Inactive Slow Windows Vista PC, possibly infected

D

DaTBoYJoe

Posts: 23   +1
I have a Compaq Presario C700 Laptop running Windows Vista Home Premium. The computer has been running very slow lately so I ran a virus scan using Malware Bytes and a anti virus scan using avast . I also used DDS and I Posted the Logs Below . When I Tried to remove the threats detected my MailwareBytes it froze up on me but I was able to generate a log file . Most of the files listed say [FONT=Consolas]REWARDSARCADE[/FONT]


Any help would be Appreciated and Thank You in Advance

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.10.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
erica :: ERICA-PC [administrator]

1/10/2013 12:11:10 AM
MBAM-log-2013-01-10 (00-37-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 284809
Time elapsed: 24 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 28
C:\Users\erica\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498 (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Chrome (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498 (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Chrome (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> No action taken.
C:\Users\erica\Local Settings\Application Data\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> No action taken.

Files Detected: 0
(No malicious items detected)

(end)
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by erica at 0:50:50 on 2013-01-10
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\VERIZONDM\bin\sprtsvc.exe
C:\Program Files\VERIZONDM\bin\tgsrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\VERIZONDM\bin\sprtcmd.exe
C:\Program Files\Verizon\Online Backup & Sharing\vewatch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
c:\program files\teamviewer\version8\TeamViewer_Desktop.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\regedit.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.verizon.com/myverizon
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Post-it® Digital Notes: {735abc4c-9266-4008-9ef6-bc60be8de31f} -
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [hpqSRMon] <no file>
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Create a Post-it® Note - c:\program files\3m\pdnotes\\PSNBookMark.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{C1F8A0D1-0643-45EC-9DCB-C9C89CD29F3D} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R? 0068431357791575mcinstcleanup;McAfee Application Installer Cleanup (0068431357791575)
R? BBSvc;Bing Bar Update Service
R? CBTNDIS4;CBTNDIS4 NDIS Protocol Driver
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? GamesAppService;GamesAppService
R? McShield;McAfee McShield
R? mfebopk;McAfee Inc. mfebopk
R? mfefire;McAfee Firewall Core Service
R? mfefirek;McAfee Inc. mfefirek
R? mferkdet;McAfee Inc. mferkdet
R? mfevtp;McAfee Validation Trust Protection Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswFsBlk;aswFsBlk
S? aswMonFlt;aswMonFlt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? Com4QLBEx;Com4QLBEx
S? FilesystemWatcher;Filesystem Watcher
S? FontCache;Windows Font Cache Service
S? Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service
S? Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service
S? MBAMSwissArmy;MBAMSwissArmy
S? McNaiAnn;McAfee VirusScan Announcer
S? mfeavfk;McAfee Inc. mfeavfk
S? mfehidk;McAfee Inc. mfehidk
S? mfewfpk;McAfee Inc. mfewfpk
S? OnlineBackupSchedulerService;Online Backup Scheduler
S? sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm)
S? TeamViewer8;TeamViewer 8
S? tgsrvc_verizondm;SupportSoft Repair Service (verizondm)
.
=============== Created Last 30 ================
.
2013-01-10 04:31:42738504----a-w-c:\windows\system32\drivers\aswSnx.sys
2013-01-10 04:31:4058680----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2013-01-10 04:30:0841224----a-w-c:\windows\avastSS.scr
2013-01-10 04:29:00--------d-----w-c:\programdata\AVAST Software
2013-01-10 04:29:00--------d-----w-c:\program files\AVAST Software
2013-01-10 04:13:1840776----a-w-c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-10 04:13:18--------d-----w-c:\users\erica\appdata\roaming\Malwarebytes
2013-01-10 04:11:21--------d-----w-c:\programdata\Malwarebytes
2013-01-10 04:11:1521104----a-w-c:\windows\system32\drivers\mbam.sys
2013-01-10 04:11:14--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2013-01-10 03:47:1660872----a-w-c:\programdata\microsoft\windows defender\definition updates\{60f3b1f7-c366-43bc-892c-4c685b20a78a}\offreg.dll
2013-01-10 03:22:48--------d-----w-c:\program files\TeamViewer
2013-01-08 20:54:526812136----a-w-c:\programdata\microsoft\windows defender\definition updates\{60f3b1f7-c366-43bc-892c-4c685b20a78a}\mpengine.dll
2013-01-06 04:58:47--------d-----w-c:\programdata\1386BAB1F0076BAF00001386A73070D7
2012-12-28 05:00:07--------d-----w-c:\program files\3M
2012-12-28 04:55:13--------d-----w-c:\users\erica\appdata\roaming\GetRightToGo
2012-12-22 08:00:5134304----a-w-c:\windows\system32\atmlib.dll
2012-12-22 08:00:51293376----a-w-c:\windows\system32\atmfd.dll
2012-12-14 03:08:49--------d-----w-c:\program files\iPod
2012-12-14 03:08:18--------d-----w-c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-14 03:08:18--------d-----w-c:\program files\iTunes
2012-12-12 08:05:499728----a-w-c:\windows\system32\Wdfres.dll
2012-12-12 08:05:4366560----a-w-c:\windows\system32\drivers\WUDFPf.sys
2012-12-12 08:05:4316896----a-w-c:\windows\system32\winusb.dll
2012-12-12 08:05:43155136----a-w-c:\windows\system32\drivers\WUDFRd.sys
2012-12-12 08:05:4273216----a-w-c:\windows\system32\WUDFSvc.dll
2012-12-12 08:05:42526952----a-w-c:\windows\system32\drivers\Wdf01000.sys
2012-12-12 08:05:4247720----a-w-c:\windows\system32\drivers\WdfLdr.sys
2012-12-12 08:05:42172032----a-w-c:\windows\system32\WUDFPlatform.dll
2012-12-12 08:05:41613888----a-w-c:\windows\system32\WUDFx.dll
2012-12-12 08:05:4138912----a-w-c:\windows\system32\WUDFCoinstaller.dll
2012-12-12 08:05:41196608----a-w-c:\windows\system32\WUDFHost.exe
2012-12-12 04:32:572048000----a-w-c:\windows\system32\win32k.sys
2012-12-12 04:32:54376320----a-w-c:\windows\system32\dpnet.dll
2012-12-12 04:32:5423040----a-w-c:\windows\system32\dpnsvr.exe
2012-12-12 04:32:52224640----a-w-c:\windows\system32\drivers\volsnap.sys
2012-12-12 04:32:352048----a-w-c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2013-01-08 21:01:3074248----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 21:01:30697864----a-w-c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:221800704----a-w-c:\windows\system32\jscript9.dll
2012-11-14 01:58:151427968----a-w-c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:371129472----a-w-c:\windows\system32\wininet.dll
2012-11-14 01:49:25142848----a-w-c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27420864----a-w-c:\windows\system32\vbscript.dll
2012-11-14 01:44:422382848----a-w-c:\windows\system32\mshtml.tlb
2012-11-09 11:53:22167344----a-w-c:\windows\system32\mfevtps.exe.cccc.deleteme
2012-10-25 08:12:2694208----a-w-c:\windows\system32\QuickTimeVR.qtx
2012-10-25 08:12:2669632----a-w-c:\windows\system32\QuickTime.qts
.
============= FINISH: 0:51:31.14 ===============
 
.
==== Installed Programs ======================
.
Administrative Templates for Windows Server 2003
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Adobe Shockwave Player
aioscnnr
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
avast! Free Antivirus
Bing Bar
Bing Rewards Client Installer
BlackBerry Desktop Software 7.1
Bonjour
C4USelfUpdater
Cards_Calendar_OrderGift_DoMorePlugout
center
Conexant HD Audio
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Suite
essentials
ESU for Microsoft Vista
GearDrvs
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP DVD Play 3.6
HP Easy Setup - Frontend
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons
HP Smart Web Printing
HP Total Care Advisor
HP Update
HP User Guides 0093
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
iCloud
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Intel(R) TV Wizard
iPhone Configuration Utility
iTunes
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 24
Kodak AIO Printer
KODAK AiO Software
LabelPrint
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
MSCU for Microsoft Vista
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
NetWaiting
NokiaFREE Unlock Codes Calculator
ocr
OGA Notifier 2.0.0048.0
Post-it® Digital Notes
Power2Go
PowerDirector
PreReq
PrintProjects
PSSWCORE
QLBCASL
QuickPlay SlingPlayer 0.4.4
QuickTime
Rainlendar2 (remove only)
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shared C Run-time for x86
SmartWebPrinting
Spelling Dictionaries Support For Adobe Reader 9
TeamViewer 8
TomTom HOME 2.8.3.2458
TomTom HOME Visual Studio Merge Modules
Touch Pad Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Verizon Download Manager
Verizon Online Backup and Sharing
VideoToolkit01
Vz In Home Agent
WeatherBug Gadget
Yahoo! Detect
.
==== End Of File ===========================
 
I just scanned it again to be sure and Mailware Bytes now says its not infected? The first time it froze during the cleanup and I had to kill the program
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.
  • Warning! Once the scan is complete JRT will shut down your browser with NO warning.
  • Shut down your protection software now to avoid potential conflicts.
  • Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Copy and Paste the JRT.txt log into your next message.
 
# AdwCleaner v2.105 - Logfile created 01/11/2013 at 23:09:14
# Updated 08/01/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : erica - ERICA-PC
# Boot Mode : Normal
# Running from : C:\Users\erica\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\ProgramData\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\FCTB000100709
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\erica\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Ericka2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2216 octets] - [11/01/2013 23:09:14]

########## EOF - C:\AdwCleaner[S1].txt - [2276 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by erica on Fri 01/11/2013 at 23:28:10.02
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/11/2013 at 23:36:26.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
ComboFix scan

Please download ComboFix
combofix.gif
by sUBs
From TechSpot

Direct Link (alternative)

Please save the file to your Desktop.

Important information about ComboFix


After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
Running ComboFix:
  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
 
I tried to run Combofix like you said but I got an error message PEV.exe has Stopped Working then it said windows will close the program and notify you if theres a solution

I'll try to run it in safe mode
 
ComboFix 13-01-17.04 - erica 01/18/2013 0:14.1.2 - x86
Running from: c:\users\erica\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\erica\GoToAssistDownloadHelper.exe
c:\users\Ericka2\Documents\~WRL0290.tmp
c:\users\Ericka2\Documents\~WRL0506.tmp
c:\users\Ericka2\Documents\~WRL0519.tmp
c:\users\Ericka2\Documents\~WRL0631.tmp
c:\users\Ericka2\Documents\~WRL1176.tmp
c:\users\Ericka2\Documents\~WRL1660.tmp
c:\users\Ericka2\Documents\~WRL1812.tmp
c:\users\Ericka2\Documents\~WRL1948.tmp
c:\users\Ericka2\Documents\~WRL2299.tmp
c:\users\Ericka2\Documents\~WRL2317.tmp
c:\users\Ericka2\Documents\~WRL2710.tmp
c:\users\Ericka2\Documents\~WRL3134.tmp
c:\users\Ericka2\Documents\~WRL3421.tmp
c:\users\Ericka2\Documents\~WRL3436.tmp
c:\users\Ericka2\Documents\~WRL3447.tmp
c:\users\Ericka2\Documents\~WRL3754.tmp
c:\users\Ericka2\Documents\~WRL3783.tmp
c:\users\Ericka2\Documents\~WRL3822.tmp
c:\users\Ericka2\Documents\~WRL3828.tmp
c:\windows\system32\KBL.LOG
.
.
((((((((((((((((((((((((( Files Created from 2012-12-18 to 2013-01-18 )))))))))))))))))))))))))))))))
.
.
2013-01-18 05:28 . 2013-01-18 05:28--------d-----w-c:\users\Guest\AppData\Local\temp
2013-01-18 05:28 . 2013-01-18 05:28--------d-----w-c:\users\Ericka2\AppData\Local\temp
2013-01-18 05:28 . 2013-01-18 05:29--------d-----w-c:\users\erica\AppData\Local\temp
2013-01-18 05:28 . 2013-01-18 05:28--------d-----w-c:\users\guest2\AppData\Local\temp
2013-01-18 05:28 . 2013-01-18 05:28--------d-----w-c:\users\Default\AppData\Local\temp
2013-01-16 19:52 . 2013-01-16 19:5260872----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{192C6C18-E30F-4390-A973-27B94ED77B90}\offreg.dll
2013-01-16 02:56 . 2012-11-08 18:006812136----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{192C6C18-E30F-4390-A973-27B94ED77B90}\mpengine.dll
2013-01-12 04:27 . 2013-01-12 04:27--------d-----w-c:\windows\ERUNT
2013-01-12 04:27 . 2013-01-12 04:27--------d-----w-C:\JRT
2013-01-10 04:31 . 2012-10-30 23:51361032----a-w-c:\windows\system32\drivers\aswSP.sys
2013-01-10 04:31 . 2012-10-30 23:5121256----a-w-c:\windows\system32\drivers\aswFsBlk.sys
2013-01-10 04:31 . 2012-10-30 23:5135928----a-w-c:\windows\system32\drivers\aswRdr.sys
2013-01-10 04:31 . 2012-10-30 23:5154232----a-w-c:\windows\system32\drivers\aswTdi.sys
2013-01-10 04:31 . 2012-10-30 23:51738504----a-w-c:\windows\system32\drivers\aswSnx.sys
2013-01-10 04:31 . 2012-10-30 23:5158680----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2013-01-10 04:30 . 2012-10-30 23:5141224----a-w-c:\windows\avastSS.scr
2013-01-10 04:30 . 2012-10-30 23:50227648----a-w-c:\windows\system32\aswBoot.exe
2013-01-10 04:29 . 2013-01-10 04:29--------d-----w-c:\programdata\AVAST Software
2013-01-10 04:29 . 2013-01-10 04:29--------d-----w-c:\program files\AVAST Software
2013-01-10 04:13 . 2013-01-10 04:13--------d-----w-c:\users\erica\AppData\Roaming\Malwarebytes
2013-01-10 04:11 . 2013-01-10 04:11--------d-----w-c:\programdata\Malwarebytes
2013-01-10 04:11 . 2012-12-14 21:4921104----a-w-c:\windows\system32\drivers\mbam.sys
2013-01-10 04:11 . 2013-01-10 04:11--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2013-01-10 03:42 . 2012-11-23 01:352048000----a-w-c:\windows\system32\win32k.sys
2013-01-10 03:40 . 2012-11-20 04:22204288----a-w-c:\windows\system32\ncrypt.dll
2013-01-10 03:40 . 2012-11-02 10:191400832----a-w-c:\windows\system32\msxml6.dll
2013-01-10 03:22 . 2013-01-10 03:22--------d-----w-c:\program files\TeamViewer
2013-01-06 04:58 . 2013-01-06 05:01--------d-----w-c:\programdata\1386BAB1F0076BAF00001386A73070D7
2012-12-28 16:38 . 2012-12-28 16:38--------d-----w-c:\users\Ericka2\AppData\Roaming\3M
2012-12-28 05:03 . 2012-12-28 05:03--------d-----w-c:\users\erica\AppData\Roaming\3M
2012-12-28 05:00 . 2012-12-28 05:00--------d-----w-c:\program files\3M
2012-12-28 04:55 . 2012-12-28 04:56--------d-----w-c:\users\erica\AppData\Roaming\GetRightToGo
2012-12-22 08:00 . 2012-12-16 13:1234304----a-w-c:\windows\system32\atmlib.dll
2012-12-22 08:00 . 2012-12-16 10:50293376----a-w-c:\windows\system32\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 21:01 . 2012-09-08 19:02697864----a-w-c:\windows\system32\FlashPlayerApp.exe
2013-01-08 21:01 . 2011-09-05 02:0674248----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-14 02:09 . 2012-12-12 08:111800704----a-w-c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 08:111427968----a-w-c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 08:111129472----a-w-c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 08:11142848----a-w-c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 08:11420864----a-w-c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 08:112382848----a-w-c:\windows\system32\mshtml.tlb
2012-11-13 01:29 . 2012-12-12 04:322048----a-w-c:\windows\system32\tzres.dll
2012-11-02 10:18 . 2012-12-12 04:32376320----a-w-c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-12 04:3223040----a-w-c:\windows\system32\dpnsvr.exe
2012-10-26 20:54 . 2011-12-24 04:31800824----a-w-c:\users\Default\AppData\Roaming\DPInst.exe
2012-10-26 20:54 . 2011-12-24 04:3136352----a-w-c:\users\Default\AppData\Roaming\PnPutil.exe
2012-10-26 20:54 . 2011-12-24 04:31106496----a-w-c:\users\Default\AppData\Roaming\gacutil.exe
2012-10-25 08:12 . 2012-10-25 08:1294208----a-w-c:\windows\system32\QuickTimeVR.qtx
2012-10-25 08:12 . 2012-10-25 08:1269632----a-w-c:\windows\system32\QuickTime.qts
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50121528----a-w-c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-12-05 247728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2012-07-24 2498048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-10-25 212992]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"Conime"="c:\windows\system32\conime.exe" [2009-04-11 69120]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" [2011-12-01 206120]
"Online Backup Auto Update"="c:\program files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe" [2010-02-11 233472]
"Vault Explorer Cache Watcher"="c:\program files\Verizon\Online Backup & Sharing\vewatch.exe" [2010-02-10 28672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"EKStatusMonitor"="c:\program files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Vongo Tray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Vongo Tray.lnk
backup=c:\windows\pss\Vongo Tray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51919008----a-w-c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-06 05:5259240----a-w-c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-11-28 19:1359280----a-w-c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33125952----a-w-c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-12 00:13166424----a-w-c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-05-10 06:4149208----a-w-c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2007-10-02 00:101783136----a-w-c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-12 00:13141848----a-w-c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-12-12 18:57152544----a-w-c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-12 00:13133656----a-w-c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2009-11-24 15:07323640----a-w-c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-10-01 03:34181544----a-w-c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 08:12421888----a-w-c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 18:49249064----a-w-c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33202240----a-w-c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonationREG_MULTI_SZ FontCache
rsmsvcsREG_MULTI_SZ ntmssvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-15 22:081606760----a-w-c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-08 21:01]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-04 04:42]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-04 04:42]
.
2008-04-17 c:\windows\Tasks\HPCeeScheduleForerica.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-11-12 19:58]
.
2008-05-06 c:\windows\Tasks\HPCeeScheduleForEricka2.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-11-12 19:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.verizon.com/myverizon
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Create a Post-it® Note - c:\program files\3M\PDNotes\\PSNBookMark.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
HKLM-Run-hpqSRMon - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
AddRemove-{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App - c:\program files\WildTangent Games\App\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-18 00:29
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,38,12,26,bd,a8,
0a,e6,f4,22,0e,f1,4c,12,2a,bb,94,a4,70
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,
79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25
"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,38,12,47,ea,77,
b5,84,ef,68,0f,ce,12,6f,90,ec,54,cc,eb
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:50,16,cb,45,df,66,cd,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-01-18 00:31:52
ComboFix-quarantined-files.txt 2013-01-18 05:31
.
Pre-Run: 32,310,366,208 bytes free
Post-Run: 33,657,896,960 bytes free
.
- - End Of File - - F9FF3B2680E582BEE58193763CFEC343
 
TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

OTL Quick Scan

Please download OTL by OldTimer to your Desktop.
  • Close all windows and double click OTL.exe.
  • Click Quick Scan button and let the program run uninterrupted.
  • It will produce a log for you called OTL.txt, please post it in your next reply.
  • You may need to use two posts to get it all.
 
23:57:45.0683 4020 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:57:46.0745 4020 ============================================================
23:57:46.0746 4020 Current date / time: 2013/01/19 23:57:46.0745
23:57:46.0746 4020 SystemInfo:
23:57:46.0746 4020
23:57:46.0746 4020 OS Version: 6.0.6002 ServicePack: 2.0
23:57:46.0746 4020 Product type: Workstation
23:57:46.0746 4020 ComputerName: ERICA-PC
23:57:46.0747 4020 UserName: erica
23:57:46.0747 4020 Windows directory: C:\Windows
23:57:46.0747 4020 System windows directory: C:\Windows
23:57:46.0747 4020 Processor architecture: Intel x86
23:57:46.0747 4020 Number of processors: 2
23:57:46.0747 4020 Page size: 0x1000
23:57:46.0747 4020 Boot type: Normal boot
23:57:46.0747 4020 ============================================================
23:57:47.0923 4020 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:57:47.0943 4020 ============================================================
23:57:47.0943 4020 \Device\Harddisk0\DR0:
23:57:47.0944 4020 MBR partitions:
23:57:47.0944 4020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC849D92
23:57:47.0944 4020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC849DD1, BlocksNum 0x17499F0
23:57:47.0944 4020 ============================================================
23:57:47.0959 4020 C: <-> \Device\Harddisk0\DR0\Partition1
23:57:47.0993 4020 D: <-> \Device\Harddisk0\DR0\Partition2
23:57:47.0993 4020 ============================================================
23:57:47.0993 4020 Initialize success
23:57:47.0993 4020 ============================================================
23:58:23.0941 5584 ============================================================
23:58:23.0941 5584 Scan started
23:58:23.0941 5584 Mode: Manual; SigCheck; TDLFS;
23:58:23.0941 5584 ============================================================
23:58:24.0644 5584 ================ Scan system memory ========================
23:58:24.0644 5584 System memory - ok
23:58:24.0645 5584 ================ Scan services =============================
23:58:24.0897 5584 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:58:25.0096 5584 ACPI - ok
23:58:25.0260 5584 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:58:25.0282 5584 AdobeARMservice - ok
23:58:25.0402 5584 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:58:25.0431 5584 AdobeFlashPlayerUpdateSvc - ok
23:58:25.0517 5584 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:58:25.0569 5584 adp94xx - ok
23:58:25.0716 5584 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:58:25.0746 5584 adpahci - ok
23:58:25.0773 5584 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:58:25.0796 5584 adpu160m - ok
23:58:25.0821 5584 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:58:25.0846 5584 adpu320 - ok
23:58:25.0889 5584 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:58:26.0110 5584 AeLookupSvc - ok
23:58:26.0187 5584 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:58:26.0279 5584 AFD - ok
23:58:26.0332 5584 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:58:26.0353 5584 agp440 - ok
23:58:26.0382 5584 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:58:26.0405 5584 aic78xx - ok
23:58:26.0482 5584 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:58:26.0572 5584 ALG - ok
23:58:26.0594 5584 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
23:58:26.0612 5584 aliide - ok
23:58:26.0641 5584 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:58:26.0662 5584 amdagp - ok
23:58:26.0683 5584 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
23:58:26.0702 5584 amdide - ok
23:58:26.0734 5584 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:58:26.0846 5584 AmdK7 - ok
23:58:26.0857 5584 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:58:26.0965 5584 AmdK8 - ok
23:58:27.0037 5584 [ 3A2154B4F22AF4771F40B8F2FC7DBBF6 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
23:58:27.0060 5584 ApfiltrService - ok
23:58:27.0106 5584 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:58:27.0166 5584 Appinfo - ok
23:58:27.0287 5584 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:58:27.0310 5584 Apple Mobile Device - ok
23:58:27.0366 5584 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
23:58:27.0389 5584 arc - ok
23:58:27.0417 5584 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:58:27.0444 5584 arcsas - ok
23:58:27.0508 5584 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:58:27.0555 5584 aswFsBlk - ok
23:58:27.0583 5584 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:58:27.0603 5584 aswMonFlt - ok
23:58:27.0627 5584 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
23:58:27.0646 5584 AswRdr - ok
23:58:27.0708 5584 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:58:27.0784 5584 aswSnx - ok
23:58:27.0827 5584 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:58:27.0877 5584 aswSP - ok
23:58:27.0937 5584 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:58:27.0957 5584 aswTdi - ok
23:58:28.0015 5584 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:58:28.0108 5584 AsyncMac - ok
23:58:28.0175 5584 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
23:58:28.0202 5584 atapi - ok
23:58:28.0258 5584 [ 0437199C88F6E88A387CFEC8A8886A6E ] athr C:\Windows\system32\DRIVERS\athr.sys
23:58:28.0355 5584 athr - ok
23:58:28.0423 5584 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:58:28.0489 5584 AudioEndpointBuilder - ok
23:58:28.0525 5584 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:58:28.0580 5584 Audiosrv - ok
23:58:28.0654 5584 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:58:28.0674 5584 avast! Antivirus - ok
23:58:28.0713 5584 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
23:58:28.0852 5584 BCM43XV - ok
23:58:28.0915 5584 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:58:28.0982 5584 Beep - ok
23:58:29.0050 5584 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
23:58:29.0117 5584 BFE - ok
23:58:29.0202 5584 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
23:58:29.0340 5584 BITS - ok
23:58:29.0349 5584 blbdrive - ok
23:58:29.0455 5584 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:58:29.0485 5584 Bonjour Service - ok
23:58:29.0530 5584 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:58:29.0573 5584 bowser - ok
23:58:29.0604 5584 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:58:29.0650 5584 BrFiltLo - ok
23:58:29.0674 5584 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:58:29.0762 5584 BrFiltUp - ok
23:58:29.0815 5584 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:58:29.0895 5584 Browser - ok
23:58:29.0929 5584 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:58:30.0000 5584 Brserid - ok
23:58:30.0028 5584 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:58:30.0098 5584 BrSerWdm - ok
23:58:30.0136 5584 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:58:30.0219 5584 BrUsbMdm - ok
23:58:30.0253 5584 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:58:30.0336 5584 BrUsbSer - ok
23:58:30.0382 5584 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:58:30.0476 5584 BTHMODEM - ok
23:58:30.0547 5584 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
23:58:30.0580 5584 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
23:58:30.0580 5584 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
23:58:30.0642 5584 catchme - ok
23:58:30.0652 5584 CBTNDIS4 - ok
23:58:30.0727 5584 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:58:30.0791 5584 cdfs - ok
23:58:30.0870 5584 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:58:30.0932 5584 cdrom - ok
23:58:30.0994 5584 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:58:31.0081 5584 CertPropSvc - ok
23:58:31.0119 5584 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
23:58:31.0212 5584 circlass - ok
23:58:31.0255 5584 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:58:31.0308 5584 CLFS - ok
23:58:31.0423 5584 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:58:31.0444 5584 clr_optimization_v2.0.50727_32 - ok
23:58:31.0513 5584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:58:31.0537 5584 clr_optimization_v4.0.30319_32 - ok
23:58:31.0593 5584 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:58:31.0648 5584 CmBatt - ok
23:58:31.0676 5584 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:58:31.0695 5584 cmdide - ok
23:58:31.0741 5584 [ 2E39F9C51912F4F211B0334AED33E7BD ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
23:58:31.0783 5584 CnxtHdAudService - ok
23:58:31.0900 5584 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23:58:31.0922 5584 Com4QLBEx - ok
23:58:31.0940 5584 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:58:31.0962 5584 Compbatt - ok
23:58:31.0978 5584 COMSysApp - ok
23:58:31.0997 5584 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:58:32.0017 5584 crcdisk - ok
23:58:32.0044 5584 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:58:32.0130 5584 Crusoe - ok
23:58:32.0205 5584 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:58:32.0243 5584 CryptSvc - ok
23:58:32.0318 5584 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:58:32.0413 5584 DcomLaunch - ok
23:58:32.0452 5584 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:58:32.0493 5584 DfsC - ok
23:58:32.0602 5584 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:58:32.0816 5584 DFSR - ok
23:58:32.0898 5584 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:58:32.0936 5584 Dhcp - ok
23:58:32.0986 5584 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:58:33.0009 5584 disk - ok
23:58:33.0067 5584 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:58:33.0128 5584 Dnscache - ok
23:58:33.0178 5584 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:58:33.0234 5584 dot3svc - ok
23:58:33.0299 5584 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:58:33.0358 5584 DPS - ok
23:58:33.0403 5584 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:58:33.0437 5584 drmkaud - ok
23:58:33.0505 5584 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:58:33.0561 5584 DXGKrnl - ok
23:58:33.0686 5584 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
23:58:33.0841 5584 E100B - ok
23:58:33.0890 5584 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:58:34.0076 5584 E1G60 - ok
23:58:34.0138 5584 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:58:34.0178 5584 EapHost - ok
23:58:34.0240 5584 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:58:34.0276 5584 Ecache - ok
23:58:34.0355 5584 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:58:34.0390 5584 ehRecvr - ok
23:58:34.0437 5584 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:58:34.0505 5584 ehSched - ok
23:58:34.0512 5584 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:58:34.0560 5584 ehstart - ok
23:58:34.0636 5584 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:58:34.0667 5584 elxstor - ok
23:58:34.0740 5584 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:58:34.0844 5584 EMDMgmt - ok
23:58:34.0915 5584 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:58:34.0965 5584 EventSystem - ok
23:58:35.0011 5584 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:58:35.0088 5584 exfat - ok
23:58:35.0129 5584 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:58:35.0171 5584 fastfat - ok
23:58:35.0225 5584 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:58:35.0303 5584 fdc - ok
23:58:35.0360 5584 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:58:35.0403 5584 fdPHost - ok
23:58:35.0443 5584 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:58:35.0533 5584 FDResPub - ok
23:58:35.0602 5584 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:58:35.0629 5584 FileInfo - ok
23:58:35.0726 5584 [ 6E84E7C7062058BE9B8D5495D923DA8C ] FilesystemWatcher C:\Program Files\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
23:58:35.0760 5584 FilesystemWatcher ( UnsignedFile.Multi.Generic ) - warning
23:58:35.0760 5584 FilesystemWatcher - detected UnsignedFile.Multi.Generic (1)
23:58:35.0806 5584 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:58:35.0848 5584 Filetrace - ok
23:58:35.0880 5584 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:58:35.0965 5584 flpydisk - ok
23:58:36.0008 5584 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:58:36.0042 5584 FltMgr - ok
23:58:36.0128 5584 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:58:36.0214 5584 FontCache - ok
23:58:36.0301 5584 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:58:36.0325 5584 FontCache3.0.0.0 - ok
23:58:36.0367 5584 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:58:36.0435 5584 Fs_Rec - ok
23:58:36.0469 5584 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:58:36.0496 5584 gagp30kx - ok
23:58:36.0512 5584 GamesAppService - ok
23:58:36.0560 5584 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
23:58:36.0580 5584 GEARAspiWDM - ok
23:58:36.0644 5584 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:58:36.0721 5584 gpsvc - ok
23:58:36.0874 5584 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:58:36.0898 5584 gupdate - ok
23:58:36.0907 5584 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:58:36.0933 5584 gupdatem - ok
23:58:36.0993 5584 [ 93AEE3434935FC2F805FEFD8DC5ED1B4 ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
23:58:37.0011 5584 HBtnKey - ok
23:58:37.0056 5584 [ A1BE5A64DDCB0880301CF860BE3F0A07 ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
23:58:37.0095 5584 HdAudAddService - ok
23:58:37.0160 5584 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:58:37.0285 5584 HDAudBus - ok
23:58:37.0308 5584 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:58:37.0384 5584 HidBth - ok
23:58:37.0414 5584 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:58:37.0543 5584 HidIr - ok
23:58:37.0588 5584 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
23:58:37.0681 5584 hidserv - ok
23:58:37.0776 5584 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:58:37.0857 5584 HidUsb - ok
23:58:37.0936 5584 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:58:38.0053 5584 hkmsvc - ok
23:58:38.0164 5584 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
23:58:38.0200 5584 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
23:58:38.0200 5584 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
23:58:38.0238 5584 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:58:38.0261 5584 HpCISSs - ok
23:58:38.0326 5584 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:58:38.0356 5584 HpqKbFiltr - ok
23:58:38.0427 5584 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
23:58:38.0455 5584 hpqwmiex - ok
23:58:38.0504 5584 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:58:38.0569 5584 HSFHWAZL - ok
23:58:38.0638 5584 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:58:38.0717 5584 HSF_DPV - ok
23:58:38.0801 5584 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:58:38.0829 5584 HSXHWAZL - ok
23:58:38.0877 5584 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:58:38.0964 5584 HTTP - ok
23:58:39.0003 5584 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:58:39.0021 5584 i2omp - ok
23:58:39.0089 5584 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:58:39.0175 5584 i8042prt - ok
23:58:39.0243 5584 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23:58:39.0300 5584 IAANTMON - ok
23:58:39.0448 5584 [ 9378D57E2B96C0A185D844770AD49948 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
23:58:39.0626 5584 ialm - ok
23:58:39.0664 5584 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:58:39.0695 5584 iaStor - ok
23:58:39.0727 5584 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:58:39.0759 5584 iaStorV - ok
23:58:39.0846 5584 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:58:39.0872 5584 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:58:39.0872 5584 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:58:39.0950 5584 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:58:40.0030 5584 idsvc - ok
23:58:40.0150 5584 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:58:40.0288 5584 igfx - ok
23:58:40.0340 5584 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:58:40.0362 5584 iirsp - ok
23:58:40.0415 5584 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:58:40.0509 5584 IKEEXT - ok
23:58:40.0597 5584 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
23:58:40.0626 5584 intelide - ok
23:58:40.0647 5584 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:58:40.0708 5584 intelppm - ok
23:58:40.0780 5584 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:58:40.0827 5584 IPBusEnum - ok
23:58:40.0865 5584 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:58:40.0916 5584 IpFilterDriver - ok
23:58:40.0960 5584 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:58:41.0009 5584 iphlpsvc - ok
23:58:41.0018 5584 IpInIp - ok
23:58:41.0050 5584 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:58:41.0139 5584 IPMIDRV - ok
23:58:41.0196 5584 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:58:41.0260 5584 IPNAT - ok
23:58:41.0329 5584 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:58:41.0376 5584 iPod Service - ok
23:58:41.0416 5584 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:58:41.0460 5584 IRENUM - ok
23:58:41.0483 5584 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:58:41.0507 5584 isapnp - ok
23:58:41.0574 5584 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:58:41.0607 5584 iScsiPrt - ok
23:58:41.0624 5584 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:58:41.0650 5584 iteatapi - ok
23:58:41.0690 5584 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:58:41.0712 5584 iteraid - ok
23:58:41.0760 5584 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:58:41.0785 5584 kbdclass - ok
23:58:41.0837 5584 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:58:41.0878 5584 kbdhid - ok
23:58:41.0930 5584 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:58:41.0967 5584 KeyIso - ok
23:58:42.0093 5584 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
23:58:42.0149 5584 Kodak AiO Network Discovery Service - ok
23:58:42.0216 5584 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
23:58:42.0300 5584 Kodak AiO Status Monitor Service - ok
23:58:42.0369 5584 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:58:42.0415 5584 KSecDD - ok
23:58:42.0484 5584 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:58:42.0579 5584 KtmRm - ok
23:58:42.0633 5584 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
23:58:42.0678 5584 LanmanServer - ok
23:58:42.0744 5584 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:58:42.0801 5584 LanmanWorkstation - ok
23:58:42.0855 5584 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:58:42.0912 5584 lltdio - ok
23:58:42.0959 5584 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:58:43.0042 5584 lltdsvc - ok
23:58:43.0075 5584 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:58:43.0145 5584 lmhosts - ok
23:58:43.0216 5584 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:58:43.0239 5584 LSI_FC - ok
23:58:43.0265 5584 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:58:43.0290 5584 LSI_SAS - ok
23:58:43.0326 5584 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:58:43.0348 5584 LSI_SCSI - ok
23:58:43.0403 5584 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:58:43.0455 5584 luafv - ok
23:58:43.0503 5584 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:58:43.0546 5584 Mcx2Svc - ok
23:58:43.0586 5584 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:58:43.0629 5584 mdmxsdk - ok
23:58:43.0680 5584 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
23:58:43.0705 5584 megasas - ok
23:58:43.0813 5584 Microsoft SharePoint Workspace Audit Service - ok
23:58:43.0851 5584 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:58:43.0909 5584 MMCSS - ok
23:58:43.0955 5584 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:58:44.0018 5584 Modem - ok
23:58:44.0081 5584 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:58:44.0168 5584 monitor - ok
23:58:44.0200 5584 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:58:44.0236 5584 mouclass - ok
23:58:44.0294 5584 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:58:44.0354 5584 mouhid - ok
23:58:44.0402 5584 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:58:44.0425 5584 MountMgr - ok
23:58:44.0481 5584 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
23:58:44.0505 5584 mpio - ok
23:58:44.0558 5584 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:58:44.0618 5584 mpsdrv - ok
23:58:44.0673 5584 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
23:58:44.0754 5584 MpsSvc - ok
23:58:44.0789 5584 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:58:44.0813 5584 Mraid35x - ok
23:58:44.0863 5584 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:58:44.0906 5584 MRxDAV - ok
23:58:44.0946 5584 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:58:44.0990 5584 mrxsmb - ok
23:58:45.0046 5584 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:58:45.0079 5584 mrxsmb10 - ok
23:58:45.0092 5584 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:58:45.0117 5584 mrxsmb20 - ok
23:58:45.0155 5584 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
23:58:45.0183 5584 msahci - ok
23:58:45.0207 5584 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:58:45.0230 5584 msdsm - ok
23:58:45.0284 5584 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:58:45.0367 5584 MSDTC - ok
23:58:45.0406 5584 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:58:45.0462 5584 Msfs - ok
23:58:45.0495 5584 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:58:45.0523 5584 msisadrv - ok
23:58:45.0570 5584 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:58:45.0621 5584 MSiSCSI - ok
23:58:45.0636 5584 msiserver - ok
23:58:45.0710 5584 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:58:45.0781 5584 MSKSSRV - ok
23:58:45.0826 5584 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:58:45.0874 5584 MSPCLOCK - ok
23:58:45.0899 5584 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:58:45.0957 5584 MSPQM - ok
23:58:46.0009 5584 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:58:46.0046 5584 MsRPC - ok
23:58:46.0066 5584 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:58:46.0094 5584 mssmbios - ok
23:58:46.0106 5584 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:58:46.0174 5584 MSTEE - ok
23:58:46.0211 5584 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:58:46.0243 5584 Mup - ok
23:58:46.0305 5584 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:58:46.0372 5584 napagent - ok
23:58:46.0431 5584 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:58:46.0478 5584 NativeWifiP - ok
23:58:46.0520 5584 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:58:46.0565 5584 NDIS - ok
23:58:46.0622 5584 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:58:46.0666 5584 NdisTapi - ok
23:58:46.0715 5584 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:58:46.0760 5584 Ndisuio - ok
23:58:46.0807 5584 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:58:46.0872 5584 NdisWan - ok
23:58:46.0910 5584 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:58:46.0948 5584 NDProxy - ok
23:58:46.0974 5584 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:58:47.0032 5584 NetBIOS - ok
23:58:47.0073 5584 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:58:47.0110 5584 netbt - ok
 
23:58:47.0131 5584 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:58:47.0156 5584 Netlogon - ok
23:58:47.0220 5584 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:58:47.0304 5584 Netman - ok
23:58:47.0351 5584 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:58:47.0422 5584 netprofm - ok
23:58:47.0461 5584 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:58:47.0482 5584 NetTcpPortSharing - ok
23:58:47.0521 5584 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:58:47.0543 5584 nfrd960 - ok
23:58:47.0600 5584 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:58:47.0659 5584 NlaSvc - ok
23:58:47.0708 5584 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:58:47.0747 5584 Npfs - ok
23:58:47.0787 5584 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:58:47.0876 5584 nsi - ok
23:58:47.0940 5584 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:58:48.0002 5584 nsiproxy - ok
23:58:48.0081 5584 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:58:48.0196 5584 Ntfs - ok
23:58:48.0304 5584 [ A7DFF9642D510BE1EEC6664CD0369953 ] NtmsSvc C:\Windows\system32\ntmssvc.dll
23:58:48.0372 5584 NtmsSvc - ok
23:58:48.0398 5584 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:58:48.0483 5584 ntrigdigi - ok
23:58:48.0544 5584 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:58:48.0584 5584 Null - ok
23:58:48.0609 5584 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:58:48.0631 5584 nvraid - ok
23:58:48.0660 5584 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:58:48.0680 5584 nvstor - ok
23:58:48.0709 5584 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:58:48.0734 5584 nv_agp - ok
23:58:48.0748 5584 NwlnkFlt - ok
23:58:48.0757 5584 NwlnkFwd - ok
23:58:48.0836 5584 [ 7AF6EC0EA4261ECF7DA084103BE31EA8 ] odysseyIM4 C:\Windows\system32\DRIVERS\odysseyIM4.sys
23:58:48.0897 5584 odysseyIM4 - ok
23:58:48.0942 5584 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:58:49.0013 5584 ohci1394 - ok
23:58:49.0058 5584 [ 6987D81234166F87CD2F360E7E5F4202 ] OnlineBackupSchedulerService C:\Program Files\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe
23:58:49.0101 5584 OnlineBackupSchedulerService ( UnsignedFile.Multi.Generic ) - warning
23:58:49.0101 5584 OnlineBackupSchedulerService - detected UnsignedFile.Multi.Generic (1)
23:58:49.0197 5584 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:58:49.0223 5584 ose - ok
23:58:49.0468 5584 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:58:50.0173 5584 osppsvc - ok
23:58:50.0280 5584 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:58:50.0401 5584 p2pimsvc - ok
23:58:50.0449 5584 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:58:50.0511 5584 p2psvc - ok
23:58:50.0580 5584 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:58:50.0647 5584 Parport - ok
23:58:50.0699 5584 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:58:50.0730 5584 partmgr - ok
23:58:50.0751 5584 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:58:50.0832 5584 Parvdm - ok
23:58:50.0878 5584 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:58:50.0923 5584 PcaSvc - ok
23:58:50.0973 5584 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:58:51.0003 5584 pci - ok
23:58:51.0024 5584 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
23:58:51.0044 5584 pciide - ok
23:58:51.0073 5584 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:58:51.0096 5584 pcmcia - ok
23:58:51.0157 5584 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:58:51.0386 5584 PEAUTH - ok
23:58:51.0502 5584 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:58:51.0668 5584 pla - ok
23:58:51.0726 5584 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:58:51.0794 5584 PlugPlay - ok
23:58:51.0836 5584 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:58:51.0883 5584 PNRPAutoReg - ok
23:58:51.0925 5584 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:58:51.0975 5584 PNRPsvc - ok
23:58:52.0016 5584 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:58:52.0106 5584 PolicyAgent - ok
23:58:52.0163 5584 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:58:52.0233 5584 PptpMiniport - ok
23:58:52.0275 5584 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
23:58:52.0372 5584 Processor - ok
23:58:52.0432 5584 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:58:52.0492 5584 ProfSvc - ok
23:58:52.0520 5584 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:58:52.0544 5584 ProtectedStorage - ok
23:58:52.0596 5584 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:58:52.0646 5584 PSched - ok
23:58:52.0698 5584 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:58:52.0780 5584 ql2300 - ok
23:58:52.0846 5584 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:58:52.0868 5584 ql40xx - ok
23:58:52.0918 5584 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:58:52.0968 5584 QWAVE - ok
23:58:53.0015 5584 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:58:53.0059 5584 QWAVEdrv - ok
23:58:53.0095 5584 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:58:53.0150 5584 RasAcd - ok
23:58:53.0216 5584 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:58:53.0281 5584 RasAuto - ok
23:58:53.0332 5584 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:58:53.0378 5584 Rasl2tp - ok
23:58:53.0405 5584 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:58:53.0465 5584 RasMan - ok
23:58:53.0513 5584 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:58:53.0566 5584 RasPppoe - ok
23:58:53.0618 5584 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:58:53.0671 5584 RasSstp - ok
23:58:53.0725 5584 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:58:53.0768 5584 rdbss - ok
23:58:53.0820 5584 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:58:53.0869 5584 RDPCDD - ok
23:58:53.0914 5584 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:58:54.0005 5584 rdpdr - ok
23:58:54.0014 5584 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:58:54.0057 5584 RDPENCDD - ok
23:58:54.0109 5584 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:58:54.0142 5584 RDPWD - ok
23:58:54.0210 5584 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:58:54.0267 5584 RemoteAccess - ok
23:58:54.0317 5584 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:58:54.0383 5584 RemoteRegistry - ok
23:58:54.0479 5584 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:58:54.0505 5584 RichVideo - ok
23:58:54.0556 5584 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
23:58:54.0583 5584 RimUsb - ok
23:58:54.0636 5584 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
23:58:54.0682 5584 RimVSerPort - ok
23:58:54.0732 5584 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
23:58:54.0775 5584 ROOTMODEM - ok
23:58:54.0801 5584 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:58:54.0837 5584 RpcLocator - ok
23:58:54.0904 5584 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:58:54.0951 5584 RpcSs - ok
23:58:54.0997 5584 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:58:55.0051 5584 rspndr - ok
23:58:55.0099 5584 [ 5C5612756B380BCEDBF566A780FF9AFE ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
23:58:55.0179 5584 RTL8023xp - ok
23:58:55.0211 5584 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:58:55.0238 5584 SamSs - ok
23:58:55.0298 5584 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:58:55.0326 5584 sbp2port - ok
23:58:55.0391 5584 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:58:55.0442 5584 SCardSvr - ok
23:58:55.0509 5584 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:58:55.0644 5584 Schedule - ok
23:58:55.0660 5584 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:58:55.0703 5584 SCPolicySvc - ok
23:58:55.0754 5584 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:58:55.0805 5584 SDRSVC - ok
23:58:55.0827 5584 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:58:55.0906 5584 secdrv - ok
23:58:55.0950 5584 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:58:56.0009 5584 seclogon - ok
23:58:56.0025 5584 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
23:58:56.0092 5584 SENS - ok
23:58:56.0121 5584 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:58:56.0211 5584 Serenum - ok
23:58:56.0256 5584 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:58:56.0345 5584 Serial - ok
23:58:56.0392 5584 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:58:56.0438 5584 sermouse - ok
23:58:56.0501 5584 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:58:56.0553 5584 SessionEnv - ok
23:58:56.0581 5584 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:58:56.0664 5584 sffdisk - ok
23:58:56.0690 5584 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:58:56.0766 5584 sffp_mmc - ok
23:58:56.0803 5584 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:58:56.0881 5584 sffp_sd - ok
23:58:56.0899 5584 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:58:56.0972 5584 sfloppy - ok
23:58:56.0999 5584 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:58:57.0048 5584 SharedAccess - ok
23:58:57.0109 5584 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:58:57.0166 5584 ShellHWDetection - ok
23:58:57.0206 5584 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:58:57.0234 5584 sisagp - ok
23:58:57.0244 5584 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:58:57.0283 5584 SiSRaid2 - ok
23:58:57.0310 5584 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:58:57.0345 5584 SiSRaid4 - ok
23:58:57.0514 5584 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:58:57.0841 5584 slsvc - ok
23:58:57.0893 5584 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:58:57.0956 5584 SLUINotify - ok
23:58:58.0009 5584 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:58:58.0054 5584 Smb - ok
23:58:58.0113 5584 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:58:58.0142 5584 SNMPTRAP - ok
23:58:58.0192 5584 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:58:58.0218 5584 spldr - ok
23:58:58.0288 5584 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:58:58.0335 5584 Spooler - ok
23:58:58.0389 5584 sprtsvc_verizondm - ok
23:58:58.0445 5584 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:58:58.0493 5584 srv - ok
23:58:58.0545 5584 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:58:58.0597 5584 srv2 - ok
23:58:58.0632 5584 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:58:58.0676 5584 srvnet - ok
23:58:58.0722 5584 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
23:58:58.0772 5584 sscdbus - ok
23:58:58.0811 5584 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
23:58:58.0848 5584 sscdmdfl - ok
23:58:58.0878 5584 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
23:58:58.0916 5584 sscdmdm - ok
23:58:58.0967 5584 [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
23:58:58.0998 5584 sscdserd - ok
23:58:59.0046 5584 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:58:59.0100 5584 SSDPSRV - ok
23:58:59.0153 5584 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:58:59.0193 5584 SstpSvc - ok
23:58:59.0251 5584 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:58:59.0313 5584 StillCam - ok
23:58:59.0392 5584 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:58:59.0474 5584 stisvc - ok
23:58:59.0507 5584 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:58:59.0533 5584 swenum - ok
23:58:59.0595 5584 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:58:59.0670 5584 swprv - ok
23:58:59.0701 5584 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:58:59.0725 5584 Symc8xx - ok
23:58:59.0746 5584 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:58:59.0784 5584 Sym_hi - ok
23:58:59.0806 5584 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:58:59.0836 5584 Sym_u3 - ok
23:58:59.0893 5584 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:59:00.0003 5584 SysMain - ok
23:59:00.0027 5584 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:59:00.0063 5584 TabletInputService - ok
23:59:00.0114 5584 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:59:00.0179 5584 TapiSrv - ok
23:59:00.0230 5584 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:59:00.0293 5584 TBS - ok
23:59:00.0365 5584 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:59:00.0479 5584 Tcpip - ok
23:59:00.0534 5584 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:59:00.0631 5584 Tcpip6 - ok
23:59:00.0682 5584 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:59:00.0714 5584 tcpipreg - ok
23:59:00.0760 5584 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:59:00.0838 5584 TDPIPE - ok
23:59:00.0888 5584 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:59:00.0941 5584 TDTCP - ok
23:59:00.0979 5584 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:59:01.0034 5584 tdx - ok
23:59:01.0218 5584 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
23:59:01.0467 5584 TeamViewer8 - ok
23:59:01.0508 5584 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:59:01.0534 5584 TermDD - ok
23:59:01.0568 5584 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:59:01.0665 5584 TermService - ok
23:59:01.0671 5584 tgsrvc_verizondm - ok
23:59:01.0709 5584 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:59:01.0747 5584 Themes - ok
23:59:01.0764 5584 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:59:01.0813 5584 THREADORDER - ok
23:59:01.0876 5584 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:59:01.0938 5584 TrkWks - ok
23:59:02.0009 5584 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:59:02.0065 5584 TrustedInstaller - ok
23:59:02.0114 5584 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:59:02.0159 5584 tssecsrv - ok
23:59:02.0204 5584 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:59:02.0259 5584 tunmp - ok
23:59:02.0273 5584 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:59:02.0312 5584 tunnel - ok
23:59:02.0352 5584 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:59:02.0380 5584 uagp35 - ok
23:59:02.0402 5584 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:59:02.0452 5584 udfs - ok
23:59:02.0509 5584 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:59:02.0560 5584 UI0Detect - ok
23:59:02.0587 5584 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:59:02.0608 5584 uliagpkx - ok
23:59:02.0659 5584 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:59:02.0692 5584 uliahci - ok
23:59:02.0713 5584 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:59:02.0736 5584 UlSata - ok
23:59:02.0768 5584 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:59:02.0793 5584 ulsata2 - ok
23:59:02.0846 5584 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:59:02.0906 5584 umbus - ok
23:59:02.0954 5584 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:59:03.0010 5584 upnphost - ok
23:59:03.0071 5584 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:59:03.0106 5584 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
23:59:03.0106 5584 USBAAPL - detected UnsignedFile.Multi.Generic (1)
23:59:03.0147 5584 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:59:03.0204 5584 usbccgp - ok
23:59:03.0248 5584 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:59:03.0330 5584 usbcir - ok
23:59:03.0410 5584 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:59:03.0454 5584 usbehci - ok
23:59:03.0479 5584 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:59:03.0536 5584 usbhub - ok
23:59:03.0563 5584 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:59:03.0653 5584 usbohci - ok
23:59:03.0684 5584 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:59:03.0768 5584 usbprint - ok
23:59:03.0789 5584 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:59:03.0826 5584 USBSTOR - ok
23:59:03.0874 5584 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:59:03.0908 5584 usbuhci - ok
23:59:03.0968 5584 [ 46F3A2912EF88CD8E87D4F9B304CD949 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:59:04.0006 5584 usbvideo - ok
23:59:04.0062 5584 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:59:04.0102 5584 UxSms - ok
23:59:04.0155 5584 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:59:04.0261 5584 vds - ok
23:59:04.0313 5584 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:59:04.0380 5584 vga - ok
23:59:04.0456 5584 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:59:04.0502 5584 VgaSave - ok
23:59:04.0530 5584 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:59:04.0551 5584 viaagp - ok
23:59:04.0573 5584 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:59:04.0651 5584 ViaC7 - ok
23:59:04.0680 5584 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
23:59:04.0702 5584 viaide - ok
23:59:04.0727 5584 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:59:04.0751 5584 volmgr - ok
23:59:04.0802 5584 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:59:04.0868 5584 volmgrx - ok
23:59:04.0917 5584 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:59:04.0954 5584 volsnap - ok
23:59:05.0007 5584 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:59:05.0035 5584 vsmraid - ok
23:59:05.0131 5584 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:59:05.0243 5584 VSS - ok
23:59:05.0294 5584 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:59:05.0377 5584 W32Time - ok
23:59:05.0411 5584 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:59:05.0477 5584 WacomPen - ok
23:59:05.0528 5584 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:59:05.0566 5584 Wanarp - ok
23:59:05.0572 5584 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:59:05.0611 5584 Wanarpv6 - ok
23:59:05.0651 5584 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:59:05.0718 5584 wcncsvc - ok
23:59:05.0741 5584 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:59:05.0799 5584 WcsPlugInService - ok
23:59:05.0827 5584 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
23:59:05.0850 5584 Wd - ok
23:59:05.0923 5584 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:59:05.0999 5584 Wdf01000 - ok
23:59:06.0047 5584 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:59:06.0104 5584 WdiServiceHost - ok
23:59:06.0111 5584 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:59:06.0164 5584 WdiSystemHost - ok
23:59:06.0214 5584 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:59:06.0263 5584 WebClient - ok
23:59:06.0310 5584 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:59:06.0343 5584 Wecsvc - ok
23:59:06.0382 5584 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:59:06.0429 5584 wercplsupport - ok
23:59:06.0482 5584 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:59:06.0541 5584 WerSvc - ok
23:59:06.0618 5584 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:59:06.0691 5584 winachsf - ok
23:59:06.0789 5584 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:59:06.0819 5584 WinDefend - ok
23:59:06.0829 5584 WinHttpAutoProxySvc - ok
23:59:06.0882 5584 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:59:06.0920 5584 Winmgmt - ok
23:59:07.0007 5584 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:59:07.0166 5584 WinRM - ok
23:59:07.0234 5584 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:59:07.0315 5584 Wlansvc - ok
23:59:07.0372 5584 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:59:07.0421 5584 WmiAcpi - ok
23:59:07.0469 5584 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:59:07.0530 5584 wmiApSrv - ok
23:59:07.0621 5584 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:59:07.0717 5584 WMPNetworkSvc - ok
23:59:07.0746 5584 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:59:07.0783 5584 WPCSvc - ok
23:59:07.0838 5584 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:59:07.0875 5584 WPDBusEnum - ok
23:59:07.0934 5584 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:59:07.0974 5584 WpdUsb - ok
23:59:08.0098 5584 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:59:08.0173 5584 WPFFontCache_v0400 - ok
23:59:08.0239 5584 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:59:08.0293 5584 ws2ifsl - ok
23:59:08.0339 5584 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
23:59:08.0384 5584 wscsvc - ok
23:59:08.0434 5584 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
23:59:08.0473 5584 WSDPrintDevice - ok
23:59:08.0481 5584 WSearch - ok
23:59:08.0609 5584 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:59:08.0781 5584 wuauserv - ok
23:59:08.0855 5584 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:59:08.0889 5584 WudfPf - ok
23:59:08.0932 5584 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:59:08.0975 5584 WUDFRd - ok
23:59:09.0026 5584 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:59:09.0074 5584 wudfsvc - ok
23:59:09.0123 5584 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
23:59:09.0169 5584 XAudio - ok
23:59:09.0219 5584 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
23:59:09.0278 5584 XAudioService - ok
23:59:09.0308 5584 ================ Scan global ===============================
23:59:09.0370 5584 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:59:09.0421 5584 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:59:09.0466 5584 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:59:09.0524 5584 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:59:09.0547 5584 [Global] - ok
23:59:09.0551 5584 ================ Scan MBR ==================================
23:59:09.0562 5584 [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
23:59:10.0123 5584 \Device\Harddisk0\DR0 - ok
23:59:10.0124 5584 ================ Scan VBR ==================================
23:59:10.0129 5584 [ 39D6ADC2B237E7335DEADCB7A6DA20B7 ] \Device\Harddisk0\DR0\Partition1
23:59:10.0131 5584 \Device\Harddisk0\DR0\Partition1 - ok
23:59:10.0138 5584 [ CB113A9AF4407F94DC21A30211DC1F5A ] \Device\Harddisk0\DR0\Partition2
23:59:10.0141 5584 \Device\Harddisk0\DR0\Partition2 - ok
23:59:10.0145 5584 ============================================================
23:59:10.0145 5584 Scan finished
23:59:10.0145 5584 ============================================================
23:59:10.0173 4752 Detected object count: 6
23:59:10.0173 4752 Actual detected object count: 6
00:00:28.0807 4752 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:00:28.0807 4752 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:00:28.0808 4752 FilesystemWatcher ( UnsignedFile.Multi.Generic ) - skipped by user
00:00:28.0808 4752 FilesystemWatcher ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:00:28.0808 4752 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:00:28.0809 4752 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:00:28.0809 4752 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:00:28.0809 4752 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:00:28.0810 4752 OnlineBackupSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
00:00:28.0810 4752 OnlineBackupSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:00:28.0811 4752 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
00:00:28.0811 4752 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:02:08.0387 5436 Deinitialize success
 
OTL logfile created on: 1/20/2013 12:06:08 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\erica\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.64% Memory free
4.21 Gb Paging File | 2.85 Gb Available in Paging File | 67.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.14 Gb Total Space | 33.24 Gb Free Space | 33.19% Space Free | Partition Type: NTFS
Drive D: | 11.64 Gb Total Space | 1.50 Gb Free Space | 12.91% Space Free | Partition Type: NTFS

Computer Name: ERICA-PC | User Name: erica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/20 00:03:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\erica\Desktop\OTL.exe
PRC - [2012/12/14 04:17:04 | 004,103,672 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/12/14 04:17:03 | 009,876,472 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
PRC - [2012/12/14 04:08:24 | 000,190,968 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
PRC - [2012/10/30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/19 13:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2012/10/15 10:58:24 | 002,844,608 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2012/10/15 10:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/24 03:05:36 | 002,498,048 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2011/12/05 07:34:56 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe
PRC - [2011/12/01 06:11:06 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\VERIZONDM\bin\sprtcmd.exe
PRC - [2011/11/02 01:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/02/10 19:11:00 | 000,020,480 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe
PRC - [2010/02/10 19:10:50 | 000,233,472 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe
PRC - [2010/02/10 16:20:56 | 000,028,672 | ---- | M] (DigiData Corp.) -- C:\Program Files\Verizon\Online Backup & Sharing\vewatch.exe
PRC - [2010/02/02 20:02:52 | 000,024,576 | ---- | M] (DigiData Corp.) -- C:\Program Files\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/10/03 18:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 18:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/10 05:14:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 05:14:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/10 05:14:03 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/10 05:13:33 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013/01/10 05:13:19 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 05:12:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 05:11:59 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/07/24 03:05:36 | 002,633,216 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll
MOD - [2012/07/24 03:05:36 | 002,498,048 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
MOD - [2012/07/24 03:05:36 | 001,205,760 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll
MOD - [2012/07/24 03:05:36 | 000,707,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll
MOD - [2012/07/24 03:05:36 | 000,502,784 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
MOD - [2012/07/24 03:05:36 | 000,485,376 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll
MOD - [2012/07/24 03:05:36 | 000,198,144 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
MOD - [2012/07/24 03:05:36 | 000,140,800 | ---- | M] () -- C:\Program Files\Rainlendar2\lua52.dll
MOD - [2012/07/24 03:05:36 | 000,131,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll
MOD - [2012/07/24 03:05:36 | 000,012,800 | ---- | M] () -- C:\Program Files\Rainlendar2\lfs.dll
MOD - [2012/02/17 20:38:13 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DigiData.Vault.Problems\1.2.0.0__9020972b7d9d3317\DigiData.Vault.Problems.dll
MOD - [2012/02/17 20:38:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DigiData.Vault.VaultExplorer.Cache.Controller\1.0.0.0__9020972b7d9d3317\DigiData.Vault.VaultExplorer.Cache.Controller.dll
MOD - [2012/02/17 20:38:11 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DigiData.Vault.Adapter\1.0.8.0__9020972b7d9d3317\DigiData.Vault.Adapter.dll
MOD - [2012/02/17 20:38:11 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DigiData\1.4.0.0__9020972b7d9d3317\DigiData.dll
MOD - [2012/02/17 20:38:10 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DigiData.Vault\1.5.5.0__9020972b7d9d3317\DigiData.Vault.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/02/10 19:10:50 | 000,233,472 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe
MOD - [2010/02/10 19:10:34 | 000,036,864 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateMonitor.dll
MOD - [2010/02/10 19:09:58 | 000,028,672 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.Updater.dll
MOD - [2010/02/10 19:09:10 | 000,036,864 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.Controls.Buttons.dll
MOD - [2010/02/10 19:08:32 | 000,077,824 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.Common.dll
MOD - [2010/02/10 19:08:14 | 000,057,344 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.ThemeManager.dll
MOD - [2010/02/10 16:21:10 | 001,236,992 | ---- | M] () -- C:\Program Files\Verizon\Online Backup & Sharing\DigiData.Vault.VaultExplorer.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2013/01/08 16:01:32 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/19 13:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012/10/15 10:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm)
SRV - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm)
SRV - [2010/02/10 19:11:00 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe -- (OnlineBackupSchedulerService)
SRV - [2010/02/02 20:02:52 | 000,024,576 | ---- | M] (DigiData Corp.) [Auto | Running] -- C:\Program Files\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe -- (FilesystemWatcher)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 18:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\CBTNDIS4.SYS -- (CBTNDIS4)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\erica\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/10/30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/10/30 18:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/25 00:03:16 | 000,014,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
DRV - [2009/08/19 16:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/04/29 06:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2008/02/27 05:26:04 | 000,201,728 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/01/19 01:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/10/29 09:38:38 | 000,162,088 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/10/18 05:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/11 06:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/13 07:18:20 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/05/30 18:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2005/08/17 06:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 06:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/05/18 13:52:56 | 000,173,056 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\odysseyIM4.sys -- (odysseyIM4)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{2C55072A-FAC7-4F0C-8BFF-9A438F819BF4}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{7638F40E-6DD0-42B2-A953-26B5A65C45A9}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.com/myverizon
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes\{2C55072A-FAC7-4F0C-8BFF-9A438F819BF4}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes\{547EEAAC-3665-4e6c-B326-C622D698543A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=SOLTDF&pc=SOLTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes\{7638F40E-6DD0-42B2-A953-26B5A65C45A9}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes\{96B8A674-8660-4733-993E-31C2A4B052BE}: "URL" = http://search.yahoo.com/?ourmark=4&p={searchTerms}
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/03/04 18:17:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/03/04 18:17:06 | 000,000,000 | ---D | M]

[2012/05/26 22:28:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erica\AppData\Roaming\Mozilla\Extensions
[2012/05/26 22:28:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erica\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: avast! WebRep = C:\Users\erica\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

O1 HOSTS File: ([2013/01/18 00:28:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120708173044.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Conime] C:\Windows\System32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Online Backup Auto Update] C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Vault Explorer Cache Watcher] C:\Program Files\Verizon\Online Backup & Sharing\vewatch.exe (DigiData Corp.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - Startup: C:\Users\Ericka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = File not found
O4 - Startup: C:\Users\Ericka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Create a Post-it® Note - C:\Program Files\3M\PDNotes\\PSNBookMark.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1F8A0D1-0643-45EC-9DCB-C9C89CD29F3D}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\CompaqTrace.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\CompaqTrace.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/12 03:25:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/20 00:03:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\erica\Desktop\OTL.exe
[2013/01/19 23:57:29 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\erica\Desktop\tdsskiller.exe
[2013/01/18 00:32:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/18 00:31:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/01/18 00:28:09 | 000,000,000 | ---D | C] -- C:\Users\erica\AppData\Local\temp
[2013/01/18 00:09:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/01/18 00:09:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/01/18 00:09:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/01/18 00:08:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/18 00:07:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/18 00:03:30 | 005,023,971 | R--- | C] (Swearware) -- C:\Users\erica\Desktop\ComboFix.exe
[2013/01/11 23:27:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/11 23:27:33 | 000,000,000 | ---D | C] -- C:\JRT
[2013/01/11 23:08:23 | 000,499,023 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\erica\Desktop\JRT.exe
[2013/01/10 00:53:23 | 000,000,000 | ---D | C] -- C:\Users\erica\Desktop\Log Files and Toolkit
[2013/01/09 23:57:52 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\erica\Desktop\TFC.exe
[2013/01/09 23:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/01/09 23:31:50 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/01/09 23:31:50 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/01/09 23:31:47 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/01/09 23:31:46 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/01/09 23:31:42 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/01/09 23:31:40 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/01/09 23:30:08 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/01/09 23:30:07 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/01/09 23:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/01/09 23:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/09 23:13:18 | 000,000,000 | ---D | C] -- C:\Users\erica\AppData\Roaming\Malwarebytes
[2013/01/09 23:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/09 23:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/09 23:11:15 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/09 23:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/09 22:42:27 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/09 22:40:57 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/01/09 22:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2013/01/05 23:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\1386BAB1F0076BAF00001386A73070D7
[2012/12/28 02:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/12/28 00:03:43 | 000,000,000 | ---D | C] -- C:\Users\erica\AppData\Roaming\3M
[2012/12/28 00:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\3M
[2012/12/27 23:55:30 | 000,000,000 | ---D | C] -- C:\Users\erica\Desktop\Downloads
[2012/12/27 23:55:13 | 000,000,000 | ---D | C] -- C:\Users\erica\AppData\Roaming\GetRightToGo
[2012/12/22 03:00:51 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/22 03:00:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

========== Files - Modified Within 30 Days ==========

[2013/01/20 00:03:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\erica\Desktop\OTL.exe
[2013/01/20 00:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/20 00:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/19 23:57:20 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\erica\Desktop\tdsskiller.exe
[2013/01/19 23:49:59 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/19 23:48:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/19 23:12:31 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/19 23:12:31 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/18 00:28:53 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/01/18 00:04:03 | 005,023,971 | R--- | M] (Swearware) -- C:\Users\erica\Desktop\ComboFix.exe
[2013/01/17 23:46:49 | 000,001,995 | ---- | M] () -- C:\Users\erica\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/17 23:33:53 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/17 23:33:53 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/15 17:31:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/11 23:08:16 | 000,499,023 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\erica\Desktop\JRT.exe
[2013/01/11 23:05:58 | 000,554,087 | ---- | M] () -- C:\Users\erica\Desktop\adwcleaner.exe
[2013/01/10 05:08:55 | 000,401,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/09 23:57:01 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\erica\Desktop\TFC.exe
[2013/01/09 23:31:51 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/01/09 23:31:40 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/01/09 23:11:29 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/09 22:23:10 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/01/08 16:01:30 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/08 16:01:30 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/01/18 00:09:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/18 00:09:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/18 00:09:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/18 00:09:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/18 00:09:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/11 23:07:43 | 000,554,087 | ---- | C] () -- C:\Users\erica\Desktop\adwcleaner.exe
[2013/01/09 23:31:51 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/01/09 23:11:29 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/09 22:23:10 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/01/09 22:23:10 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2011/11/01 14:06:33 | 000,002,633 | ---- | C] () -- C:\Windows\ERICA-PC0061.ini
[2011/07/22 22:42:51 | 000,000,632 | RHS- | C] () -- C:\Users\erica\ntuser.pol
[2009/03/24 13:23:59 | 000,005,972 | ---- | C] () -- C:\Users\erica\AppData\Local\d3d9caps.dat
[2008/04/19 01:28:01 | 000,005,120 | ---- | C] () -- C:\Users\erica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 968 bytes -> C:\ProgramData\TEMP:35E5AF34
< End of report >
 
OTL Fix

Please run OTL
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    :OTL
    IE - HKLM\..\SearchScopes\{2C55072A-FAC7-4F0C-8BFF-9A438F819BF4}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
    IE - HKU\S-1-5-21-4212666298-2858117090-1249056859-1000\..\SearchScopes\{2C55072A-FAC7-4F0C-8BFF-9A438F819BF4}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\erica\AppData\Local\RewardsArcade\498\Firefox
    @Alternate Data Stream - 968 bytes -> C:\ProgramData\TEMP:35E5AF34

    :files
    ipconfig /flushdns /c

    :commands
    [emptytemp]
    [reboot]
    Click to expand...
  • Then click the Run Fix button at the top.
  • Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, as this is normal.
  • Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
    Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)


ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.


Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death

Note: Absence of issues does not mean that you're protected in the future.
 
OK so I ran the custom fix using OTL like you said and got a blue screen so I restarted the computer and a box popped up saying the system recovered from an unexpected error and there's no log file

I'm running the ESET online scan now
 
Hello, are you still with us? Please update us with the state of your situation, so we know how to continue from here.

We'd still like to help. Topic marked inactive, until your return.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
793
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back