 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2011-01-26 22:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 21:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 18:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2010-05-28 03:31 1721640 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
    2007-08-17 06:13 218408 ----a-w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2011-03-18 19:42 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]
    2007-01-08 23:53 311296 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
    2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
    2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - 84782192
    *NewlyCreated* - MPKSL75655A01
    *Deregistered* - 84782192
    *Deregistered* - TrueSight
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    bthsvcs REG_MULTI_SZ BthServ
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-08-23 22:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137733965-995500835-2909134128-1000Core.job
    - c:\users\Allison\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-19 23:02]
    .
    2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137733965-995500835-2909134128-1000UA.job
    - c:\users\Allison\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-19 23:02]
    .
    2012-03-30 c:\windows\Tasks\HPCeeScheduleForAllison.job
    - c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-18 19:58]
    .
    2012-01-03 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
    - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2011-01-29 20:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://att.my.yahoo.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
    uInternet Settings,ProxyServer = http=127.0.0.1:57616
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\SpecialSavings\SpecialSavingsSinged.dll
    Trusted Zone: $talisma_url$
    TCP: DhcpNameServer = 192.168.1.254
    FF - ProfilePath - c:\users\Allison\AppData\Roaming\Mozilla\Firefox\Profiles\jczke6f3.default\
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 57616
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    - - - - ORPHANS REMOVED - - - -
    .
    MSConfigStartUp-Aimersoft Helper Compact - c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
    MSConfigStartUp-conhost - c:\users\Allison\AppData\Roaming\Microsoft\conhost.exe
    MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
    MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    MSConfigStartUp-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    MSConfigStartUp-isCfgWiz - c:\program files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe
    MSConfigStartUp-SMSERIAL - c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
    AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
    AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
    AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
    Rootkit scan 2012-04-04 16:36
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Completion time: 2012-04-04 16:39:41
    ComboFix-quarantined-files.txt 2012-04-04 20:39
    .
    Pre-Run: 203,752,308,736 bytes free
    Post-Run: 203,837,386,752 bytes free
    .
    - - End Of File - - C8757794B829768AC2E05B6EE7A152EE


    Havent been using the computer enough to comment on whether its condition has changed any.

  3. #13
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,


    Let me know how it is running.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  4. #14
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    Are you still there?

    If you are please follow the instructions in my previous post.

    If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

    Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

    Thanks for understanding

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #15
    Member
    Join Date
    Mar 2012
    Posts
    10
    Points
    0

    Default

    Thank you, the computer does seem to be running a whole lot better.
    Not sure if this is just a coincidence or not, but now my battery will not charge.

  6. #16
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Not sure if this is just a coincidence or not, but now my battery will not charge.
    This is totally unrelated.


    Lets run a couple of scanners to make sure there are no leftovers.

    1.
    Please download Malwarebytes Anti-Malware and save it to your desktop.
    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.

    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

    • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
      For instructions with screenshots, please refer to this Guide.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
    • If an update is found, the program will automatically update itself. Press the OK button and continue.
    • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

    • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
    • Click on the Scan button.
    • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked and then click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.

    Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    2.
    I'd like us to scan your machine with ESET OnlineScan
    1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the
        icon on your desktop.
    4. Check "YES, I accept the Terms of Use."
    5. Click the Start button.
    6. Accept any security warnings from your browser.
    7. Under scan settings, check "Scan Archives" and "Remove found threats"
    8. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, click List Threats
    11. Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Click the Back button.
    13. Click the Finish button.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  7. The Following User Says Thank You to fireman4it For This Useful Post:


  8. #17
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    Are you still there?

    If you are please follow the instructions in my previous post.

    If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

    Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

    Thanks for understanding

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  9. #18
    Member
    Join Date
    Mar 2012
    Posts
    10
    Points
    0

    Default

    Malwarebytes Anti-Malware 1.61.0.1400
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.04.11.06

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 8.0.6001.19222
    Allison :: ALLISON-PC [administrator]

    4/11/2012 6:16:59 PM
    mbam-log-2012-04-11 (18-16-59).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 222807
    Time elapsed: 7 minute(s), 15 second(s)

    Memory Processes Detected: 1
    C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> 1936 -> Delete on reboot.

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 3
    C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> Delete on reboot.
    C:\WINDOWS\System32\msluncerp.dll (PUP.KeyLogger.Beyond) -> Quarantined and deleted successfully.
    C:\Users\Allison\Downloads\VideoPerformer_Setup.exe (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.

    (end)



    C:\Users\Allison\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\7ff8dfd3-25061e9e a variant of Java/JShrink.A application deleted - quarantined
    C:\Users\Allison\Desktop\RK_Quarantine\ibsvc.exe.vir a variant of Win32/InstallBrain application cleaned by deleting - quarantined

  10. #19
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    How is your machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  11. The Following User Says Thank You to fireman4it For This Useful Post:


  12. #20
    Member
    Join Date
    Mar 2012
    Posts
    10
    Points
    0

    Default

    I believe it is finally fixed. Thank you.

Page 2 of 3 FirstFirst 123 LastLast