Jump to content

alasdairt

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hard to say as the warning comes up at random intervals. I havent had the warning box come up whilst we've been running all these scans but that could be because I havent really been looking at any web pages except for refreshing this one. I'll spend some time online tomorrow night and see if the problem has gone away. Thanks for all the help!
  2. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found. Registry value HKEY_USERS\S-1-5-21-3569113882-3445991305-3262552411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: Al ->Java cache emptied: 0 bytes User: All Users User: Default User: Default User User: Kids User: Public Total Java Files Cleaned = 0.00 mb [EMPTYTEMP] User: Al ->Temp folder emptied: 634 bytes ->Temporary Internet Files folder emptied: 35502659 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 35922214 bytes ->Flash cache emptied: 172004 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56466 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Kids ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 113762702 bytes ->Flash cache emptied: 82310 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 5 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6032 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 177.00 mb OTL by OldTimer - Version 3.2.42.2 log created on 05032012_222939
  3. No idea what that folder is in ProgramData Extras.Txt OTL.Txt
  4. HI. Just a note. I did disable all the Avast! shields (as per the guidance in link), but ComboFIx still reported that Avast! was still running - I think this was just the UI minmised to the tray as I couldnt find anything else to disable and it doesnt have a convenient option to turn it off! Cheers
  5. ComboFix 12-05-03.02 - Al 03/05/2012 20:06:48.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.16381.12663 [GMT 1:00] Running from: c:\users\Al\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Al\AppData\Local\assembly\tmp c:\users\Al\AppData\Local\Temp\mietp.dll c:\windows\assembly\temp\@ c:\windows\assembly\temp\cfg.ini . . ((((((((((((((((((((((((( Files Created from 2012-04-03 to 2012-05-03 ))))))))))))))))))))))))))))))) . . 2012-05-03 19:09 . 2012-05-03 19:09 -------- d-----w- c:\users\Kids\AppData\Local\temp 2012-05-03 19:09 . 2012-05-03 19:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-02 17:07 . 2012-05-02 17:07 -------- d-sh--w- c:\users\Al\AppData\Roaming\Common 2012-04-30 18:52 . 2012-04-30 18:52 457632 ----a-w- C:\FixExec.exe 2012-04-30 18:44 . 2012-04-30 18:48 -------- d-----w- c:\programdata\B7E85B3B00000AA700005E17B4EB2367 2012-04-30 18:32 . 2012-04-30 18:32 -------- d-----w- c:\windows\Sun 2012-04-30 17:36 . 2012-04-30 17:36 -------- d--h--w- c:\programdata\CanonIJScan 2012-04-30 17:36 . 2012-04-30 17:36 -------- d-----w- c:\users\Al\AppData\Roaming\Canon 2012-04-30 17:36 . 2012-04-30 17:36 -------- d-----w- c:\program files (x86)\Canon 2012-04-30 17:20 . 2012-04-30 17:20 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2012-04-30 17:19 . 2008-07-16 08:39 235008 ----a-w- c:\windows\system32\CNQ9601O.DLL 2012-04-30 17:19 . 2010-12-17 14:32 495104 ----a-w- c:\windows\system32\CNQ9601L.DLL 2012-04-30 17:19 . 2008-10-07 10:21 92672 ----a-w- c:\windows\system32\CNQ9601I.DLL 2012-04-30 17:19 . 2008-10-07 10:21 1342976 ----a-w- c:\windows\system32\CNQ9601C.DLL 2012-04-30 17:19 . 2008-08-25 17:02 17920 ----a-w- c:\windows\system32\CNHMCA6.DLL 2012-04-29 12:42 . 2012-04-29 12:42 -------- d-----w- c:\users\Kids\AppData\Roaming\Logitech 2012-04-29 12:42 . 2012-04-29 12:42 -------- d-----w- c:\users\Kids\AppData\Roaming\Apple Computer 2012-04-29 12:42 . 2012-04-29 12:42 -------- d-----w- c:\users\Kids\AppData\Local\Adobe 2012-04-29 07:46 . 2012-04-29 07:46 -------- d-----w- c:\programdata\CCP 2012-04-28 16:28 . 2012-04-28 17:34 -------- d-----w- c:\users\Al\AppData\Roaming\PCF-VLC 2012-04-28 16:27 . 2012-04-28 16:27 -------- d-----w- c:\users\Al\AppData\Roaming\Participatory Culture Foundation 2012-04-28 16:26 . 2012-04-28 16:26 -------- d-----w- c:\program files (x86)\Participatory Culture Foundation 2012-04-28 15:42 . 2012-04-28 15:42 -------- d-----w- c:\users\Al\AppData\Local\CCP 2012-04-27 21:33 . 2012-04-27 21:33 -------- d-----w- c:\program files (x86)\iLivid 2012-04-27 19:35 . 2012-04-27 19:35 -------- d-----w- c:\users\Al\AppData\Local\Skyrim 2012-04-27 16:33 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C32B9BEE-0D50-476F-916E-55408480AF77}\mpengine.dll 2012-04-26 02:00 . 2012-04-26 02:00 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-04-25 20:46 . 2012-04-25 20:46 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-04-24 18:30 . 2012-04-25 21:28 -------- d-----w- c:\users\Al\AppData\Local\Motosftemp 2012-04-24 18:23 . 2012-05-03 19:10 -------- d-----w- C:\Temp 2012-04-24 18:23 . 2012-04-24 18:23 -------- d-----w- c:\program files\Motorola Inc 2012-04-19 15:24 . 2012-04-19 15:36 -------- d-----w- c:\users\Al\.android 2012-04-11 02:01 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 02:01 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-04-11 02:01 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-04-11 02:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-11 02:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-11 02:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-11 02:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-11 02:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-11 02:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-11 02:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-10 12:26 . 2012-04-10 12:26 -------- d-----w- c:\users\Kids\AppData\Local\Apple 2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-04 14:56 . 2011-12-04 09:42 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr 2012-03-06 23:15 . 2011-02-14 22:21 41184 ----a-w- c:\windows\avastSS.scr 2012-03-06 23:15 . 2011-02-14 22:21 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-03-06 23:15 . 2011-02-14 22:21 258520 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-06 23:04 . 2011-02-26 18:02 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-06 23:04 . 2011-02-14 22:21 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-06 23:02 . 2012-03-27 15:54 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-06 23:01 . 2011-02-14 22:21 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-06 23:01 . 2011-02-14 22:21 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-06 23:01 . 2011-02-14 22:21 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-24 12:19 . 2012-02-24 12:19 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-02-24 12:19 . 2012-02-24 12:19 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-02-24 12:19 . 2012-02-24 12:19 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-02-24 12:19 . 2012-02-24 12:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-02-23 09:18 . 2011-02-14 18:46 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-02-17 06:38 . 2012-03-13 19:06 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-13 19:06 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-13 19:06 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-13 19:06 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 06:36 . 2012-03-13 19:09 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:38 . 2012-03-13 19:09 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-07 10:02 . 2012-02-07 10:02 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="e:\program files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2009-11-15 33120] "SpybotSD TeaTimer"="e:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "DisplayFusion"="e:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2012-05-02 4419488] "Steam"="e:\program files (x86)\Steam\steam.exe" [2011-10-17 1242448] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-17 221184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "QuickTime Task"="e:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="e:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Malwarebytes' Anti-Malware"="e:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "avast"="e:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512] "GrooveMonitor"="e:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] . c:\users\Al\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CurseClientStartup.ccip [2011-11-25 0] Dropbox.lnk - c:\users\Al\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-4-26 27264496] . c:\users\Al\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled OneNote 2007 Screen Clipper and Launcher.lnk - e:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled PS3 Media Server.lnk - e:\program files (x86)\PS3 Media Server\PMS.exe [2011-7-5 432749] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19 136176] R2 MBAMService;MBAMService;e:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x] R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-02-18 25640] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19 136176] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-06-07 30528] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x] R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 365568] S2 ASTRA64;ASTRA64 Kernel Driver 1.0.0.1;e:\program files (x86)\ASTRA32\ASTRA64.sys [2007-02-22 21200] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896] S2 SBSDWSCService;SBSD Security Center Service;e:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8408e57-3867-11e0-a278-1c6f658bd1c1}] \shell\AutoRun\command - G:\INSTALL.EXE . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-06-17 11:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19 09:09] . 2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19 09:09] . 2012-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3569113882-3445991305-3262552411-1000Core.job - c:\users\Al\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-14 18:30] . 2012-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3569113882-3445991305-3262552411-1000UA.job - c:\users\Al\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-14 18:30] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 135408 ----a-w- e:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Al\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;192.168.*.* IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{AA1CF23E-6632-41D9-B700-20B5D1B1738F}: NameServer = 208.67.222.222,208.67.220.220 . - - - - ORPHANS REMOVED - - - - . Notify-LBTWlgn - (no file) WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) AddRemove-Smart Fortress 2012 - c:\programdata\B7E85B3B00000AA700005E17B4EB2367\B7E85B3B00000AA700005E17B4EB2367.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . e:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe e:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe . ************************************************************************** . Completion time: 2012-05-03 20:13:17 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-03 19:13 . Pre-Run: 16,005,185,536 bytes free Post-Run: 16,782,917,632 bytes free . - - End Of File - - 77AA7DE8610AB3CA0B0B89FDB6DA5176
  6. 19:39:37.0523 4916 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 19:39:37.0708 4916 ============================================================ 19:39:37.0708 4916 Current date / time: 2012/05/03 19:39:37.0708 19:39:37.0708 4916 SystemInfo: 19:39:37.0708 4916 19:39:37.0708 4916 OS Version: 6.1.7601 ServicePack: 1.0 19:39:37.0708 4916 Product type: Workstation 19:39:37.0708 4916 ComputerName: AL-PC 19:39:37.0708 4916 UserName: Al 19:39:37.0709 4916 Windows directory: C:\Windows 19:39:37.0709 4916 System windows directory: C:\Windows 19:39:37.0709 4916 Running under WOW64 19:39:37.0709 4916 Processor architecture: Intel x64 19:39:37.0709 4916 Number of processors: 4 19:39:37.0709 4916 Page size: 0x1000 19:39:37.0709 4916 Boot type: Normal boot 19:39:37.0709 4916 ============================================================ 19:39:38.0437 4916 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:39:38.0437 4916 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:39:38.0447 4916 ============================================================ 19:39:38.0447 4916 \Device\Harddisk0\DR0: 19:39:38.0448 4916 MBR partitions: 19:39:38.0448 4916 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:39:38.0448 4916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800 19:39:38.0448 4916 \Device\Harddisk1\DR1: 19:39:38.0448 4916 MBR partitions: 19:39:38.0448 4916 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5C064FF8 19:39:38.0448 4916 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x5C065800, BlocksNum 0x186A0000 19:39:38.0448 4916 ============================================================ 19:39:38.0449 4916 C: <-> \Device\Harddisk0\DR0\Partition1 19:39:38.0477 4916 D: <-> \Device\Harddisk1\DR1\Partition0 19:39:38.0495 4916 E: <-> \Device\Harddisk1\DR1\Partition1 19:39:38.0495 4916 ============================================================ 19:39:38.0495 4916 Initialize success 19:39:38.0495 4916 ============================================================ 19:39:42.0697 4348 ============================================================ 19:39:42.0697 4348 Scan started 19:39:42.0697 4348 Mode: Manual; SigCheck; TDLFS; 19:39:42.0697 4348 ============================================================ 19:39:43.0653 4348 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 19:39:43.0702 4348 1394ohci - ok 19:39:43.0713 4348 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 19:39:43.0725 4348 ACPI - ok 19:39:43.0728 4348 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 19:39:43.0740 4348 AcpiPmi - ok 19:39:43.0745 4348 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:39:43.0754 4348 AdobeARMservice - ok 19:39:43.0769 4348 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:39:43.0783 4348 adp94xx - ok 19:39:43.0794 4348 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:39:43.0806 4348 adpahci - ok 19:39:43.0814 4348 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:39:43.0824 4348 adpu320 - ok 19:39:43.0830 4348 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:39:43.0856 4348 AeLookupSvc - ok 19:39:43.0872 4348 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 19:39:43.0885 4348 AFD - ok 19:39:43.0889 4348 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 19:39:43.0898 4348 agp440 - ok 19:39:43.0903 4348 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:39:43.0913 4348 ALG - ok 19:39:43.0916 4348 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 19:39:43.0925 4348 aliide - ok 19:39:43.0932 4348 AMD External Events Utility (514089cb4a7df38dc4dd936ade4114d3) C:\Windows\system32\atiesrxx.exe 19:39:43.0948 4348 AMD External Events Utility - ok 19:39:43.0952 4348 AMD FUEL Service - ok 19:39:43.0956 4348 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 19:39:43.0965 4348 amdide - ok 19:39:43.0969 4348 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 19:39:43.0988 4348 amdiox64 - ok 19:39:43.0992 4348 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:39:44.0002 4348 AmdK8 - ok 19:39:44.0244 4348 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys 19:39:44.0326 4348 amdkmdag - ok 19:39:44.0357 4348 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys 19:39:44.0372 4348 amdkmdap - ok 19:39:44.0376 4348 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:39:44.0386 4348 AmdPPM - ok 19:39:44.0391 4348 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 19:39:44.0401 4348 amdsata - ok 19:39:44.0408 4348 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:39:44.0419 4348 amdsbs - ok 19:39:44.0422 4348 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 19:39:44.0431 4348 amdxata - ok 19:39:44.0436 4348 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 19:39:44.0461 4348 AppID - ok 19:39:44.0464 4348 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:39:44.0489 4348 AppIDSvc - ok 19:39:44.0495 4348 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 19:39:44.0520 4348 Appinfo - ok 19:39:44.0526 4348 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:39:44.0535 4348 Apple Mobile Device - ok 19:39:44.0539 4348 AppleCharger (301aa64f9643bc453d90a66c4c0e7204) C:\Windows\system32\DRIVERS\AppleCharger.sys 19:39:44.0547 4348 AppleCharger - ok 19:39:44.0550 4348 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe 19:39:44.0558 4348 AppleChargerSrv - ok 19:39:44.0563 4348 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:39:44.0572 4348 arc - ok 19:39:44.0577 4348 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:39:44.0587 4348 arcsas - ok 19:39:44.0593 4348 aspnet_state - ok 19:39:44.0608 4348 ASTRA64 (748b2514db1438fe16a2ddb56bfcf011) e:\Program Files (x86)\ASTRA32\ASTRA64.sys 19:39:44.0617 4348 ASTRA64 - ok 19:39:44.0620 4348 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys 19:39:44.0629 4348 aswFsBlk - ok 19:39:44.0634 4348 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys 19:39:44.0643 4348 aswMonFlt - ok 19:39:44.0647 4348 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys 19:39:44.0655 4348 aswRdr - ok 19:39:44.0681 4348 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys 19:39:44.0697 4348 aswSnx - ok 19:39:44.0709 4348 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys 19:39:44.0720 4348 aswSP - ok 19:39:44.0724 4348 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys 19:39:44.0733 4348 aswTdi - ok 19:39:44.0736 4348 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:39:44.0762 4348 AsyncMac - ok 19:39:44.0765 4348 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 19:39:44.0774 4348 atapi - ok 19:39:44.0782 4348 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys 19:39:44.0790 4348 AtiHDAudioService - ok 19:39:44.0810 4348 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:39:44.0839 4348 AudioEndpointBuilder - ok 19:39:44.0844 4348 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:39:44.0873 4348 AudioSrv - ok 19:39:44.0884 4348 avast! Antivirus (4041d31508a2a084dfb42c595854090f) e:\Program Files\Alwil Software\Avast5\AvastSvc.exe 19:39:44.0893 4348 avast! Antivirus - ok 19:39:44.0899 4348 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 19:39:44.0912 4348 AxInstSV - ok 19:39:44.0927 4348 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:39:44.0939 4348 b06bdrv - ok 19:39:44.0949 4348 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:39:44.0961 4348 b57nd60a - ok 19:39:44.0968 4348 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:39:44.0978 4348 BDESVC - ok 19:39:44.0981 4348 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:39:45.0006 4348 Beep - ok 19:39:45.0030 4348 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 19:39:45.0062 4348 BITS - ok 19:39:45.0066 4348 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:39:45.0076 4348 blbdrive - ok 19:39:45.0092 4348 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 19:39:45.0104 4348 Bonjour Service - ok 19:39:45.0110 4348 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 19:39:45.0119 4348 bowser - ok 19:39:45.0122 4348 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:39:45.0134 4348 BrFiltLo - ok 19:39:45.0136 4348 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:39:45.0148 4348 BrFiltUp - ok 19:39:45.0153 4348 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 19:39:45.0178 4348 Browser - ok 19:39:45.0188 4348 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:39:45.0200 4348 Brserid - ok 19:39:45.0203 4348 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:39:45.0215 4348 BrSerWdm - ok 19:39:45.0218 4348 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:39:45.0229 4348 BrUsbMdm - ok 19:39:45.0231 4348 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:39:45.0241 4348 BrUsbSer - ok 19:39:45.0243 4348 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys 19:39:45.0252 4348 BTCFilterService - ok 19:39:45.0258 4348 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:39:45.0269 4348 BTHMODEM - ok 19:39:45.0277 4348 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:39:45.0303 4348 bthserv - ok 19:39:45.0308 4348 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:39:45.0333 4348 cdfs - ok 19:39:45.0340 4348 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 19:39:45.0351 4348 cdrom - ok 19:39:45.0356 4348 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:39:45.0381 4348 CertPropSvc - ok 19:39:45.0385 4348 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:39:45.0396 4348 circlass - ok 19:39:45.0408 4348 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:39:45.0421 4348 CLFS - ok 19:39:45.0427 4348 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:39:45.0435 4348 clr_optimization_v2.0.50727_32 - ok 19:39:45.0441 4348 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:39:45.0449 4348 clr_optimization_v2.0.50727_64 - ok 19:39:45.0459 4348 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:39:45.0468 4348 clr_optimization_v4.0.30319_32 - ok 19:39:45.0475 4348 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:39:45.0484 4348 clr_optimization_v4.0.30319_64 - ok 19:39:45.0487 4348 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:39:45.0496 4348 CmBatt - ok 19:39:45.0499 4348 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 19:39:45.0509 4348 cmdide - ok 19:39:45.0523 4348 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 19:39:45.0541 4348 CNG - ok 19:39:45.0545 4348 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:39:45.0554 4348 Compbatt - ok 19:39:45.0557 4348 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 19:39:45.0569 4348 CompositeBus - ok 19:39:45.0571 4348 COMSysApp - ok 19:39:45.0575 4348 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:39:45.0585 4348 crcdisk - ok 19:39:45.0593 4348 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 19:39:45.0619 4348 CryptSvc - ok 19:39:45.0623 4348 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys 19:39:45.0632 4348 dc3d - ok 19:39:45.0649 4348 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:39:45.0679 4348 DcomLaunch - ok 19:39:45.0690 4348 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:39:45.0718 4348 defragsvc - ok 19:39:45.0723 4348 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 19:39:45.0748 4348 DfsC - ok 19:39:45.0759 4348 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 19:39:45.0786 4348 Dhcp - ok 19:39:45.0790 4348 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:39:45.0815 4348 discache - ok 19:39:45.0820 4348 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:39:45.0830 4348 Disk - ok 19:39:45.0837 4348 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 19:39:45.0848 4348 Dnscache - ok 19:39:45.0857 4348 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 19:39:45.0883 4348 dot3svc - ok 19:39:45.0890 4348 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 19:39:45.0916 4348 DPS - ok 19:39:45.0919 4348 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:39:45.0931 4348 drmkaud - ok 19:39:45.0958 4348 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 19:39:45.0977 4348 DXGKrnl - ok 19:39:45.0982 4348 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:39:46.0009 4348 EapHost - ok 19:39:46.0095 4348 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:39:46.0128 4348 ebdrv - ok 19:39:46.0149 4348 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 19:39:46.0159 4348 EFS - ok 19:39:46.0180 4348 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 19:39:46.0195 4348 ehRecvr - ok 19:39:46.0202 4348 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:39:46.0212 4348 ehSched - ok 19:39:46.0231 4348 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:39:46.0245 4348 elxstor - ok 19:39:46.0248 4348 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 19:39:46.0258 4348 ErrDev - ok 19:39:46.0262 4348 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys 19:39:46.0270 4348 etdrv - ok 19:39:46.0284 4348 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:39:46.0312 4348 EventSystem - ok 19:39:46.0320 4348 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:39:46.0347 4348 exfat - ok 19:39:46.0354 4348 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:39:46.0381 4348 fastfat - ok 19:39:46.0401 4348 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 19:39:46.0416 4348 Fax - ok 19:39:46.0419 4348 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:39:46.0429 4348 fdc - ok 19:39:46.0432 4348 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:39:46.0459 4348 fdPHost - ok 19:39:46.0462 4348 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:39:46.0488 4348 FDResPub - ok 19:39:46.0492 4348 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:39:46.0502 4348 FileInfo - ok 19:39:46.0505 4348 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:39:46.0530 4348 Filetrace - ok 19:39:46.0533 4348 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:39:46.0543 4348 flpydisk - ok 19:39:46.0553 4348 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 19:39:46.0564 4348 FltMgr - ok 19:39:46.0596 4348 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 19:39:46.0614 4348 FontCache - ok 19:39:46.0665 4348 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:39:46.0673 4348 FontCache3.0.0.0 - ok 19:39:46.0680 4348 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:39:46.0689 4348 FsDepends - ok 19:39:46.0692 4348 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 19:39:46.0701 4348 Fs_Rec - ok 19:39:46.0710 4348 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:39:46.0723 4348 fvevol - ok 19:39:46.0728 4348 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:39:46.0737 4348 gagp30kx - ok 19:39:46.0740 4348 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys 19:39:46.0747 4348 gdrv - ok 19:39:46.0751 4348 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:39:46.0759 4348 GEARAspiWDM - ok 19:39:46.0781 4348 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 19:39:46.0811 4348 gpsvc - ok 19:39:46.0820 4348 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:39:46.0829 4348 gupdate - ok 19:39:46.0833 4348 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:39:46.0841 4348 gupdatem - ok 19:39:46.0848 4348 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 19:39:46.0857 4348 gusvc - ok 19:39:46.0862 4348 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys 19:39:46.0870 4348 GVTDrv64 - ok 19:39:46.0873 4348 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:39:46.0882 4348 hcw85cir - ok 19:39:46.0893 4348 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 19:39:46.0907 4348 HdAudAddService - ok 19:39:46.0913 4348 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 19:39:46.0925 4348 HDAudBus - ok 19:39:46.0928 4348 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:39:46.0938 4348 HidBatt - ok 19:39:46.0942 4348 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:39:46.0954 4348 HidBth - ok 19:39:46.0958 4348 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:39:46.0969 4348 HidIr - ok 19:39:46.0973 4348 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:39:46.0999 4348 hidserv - ok 19:39:47.0003 4348 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 19:39:47.0013 4348 HidUsb - ok 19:39:47.0018 4348 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 19:39:47.0044 4348 hkmsvc - ok 19:39:47.0052 4348 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 19:39:47.0065 4348 HomeGroupListener - ok 19:39:47.0072 4348 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 19:39:47.0084 4348 HomeGroupProvider - ok 19:39:47.0090 4348 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 19:39:47.0100 4348 HpSAMD - ok 19:39:47.0121 4348 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 19:39:47.0151 4348 HTTP - ok 19:39:47.0154 4348 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 19:39:47.0163 4348 hwpolicy - ok 19:39:47.0168 4348 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 19:39:47.0178 4348 i8042prt - ok 19:39:47.0192 4348 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 19:39:47.0205 4348 iaStorV - ok 19:39:47.0211 4348 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:39:47.0215 4348 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:39:47.0215 4348 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:39:47.0240 4348 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:39:47.0256 4348 idsvc - ok 19:39:47.0278 4348 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:39:47.0287 4348 iirsp - ok 19:39:47.0311 4348 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 19:39:47.0342 4348 IKEEXT - ok 19:39:47.0407 4348 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys 19:39:47.0439 4348 IntcAzAudAddService - ok 19:39:47.0462 4348 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 19:39:47.0471 4348 intelide - ok 19:39:47.0475 4348 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:39:47.0485 4348 intelppm - ok 19:39:47.0490 4348 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:39:47.0517 4348 IPBusEnum - ok 19:39:47.0522 4348 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:39:47.0547 4348 IpFilterDriver - ok 19:39:47.0551 4348 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 19:39:47.0561 4348 IPMIDRV - ok 19:39:47.0567 4348 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:39:47.0593 4348 IPNAT - ok 19:39:47.0621 4348 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe 19:39:47.0637 4348 iPod Service - ok 19:39:47.0640 4348 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:39:47.0653 4348 IRENUM - ok 19:39:47.0656 4348 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 19:39:47.0665 4348 isapnp - ok 19:39:47.0674 4348 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 19:39:47.0686 4348 iScsiPrt - ok 19:39:47.0690 4348 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 19:39:47.0699 4348 kbdclass - ok 19:39:47.0703 4348 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 19:39:47.0713 4348 kbdhid - ok 19:39:47.0715 4348 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:39:47.0726 4348 KeyIso - ok 19:39:47.0730 4348 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 19:39:47.0740 4348 KSecDD - ok 19:39:47.0747 4348 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 19:39:47.0757 4348 KSecPkg - ok 19:39:47.0760 4348 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:39:47.0785 4348 ksthunk - ok 19:39:47.0797 4348 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:39:47.0826 4348 KtmRm - ok 19:39:47.0835 4348 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 19:39:47.0863 4348 LanmanServer - ok 19:39:47.0869 4348 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 19:39:47.0896 4348 LanmanWorkstation - ok 19:39:47.0912 4348 LBTServ (19eff704cd16dd0429e128431f1dd631) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 19:39:47.0924 4348 LBTServ - ok 19:39:47.0931 4348 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:39:47.0940 4348 LHidFilt - ok 19:39:47.0949 4348 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 19:39:47.0952 4348 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 19:39:47.0952 4348 LightScribeService - detected UnsignedFile.Multi.Generic (1) 19:39:47.0957 4348 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:39:47.0982 4348 lltdio - ok 19:39:47.0993 4348 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:39:48.0021 4348 lltdsvc - ok 19:39:48.0024 4348 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:39:48.0050 4348 lmhosts - ok 19:39:48.0055 4348 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:39:48.0064 4348 LMouFilt - ok 19:39:48.0071 4348 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:39:48.0081 4348 LSI_FC - ok 19:39:48.0086 4348 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:39:48.0096 4348 LSI_SAS - ok 19:39:48.0100 4348 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:39:48.0110 4348 LSI_SAS2 - ok 19:39:48.0115 4348 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:39:48.0126 4348 LSI_SCSI - ok 19:39:48.0131 4348 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:39:48.0157 4348 luafv - ok 19:39:48.0192 4348 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 19:39:48.0201 4348 MBAMProtector - ok 19:39:48.0244 4348 MBAMService (ba400ed640bca1eae5c727ae17c10207) e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:39:48.0258 4348 MBAMService - ok 19:39:48.0262 4348 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 19:39:48.0274 4348 Mcx2Svc - ok 19:39:48.0277 4348 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:39:48.0286 4348 megasas - ok 19:39:48.0296 4348 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:39:48.0308 4348 MegaSR - ok 19:39:48.0319 4348 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) E:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 19:39:48.0327 4348 Microsoft Office Groove Audit Service - ok 19:39:48.0331 4348 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:39:48.0358 4348 MMCSS - ok 19:39:48.0361 4348 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:39:48.0387 4348 Modem - ok 19:39:48.0391 4348 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:39:48.0402 4348 monitor - ok 19:39:48.0406 4348 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys 19:39:48.0417 4348 motandroidusb - ok 19:39:48.0421 4348 motccgp (c94a2ea3fdfa5d650884926b710b7db1) C:\Windows\system32\DRIVERS\motccgp.sys 19:39:48.0433 4348 motccgp - ok 19:39:48.0437 4348 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys 19:39:48.0449 4348 motccgpfl - ok 19:39:48.0453 4348 MotDev (3cc500c9b0e4d476802d277353cb2c89) C:\Windows\system32\DRIVERS\motodrv.sys 19:39:48.0464 4348 MotDev - ok 19:39:48.0468 4348 motmodem (060f0ef84f430802df3788f3dcfd009c) C:\Windows\system32\DRIVERS\motmodem.sys 19:39:48.0480 4348 motmodem - ok 19:39:48.0489 4348 MotoHelper (9dfd34e6841c460b5d992a1c5327ae69) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 19:39:48.0498 4348 MotoHelper - ok 19:39:48.0501 4348 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys 19:39:48.0510 4348 MotoSwitchService - ok 19:39:48.0514 4348 Motousbnet (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys 19:39:48.0523 4348 Motousbnet - ok 19:39:48.0526 4348 motusbdevice (d075b1d964a314d240f5498773ee89df) C:\Windows\system32\DRIVERS\motusbdevice.sys 19:39:48.0538 4348 motusbdevice - ok 19:39:48.0543 4348 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:39:48.0552 4348 mouclass - ok 19:39:48.0557 4348 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:39:48.0567 4348 mouhid - ok 19:39:48.0571 4348 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 19:39:48.0581 4348 mountmgr - ok 19:39:48.0587 4348 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 19:39:48.0598 4348 mpio - ok 19:39:48.0604 4348 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:39:48.0629 4348 mpsdrv - ok 19:39:48.0636 4348 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 19:39:48.0650 4348 MRxDAV - ok 19:39:48.0656 4348 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:39:48.0666 4348 mrxsmb - ok 19:39:48.0676 4348 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:39:48.0687 4348 mrxsmb10 - ok 19:39:48.0693 4348 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:39:48.0703 4348 mrxsmb20 - ok 19:39:48.0707 4348 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 19:39:48.0716 4348 msahci - ok 19:39:48.0722 4348 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 19:39:48.0732 4348 msdsm - ok 19:39:48.0738 4348 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:39:48.0750 4348 MSDTC - ok 19:39:48.0757 4348 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:39:48.0782 4348 Msfs - ok 19:39:48.0785 4348 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:39:48.0810 4348 mshidkmdf - ok 19:39:48.0813 4348 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 19:39:48.0822 4348 msisadrv - ok 19:39:48.0829 4348 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:39:48.0856 4348 MSiSCSI - ok 19:39:48.0858 4348 msiserver - ok 19:39:48.0863 4348 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:39:48.0888 4348 MSKSSRV - ok 19:39:48.0891 4348 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:39:48.0916 4348 MSPCLOCK - ok 19:39:48.0919 4348 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:39:48.0944 4348 MSPQM - ok 19:39:48.0956 4348 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 19:39:48.0969 4348 MsRPC - ok 19:39:48.0974 4348 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 19:39:48.0983 4348 mssmbios - ok 19:39:48.0987 4348 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:39:49.0012 4348 MSTEE - ok 19:39:49.0015 4348 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:39:49.0024 4348 MTConfig - ok 19:39:49.0029 4348 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:39:49.0038 4348 Mup - ok 19:39:49.0053 4348 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 19:39:49.0082 4348 napagent - ok 19:39:49.0094 4348 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:39:49.0108 4348 NativeWifiP - ok 19:39:49.0135 4348 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 19:39:49.0154 4348 NDIS - ok 19:39:49.0158 4348 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:39:49.0184 4348 NdisCap - ok 19:39:49.0187 4348 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:39:49.0213 4348 NdisTapi - ok 19:39:49.0217 4348 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 19:39:49.0242 4348 Ndisuio - ok 19:39:49.0249 4348 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 19:39:49.0274 4348 NdisWan - ok 19:39:49.0279 4348 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 19:39:49.0303 4348 NDProxy - ok 19:39:49.0308 4348 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:39:49.0333 4348 NetBIOS - ok 19:39:49.0342 4348 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 19:39:49.0368 4348 NetBT - ok 19:39:49.0372 4348 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:39:49.0382 4348 Netlogon - ok 19:39:49.0394 4348 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:39:49.0422 4348 Netman - ok 19:39:49.0437 4348 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:39:49.0467 4348 netprofm - ok 19:39:49.0474 4348 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:39:49.0483 4348 NetTcpPortSharing - ok 19:39:49.0487 4348 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:39:49.0496 4348 nfrd960 - ok 19:39:49.0508 4348 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 19:39:49.0536 4348 NlaSvc - ok 19:39:49.0539 4348 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:39:49.0565 4348 Npfs - ok 19:39:49.0569 4348 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:39:49.0596 4348 nsi - ok 19:39:49.0599 4348 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:39:49.0624 4348 nsiproxy - ok 19:39:49.0671 4348 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 19:39:49.0696 4348 Ntfs - ok 19:39:49.0719 4348 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:39:49.0744 4348 Null - ok 19:39:49.0750 4348 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 19:39:49.0761 4348 nvraid - ok 19:39:49.0767 4348 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 19:39:49.0778 4348 nvstor - ok 19:39:49.0784 4348 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 19:39:49.0794 4348 nv_agp - ok 19:39:49.0809 4348 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:39:49.0821 4348 odserv - ok 19:39:49.0825 4348 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 19:39:49.0836 4348 ohci1394 - ok 19:39:49.0842 4348 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:39:49.0851 4348 ose - ok 19:39:49.0864 4348 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:39:49.0877 4348 p2pimsvc - ok 19:39:49.0890 4348 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:39:49.0904 4348 p2psvc - ok 19:39:49.0910 4348 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:39:49.0920 4348 Parport - ok 19:39:49.0924 4348 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 19:39:49.0934 4348 partmgr - ok 19:39:49.0941 4348 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:39:49.0957 4348 PcaSvc - ok 19:39:49.0961 4348 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 19:39:49.0969 4348 pccsmcfd - ok 19:39:49.0977 4348 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 19:39:49.0987 4348 pci - ok 19:39:49.0990 4348 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 19:39:49.0999 4348 pciide - ok 19:39:50.0007 4348 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:39:50.0019 4348 pcmcia - ok 19:39:50.0022 4348 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:39:50.0032 4348 pcw - ok 19:39:50.0050 4348 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:39:50.0080 4348 PEAUTH - ok 19:39:50.0100 4348 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:39:50.0111 4348 PerfHost - ok 19:39:50.0169 4348 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 19:39:50.0205 4348 pla - ok 19:39:50.0218 4348 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 19:39:50.0232 4348 PlugPlay - ok 19:39:50.0236 4348 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:39:50.0246 4348 PNRPAutoReg - ok 19:39:50.0257 4348 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:39:50.0270 4348 PNRPsvc - ok 19:39:50.0277 4348 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 19:39:50.0285 4348 Point64 - ok 19:39:50.0300 4348 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 19:39:50.0329 4348 PolicyAgent - ok 19:39:50.0337 4348 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:39:50.0366 4348 Power - ok 19:39:50.0372 4348 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 19:39:50.0397 4348 PptpMiniport - ok 19:39:50.0401 4348 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:39:50.0411 4348 Processor - ok 19:39:50.0419 4348 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 19:39:50.0446 4348 ProfSvc - ok 19:39:50.0450 4348 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:39:50.0460 4348 ProtectedStorage - ok 19:39:50.0467 4348 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 19:39:50.0492 4348 Psched - ok 19:39:50.0533 4348 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:39:50.0557 4348 ql2300 - ok 19:39:50.0583 4348 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:39:50.0593 4348 ql40xx - ok 19:39:50.0602 4348 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:39:50.0618 4348 QWAVE - ok 19:39:50.0622 4348 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:39:50.0635 4348 QWAVEdrv - ok 19:39:50.0637 4348 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:39:50.0663 4348 RasAcd - ok 19:39:50.0667 4348 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:39:50.0693 4348 RasAgileVpn - ok 19:39:50.0698 4348 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:39:50.0726 4348 RasAuto - ok 19:39:50.0732 4348 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:39:50.0757 4348 Rasl2tp - ok 19:39:50.0768 4348 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 19:39:50.0796 4348 RasMan - ok 19:39:50.0802 4348 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:39:50.0828 4348 RasPppoe - ok 19:39:50.0833 4348 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:39:50.0859 4348 RasSstp - ok 19:39:50.0869 4348 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 19:39:50.0895 4348 rdbss - ok 19:39:50.0899 4348 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:39:50.0910 4348 rdpbus - ok 19:39:50.0913 4348 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:39:50.0938 4348 RDPCDD - ok 19:39:50.0943 4348 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:39:50.0969 4348 RDPENCDD - ok 19:39:50.0973 4348 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:39:50.0998 4348 RDPREFMP - ok 19:39:51.0006 4348 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 19:39:51.0017 4348 RDPWD - ok 19:39:51.0025 4348 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 19:39:51.0036 4348 rdyboost - ok 19:39:51.0042 4348 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:39:51.0068 4348 RemoteAccess - ok 19:39:51.0076 4348 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:39:51.0103 4348 RemoteRegistry - ok 19:39:51.0106 4348 RimUsb - ok 19:39:51.0111 4348 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 19:39:51.0119 4348 RimVSerPort - ok 19:39:51.0123 4348 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 19:39:51.0148 4348 ROOTMODEM - ok 19:39:51.0152 4348 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:39:51.0180 4348 RpcEptMapper - ok 19:39:51.0182 4348 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:39:51.0193 4348 RpcLocator - ok 19:39:51.0210 4348 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:39:51.0240 4348 RpcSs - ok 19:39:51.0245 4348 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:39:51.0271 4348 rspndr - ok 19:39:51.0280 4348 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys 19:39:51.0290 4348 RTHDMIAzAudService - ok 19:39:51.0301 4348 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:39:51.0312 4348 RTL8167 - ok 19:39:51.0316 4348 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:39:51.0326 4348 SamSs - ok 19:39:51.0332 4348 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 19:39:51.0342 4348 sbp2port - ok 19:39:51.0391 4348 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 19:39:51.0410 4348 SBSDWSCService - ok 19:39:51.0418 4348 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:39:51.0446 4348 SCardSvr - ok 19:39:51.0450 4348 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 19:39:51.0474 4348 scfilter - ok 19:39:51.0565 4348 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 19:39:51.0599 4348 Schedule - ok 19:39:51.0604 4348 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:39:51.0629 4348 SCPolicySvc - ok 19:39:51.0636 4348 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 19:39:51.0648 4348 SDRSVC - ok 19:39:51.0654 4348 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:39:51.0680 4348 secdrv - ok 19:39:51.0683 4348 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 19:39:51.0710 4348 seclogon - ok 19:39:51.0714 4348 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:39:51.0741 4348 SENS - ok 19:39:51.0745 4348 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:39:51.0756 4348 SensrSvc - ok 19:39:51.0763 4348 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:39:51.0773 4348 Serenum - ok 19:39:51.0778 4348 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:39:51.0788 4348 Serial - ok 19:39:51.0792 4348 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:39:51.0802 4348 sermouse - ok 19:39:51.0825 4348 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 19:39:51.0839 4348 ServiceLayer - ok 19:39:51.0850 4348 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 19:39:51.0877 4348 SessionEnv - ok 19:39:51.0880 4348 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 19:39:51.0891 4348 sffdisk - ok 19:39:51.0894 4348 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 19:39:51.0906 4348 sffp_mmc - ok 19:39:51.0909 4348 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 19:39:51.0920 4348 sffp_sd - ok 19:39:51.0923 4348 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:39:51.0933 4348 sfloppy - ok 19:39:51.0945 4348 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:39:51.0974 4348 SharedAccess - ok 19:39:51.0986 4348 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 19:39:52.0016 4348 ShellHWDetection - ok 19:39:52.0020 4348 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:39:52.0029 4348 SiSRaid2 - ok 19:39:52.0034 4348 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:39:52.0044 4348 SiSRaid4 - ok 19:39:52.0049 4348 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:39:52.0075 4348 Smb - ok 19:39:52.0082 4348 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:39:52.0094 4348 SNMPTRAP - ok 19:39:52.0097 4348 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:39:52.0106 4348 spldr - ok 19:39:52.0123 4348 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 19:39:52.0153 4348 Spooler - ok 19:39:52.0246 4348 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 19:39:52.0299 4348 sppsvc - ok 19:39:52.0320 4348 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:39:52.0348 4348 sppuinotify - ok 19:39:52.0375 4348 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\Windows\system32\Drivers\sptd.sys 19:39:52.0376 4348 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb 19:39:52.0377 4348 sptd ( LockedFile.Multi.Generic ) - warning 19:39:52.0377 4348 sptd - detected LockedFile.Multi.Generic (1) 19:39:52.0392 4348 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 19:39:52.0404 4348 srv - ok 19:39:52.0418 4348 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 19:39:52.0430 4348 srv2 - ok 19:39:52.0437 4348 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 19:39:52.0448 4348 srvnet - ok 19:39:52.0455 4348 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:39:52.0484 4348 SSDPSRV - ok 19:39:52.0488 4348 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:39:52.0516 4348 SstpSvc - ok 19:39:52.0540 4348 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) e:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 19:39:52.0546 4348 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning 19:39:52.0546 4348 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1) 19:39:52.0550 4348 Steam Client Service - ok 19:39:52.0555 4348 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:39:52.0564 4348 stexstor - ok 19:39:52.0582 4348 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 19:39:52.0601 4348 stisvc - ok 19:39:52.0604 4348 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 19:39:52.0613 4348 swenum - ok 19:39:52.0629 4348 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:39:52.0660 4348 swprv - ok 19:39:52.0708 4348 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 19:39:52.0735 4348 SysMain - ok 19:39:52.0758 4348 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 19:39:52.0773 4348 TabletInputService - ok 19:39:52.0784 4348 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 19:39:52.0812 4348 TapiSrv - ok 19:39:52.0817 4348 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:39:52.0845 4348 TBS - ok 19:39:52.0899 4348 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 19:39:52.0927 4348 Tcpip - ok 19:39:52.0999 4348 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 19:39:53.0027 4348 TCPIP6 - ok 19:39:53.0052 4348 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 19:39:53.0077 4348 tcpipreg - ok 19:39:53.0082 4348 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:39:53.0091 4348 TDPIPE - ok 19:39:53.0094 4348 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 19:39:53.0104 4348 TDTCP - ok 19:39:53.0110 4348 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 19:39:53.0135 4348 tdx - ok 19:39:53.0139 4348 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 19:39:53.0149 4348 TermDD - ok 19:39:53.0169 4348 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 19:39:53.0200 4348 TermService - ok 19:39:53.0204 4348 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:39:53.0219 4348 Themes - ok 19:39:53.0242 4348 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:39:53.0269 4348 THREADORDER - ok 19:39:53.0275 4348 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:39:53.0303 4348 TrkWks - ok 19:39:53.0311 4348 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 19:39:53.0336 4348 TrustedInstaller - ok 19:39:53.0342 4348 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:39:53.0366 4348 tssecsrv - ok 19:39:53.0371 4348 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 19:39:53.0381 4348 TsUsbFlt - ok 19:39:53.0387 4348 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 19:39:53.0412 4348 tunnel - ok 19:39:53.0417 4348 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:39:53.0426 4348 uagp35 - ok 19:39:53.0437 4348 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 19:39:53.0464 4348 udfs - ok 19:39:53.0472 4348 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:39:53.0485 4348 UI0Detect - ok 19:39:53.0489 4348 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 19:39:53.0499 4348 uliagpkx - ok 19:39:53.0504 4348 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 19:39:53.0514 4348 umbus - ok 19:39:53.0517 4348 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:39:53.0527 4348 UmPass - ok 19:39:53.0539 4348 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:39:53.0568 4348 upnphost - ok 19:39:53.0576 4348 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 19:39:53.0585 4348 USBAAPL64 - ok 19:39:53.0591 4348 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 19:39:53.0604 4348 usbaudio - ok 19:39:53.0609 4348 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 19:39:53.0619 4348 usbccgp - ok 19:39:53.0625 4348 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 19:39:53.0637 4348 usbcir - ok 19:39:53.0641 4348 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 19:39:53.0651 4348 usbehci - ok 19:39:53.0663 4348 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 19:39:53.0674 4348 usbhub - ok 19:39:53.0678 4348 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 19:39:53.0688 4348 usbohci - ok 19:39:53.0691 4348 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:39:53.0703 4348 usbprint - ok 19:39:53.0707 4348 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:39:53.0719 4348 usbscan - ok 19:39:53.0723 4348 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 19:39:53.0733 4348 usbser - ok 19:39:53.0738 4348 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:39:53.0748 4348 USBSTOR - ok 19:39:53.0751 4348 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 19:39:53.0761 4348 usbuhci - ok 19:39:53.0765 4348 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:39:53.0793 4348 UxSms - ok 19:39:53.0796 4348 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:39:53.0807 4348 VaultSvc - ok 19:39:53.0811 4348 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 19:39:53.0820 4348 vdrvroot - ok 19:39:53.0836 4348 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 19:39:53.0866 4348 vds - ok 19:39:53.0871 4348 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:39:53.0882 4348 vga - ok 19:39:53.0886 4348 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:39:53.0911 4348 VgaSave - ok 19:39:53.0919 4348 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 19:39:53.0930 4348 vhdmp - ok 19:39:53.0934 4348 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 19:39:53.0943 4348 viaide - ok 19:39:53.0947 4348 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 19:39:53.0957 4348 volmgr - ok 19:39:53.0969 4348 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 19:39:53.0982 4348 volmgrx - ok 19:39:53.0992 4348 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 19:39:54.0004 4348 volsnap - ok 19:39:54.0011 4348 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:39:54.0022 4348 vsmraid - ok 19:39:54.0065 4348 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 19:39:54.0103 4348 VSS - ok 19:39:54.0126 4348 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 19:39:54.0138 4348 vwifibus - ok 19:39:54.0151 4348 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:39:54.0181 4348 W32Time - ok 19:39:54.0186 4348 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:39:54.0196 4348 WacomPen - ok 19:39:54.0202 4348 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:39:54.0227 4348 WANARP - ok 19:39:54.0229 4348 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:39:54.0254 4348 Wanarpv6 - ok 19:39:54.0291 4348 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:39:54.0312 4348 WatAdminSvc - ok 19:39:54.0354 4348 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 19:39:54.0376 4348 wbengine - ok 19:39:54.0401 4348 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:39:54.0417 4348 WbioSrvc - ok 19:39:54.0429 4348 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 19:39:54.0447 4348 wcncsvc - ok 19:39:54.0451 4348 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:39:54.0462 4348 WcsPlugInService - ok 19:39:54.0468 4348 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:39:54.0478 4348 Wd - ok 19:39:54.0497 4348 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:39:54.0513 4348 Wdf01000 - ok 19:39:54.0518 4348 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:39:54.0534 4348 WdiServiceHost - ok 19:39:54.0536 4348 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:39:54.0551 4348 WdiSystemHost - ok 19:39:54.0561 4348 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 19:39:54.0578 4348 WebClient - ok 19:39:54.0587 4348 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:39:54.0616 4348 Wecsvc - ok 19:39:54.0621 4348 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:39:54.0649 4348 wercplsupport - ok 19:39:54.0654 4348 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:39:54.0682 4348 WerSvc - ok 19:39:54.0689 4348 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:39:54.0714 4348 WfpLwf - ok 19:39:54.0718 4348 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:39:54.0727 4348 WIMMount - ok 19:39:54.0731 4348 WinHttpAutoProxySvc - ok 19:39:54.0743 4348 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:39:54.0770 4348 Winmgmt - ok 19:39:54.0825 4348 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 19:39:54.0866 4348 WinRM - ok 19:39:54.0893 4348 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 19:39:54.0905 4348 WinUsb - ok 19:39:54.0930 4348 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:39:54.0952 4348 Wlansvc - ok 19:39:54.0955 4348 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 19:39:54.0965 4348 WmiAcpi - ok 19:39:54.0976 4348 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:39:54.0988 4348 wmiApSrv - ok 19:39:54.0991 4348 WMPNetworkSvc - ok 19:39:54.0996 4348 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:39:55.0007 4348 WPCSvc - ok 19:39:55.0013 4348 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 19:39:55.0026 4348 WPDBusEnum - ok 19:39:55.0030 4348 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:39:55.0055 4348 ws2ifsl - ok 19:39:55.0058 4348 WSearch - ok 19:39:55.0123 4348 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 19:39:55.0168 4348 wuauserv - ok 19:39:55.0193 4348 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 19:39:55.0219 4348 WudfPf - ok 19:39:55.0226 4348 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:39:55.0252 4348 WUDFRd - ok 19:39:55.0257 4348 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 19:39:55.0284 4348 wudfsvc - ok 19:39:55.0293 4348 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:39:55.0309 4348 WwanSvc - ok 19:39:55.0318 4348 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 19:39:55.0335 4348 \Device\Harddisk0\DR0 - ok 19:39:55.0338 4348 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1 19:39:55.0359 4348 \Device\Harddisk1\DR1 - ok 19:39:55.0361 4348 Boot (0x1200) (28ab4e145d94a5d0e4546e9adb132c41) \Device\Harddisk0\DR0\Partition0 19:39:55.0362 4348 \Device\Harddisk0\DR0\Partition0 - ok 19:39:55.0365 4348 Boot (0x1200) (9821bf7f2763306ab5fa84f3080d3cc4) \Device\Harddisk0\DR0\Partition1 19:39:55.0366 4348 \Device\Harddisk0\DR0\Partition1 - ok 19:39:55.0368 4348 Boot (0x1200) (4e09bdd97d682251f5510ed0bf0bb6e8) \Device\Harddisk1\DR1\Partition0 19:39:55.0369 4348 \Device\Harddisk1\DR1\Partition0 - ok 19:39:55.0371 4348 Boot (0x1200) (61b1b40b18537a221ec1e04955ac8e9c) \Device\Harddisk1\DR1\Partition1 19:39:55.0378 4348 \Device\Harddisk1\DR1\Partition1 - ok 19:39:55.0378 4348 ============================================================ 19:39:55.0378 4348 Scan finished 19:39:55.0378 4348 ============================================================ 19:39:55.0385 3604 Detected object count: 4 19:39:55.0385 3604 Actual detected object count: 4 19:39:58.0082 3604 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:58.0082 3604 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:39:58.0083 3604 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:58.0083 3604 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:39:58.0084 3604 sptd ( LockedFile.Multi.Generic ) - skipped by user 19:39:58.0084 3604 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 19:39:58.0086 3604 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:58.0086 3604 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:40:00.0107 4108 Deinitialize success
  7. RogueKiller V7.4.2 [05/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Al [Admin rights] Mode: Scan -- Date: 05/03/2012 18:36:57 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 5 ¤¤¤ [bLACKLIST DLL] HKLM\[...]\Run : mietp (rundll32.exe "C:\Users\Al\AppData\Local\Temp\mietp.dll",mpegInSeekSample64) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: KINGSTON SNVP325S264GB ATA Device +++++ --- User --- [MBR] d41af0937110441aaa1649db69d9d16a [bSP] 8239f65f4c9010ca95501601bc45e7e1 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 60955 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: SAMSUNG HD103UJ ATA Device +++++ --- User --- [MBR] b950dd9215e4140c6b552dafc9418487 [bSP] ccdae066dea7e34cf31f002fa6e37b20 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 753865 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1543919616 | Size: 200000 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  8. Hi. Sorry for the delay -late one at work last night. Yes please. I have uninstalled both utorrent & Sopcast - dont think there is anything else that comes under the P2P category. What next?
  9. Correct, it was Avast! that was blocking the malicious website, not Antimalware.. It gave this message: Infection Details URL: http://11sx5c8.realdatahosting.com/file/... Process: C:\Windows\SysWOW64\rundll32.exe Infection: URL:Mal
  10. Hi After my AV started reporting infections Ive run a series of scans with Malwarebytes as well as Avast! and Spybot. However ,I am still left with a problem whereby every couple of minutes MWB reports it has prevented me from visiting a dangerous website (I have not tried to navigate to any page but it says that the process involved is C:\Windows\SysWOW64\rundll32.exe so assume this has become infected.) Any thoughts on how I should remove the cause of this would be most gratefully received. Cheers . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by Al at 19:09:32 on 2012-05-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.16381.13796 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService e:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe e:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Windows\System32\svchost.exe -k LocalServicePeerNet E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe E:\Program Files (x86)\Steam\Steam.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe E:\Program Files (x86)\DisplayFusion\AppHookx86.exe C:\Users\Al\AppData\Local\Apps\2.0\47TY1899.DAR\1G67QV7L.RBM\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe C:\Users\Al\AppData\Roaming\Dropbox\bin\Dropbox.exe E:\Program Files (x86)\itunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe E:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\iPod\bin\iPodService.exe E:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Al\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local;192.168.*.* mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - e:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - E:\java\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - e:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File uRun: [AlcoholAutomount] "e:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount uRun: [spybotSD TeaTimer] E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe uRun: [DisplayFusion] "e:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" uRun: [Google Update] "C:\Users\Al\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [steam] "E:\Program Files (x86)\Steam\steam.exe" -silent uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [avast] "e:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [GrooveMonitor] "E:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" StartupFolder: C:\Users\Al\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\Al\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Al\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Al\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\ONENOT~1.LNK - E:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\PS3MED~1.LNK - E:\Program Files (x86)\PS3 Media Server\PMS.exe uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{AA1CF23E-6632-41D9-B700-20B5D1B1738F} : DhcpNameServer = 192.168.1.1 Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - e:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\java\bin\jp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - e:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [QuickTime Task] "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [avast] "e:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun-x64: [GrooveMonitor] "E:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-5-24 365568] R2 ASTRA64;ASTRA64 Kernel Driver 1.0.0.1;E:\Program Files (x86)\ASTRA32\astra64.sys [2007-2-22 21200] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;E:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-3-27 44768] R2 MBAMService;MBAMService;E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-4 654408] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896] R2 StarWindServiceAE;StarWind AE Service;E:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-19 136176] S2 SBSDWSCService;SBSD Security Center Service;E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-2-5 1153368] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\system32\DRIVERS\motfilt.sys --> C:\Windows\system32\DRIVERS\motfilt.sys [?] S3 etdrv;etdrv;C:\Windows\etdrv.sys [2011-2-18 25640] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-19 136176] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-2-18 30528] S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?] S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?] S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?] S3 MotDev;Motorola Inc. USB Device;C:\Windows\system32\DRIVERS\motodrv.sys --> C:\Windows\system32\DRIVERS\motodrv.sys [?] S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\system32\DRIVERS\Motousbnet.sys --> C:\Windows\system32\DRIVERS\Motousbnet.sys [?] S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\system32\DRIVERS\motusbdevice.sys --> C:\Windows\system32\DRIVERS\motusbdevice.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-04-30 18:52:20 457632 ----a-w- C:\FixExec.exe 2012-04-30 18:44:54 -------- d-----w- C:\ProgramData\B7E85B3B00000AA700005E17B4EB2367 2012-04-30 17:36:52 -------- d--h--w- C:\ProgramData\CanonIJScan 2012-04-30 17:36:28 -------- d-----w- C:\Program Files (x86)\Canon 2012-04-30 17:19:47 235008 ----a-w- C:\Windows\System32\CNQ9601O.DLL 2012-04-30 17:19:46 92672 ----a-w- C:\Windows\System32\CNQ9601I.DLL 2012-04-30 17:19:46 495104 ----a-w- C:\Windows\System32\CNQ9601L.DLL 2012-04-30 17:19:45 17920 ----a-w- C:\Windows\System32\CNHMCA6.DLL 2012-04-30 17:19:45 1342976 ----a-w- C:\Windows\System32\CNQ9601C.DLL 2012-04-29 07:46:58 -------- d-----w- C:\ProgramData\CCP 2012-04-28 16:28:01 -------- d-----w- C:\Users\Al\AppData\Roaming\PCF-VLC 2012-04-28 16:27:03 -------- d-----w- C:\Users\Al\AppData\Roaming\Participatory Culture Foundation 2012-04-28 16:26:43 -------- d-----w- C:\Program Files (x86)\Participatory Culture Foundation 2012-04-28 15:42:52 -------- d-----w- C:\Users\Al\AppData\Local\CCP 2012-04-27 21:33:16 -------- d-----w- C:\Program Files (x86)\iLivid 2012-04-27 19:35:13 -------- d-----w- C:\Users\Al\AppData\Local\Skyrim 2012-04-27 16:33:35 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C32B9BEE-0D50-476F-916E-55408480AF77}\mpengine.dll 2012-04-24 18:30:06 -------- d-----w- C:\Users\Al\AppData\Local\Motosftemp 2012-04-24 18:23:53 -------- d-----w- C:\Temp 2012-04-24 18:23:28 -------- d-----w- C:\Program Files\Motorola Inc 2012-04-19 15:24:55 -------- d-----w- C:\Users\Al\.android 2012-04-11 02:01:28 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-04-11 02:01:27 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-04-11 02:01:27 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-11 02:00:18 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-11 02:00:18 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-11 02:00:18 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-11 02:00:18 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-11 02:00:18 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-11 02:00:18 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-11 02:00:18 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-04 05:53:56 182160 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll . ==================== Find3M ==================== . 2012-04-04 14:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr 2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr 2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-03-06 23:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-02-28 06:39:37 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 05:38:52 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 04:31:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 03:52:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-24 12:19:51 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-02-24 12:19:51 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-02-24 12:19:51 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-02-24 12:19:51 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2012-02-23 09:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-07 10:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 19:09:50.97 =============== DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.