Jump to content

Complex

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. ComboFix Log: ComboFix 12-07-14.01 - Ultimate Electronics 07/15/2012 15:46:36.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5085.3483 [GMT -6:00] Running from: c:\users\Ultimate Electronics\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Complitly c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx c:\program files (x86)\Complitly\ChromeSetSearchInBrowser.exe c:\program files (x86)\Complitly\FireFoxExtension.exe c:\program files (x86)\Complitly\InstTracker.exe c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files (x86)\Complitly\support@Complitly.com\install.rdf c:\program files (x86)\Complitly\unins000.dat c:\program files (x86)\Complitly\unins000.exe c:\users\ULTIMA~1\AppData\Local\Temp\1.tmp\F_IN_BOX.dll c:\users\Ultimate Electronics\AppData\Local\Temp\1.tmp\F_IN_BOX.dll c:\users\Ultimate Electronics\BITBE88.tmp c:\users\Ultimate Electronics\Documents\~WRL0416.tmp c:\windows\system32\drivers\etc\lmhosts c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-15 to 2012-07-15 ))))))))))))))))))))))))))))))) . . 2012-07-15 21:55 . 2012-07-15 21:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-15 01:39 . 2012-07-15 21:33 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-14 19:33 . 2012-07-14 19:33 -------- d-----w- c:\users\Ultimate Electronics\AppData\Local\The Lord of the Rings Online 2012-07-14 19:16 . 2009-09-04 23:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll 2012-07-14 19:16 . 2009-09-04 23:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll 2012-07-14 19:16 . 2012-07-14 19:18 -------- d-----w- c:\users\Ultimate Electronics\AppData\Local\Turbine 2012-07-14 19:13 . 2009-09-04 23:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2012-07-14 19:13 . 2007-03-12 22:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll 2012-07-14 19:13 . 2012-07-15 04:53 -------- d-----w- c:\users\Ultimate Electronics\AppData\Local\ApplicationHistory 2012-07-14 19:11 . 2012-07-14 19:11 -------- d-----w- c:\windows\SysWow64\URTTEMP 2012-07-14 18:46 . 2012-07-14 18:46 -------- d-----w- c:\program files (x86)\Turbine 2012-07-13 23:03 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70DB5393-09D2-41D0-8E47-258920030BE5}\mpengine.dll 2012-07-13 11:15 . 2012-07-13 11:15 -------- d-----w- c:\programdata\Recovery 2012-07-13 07:20 . 2012-07-13 18:11 -------- d-----w- c:\program files\League of legends 2012-07-13 05:35 . 2012-07-13 05:35 -------- d-----w- c:\users\Ultimate Electronics\AppData\Roaming\Malwarebytes 2012-07-13 05:34 . 2012-07-13 05:34 -------- d-----w- c:\programdata\Malwarebytes 2012-07-13 05:34 . 2012-07-13 05:35 -------- d-----w- c:\program files (x86)\XXXX 2012-07-13 05:34 . 2012-07-03 19:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-13 03:45 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-07-13 02:16 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll 2012-07-13 02:16 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll 2012-07-13 02:16 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-13 02:16 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-07-13 02:15 . 2012-06-02 05:37 459216 ----a-w- c:\windows\system32\drivers\cng.sys 2012-07-13 02:15 . 2012-06-02 05:27 340992 ----a-w- c:\windows\system32\schannel.dll 2012-07-13 02:15 . 2012-06-02 05:38 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-13 02:15 . 2012-06-02 05:38 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-07-13 02:15 . 2012-06-02 05:27 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-13 02:15 . 2012-06-02 04:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-07-13 02:15 . 2012-06-02 04:48 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-07-13 02:15 . 2012-06-02 04:47 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-07-13 02:15 . 2012-06-02 04:42 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-07-13 02:14 . 2012-06-06 05:50 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-13 02:14 . 2012-06-06 05:09 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2012-07-13 00:42 . 2012-07-13 00:42 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2012-07-12 01:32 . 2012-07-12 05:18 -------- d-----w- c:\users\Ultimate Electronics\riotsGamesLogs 2012-06-29 23:22 . 2012-06-29 23:22 -------- d-----w- c:\users\Ultimate Electronics\AppData\Roaming\Sony Creative Software Inc 2012-06-22 21:30 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 21:30 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 21:30 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 21:30 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 21:30 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-22 21:30 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 21:30 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 21:29 . 2012-06-02 21:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 21:29 . 2012-06-02 21:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-21 23:28 . 2012-07-13 11:04 -------- d-----w- C:\Riot Games 2012-06-19 23:35 . 2012-06-19 23:35 4967624 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-18 02:32 . 2012-06-18 02:32 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-18 02:32 . 2012-06-18 02:32 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-13 00:49 . 2012-05-20 21:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-13 00:49 . 2011-09-02 23:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-31 18:25 . 2011-02-19 04:55 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-05-15 03:56 . 2012-06-12 20:35 1197568 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 03:08 . 2012-06-12 20:35 981504 ----a-w- c:\windows\SysWow64\wininet.dll 2012-05-04 10:52 . 2012-06-12 20:33 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:08 . 2012-06-12 20:33 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:08 . 2012-06-12 20:33 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-02 05:32 . 2012-06-12 20:34 208896 ----a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:50 . 2012-06-12 20:32 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:34 . 2012-06-12 20:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:34 . 2012-06-12 20:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:28 . 2012-06-12 20:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:59 . 2012-06-12 20:31 182272 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:59 . 2012-06-12 20:31 1460224 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 05:59 . 2012-06-12 20:31 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 04:47 . 2012-06-12 20:31 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:47 . 2012-06-12 20:31 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-04-24 04:47 . 2012-06-12 20:31 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-04-20 06:22 . 2012-06-12 20:35 57856 ----a-w- c:\windows\system32\licmgr10.dll 2012-04-20 05:05 . 2012-06-12 20:35 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-04-20 05:00 . 2012-06-12 20:35 482816 ----a-w- c:\windows\system32\html.iec 2012-04-20 04:15 . 2012-06-12 20:35 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-04-20 03:58 . 2012-06-12 20:35 386048 ----a-w- c:\windows\SysWow64\html.iec 2012-04-20 03:24 . 2012-06-12 20:35 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2011-03-16 2155872] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-19 39408] "InstallIQUpdater"="c:\program files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-10-11 1179648] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-08 17425072] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-20 421736] "InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-02-25 1770400] "EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE" [2010-09-02 2045440] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "Malwarebytes' Anti-Malware"="c:\program files (x86)\XXXX\mbamgui.exe" [2012-07-03 462920] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Play Wireless USB Adapter Utility.lnk - c:\program files (x86)\Belkin\F7D4101\V1\PBN.exe [2009-11-25 110592] Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-6-17 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-08 160944] R2 WLANBelkinService;Belkin WLAN service;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-29 36864] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-13 250056] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-14 240408] R3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [2009-11-06 838136] R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-19 1255736] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-14 193816] S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368] S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-03-16 415072] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264] S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-05-17 308592] S2 MBAMService;MBAMService;c:\program files (x86)\XXXX\mbamservice.exe [2012-07-03 655944] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 00:49] . 2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 09:42] . 2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 09:42] . 2012-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1958810285-2977873497-2886064626-1000Core.job - c:\users\Ultimate Electronics\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-26 02:52] . 2012-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1958810285-2977873497-2886064626-1000UA.job - c:\users\Ultimate Electronics\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-26 02:52] . 2012-07-15 c:\windows\Tasks\HPCeeScheduleForUltimate Electronics.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2012-07-15 c:\windows\Tasks\ParetoLogic Registration.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}] 2011-03-23 01:05 167416 ----a-w- c:\users\Ultimate Electronics\AppData\Roaming\Complitly\64\Complitly64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-07 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-07 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-07 413208] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888] "EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://search.searchcompletion.com/?si=10211&home=1 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.137.1 FF - ProfilePath - c:\users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) Wow6432Node-HKCU-Run-Weather - c:\program files (x86)\AWS\WeatherBug\Weather.exe Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file) AddRemove-Complitly_is1 - c:\program files (x86)\Complitly\unins000.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1958810285-2977873497-2886064626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1958810285-2977873497-2886064626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe . ************************************************************************** . Completion time: 2012-07-15 16:10:56 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-15 22:10 . Pre-Run: 573,448,880,128 bytes free Post-Run: 574,450,204,672 bytes free . - - End Of File - - 44AF4990F701523CC52659001CA3D747
  2. New DDS Log (DDS + Attatch): . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26 Run by Ultimate Electronics at 20:01:16 on 2012-07-14 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5085.3317 [GMT -6:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Windows\System32\hkcmd.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\XXXX\mbamgui.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\XXXX\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\XXXX\mbam.exe C:\Windows\system32\wuauclt.exe C:\Windows\notepad.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uSearch Page = hxxp://search.searchcompletion.com/?si=10211&home=1 uDefault_Search_URL = hxxp://search.searchcompletion.com/?si=10211&home=1 uSearch Bar = hxxp://search.searchcompletion.com/?si=10211&home=1 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Complitly: {d27fc31c-6e3d-4305-8d53-acdaefa5f862} - C:\Users\Ultimate Electronics\AppData\Roaming\Complitly\Complitly.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 uRun: [Dyyno Launcher] "C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" 30100 30101 30102 30103 30104 uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [Google Update] "C:\Users\Ultimate Electronics\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [Conime] %windir%\system32\conime.exe mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\XXXX\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PLAYWI~1.LNK - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.137.1 TCP: Interfaces\{4959FB23-C933-4E7F-A044-217CF0251BF1} : DhcpNameServer = 192.168.137.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Complitly: {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Ultimate Electronics\AppData\Roaming\Complitly\Complitly.dll BHO-X64: Complitly - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [Conime] %windir%\system32\conime.exe mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\XXXX\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll FF - component: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll . ============= SERVICES / DRIVERS =============== . R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\rsdrvx64.sys --> C:\Windows\system32\drivers\rsdrvx64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-3-15 415072] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-5-17 308592] R2 MBAMService;MBAMService;C:\Program Files (x86)\XXXX\mbamservice.exe [2012-7-12 655944] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-17 635416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-20 250056] S3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?] S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176] S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-21 113120] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-20 14544] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-15 01:39:23 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-14 19:33:46 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Local\The Lord of the Rings Online 2012-07-14 19:16:47 235344 ----a-w- C:\Windows\SysWow64\d3dx11_42.dll 2012-07-14 19:16:47 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll 2012-07-14 19:16:09 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Local\Turbine 2012-07-14 19:13:45 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll 2012-07-14 19:13:45 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll 2012-07-14 19:13:06 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Local\ApplicationHistory 2012-07-14 19:11:06 -------- d-----w- C:\Windows\SysWow64\URTTEMP 2012-07-14 18:46:43 -------- d-----w- C:\Program Files (x86)\Turbine 2012-07-13 23:03:07 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70DB5393-09D2-41D0-8E47-258920030BE5}\mpengine.dll 2012-07-13 11:15:37 -------- d-----w- C:\ProgramData\Recovery 2012-07-13 07:20:05 -------- d-----w- C:\Program Files\League of legends 2012-07-13 05:35:06 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Roaming\Malwarebytes 2012-07-13 05:34:59 -------- d-----w- C:\ProgramData\Malwarebytes 2012-07-13 05:34:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-13 05:34:58 -------- d-----w- C:\Program Files (x86)\XXXX 2012-07-13 03:45:38 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-07-13 02:16:09 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-13 02:16:09 1880064 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-13 02:16:08 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-13 02:16:08 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-13 02:15:07 459216 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-07-13 02:15:07 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-07-13 02:15:06 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-07-13 02:15:06 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-07-13 02:15:06 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-07-13 02:15:06 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-07-13 02:15:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-07-13 02:15:06 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-07-13 02:15:06 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-07-13 02:14:36 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-13 02:14:36 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-13 00:42:56 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2012-07-12 01:32:13 -------- d-----w- C:\Users\Ultimate Electronics\riotsGamesLogs 2012-06-29 23:22:46 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Roaming\Sony Creative Software Inc 2012-06-22 21:30:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-22 21:30:13 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-22 21:29:46 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-22 21:29:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 23:28:21 -------- d-----w- C:\Riot Games 2012-06-19 23:35:14 4967624 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-18 02:32:39 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-18 02:32:39 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll . ==================== Find3M ==================== . 2012-07-13 00:49:17 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-13 00:49:17 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-31 18:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 03:56:59 1197568 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 03:08:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:59:45 182272 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:59:45 1460224 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 05:59:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 04:47:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:47:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-24 04:47:03 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-20 06:22:18 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2012-04-20 05:05:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2012-04-20 05:00:31 482816 ----a-w- C:\Windows\System32\html.iec 2012-04-20 04:15:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-04-20 03:58:07 386048 ----a-w- C:\Windows\SysWow64\html.iec 2012-04-20 03:24:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 20:01:51.62 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/25/2010 13:15:22 System Uptime: 7/14/2012 19:40:55 (1 hours ago) . Motherboard: PEGATRON CORPORATION | | 2A94 Processor: Pentium® Dual-Core CPU E5500 @ 2.80GHz | CPU 1 | 2803/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 687 GiB total, 535.165 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.455 GiB free. E: is CDROM (CDFS) F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Hamachi Network Interface Device ID: ROOT\NET\0000 Manufacturer: LogMeIn, Inc. Name: Hamachi Network Interface PNP Device ID: ROOT\NET\0000 Service: hamachi . ==== System Restore Points =================== . RP219: 7/12/2012 20:13:31 - Windows Update RP220: 7/12/2012 21:43:04 - Windows Update RP221: 7/12/2012 23:16:39 - Windows Update RP222: 7/12/2012 23:56:44 - Windows Update RP223: 7/13/2012 00:06:39 - Windows Update RP224: 7/13/2012 01:16:58 - Removed League of Legends RP225: 7/13/2012 11:58:20 - Windows Update RP226: 7/14/2012 03:00:41 - Windows Update RP227: 7/14/2012 13:13:12 - Installed DirectX RP228: 7/14/2012 13:13:53 - Installed DirectX RP229: 7/14/2012 13:16:28 - Installed DirectX . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 aiofw aioscnnr Apple Application Support Apple Software Update Bejeweled 2 Deluxe Belkin Setup and Router Monitor Bing Bar Blackhawk Striker 2 Build-a-lot 2 center Chuzzle Deluxe CinemaNow Media Manager Complitly CyberLink DVD Suite Deluxe D3DX10 Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure DVD Menu Pack for HP MediaSmart Video Dyyno Broadcaster Escape Rosecliff Island FATE ffdshow [rev 3154] [2009-12-09] Final Drive Nitro Game Booster 3 Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Heroes of Hellas 2 - Olympia Hewlett-Packard ACLM.NET v1.1.2.0 HP Advisor HP Customer Experience Enhancements HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart/TouchSmart Netflix HP Odometer HP Product Detection HP Setup HP Support Assistant HP Support Information HP Update Hulu Desktop InstallIQ Updater Intel® Graphics Media Accelerator Driver Java Auto Updater Java 6 Update 26 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update K-Lite Codec Pack 7.0.0 (Full) Kobo KODAK AiO Home Center ksDIP LabelPrint League of Legends LightScribe System Software LogMeIn Hamachi Magic ISO Maker v5.5 (build 0281) Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Norton Online Backup Pando Media Booster PDF Complete Special Edition Penguins! PhotoNow! PictureMover Plants vs. Zombies Play Wireless USB Adapter Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector PreReq PressReader QuickTime Realtek High Definition Audio Driver Recovery Manager Roxio CinemaNow 2.0 Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Skype Click to Call Skype™ 5.10 System Requirements Lab for Intel The Lord of the Rings Online™ v03.07.00.8037 TuneUp Companion 2.4.4.3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Virtual Families Virtual Villagers - The Secret City Wheel of Fortune 2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver Yahoo! Detect YouTube Downloader 2.7 Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 7/14/2012 03:07:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715). 7/14/2012 01:00:18, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e51117, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\Minidump\071412-25287-01.dmp. Report Id: 071412-25287-01. 7/13/2012 11:53:55, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002f7ffea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\Minidump\071312-23977-01.dmp. Report Id: 071312-23977-01. 7/12/2012 18:42:58, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. 7/12/2012 18:42:58, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/12/2012 18:42:57, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/12/2012 16:54:48, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s). 7/12/2012 14:50:39, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x1000007e (0xffffffffc000001d, 0xfffff88005de94f8, 0xfffff880020aa988, 0xfffff880020aa1f0). A dump was saved in: C:\Windows\Minidump\071212-22698-01.dmp. Report Id: 071212-22698-01. . ==== End Of File ===========================
  3. MBAM Log: Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.13.02 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Ultimate Electronics :: HPP6614F [administrator] Protection: Enabled 7/12/2012 23:35:49 mbam-log-2012-07-12 (23-35-49).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 231360 Time elapsed: 3 minute(s), 12 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 4616 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 9 C:\Users\Ultimate Electronics\AppData\Local\Temp\0.4941219677822092 (Trojan.Happili) -> Quarantined and deleted successfully. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.5124469618550859 (Trojan.Happili) -> Quarantined and deleted successfully. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.645242235539317 (Trojan.Happili) -> Quarantined and deleted successfully. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.7483747212574958 (Trojan.Happili) -> Quarantined and deleted successfully. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.9004145178330301 (Trojan.Happili) -> Quarantined and deleted successfully. C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.3582570631876564 (Exploit.Drop.9) -> Quarantined and deleted successfully. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.7471343590354296 (Exploit.Drop.9) -> Quarantined and deleted successfully. C:\Users\Ultimate Electronics\AppData\Local\Temp\0.8048945250705793 (Exploit.Drop.9) -> Quarantined and deleted successfully. (end)
  4. TDDSkiller Log: 19:37:18.0723 5792 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 19:37:19.0183 5792 ============================================================ 19:37:19.0183 5792 Current date / time: 2012/07/14 19:37:19.0183 19:37:19.0183 5792 SystemInfo: 19:37:19.0183 5792 19:37:19.0183 5792 OS Version: 6.1.7600 ServicePack: 0.0 19:37:19.0183 5792 Product type: Workstation 19:37:19.0183 5792 ComputerName: HPP6614F 19:37:19.0184 5792 UserName: Ultimate Electronics 19:37:19.0184 5792 Windows directory: C:\Windows 19:37:19.0184 5792 System windows directory: C:\Windows 19:37:19.0184 5792 Running under WOW64 19:37:19.0184 5792 Processor architecture: Intel x64 19:37:19.0184 5792 Number of processors: 2 19:37:19.0184 5792 Page size: 0x1000 19:37:19.0184 5792 Boot type: Normal boot 19:37:19.0184 5792 ============================================================ 19:37:20.0889 5792 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:37:20.0929 5792 ============================================================ 19:37:20.0929 5792 \Device\Harddisk0\DR0: 19:37:20.0939 5792 MBR partitions: 19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55D3F000 19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x55D71800, BlocksNum 0x17D4000 19:37:20.0939 5792 ============================================================ 19:37:20.0981 5792 C: <-> \Device\Harddisk0\DR0\Partition1 19:37:21.0023 5792 D: <-> \Device\Harddisk0\DR0\Partition2 19:37:21.0086 5792 ============================================================ 19:37:21.0086 5792 Initialize success 19:37:21.0086 5792 ============================================================ 19:37:51.0801 4076 ============================================================ 19:37:51.0801 4076 Scan started 19:37:51.0801 4076 Mode: Manual; SigCheck; TDLFS; 19:37:51.0801 4076 ============================================================ 19:37:54.0652 4076 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 19:37:54.0838 4076 1394ohci - ok 19:37:54.0868 4076 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 19:37:54.0886 4076 ACPI - ok 19:37:54.0904 4076 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 19:37:55.0000 4076 AcpiPmi - ok 19:37:55.0112 4076 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:37:55.0126 4076 AdobeFlashPlayerUpdateSvc - ok 19:37:55.0173 4076 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:37:55.0191 4076 adp94xx - ok 19:37:55.0216 4076 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:37:55.0233 4076 adpahci - ok 19:37:55.0251 4076 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:37:55.0264 4076 adpu320 - ok 19:37:55.0294 4076 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:37:55.0403 4076 AeLookupSvc - ok 19:37:55.0452 4076 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 19:37:55.0525 4076 AFD - ok 19:37:55.0627 4076 AffinegyService (7f1130830b3ba85921519a5616e29803) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe 19:37:55.0645 4076 AffinegyService - ok 19:37:55.0664 4076 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 19:37:55.0677 4076 agp440 - ok 19:37:55.0694 4076 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:37:55.0734 4076 ALG - ok 19:37:55.0755 4076 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 19:37:55.0766 4076 aliide - ok 19:37:55.0781 4076 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 19:37:55.0792 4076 amdide - ok 19:37:55.0821 4076 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:37:55.0860 4076 AmdK8 - ok 19:37:55.0875 4076 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:37:55.0906 4076 AmdPPM - ok 19:37:55.0935 4076 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 19:37:55.0947 4076 amdsata - ok 19:37:55.0982 4076 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:37:55.0997 4076 amdsbs - ok 19:37:56.0014 4076 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 19:37:56.0025 4076 amdxata - ok 19:37:56.0037 4076 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 19:37:56.0124 4076 AppID - ok 19:37:56.0138 4076 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:37:56.0199 4076 AppIDSvc - ok 19:37:56.0232 4076 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 19:37:56.0280 4076 Appinfo - ok 19:37:56.0351 4076 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:37:56.0362 4076 Apple Mobile Device - ok 19:37:56.0379 4076 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:37:56.0391 4076 arc - ok 19:37:56.0406 4076 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:37:56.0419 4076 arcsas - ok 19:37:56.0465 4076 aspnet_state - ok 19:37:56.0490 4076 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:37:56.0534 4076 AsyncMac - ok 19:37:56.0551 4076 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 19:37:56.0562 4076 atapi - ok 19:37:56.0590 4076 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 19:37:56.0657 4076 AudioEndpointBuilder - ok 19:37:56.0665 4076 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 19:37:56.0705 4076 AudioSrv - ok 19:37:56.0794 4076 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 19:37:56.0859 4076 AxInstSV - ok 19:37:56.0919 4076 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:37:56.0953 4076 b06bdrv - ok 19:37:56.0987 4076 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:37:57.0018 4076 b57nd60a - ok 19:37:57.0093 4076 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 19:37:57.0113 4076 BBSvc - ok 19:37:57.0157 4076 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 19:37:57.0174 4076 BBUpdate - ok 19:37:57.0244 4076 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys 19:37:57.0294 4076 BCMH43XX - ok 19:37:57.0314 4076 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:37:57.0372 4076 BDESVC - ok 19:37:57.0403 4076 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:37:57.0454 4076 Beep - ok 19:37:57.0515 4076 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 19:37:57.0574 4076 BFE - ok 19:37:57.0632 4076 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 19:37:57.0688 4076 BITS - ok 19:37:57.0732 4076 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:37:57.0766 4076 blbdrive - ok 19:37:57.0845 4076 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 19:37:57.0861 4076 Bonjour Service - ok 19:37:57.0884 4076 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 19:37:57.0932 4076 bowser - ok 19:37:57.0967 4076 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:37:57.0995 4076 BrFiltLo - ok 19:37:58.0023 4076 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:37:58.0036 4076 BrFiltUp - ok 19:37:58.0061 4076 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 19:37:58.0109 4076 Browser - ok 19:37:58.0136 4076 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:37:58.0170 4076 Brserid - ok 19:37:58.0182 4076 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:37:58.0205 4076 BrSerWdm - ok 19:37:58.0223 4076 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:37:58.0238 4076 BrUsbMdm - ok 19:37:58.0249 4076 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:37:58.0261 4076 BrUsbSer - ok 19:37:58.0279 4076 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:37:58.0305 4076 BTHMODEM - ok 19:37:58.0326 4076 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:37:58.0373 4076 bthserv - ok 19:37:58.0392 4076 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:37:58.0425 4076 cdfs - ok 19:37:58.0460 4076 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 19:37:58.0474 4076 cdrom - ok 19:37:58.0502 4076 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 19:37:58.0551 4076 CertPropSvc - ok 19:37:58.0646 4076 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 19:37:58.0663 4076 CinemaNow Service - ok 19:37:58.0688 4076 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:37:58.0703 4076 circlass - ok 19:37:58.0723 4076 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:37:58.0741 4076 CLFS - ok 19:37:58.0793 4076 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:37:58.0805 4076 clr_optimization_v2.0.50727_32 - ok 19:37:58.0839 4076 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:37:58.0851 4076 clr_optimization_v2.0.50727_64 - ok 19:37:58.0931 4076 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:37:58.0957 4076 clr_optimization_v4.0.30319_32 - ok 19:37:58.0997 4076 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:37:59.0015 4076 clr_optimization_v4.0.30319_64 - ok 19:37:59.0038 4076 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:37:59.0079 4076 CmBatt - ok 19:37:59.0097 4076 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 19:37:59.0108 4076 cmdide - ok 19:37:59.0159 4076 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 19:37:59.0195 4076 CNG - ok 19:37:59.0213 4076 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:37:59.0224 4076 Compbatt - ok 19:37:59.0252 4076 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 19:37:59.0282 4076 CompositeBus - ok 19:37:59.0300 4076 COMSysApp - ok 19:37:59.0369 4076 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys 19:37:59.0418 4076 cpudrv64 - ok 19:37:59.0447 4076 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:37:59.0488 4076 crcdisk - ok 19:37:59.0577 4076 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 19:37:59.0701 4076 CryptSvc - ok 19:37:59.0803 4076 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 19:37:59.0829 4076 cvhsvc - ok 19:37:59.0889 4076 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 19:37:59.0945 4076 DcomLaunch - ok 19:38:00.0138 4076 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:38:00.0299 4076 defragsvc - ok 19:38:00.0354 4076 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 19:38:00.0541 4076 DfsC - ok 19:38:00.0580 4076 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 19:38:00.0692 4076 Dhcp - ok 19:38:00.0711 4076 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:38:00.0801 4076 discache - ok 19:38:00.0824 4076 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:38:00.0853 4076 Disk - ok 19:38:00.0895 4076 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 19:38:00.0958 4076 Dnscache - ok 19:38:00.0973 4076 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 19:38:01.0257 4076 dot3svc - ok 19:38:01.0357 4076 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 19:38:01.0458 4076 DPS - ok 19:38:01.0494 4076 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:38:01.0508 4076 drmkaud - ok 19:38:01.0553 4076 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 19:38:01.0581 4076 DXGKrnl - ok 19:38:01.0672 4076 Dyyno Launcher (4af117b55c76cebfc6c52bff1eebaec5) C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe 19:38:01.0688 4076 Dyyno Launcher - ok 19:38:01.0769 4076 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:38:01.0843 4076 EapHost - ok 19:38:01.0952 4076 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:38:02.0086 4076 ebdrv - ok 19:38:02.0186 4076 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 19:38:02.0272 4076 EFS - ok 19:38:02.0363 4076 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 19:38:02.0473 4076 ehRecvr - ok 19:38:02.0518 4076 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:38:02.0551 4076 ehSched - ok 19:38:02.0638 4076 ElRawDisk (4778eeecb75c6fb419745beed3530b9d) C:\Windows\system32\drivers\rsdrvx64.sys 19:38:02.0655 4076 ElRawDisk - ok 19:38:02.0895 4076 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:38:02.0923 4076 elxstor - ok 19:38:02.0948 4076 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 19:38:02.0980 4076 ErrDev - ok 19:38:03.0052 4076 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:38:03.0117 4076 EventSystem - ok 19:38:03.0158 4076 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:38:03.0217 4076 exfat - ok 19:38:03.0268 4076 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:38:03.0485 4076 fastfat - ok 19:38:03.0782 4076 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 19:38:03.0873 4076 Fax - ok 19:38:03.0894 4076 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:38:03.0927 4076 fdc - ok 19:38:03.0947 4076 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:38:04.0010 4076 fdPHost - ok 19:38:04.0028 4076 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:38:04.0093 4076 FDResPub - ok 19:38:04.0100 4076 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:38:04.0116 4076 FileInfo - ok 19:38:04.0125 4076 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:38:04.0193 4076 Filetrace - ok 19:38:04.0212 4076 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:38:04.0227 4076 flpydisk - ok 19:38:04.0261 4076 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 19:38:04.0278 4076 FltMgr - ok 19:38:04.0345 4076 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 19:38:04.0445 4076 FontCache - ok 19:38:04.0486 4076 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:38:04.0499 4076 FontCache3.0.0.0 - ok 19:38:04.0534 4076 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:38:04.0552 4076 FsDepends - ok 19:38:04.0590 4076 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 19:38:04.0603 4076 fssfltr - ok 19:38:04.0723 4076 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 19:38:04.0823 4076 fsssvc - ok 19:38:04.0922 4076 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 19:38:04.0941 4076 Fs_Rec - ok 19:38:05.0014 4076 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:38:05.0036 4076 fvevol - ok 19:38:05.0049 4076 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:38:05.0064 4076 gagp30kx - ok 19:38:05.0258 4076 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 19:38:05.0274 4076 GameConsoleService - ok 19:38:05.0325 4076 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:38:05.0336 4076 GEARAspiWDM - ok 19:38:05.0383 4076 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 19:38:05.0430 4076 gpsvc - ok 19:38:05.0516 4076 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:38:05.0527 4076 gupdate - ok 19:38:05.0545 4076 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:38:05.0556 4076 gupdatem - ok 19:38:05.0592 4076 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 19:38:05.0604 4076 gusvc - ok 19:38:05.0655 4076 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 19:38:05.0668 4076 hamachi - ok 19:38:05.0817 4076 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 19:38:05.0933 4076 Hamachi2Svc - ok 19:38:06.0038 4076 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:38:06.0100 4076 hcw85cir - ok 19:38:06.0135 4076 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 19:38:06.0178 4076 HdAudAddService - ok 19:38:06.0234 4076 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 19:38:06.0270 4076 HDAudBus - ok 19:38:06.0297 4076 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:38:06.0329 4076 HidBatt - ok 19:38:06.0353 4076 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:38:06.0394 4076 HidBth - ok 19:38:06.0417 4076 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:38:06.0454 4076 HidIr - ok 19:38:06.0481 4076 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:38:06.0530 4076 hidserv - ok 19:38:06.0550 4076 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 19:38:06.0574 4076 HidUsb - ok 19:38:06.0595 4076 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 19:38:06.0661 4076 hkmsvc - ok 19:38:06.0684 4076 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 19:38:06.0732 4076 HomeGroupListener - ok 19:38:06.0762 4076 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 19:38:06.0797 4076 HomeGroupProvider - ok 19:38:06.0942 4076 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 19:38:06.0951 4076 HP Support Assistant Service - ok 19:38:07.0006 4076 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 19:38:07.0018 4076 HPDrvMntSvc.exe - ok 19:38:07.0066 4076 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 19:38:07.0092 4076 hpqwmiex - ok 19:38:07.0153 4076 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 19:38:07.0171 4076 HpSAMD - ok 19:38:07.0218 4076 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 19:38:07.0271 4076 HTTP - ok 19:38:07.0276 4076 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 19:38:07.0288 4076 hwpolicy - ok 19:38:07.0334 4076 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 19:38:07.0360 4076 i8042prt - ok 19:38:07.0421 4076 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 19:38:07.0455 4076 iaStorV - ok 19:38:07.0527 4076 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:38:07.0566 4076 idsvc - ok 19:38:08.0630 4076 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys 19:38:09.0474 4076 igfx - ok 19:38:09.0576 4076 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:38:09.0589 4076 iirsp - ok 19:38:09.0639 4076 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 19:38:09.0740 4076 IKEEXT - ok 19:38:09.0776 4076 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 19:38:09.0815 4076 Impcd - ok 19:38:09.0959 4076 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys 19:38:10.0216 4076 IntcAzAudAddService - ok 19:38:10.0311 4076 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 19:38:10.0326 4076 intelide - ok 19:38:10.0392 4076 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:38:10.0421 4076 intelppm - ok 19:38:10.0456 4076 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:38:10.0518 4076 IPBusEnum - ok 19:38:10.0569 4076 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:38:10.0626 4076 IpFilterDriver - ok 19:38:10.0679 4076 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 19:38:10.0741 4076 iphlpsvc - ok 19:38:10.0764 4076 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 19:38:10.0780 4076 IPMIDRV - ok 19:38:10.0803 4076 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:38:10.0858 4076 IPNAT - ok 19:38:10.0939 4076 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe 19:38:10.0966 4076 iPod Service - ok 19:38:10.0983 4076 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:38:11.0017 4076 IRENUM - ok 19:38:11.0036 4076 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 19:38:11.0060 4076 isapnp - ok 19:38:11.0093 4076 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 19:38:11.0111 4076 iScsiPrt - ok 19:38:11.0155 4076 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 19:38:11.0175 4076 kbdclass - ok 19:38:11.0191 4076 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 19:38:11.0222 4076 kbdhid - ok 19:38:11.0244 4076 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:11.0263 4076 KeyIso - ok 19:38:11.0368 4076 Kodak AiO Network Discovery Service (f8d454fba97dc28f02931c588bafe4cf) C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe 19:38:11.0383 4076 Kodak AiO Network Discovery Service - ok 19:38:11.0415 4076 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 19:38:11.0429 4076 KSecDD - ok 19:38:11.0458 4076 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 19:38:11.0475 4076 KSecPkg - ok 19:38:11.0498 4076 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:38:11.0548 4076 ksthunk - ok 19:38:11.0585 4076 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:38:11.0639 4076 KtmRm - ok 19:38:11.0680 4076 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 19:38:11.0732 4076 LanmanServer - ok 19:38:11.0757 4076 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 19:38:11.0808 4076 LanmanWorkstation - ok 19:38:11.0852 4076 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 19:38:11.0859 4076 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 19:38:11.0859 4076 LightScribeService - detected UnsignedFile.Multi.Generic (1) 19:38:11.0885 4076 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:38:11.0928 4076 lltdio - ok 19:38:11.0964 4076 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:38:12.0013 4076 lltdsvc - ok 19:38:12.0023 4076 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:38:12.0067 4076 lmhosts - ok 19:38:12.0104 4076 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:38:12.0116 4076 LSI_FC - ok 19:38:12.0143 4076 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:38:12.0159 4076 LSI_SAS - ok 19:38:12.0186 4076 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:38:12.0198 4076 LSI_SAS2 - ok 19:38:12.0221 4076 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:38:12.0235 4076 LSI_SCSI - ok 19:38:12.0273 4076 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:38:12.0330 4076 luafv - ok 19:38:12.0375 4076 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 19:38:12.0386 4076 MBAMProtector - ok 19:38:12.0446 4076 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\XXXX\mbamservice.exe 19:38:12.0473 4076 MBAMService - ok 19:38:12.0506 4076 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 19:38:12.0526 4076 Mcx2Svc - ok 19:38:12.0555 4076 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:38:12.0568 4076 megasas - ok 19:38:12.0591 4076 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:38:12.0608 4076 MegaSR - ok 19:38:12.0640 4076 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:38:12.0684 4076 MMCSS - ok 19:38:12.0706 4076 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:38:12.0753 4076 Modem - ok 19:38:12.0784 4076 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:38:12.0809 4076 monitor - ok 19:38:12.0836 4076 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:38:12.0848 4076 mouclass - ok 19:38:12.0868 4076 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:38:12.0885 4076 mouhid - ok 19:38:12.0898 4076 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 19:38:12.0910 4076 mountmgr - ok 19:38:12.0987 4076 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:38:12.0999 4076 MozillaMaintenance - ok 19:38:13.0017 4076 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 19:38:13.0033 4076 mpio - ok 19:38:13.0052 4076 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:38:13.0085 4076 mpsdrv - ok 19:38:13.0162 4076 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 19:38:13.0220 4076 MpsSvc - ok 19:38:13.0245 4076 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 19:38:13.0273 4076 MRxDAV - ok 19:38:13.0327 4076 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:38:13.0360 4076 mrxsmb - ok 19:38:13.0379 4076 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:38:13.0402 4076 mrxsmb10 - ok 19:38:13.0427 4076 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:38:13.0451 4076 mrxsmb20 - ok 19:38:13.0469 4076 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 19:38:13.0482 4076 msahci - ok 19:38:13.0499 4076 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 19:38:13.0513 4076 msdsm - ok 19:38:13.0527 4076 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:38:13.0546 4076 MSDTC - ok 19:38:13.0576 4076 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:38:13.0612 4076 Msfs - ok 19:38:13.0623 4076 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:38:13.0668 4076 mshidkmdf - ok 19:38:13.0701 4076 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 19:38:13.0714 4076 msisadrv - ok 19:38:13.0782 4076 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:38:13.0833 4076 MSiSCSI - ok 19:38:13.0843 4076 msiserver - ok 19:38:13.0876 4076 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:38:13.0924 4076 MSKSSRV - ok 19:38:13.0945 4076 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:38:13.0984 4076 MSPCLOCK - ok 19:38:14.0011 4076 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:38:14.0070 4076 MSPQM - ok 19:38:14.0105 4076 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 19:38:14.0122 4076 MsRPC - ok 19:38:14.0161 4076 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 19:38:14.0180 4076 mssmbios - ok 19:38:14.0193 4076 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:38:14.0241 4076 MSTEE - ok 19:38:14.0271 4076 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:38:14.0285 4076 MTConfig - ok 19:38:14.0316 4076 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:38:14.0328 4076 Mup - ok 19:38:14.0368 4076 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 19:38:14.0433 4076 napagent - ok 19:38:14.0476 4076 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:38:14.0514 4076 NativeWifiP - ok 19:38:14.0565 4076 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 19:38:14.0600 4076 NDIS - ok 19:38:14.0631 4076 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:38:14.0674 4076 NdisCap - ok 19:38:14.0715 4076 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:38:14.0750 4076 NdisTapi - ok 19:38:14.0767 4076 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 19:38:14.0824 4076 Ndisuio - ok 19:38:14.0844 4076 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 19:38:14.0882 4076 NdisWan - ok 19:38:14.0902 4076 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 19:38:14.0952 4076 NDProxy - ok 19:38:14.0969 4076 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:38:15.0008 4076 NetBIOS - ok 19:38:15.0022 4076 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 19:38:15.0070 4076 NetBT - ok 19:38:15.0098 4076 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:15.0110 4076 Netlogon - ok 19:38:15.0126 4076 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:38:15.0187 4076 Netman - ok 19:38:15.0213 4076 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:38:15.0281 4076 netprofm - ok 19:38:15.0530 4076 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:38:15.0545 4076 NetTcpPortSharing - ok 19:38:15.0562 4076 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:38:15.0595 4076 nfrd960 - ok 19:38:15.0635 4076 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 19:38:15.0703 4076 NlaSvc - ok 19:38:15.0878 4076 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 19:38:15.0981 4076 NOBU - ok 19:38:16.0068 4076 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:38:16.0113 4076 Npfs - ok 19:38:16.0125 4076 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:38:16.0174 4076 nsi - ok 19:38:16.0183 4076 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:38:16.0231 4076 nsiproxy - ok 19:38:16.0299 4076 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 19:38:16.0362 4076 Ntfs - ok 19:38:16.0411 4076 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:38:16.0449 4076 Null - ok 19:38:16.0501 4076 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 19:38:16.0513 4076 nvraid - ok 19:38:16.0530 4076 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 19:38:16.0546 4076 nvstor - ok 19:38:16.0572 4076 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 19:38:16.0587 4076 nv_agp - ok 19:38:16.0627 4076 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 19:38:16.0644 4076 ohci1394 - ok 19:38:16.0680 4076 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:38:16.0699 4076 ose - ok 19:38:16.0915 4076 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:38:17.0011 4076 osppsvc - ok 19:38:17.0077 4076 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:38:17.0142 4076 p2pimsvc - ok 19:38:17.0184 4076 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:38:17.0216 4076 p2psvc - ok 19:38:17.0263 4076 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:38:17.0277 4076 Parport - ok 19:38:17.0321 4076 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 19:38:17.0334 4076 partmgr - ok 19:38:17.0354 4076 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:38:17.0391 4076 PcaSvc - ok 19:38:17.0421 4076 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 19:38:17.0435 4076 pci - ok 19:38:17.0447 4076 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 19:38:17.0459 4076 pciide - ok 19:38:17.0479 4076 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:38:17.0495 4076 pcmcia - ok 19:38:17.0519 4076 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:38:17.0533 4076 pcw - ok 19:38:17.0555 4076 pdfcDispatcher - ok 19:38:17.0606 4076 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:38:17.0668 4076 PEAUTH - ok 19:38:17.0719 4076 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:38:17.0779 4076 PerfHost - ok 19:38:18.0001 4076 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 19:38:18.0166 4076 pla - ok 19:38:18.0221 4076 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 19:38:18.0259 4076 PlugPlay - ok 19:38:18.0274 4076 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:38:18.0287 4076 PNRPAutoReg - ok 19:38:18.0315 4076 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:38:18.0337 4076 PNRPsvc - ok 19:38:18.0383 4076 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 19:38:18.0439 4076 PolicyAgent - ok 19:38:18.0475 4076 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:38:18.0528 4076 Power - ok 19:38:18.0628 4076 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 19:38:18.0666 4076 PptpMiniport - ok 19:38:18.0693 4076 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:38:18.0709 4076 Processor - ok 19:38:18.0754 4076 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 19:38:18.0805 4076 ProfSvc - ok 19:38:18.0836 4076 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:18.0849 4076 ProtectedStorage - ok 19:38:18.0865 4076 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 19:38:18.0911 4076 Psched - ok 19:38:18.0969 4076 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:38:19.0049 4076 ql2300 - ok 19:38:19.0133 4076 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:38:19.0147 4076 ql40xx - ok 19:38:19.0172 4076 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:38:19.0192 4076 QWAVE - ok 19:38:19.0202 4076 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:38:19.0236 4076 QWAVEdrv - ok 19:38:19.0259 4076 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:38:19.0312 4076 RasAcd - ok 19:38:19.0361 4076 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:38:19.0399 4076 RasAgileVpn - ok 19:38:19.0424 4076 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:38:19.0475 4076 RasAuto - ok 19:38:19.0504 4076 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:38:19.0543 4076 Rasl2tp - ok 19:38:19.0568 4076 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 19:38:19.0615 4076 RasMan - ok 19:38:19.0629 4076 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:38:19.0663 4076 RasPppoe - ok 19:38:19.0697 4076 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:38:19.0737 4076 RasSstp - ok 19:38:19.0756 4076 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 19:38:19.0799 4076 rdbss - ok 19:38:19.0810 4076 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:38:19.0839 4076 rdpbus - ok 19:38:19.0857 4076 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:38:19.0888 4076 RDPCDD - ok 19:38:19.0915 4076 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:38:19.0945 4076 RDPENCDD - ok 19:38:19.0967 4076 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:38:20.0005 4076 RDPREFMP - ok 19:38:20.0108 4076 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 19:38:20.0163 4076 RDPWD - ok 19:38:20.0183 4076 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 19:38:20.0206 4076 rdyboost - ok 19:38:20.0237 4076 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:38:20.0285 4076 RemoteAccess - ok 19:38:20.0312 4076 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:38:20.0358 4076 RemoteRegistry - ok 19:38:20.0393 4076 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:38:20.0426 4076 RpcEptMapper - ok 19:38:20.0444 4076 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:38:20.0466 4076 RpcLocator - ok 19:38:20.0502 4076 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 19:38:20.0547 4076 RpcSs - ok 19:38:20.0634 4076 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:38:20.0745 4076 rspndr - ok 19:38:20.0800 4076 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:38:20.0816 4076 RTL8167 - ok 19:38:20.0852 4076 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:20.0863 4076 SamSs - ok 19:38:20.0882 4076 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 19:38:20.0895 4076 sbp2port - ok 19:38:20.0918 4076 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:38:20.0957 4076 SCardSvr - ok 19:38:20.0969 4076 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 19:38:21.0003 4076 scfilter - ok 19:38:21.0058 4076 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 19:38:21.0164 4076 Schedule - ok 19:38:21.0188 4076 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 19:38:21.0222 4076 SCPolicySvc - ok 19:38:21.0233 4076 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 19:38:21.0277 4076 SDRSVC - ok 19:38:21.0325 4076 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:38:21.0367 4076 secdrv - ok 19:38:21.0373 4076 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 19:38:21.0424 4076 seclogon - ok 19:38:21.0444 4076 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:38:21.0495 4076 SENS - ok 19:38:21.0516 4076 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:38:21.0565 4076 SensrSvc - ok 19:38:21.0590 4076 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:38:21.0603 4076 Serenum - ok 19:38:21.0626 4076 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:38:21.0645 4076 Serial - ok 19:38:21.0655 4076 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:38:21.0679 4076 sermouse - ok 19:38:21.0707 4076 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 19:38:21.0759 4076 SessionEnv - ok 19:38:21.0784 4076 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 19:38:21.0827 4076 sffdisk - ok 19:38:21.0855 4076 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 19:38:21.0880 4076 sffp_mmc - ok 19:38:21.0899 4076 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 19:38:21.0914 4076 sffp_sd - ok 19:38:21.0932 4076 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:38:21.0944 4076 sfloppy - ok 19:38:22.0005 4076 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 19:38:22.0030 4076 Sftfs - ok 19:38:22.0108 4076 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 19:38:22.0125 4076 sftlist - ok 19:38:22.0160 4076 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 19:38:22.0175 4076 Sftplay - ok 19:38:22.0188 4076 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 19:38:22.0198 4076 Sftredir - ok 19:38:22.0208 4076 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 19:38:22.0220 4076 Sftvol - ok 19:38:22.0236 4076 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 19:38:22.0249 4076 sftvsa - ok 19:38:22.0276 4076 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:38:22.0349 4076 SharedAccess - ok 19:38:22.0389 4076 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 19:38:22.0429 4076 ShellHWDetection - ok 19:38:22.0454 4076 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:38:22.0467 4076 SiSRaid2 - ok 19:38:22.0484 4076 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:38:22.0496 4076 SiSRaid4 - ok 19:38:22.0728 4076 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 19:38:22.0839 4076 Skype C2C Service - ok 19:38:22.0961 4076 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe 19:38:23.0028 4076 SkypeUpdate - ok 19:38:23.0264 4076 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:38:23.0349 4076 Smb - ok 19:38:23.0437 4076 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:38:23.0476 4076 SNMPTRAP - ok 19:38:23.0520 4076 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:38:23.0533 4076 spldr - ok 19:38:23.0588 4076 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 19:38:23.0642 4076 Spooler - ok 19:38:23.0773 4076 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 19:38:23.0870 4076 sppsvc - ok 19:38:23.0923 4076 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:38:23.0962 4076 sppuinotify - ok 19:38:24.0061 4076 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 19:38:24.0146 4076 srv - ok 19:38:24.0222 4076 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 19:38:24.0306 4076 srv2 - ok 19:38:24.0355 4076 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 19:38:24.0386 4076 srvnet - ok 19:38:24.0425 4076 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:38:24.0485 4076 SSDPSRV - ok 19:38:24.0509 4076 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:38:24.0555 4076 SstpSvc - ok 19:38:24.0580 4076 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:38:24.0597 4076 stexstor - ok 19:38:24.0633 4076 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 19:38:24.0684 4076 stisvc - ok 19:38:24.0716 4076 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 19:38:24.0731 4076 swenum - ok 19:38:24.0757 4076 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:38:24.0824 4076 swprv - ok 19:38:24.0939 4076 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 19:38:24.0997 4076 SysMain - ok 19:38:25.0089 4076 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 19:38:25.0110 4076 TabletInputService - ok 19:38:25.0139 4076 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 19:38:25.0180 4076 TapiSrv - ok 19:38:25.0194 4076 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:38:25.0234 4076 TBS - ok 19:38:25.0369 4076 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 19:38:25.0447 4076 Tcpip - ok 19:38:25.0554 4076 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 19:38:25.0589 4076 TCPIP6 - ok 19:38:25.0632 4076 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 19:38:25.0667 4076 tcpipreg - ok 19:38:25.0686 4076 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:38:25.0725 4076 TDPIPE - ok 19:38:25.0766 4076 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 19:38:25.0796 4076 TDTCP - ok 19:38:25.0828 4076 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 19:38:25.0873 4076 tdx - ok 19:38:25.0882 4076 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 19:38:25.0894 4076 TermDD - ok 19:38:25.0931 4076 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 19:38:25.0992 4076 TermService - ok 19:38:26.0015 4076 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:38:26.0033 4076 Themes - ok 19:38:26.0052 4076 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:38:26.0091 4076 THREADORDER - ok 19:38:26.0103 4076 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:38:26.0140 4076 TrkWks - ok 19:38:26.0225 4076 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 19:38:26.0240 4076 TrustedInstaller - ok 19:38:26.0257 4076 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:38:26.0299 4076 tssecsrv - ok 19:38:26.0334 4076 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 19:38:26.0384 4076 tunnel - ok 19:38:26.0417 4076 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:38:26.0429 4076 uagp35 - ok 19:38:26.0453 4076 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 19:38:26.0504 4076 udfs - ok 19:38:26.0530 4076 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:38:26.0549 4076 UI0Detect - ok 19:38:26.0573 4076 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 19:38:26.0585 4076 uliagpkx - ok 19:38:26.0712 4076 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 19:38:26.0740 4076 umbus - ok 19:38:26.0759 4076 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:38:26.0930 4076 UmPass - ok 19:38:26.0958 4076 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:38:26.0998 4076 upnphost - ok 19:38:27.0039 4076 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 19:38:27.0083 4076 USBAAPL64 - ok 19:38:27.0116 4076 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 19:38:27.0145 4076 usbaudio - ok 19:38:27.0179 4076 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 19:38:27.0221 4076 usbccgp - ok 19:38:27.0260 4076 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 19:38:27.0288 4076 usbcir - ok 19:38:27.0303 4076 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 19:38:27.0318 4076 usbehci - ok 19:38:27.0350 4076 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 19:38:27.0392 4076 usbhub - ok 19:38:27.0415 4076 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 19:38:27.0443 4076 usbohci - ok 19:38:27.0461 4076 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:38:27.0476 4076 usbprint - ok 19:38:27.0512 4076 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:38:27.0531 4076 usbscan - ok 19:38:27.0554 4076 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:38:27.0609 4076 USBSTOR - ok 19:38:27.0620 4076 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys 19:38:27.0633 4076 usbuhci - ok 19:38:27.0665 4076 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys 19:38:27.0714 4076 usbvideo - ok 19:38:27.0738 4076 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:38:27.0777 4076 UxSms - ok 19:38:27.0802 4076 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:27.0813 4076 VaultSvc - ok 19:38:27.0819 4076 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 19:38:27.0834 4076 vdrvroot - ok 19:38:27.0863 4076 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 19:38:27.0886 4076 vds - ok 19:38:27.0912 4076 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:38:27.0937 4076 vga - ok 19:38:27.0953 4076 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:38:27.0994 4076 VgaSave - ok 19:38:28.0016 4076 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 19:38:28.0033 4076 vhdmp - ok 19:38:28.0050 4076 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 19:38:28.0062 4076 viaide - ok 19:38:28.0074 4076 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 19:38:28.0087 4076 volmgr - ok 19:38:28.0108 4076 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 19:38:28.0126 4076 volmgrx - ok 19:38:28.0152 4076 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 19:38:28.0169 4076 volsnap - ok 19:38:28.0188 4076 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:38:28.0201 4076 vsmraid - ok 19:38:28.0296 4076 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 19:38:28.0363 4076 VSS - ok 19:38:28.0455 4076 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 19:38:28.0485 4076 vwifibus - ok 19:38:28.0517 4076 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 19:38:28.0548 4076 vwififlt - ok 19:38:28.0576 4076 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:38:28.0614 4076 W32Time - ok 19:38:28.0626 4076 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:38:28.0652 4076 WacomPen - ok 19:38:28.0684 4076 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 19:38:28.0719 4076 WANARP - ok 19:38:28.0724 4076 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 19:38:28.0759 4076 Wanarpv6 - ok 19:38:28.0820 4076 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:38:28.0871 4076 WatAdminSvc - ok 19:38:28.0954 4076 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 19:38:29.0032 4076 wbengine - ok 19:38:29.0072 4076 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:38:29.0099 4076 WbioSrvc - ok 19:38:29.0131 4076 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 19:38:29.0181 4076 wcncsvc - ok 19:38:29.0204 4076 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:38:29.0236 4076 WcsPlugInService - ok 19:38:29.0279 4076 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:38:29.0292 4076 Wd - ok 19:38:29.0326 4076 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:38:29.0349 4076 Wdf01000 - ok 19:38:29.0363 4076 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:38:29.0394 4076 WdiServiceHost - ok 19:38:29.0398 4076 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:38:29.0423 4076 WdiSystemHost - ok 19:38:29.0452 4076 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 19:38:29.0479 4076 WebClient - ok 19:38:29.0498 4076 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:38:29.0553 4076 Wecsvc - ok 19:38:29.0573 4076 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:38:29.0623 4076 wercplsupport - ok 19:38:29.0649 4076 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:38:29.0695 4076 WerSvc - ok 19:38:29.0716 4076 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:38:29.0752 4076 WfpLwf - ok 19:38:29.0764 4076 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:38:29.0776 4076 WIMMount - ok 19:38:29.0800 4076 WinDefend - ok 19:38:29.0810 4076 WinHttpAutoProxySvc - ok 19:38:29.0849 4076 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:38:29.0904 4076 Winmgmt - ok 19:38:29.0934 4076 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 19:38:29.0947 4076 WinRing0_1_2_0 - ok 19:38:30.0013 4076 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 19:38:30.0185 4076 WinRM - ok 19:38:30.0312 4076 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 19:38:30.0334 4076 WinUsb - ok 19:38:30.0400 4076 WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe 19:38:30.0413 4076 WLANBelkinService ( UnsignedFile.Multi.Generic ) - warning 19:38:30.0413 4076 WLANBelkinService - detected UnsignedFile.Multi.Generic (1) 19:38:30.0464 4076 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:38:30.0501 4076 Wlansvc - ok 19:38:30.0554 4076 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:38:30.0564 4076 wlcrasvc - ok 19:38:30.0662 4076 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:38:30.0739 4076 wlidsvc - ok 19:38:30.0967 4076 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 19:38:30.0992 4076 WmiAcpi - ok 19:38:31.0063 4076 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:38:31.0091 4076 wmiApSrv - ok 19:38:31.0112 4076 WMPNetworkSvc - ok 19:38:31.0126 4076 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:38:31.0172 4076 WPCSvc - ok 19:38:31.0188 4076 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 19:38:31.0238 4076 WPDBusEnum - ok 19:38:31.0253 4076 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:38:31.0314 4076 ws2ifsl - ok 19:38:31.0344 4076 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll 19:38:31.0367 4076 wscsvc - ok 19:38:31.0372 4076 WSearch - ok 19:38:31.0466 4076 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 19:38:31.0556 4076 wuauserv - ok 19:38:31.0664 4076 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 19:38:31.0720 4076 WudfPf - ok 19:38:31.0736 4076 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:38:31.0770 4076 WUDFRd - ok 19:38:31.0779 4076 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 19:38:31.0818 4076 wudfsvc - ok 19:38:31.0836 4076 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:38:31.0867 4076 WwanSvc - ok 19:38:31.0914 4076 MBR (0x1B8) (c96b20439f04268559cdafc6258a08c5) \Device\Harddisk0\DR0 19:38:31.0940 4076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 19:38:31.0940 4076 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 19:38:31.0971 4076 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 19:38:31.0971 4076 \Device\Harddisk0\DR0 - detected TDSS File System (1) 19:38:31.0999 4076 Boot (0x1200) (dfaf3bfccbb9c443f7ca2f1a6f148f6b) \Device\Harddisk0\DR0\Partition0 19:38:32.0001 4076 \Device\Harddisk0\DR0\Partition0 - ok 19:38:32.0014 4076 Boot (0x1200) (1a86b1877594f4c19ad295b0f619ce33) \Device\Harddisk0\DR0\Partition1 19:38:32.0016 4076 \Device\Harddisk0\DR0\Partition1 - ok 19:38:32.0040 4076 Boot (0x1200) (16678dcadc69f645f2ac322db1fe3e9a) \Device\Harddisk0\DR0\Partition2 19:38:32.0042 4076 \Device\Harddisk0\DR0\Partition2 - ok 19:38:32.0042 4076 ============================================================ 19:38:32.0042 4076 Scan finished 19:38:32.0042 4076 ============================================================ 19:38:32.0061 4660 Detected object count: 4 19:38:32.0061 4660 Actual detected object count: 4 19:39:23.0613 4660 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:23.0613 4660 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:39:23.0615 4660 WLANBelkinService ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:23.0615 4660 WLANBelkinService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:39:24.0362 4660 \Device\Harddisk0\DR0\# - copied to quarantine 19:39:24.0363 4660 \Device\Harddisk0\DR0 - copied to quarantine 19:39:24.0406 4660 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 19:39:24.0408 4660 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 19:39:24.0413 4660 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 19:39:24.0423 4660 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 19:39:24.0439 4660 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 19:39:24.0448 4660 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 19:39:24.0449 4660 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 19:39:24.0449 4660 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 19:39:24.0451 4660 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 19:39:24.0453 4660 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 19:39:24.0455 4660 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 19:39:24.0456 4660 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 19:39:24.0458 4660 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 19:39:24.0459 4660 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 19:39:24.0470 4660 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 19:39:24.0487 4660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 19:39:24.0488 4660 \Device\Harddisk0\DR0 - ok 19:39:24.0846 4660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 19:39:24.0847 4660 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 19:39:24.0847 4660 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 19:40:05.0417 0528 Deinitialize success
  5. I am Sorry i did not read the last part of what you had told me. I had just posted the Log from TDDS Killer, below are the rest of the things you wanted. I am getting an error that the post is too long so i guess i will break it up in this specific order in replies: 1. TDDSkiller Log 2. MBAM Log 3. DDS Log I also ran the scan and it seems that i didnt need to do these steps: When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  6. I am very sorry the last reply that i posted was obviously not all of the information that you needed, i will post the three logs right after this post. Also was the fresh new DDS Log the first log i posted? i will be posting that just in-case. Again sorry for the confusion.
  7. 19:37:18.0723 5792 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 19:37:19.0183 5792 ============================================================ 19:37:19.0183 5792 Current date / time: 2012/07/14 19:37:19.0183 19:37:19.0183 5792 SystemInfo: 19:37:19.0183 5792 19:37:19.0183 5792 OS Version: 6.1.7600 ServicePack: 0.0 19:37:19.0183 5792 Product type: Workstation 19:37:19.0183 5792 ComputerName: HPP6614F 19:37:19.0184 5792 UserName: Ultimate Electronics 19:37:19.0184 5792 Windows directory: C:\Windows 19:37:19.0184 5792 System windows directory: C:\Windows 19:37:19.0184 5792 Running under WOW64 19:37:19.0184 5792 Processor architecture: Intel x64 19:37:19.0184 5792 Number of processors: 2 19:37:19.0184 5792 Page size: 0x1000 19:37:19.0184 5792 Boot type: Normal boot 19:37:19.0184 5792 ============================================================ 19:37:20.0889 5792 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:37:20.0929 5792 ============================================================ 19:37:20.0929 5792 \Device\Harddisk0\DR0: 19:37:20.0939 5792 MBR partitions: 19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55D3F000 19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x55D71800, BlocksNum 0x17D4000 19:37:20.0939 5792 ============================================================ 19:37:20.0981 5792 C: <-> \Device\Harddisk0\DR0\Partition1 19:37:21.0023 5792 D: <-> \Device\Harddisk0\DR0\Partition2 19:37:21.0086 5792 ============================================================ 19:37:21.0086 5792 Initialize success 19:37:21.0086 5792 ============================================================ 19:37:51.0801 4076 ============================================================ 19:37:51.0801 4076 Scan started 19:37:51.0801 4076 Mode: Manual; SigCheck; TDLFS; 19:37:51.0801 4076 ============================================================ 19:37:54.0652 4076 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 19:37:54.0838 4076 1394ohci - ok 19:37:54.0868 4076 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 19:37:54.0886 4076 ACPI - ok 19:37:54.0904 4076 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 19:37:55.0000 4076 AcpiPmi - ok 19:37:55.0112 4076 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:37:55.0126 4076 AdobeFlashPlayerUpdateSvc - ok 19:37:55.0173 4076 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:37:55.0191 4076 adp94xx - ok 19:37:55.0216 4076 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:37:55.0233 4076 adpahci - ok 19:37:55.0251 4076 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:37:55.0264 4076 adpu320 - ok 19:37:55.0294 4076 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:37:55.0403 4076 AeLookupSvc - ok 19:37:55.0452 4076 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 19:37:55.0525 4076 AFD - ok 19:37:55.0627 4076 AffinegyService (7f1130830b3ba85921519a5616e29803) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe 19:37:55.0645 4076 AffinegyService - ok 19:37:55.0664 4076 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 19:37:55.0677 4076 agp440 - ok 19:37:55.0694 4076 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:37:55.0734 4076 ALG - ok 19:37:55.0755 4076 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 19:37:55.0766 4076 aliide - ok 19:37:55.0781 4076 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 19:37:55.0792 4076 amdide - ok 19:37:55.0821 4076 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:37:55.0860 4076 AmdK8 - ok 19:37:55.0875 4076 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:37:55.0906 4076 AmdPPM - ok 19:37:55.0935 4076 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 19:37:55.0947 4076 amdsata - ok 19:37:55.0982 4076 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:37:55.0997 4076 amdsbs - ok 19:37:56.0014 4076 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 19:37:56.0025 4076 amdxata - ok 19:37:56.0037 4076 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 19:37:56.0124 4076 AppID - ok 19:37:56.0138 4076 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:37:56.0199 4076 AppIDSvc - ok 19:37:56.0232 4076 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 19:37:56.0280 4076 Appinfo - ok 19:37:56.0351 4076 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:37:56.0362 4076 Apple Mobile Device - ok 19:37:56.0379 4076 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:37:56.0391 4076 arc - ok 19:37:56.0406 4076 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:37:56.0419 4076 arcsas - ok 19:37:56.0465 4076 aspnet_state - ok 19:37:56.0490 4076 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:37:56.0534 4076 AsyncMac - ok 19:37:56.0551 4076 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 19:37:56.0562 4076 atapi - ok 19:37:56.0590 4076 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 19:37:56.0657 4076 AudioEndpointBuilder - ok 19:37:56.0665 4076 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 19:37:56.0705 4076 AudioSrv - ok 19:37:56.0794 4076 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 19:37:56.0859 4076 AxInstSV - ok 19:37:56.0919 4076 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:37:56.0953 4076 b06bdrv - ok 19:37:56.0987 4076 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:37:57.0018 4076 b57nd60a - ok 19:37:57.0093 4076 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 19:37:57.0113 4076 BBSvc - ok 19:37:57.0157 4076 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 19:37:57.0174 4076 BBUpdate - ok 19:37:57.0244 4076 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys 19:37:57.0294 4076 BCMH43XX - ok 19:37:57.0314 4076 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:37:57.0372 4076 BDESVC - ok 19:37:57.0403 4076 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:37:57.0454 4076 Beep - ok 19:37:57.0515 4076 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 19:37:57.0574 4076 BFE - ok 19:37:57.0632 4076 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 19:37:57.0688 4076 BITS - ok 19:37:57.0732 4076 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:37:57.0766 4076 blbdrive - ok 19:37:57.0845 4076 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 19:37:57.0861 4076 Bonjour Service - ok 19:37:57.0884 4076 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 19:37:57.0932 4076 bowser - ok 19:37:57.0967 4076 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:37:57.0995 4076 BrFiltLo - ok 19:37:58.0023 4076 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:37:58.0036 4076 BrFiltUp - ok 19:37:58.0061 4076 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 19:37:58.0109 4076 Browser - ok 19:37:58.0136 4076 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:37:58.0170 4076 Brserid - ok 19:37:58.0182 4076 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:37:58.0205 4076 BrSerWdm - ok 19:37:58.0223 4076 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:37:58.0238 4076 BrUsbMdm - ok 19:37:58.0249 4076 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:37:58.0261 4076 BrUsbSer - ok 19:37:58.0279 4076 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:37:58.0305 4076 BTHMODEM - ok 19:37:58.0326 4076 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:37:58.0373 4076 bthserv - ok 19:37:58.0392 4076 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:37:58.0425 4076 cdfs - ok 19:37:58.0460 4076 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 19:37:58.0474 4076 cdrom - ok 19:37:58.0502 4076 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 19:37:58.0551 4076 CertPropSvc - ok 19:37:58.0646 4076 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 19:37:58.0663 4076 CinemaNow Service - ok 19:37:58.0688 4076 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:37:58.0703 4076 circlass - ok 19:37:58.0723 4076 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:37:58.0741 4076 CLFS - ok 19:37:58.0793 4076 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:37:58.0805 4076 clr_optimization_v2.0.50727_32 - ok 19:37:58.0839 4076 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:37:58.0851 4076 clr_optimization_v2.0.50727_64 - ok 19:37:58.0931 4076 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:37:58.0957 4076 clr_optimization_v4.0.30319_32 - ok 19:37:58.0997 4076 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:37:59.0015 4076 clr_optimization_v4.0.30319_64 - ok 19:37:59.0038 4076 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:37:59.0079 4076 CmBatt - ok 19:37:59.0097 4076 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 19:37:59.0108 4076 cmdide - ok 19:37:59.0159 4076 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 19:37:59.0195 4076 CNG - ok 19:37:59.0213 4076 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:37:59.0224 4076 Compbatt - ok 19:37:59.0252 4076 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 19:37:59.0282 4076 CompositeBus - ok 19:37:59.0300 4076 COMSysApp - ok 19:37:59.0369 4076 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys 19:37:59.0418 4076 cpudrv64 - ok 19:37:59.0447 4076 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:37:59.0488 4076 crcdisk - ok 19:37:59.0577 4076 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 19:37:59.0701 4076 CryptSvc - ok 19:37:59.0803 4076 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 19:37:59.0829 4076 cvhsvc - ok 19:37:59.0889 4076 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 19:37:59.0945 4076 DcomLaunch - ok 19:38:00.0138 4076 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:38:00.0299 4076 defragsvc - ok 19:38:00.0354 4076 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 19:38:00.0541 4076 DfsC - ok 19:38:00.0580 4076 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 19:38:00.0692 4076 Dhcp - ok 19:38:00.0711 4076 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:38:00.0801 4076 discache - ok 19:38:00.0824 4076 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:38:00.0853 4076 Disk - ok 19:38:00.0895 4076 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 19:38:00.0958 4076 Dnscache - ok 19:38:00.0973 4076 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 19:38:01.0257 4076 dot3svc - ok 19:38:01.0357 4076 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 19:38:01.0458 4076 DPS - ok 19:38:01.0494 4076 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:38:01.0508 4076 drmkaud - ok 19:38:01.0553 4076 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 19:38:01.0581 4076 DXGKrnl - ok 19:38:01.0672 4076 Dyyno Launcher (4af117b55c76cebfc6c52bff1eebaec5) C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe 19:38:01.0688 4076 Dyyno Launcher - ok 19:38:01.0769 4076 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:38:01.0843 4076 EapHost - ok 19:38:01.0952 4076 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:38:02.0086 4076 ebdrv - ok 19:38:02.0186 4076 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 19:38:02.0272 4076 EFS - ok 19:38:02.0363 4076 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 19:38:02.0473 4076 ehRecvr - ok 19:38:02.0518 4076 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:38:02.0551 4076 ehSched - ok 19:38:02.0638 4076 ElRawDisk (4778eeecb75c6fb419745beed3530b9d) C:\Windows\system32\drivers\rsdrvx64.sys 19:38:02.0655 4076 ElRawDisk - ok 19:38:02.0895 4076 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:38:02.0923 4076 elxstor - ok 19:38:02.0948 4076 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 19:38:02.0980 4076 ErrDev - ok 19:38:03.0052 4076 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:38:03.0117 4076 EventSystem - ok 19:38:03.0158 4076 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:38:03.0217 4076 exfat - ok 19:38:03.0268 4076 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:38:03.0485 4076 fastfat - ok 19:38:03.0782 4076 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 19:38:03.0873 4076 Fax - ok 19:38:03.0894 4076 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:38:03.0927 4076 fdc - ok 19:38:03.0947 4076 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:38:04.0010 4076 fdPHost - ok 19:38:04.0028 4076 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:38:04.0093 4076 FDResPub - ok 19:38:04.0100 4076 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:38:04.0116 4076 FileInfo - ok 19:38:04.0125 4076 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:38:04.0193 4076 Filetrace - ok 19:38:04.0212 4076 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:38:04.0227 4076 flpydisk - ok 19:38:04.0261 4076 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 19:38:04.0278 4076 FltMgr - ok 19:38:04.0345 4076 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 19:38:04.0445 4076 FontCache - ok 19:38:04.0486 4076 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:38:04.0499 4076 FontCache3.0.0.0 - ok 19:38:04.0534 4076 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:38:04.0552 4076 FsDepends - ok 19:38:04.0590 4076 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 19:38:04.0603 4076 fssfltr - ok 19:38:04.0723 4076 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 19:38:04.0823 4076 fsssvc - ok 19:38:04.0922 4076 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 19:38:04.0941 4076 Fs_Rec - ok 19:38:05.0014 4076 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:38:05.0036 4076 fvevol - ok 19:38:05.0049 4076 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:38:05.0064 4076 gagp30kx - ok 19:38:05.0258 4076 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 19:38:05.0274 4076 GameConsoleService - ok 19:38:05.0325 4076 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:38:05.0336 4076 GEARAspiWDM - ok 19:38:05.0383 4076 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 19:38:05.0430 4076 gpsvc - ok 19:38:05.0516 4076 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:38:05.0527 4076 gupdate - ok 19:38:05.0545 4076 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:38:05.0556 4076 gupdatem - ok 19:38:05.0592 4076 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 19:38:05.0604 4076 gusvc - ok 19:38:05.0655 4076 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 19:38:05.0668 4076 hamachi - ok 19:38:05.0817 4076 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 19:38:05.0933 4076 Hamachi2Svc - ok 19:38:06.0038 4076 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:38:06.0100 4076 hcw85cir - ok 19:38:06.0135 4076 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 19:38:06.0178 4076 HdAudAddService - ok 19:38:06.0234 4076 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 19:38:06.0270 4076 HDAudBus - ok 19:38:06.0297 4076 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:38:06.0329 4076 HidBatt - ok 19:38:06.0353 4076 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:38:06.0394 4076 HidBth - ok 19:38:06.0417 4076 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:38:06.0454 4076 HidIr - ok 19:38:06.0481 4076 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:38:06.0530 4076 hidserv - ok 19:38:06.0550 4076 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 19:38:06.0574 4076 HidUsb - ok 19:38:06.0595 4076 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 19:38:06.0661 4076 hkmsvc - ok 19:38:06.0684 4076 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 19:38:06.0732 4076 HomeGroupListener - ok 19:38:06.0762 4076 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 19:38:06.0797 4076 HomeGroupProvider - ok 19:38:06.0942 4076 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 19:38:06.0951 4076 HP Support Assistant Service - ok 19:38:07.0006 4076 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 19:38:07.0018 4076 HPDrvMntSvc.exe - ok 19:38:07.0066 4076 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 19:38:07.0092 4076 hpqwmiex - ok 19:38:07.0153 4076 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 19:38:07.0171 4076 HpSAMD - ok 19:38:07.0218 4076 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 19:38:07.0271 4076 HTTP - ok 19:38:07.0276 4076 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 19:38:07.0288 4076 hwpolicy - ok 19:38:07.0334 4076 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 19:38:07.0360 4076 i8042prt - ok 19:38:07.0421 4076 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 19:38:07.0455 4076 iaStorV - ok 19:38:07.0527 4076 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:38:07.0566 4076 idsvc - ok 19:38:08.0630 4076 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys 19:38:09.0474 4076 igfx - ok 19:38:09.0576 4076 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:38:09.0589 4076 iirsp - ok 19:38:09.0639 4076 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 19:38:09.0740 4076 IKEEXT - ok 19:38:09.0776 4076 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 19:38:09.0815 4076 Impcd - ok 19:38:09.0959 4076 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys 19:38:10.0216 4076 IntcAzAudAddService - ok 19:38:10.0311 4076 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 19:38:10.0326 4076 intelide - ok 19:38:10.0392 4076 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:38:10.0421 4076 intelppm - ok 19:38:10.0456 4076 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:38:10.0518 4076 IPBusEnum - ok 19:38:10.0569 4076 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:38:10.0626 4076 IpFilterDriver - ok 19:38:10.0679 4076 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 19:38:10.0741 4076 iphlpsvc - ok 19:38:10.0764 4076 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 19:38:10.0780 4076 IPMIDRV - ok 19:38:10.0803 4076 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:38:10.0858 4076 IPNAT - ok 19:38:10.0939 4076 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe 19:38:10.0966 4076 iPod Service - ok 19:38:10.0983 4076 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:38:11.0017 4076 IRENUM - ok 19:38:11.0036 4076 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 19:38:11.0060 4076 isapnp - ok 19:38:11.0093 4076 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 19:38:11.0111 4076 iScsiPrt - ok 19:38:11.0155 4076 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 19:38:11.0175 4076 kbdclass - ok 19:38:11.0191 4076 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 19:38:11.0222 4076 kbdhid - ok 19:38:11.0244 4076 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:11.0263 4076 KeyIso - ok 19:38:11.0368 4076 Kodak AiO Network Discovery Service (f8d454fba97dc28f02931c588bafe4cf) C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe 19:38:11.0383 4076 Kodak AiO Network Discovery Service - ok 19:38:11.0415 4076 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 19:38:11.0429 4076 KSecDD - ok 19:38:11.0458 4076 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 19:38:11.0475 4076 KSecPkg - ok 19:38:11.0498 4076 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:38:11.0548 4076 ksthunk - ok 19:38:11.0585 4076 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:38:11.0639 4076 KtmRm - ok 19:38:11.0680 4076 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 19:38:11.0732 4076 LanmanServer - ok 19:38:11.0757 4076 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 19:38:11.0808 4076 LanmanWorkstation - ok 19:38:11.0852 4076 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 19:38:11.0859 4076 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 19:38:11.0859 4076 LightScribeService - detected UnsignedFile.Multi.Generic (1) 19:38:11.0885 4076 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:38:11.0928 4076 lltdio - ok 19:38:11.0964 4076 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:38:12.0013 4076 lltdsvc - ok 19:38:12.0023 4076 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:38:12.0067 4076 lmhosts - ok 19:38:12.0104 4076 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:38:12.0116 4076 LSI_FC - ok 19:38:12.0143 4076 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:38:12.0159 4076 LSI_SAS - ok 19:38:12.0186 4076 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:38:12.0198 4076 LSI_SAS2 - ok 19:38:12.0221 4076 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:38:12.0235 4076 LSI_SCSI - ok 19:38:12.0273 4076 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:38:12.0330 4076 luafv - ok 19:38:12.0375 4076 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 19:38:12.0386 4076 MBAMProtector - ok 19:38:12.0446 4076 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\XXXX\mbamservice.exe 19:38:12.0473 4076 MBAMService - ok 19:38:12.0506 4076 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 19:38:12.0526 4076 Mcx2Svc - ok 19:38:12.0555 4076 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:38:12.0568 4076 megasas - ok 19:38:12.0591 4076 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:38:12.0608 4076 MegaSR - ok 19:38:12.0640 4076 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:38:12.0684 4076 MMCSS - ok 19:38:12.0706 4076 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:38:12.0753 4076 Modem - ok 19:38:12.0784 4076 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:38:12.0809 4076 monitor - ok 19:38:12.0836 4076 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:38:12.0848 4076 mouclass - ok 19:38:12.0868 4076 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:38:12.0885 4076 mouhid - ok 19:38:12.0898 4076 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 19:38:12.0910 4076 mountmgr - ok 19:38:12.0987 4076 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:38:12.0999 4076 MozillaMaintenance - ok 19:38:13.0017 4076 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 19:38:13.0033 4076 mpio - ok 19:38:13.0052 4076 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:38:13.0085 4076 mpsdrv - ok 19:38:13.0162 4076 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 19:38:13.0220 4076 MpsSvc - ok 19:38:13.0245 4076 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 19:38:13.0273 4076 MRxDAV - ok 19:38:13.0327 4076 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:38:13.0360 4076 mrxsmb - ok 19:38:13.0379 4076 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:38:13.0402 4076 mrxsmb10 - ok 19:38:13.0427 4076 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:38:13.0451 4076 mrxsmb20 - ok 19:38:13.0469 4076 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 19:38:13.0482 4076 msahci - ok 19:38:13.0499 4076 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 19:38:13.0513 4076 msdsm - ok 19:38:13.0527 4076 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:38:13.0546 4076 MSDTC - ok 19:38:13.0576 4076 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:38:13.0612 4076 Msfs - ok 19:38:13.0623 4076 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:38:13.0668 4076 mshidkmdf - ok 19:38:13.0701 4076 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 19:38:13.0714 4076 msisadrv - ok 19:38:13.0782 4076 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:38:13.0833 4076 MSiSCSI - ok 19:38:13.0843 4076 msiserver - ok 19:38:13.0876 4076 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:38:13.0924 4076 MSKSSRV - ok 19:38:13.0945 4076 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:38:13.0984 4076 MSPCLOCK - ok 19:38:14.0011 4076 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:38:14.0070 4076 MSPQM - ok 19:38:14.0105 4076 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 19:38:14.0122 4076 MsRPC - ok 19:38:14.0161 4076 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 19:38:14.0180 4076 mssmbios - ok 19:38:14.0193 4076 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:38:14.0241 4076 MSTEE - ok 19:38:14.0271 4076 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:38:14.0285 4076 MTConfig - ok 19:38:14.0316 4076 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:38:14.0328 4076 Mup - ok 19:38:14.0368 4076 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 19:38:14.0433 4076 napagent - ok 19:38:14.0476 4076 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:38:14.0514 4076 NativeWifiP - ok 19:38:14.0565 4076 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 19:38:14.0600 4076 NDIS - ok 19:38:14.0631 4076 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:38:14.0674 4076 NdisCap - ok 19:38:14.0715 4076 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:38:14.0750 4076 NdisTapi - ok 19:38:14.0767 4076 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 19:38:14.0824 4076 Ndisuio - ok 19:38:14.0844 4076 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 19:38:14.0882 4076 NdisWan - ok 19:38:14.0902 4076 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 19:38:14.0952 4076 NDProxy - ok 19:38:14.0969 4076 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:38:15.0008 4076 NetBIOS - ok 19:38:15.0022 4076 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 19:38:15.0070 4076 NetBT - ok 19:38:15.0098 4076 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:15.0110 4076 Netlogon - ok 19:38:15.0126 4076 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:38:15.0187 4076 Netman - ok 19:38:15.0213 4076 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:38:15.0281 4076 netprofm - ok 19:38:15.0530 4076 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:38:15.0545 4076 NetTcpPortSharing - ok 19:38:15.0562 4076 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:38:15.0595 4076 nfrd960 - ok 19:38:15.0635 4076 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 19:38:15.0703 4076 NlaSvc - ok 19:38:15.0878 4076 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 19:38:15.0981 4076 NOBU - ok 19:38:16.0068 4076 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:38:16.0113 4076 Npfs - ok 19:38:16.0125 4076 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:38:16.0174 4076 nsi - ok 19:38:16.0183 4076 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:38:16.0231 4076 nsiproxy - ok 19:38:16.0299 4076 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 19:38:16.0362 4076 Ntfs - ok 19:38:16.0411 4076 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:38:16.0449 4076 Null - ok 19:38:16.0501 4076 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 19:38:16.0513 4076 nvraid - ok 19:38:16.0530 4076 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 19:38:16.0546 4076 nvstor - ok 19:38:16.0572 4076 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 19:38:16.0587 4076 nv_agp - ok 19:38:16.0627 4076 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 19:38:16.0644 4076 ohci1394 - ok 19:38:16.0680 4076 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:38:16.0699 4076 ose - ok 19:38:16.0915 4076 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:38:17.0011 4076 osppsvc - ok 19:38:17.0077 4076 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:38:17.0142 4076 p2pimsvc - ok 19:38:17.0184 4076 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:38:17.0216 4076 p2psvc - ok 19:38:17.0263 4076 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:38:17.0277 4076 Parport - ok 19:38:17.0321 4076 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 19:38:17.0334 4076 partmgr - ok 19:38:17.0354 4076 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:38:17.0391 4076 PcaSvc - ok 19:38:17.0421 4076 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 19:38:17.0435 4076 pci - ok 19:38:17.0447 4076 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 19:38:17.0459 4076 pciide - ok 19:38:17.0479 4076 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:38:17.0495 4076 pcmcia - ok 19:38:17.0519 4076 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:38:17.0533 4076 pcw - ok 19:38:17.0555 4076 pdfcDispatcher - ok 19:38:17.0606 4076 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:38:17.0668 4076 PEAUTH - ok 19:38:17.0719 4076 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:38:17.0779 4076 PerfHost - ok 19:38:18.0001 4076 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 19:38:18.0166 4076 pla - ok 19:38:18.0221 4076 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 19:38:18.0259 4076 PlugPlay - ok 19:38:18.0274 4076 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:38:18.0287 4076 PNRPAutoReg - ok 19:38:18.0315 4076 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:38:18.0337 4076 PNRPsvc - ok 19:38:18.0383 4076 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 19:38:18.0439 4076 PolicyAgent - ok 19:38:18.0475 4076 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:38:18.0528 4076 Power - ok 19:38:18.0628 4076 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 19:38:18.0666 4076 PptpMiniport - ok 19:38:18.0693 4076 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:38:18.0709 4076 Processor - ok 19:38:18.0754 4076 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 19:38:18.0805 4076 ProfSvc - ok 19:38:18.0836 4076 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:18.0849 4076 ProtectedStorage - ok 19:38:18.0865 4076 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 19:38:18.0911 4076 Psched - ok 19:38:18.0969 4076 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:38:19.0049 4076 ql2300 - ok 19:38:19.0133 4076 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:38:19.0147 4076 ql40xx - ok 19:38:19.0172 4076 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:38:19.0192 4076 QWAVE - ok 19:38:19.0202 4076 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:38:19.0236 4076 QWAVEdrv - ok 19:38:19.0259 4076 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:38:19.0312 4076 RasAcd - ok 19:38:19.0361 4076 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:38:19.0399 4076 RasAgileVpn - ok 19:38:19.0424 4076 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:38:19.0475 4076 RasAuto - ok 19:38:19.0504 4076 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:38:19.0543 4076 Rasl2tp - ok 19:38:19.0568 4076 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 19:38:19.0615 4076 RasMan - ok 19:38:19.0629 4076 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:38:19.0663 4076 RasPppoe - ok 19:38:19.0697 4076 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:38:19.0737 4076 RasSstp - ok 19:38:19.0756 4076 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 19:38:19.0799 4076 rdbss - ok 19:38:19.0810 4076 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:38:19.0839 4076 rdpbus - ok 19:38:19.0857 4076 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:38:19.0888 4076 RDPCDD - ok 19:38:19.0915 4076 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:38:19.0945 4076 RDPENCDD - ok 19:38:19.0967 4076 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:38:20.0005 4076 RDPREFMP - ok 19:38:20.0108 4076 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 19:38:20.0163 4076 RDPWD - ok 19:38:20.0183 4076 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 19:38:20.0206 4076 rdyboost - ok 19:38:20.0237 4076 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:38:20.0285 4076 RemoteAccess - ok 19:38:20.0312 4076 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:38:20.0358 4076 RemoteRegistry - ok 19:38:20.0393 4076 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:38:20.0426 4076 RpcEptMapper - ok 19:38:20.0444 4076 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:38:20.0466 4076 RpcLocator - ok 19:38:20.0502 4076 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 19:38:20.0547 4076 RpcSs - ok 19:38:20.0634 4076 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:38:20.0745 4076 rspndr - ok 19:38:20.0800 4076 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:38:20.0816 4076 RTL8167 - ok 19:38:20.0852 4076 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:20.0863 4076 SamSs - ok 19:38:20.0882 4076 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 19:38:20.0895 4076 sbp2port - ok 19:38:20.0918 4076 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:38:20.0957 4076 SCardSvr - ok 19:38:20.0969 4076 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 19:38:21.0003 4076 scfilter - ok 19:38:21.0058 4076 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 19:38:21.0164 4076 Schedule - ok 19:38:21.0188 4076 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 19:38:21.0222 4076 SCPolicySvc - ok 19:38:21.0233 4076 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 19:38:21.0277 4076 SDRSVC - ok 19:38:21.0325 4076 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:38:21.0367 4076 secdrv - ok 19:38:21.0373 4076 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 19:38:21.0424 4076 seclogon - ok 19:38:21.0444 4076 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:38:21.0495 4076 SENS - ok 19:38:21.0516 4076 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:38:21.0565 4076 SensrSvc - ok 19:38:21.0590 4076 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:38:21.0603 4076 Serenum - ok 19:38:21.0626 4076 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:38:21.0645 4076 Serial - ok 19:38:21.0655 4076 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:38:21.0679 4076 sermouse - ok 19:38:21.0707 4076 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 19:38:21.0759 4076 SessionEnv - ok 19:38:21.0784 4076 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 19:38:21.0827 4076 sffdisk - ok 19:38:21.0855 4076 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 19:38:21.0880 4076 sffp_mmc - ok 19:38:21.0899 4076 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 19:38:21.0914 4076 sffp_sd - ok 19:38:21.0932 4076 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:38:21.0944 4076 sfloppy - ok 19:38:22.0005 4076 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 19:38:22.0030 4076 Sftfs - ok 19:38:22.0108 4076 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 19:38:22.0125 4076 sftlist - ok 19:38:22.0160 4076 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 19:38:22.0175 4076 Sftplay - ok 19:38:22.0188 4076 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 19:38:22.0198 4076 Sftredir - ok 19:38:22.0208 4076 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 19:38:22.0220 4076 Sftvol - ok 19:38:22.0236 4076 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 19:38:22.0249 4076 sftvsa - ok 19:38:22.0276 4076 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:38:22.0349 4076 SharedAccess - ok 19:38:22.0389 4076 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 19:38:22.0429 4076 ShellHWDetection - ok 19:38:22.0454 4076 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:38:22.0467 4076 SiSRaid2 - ok 19:38:22.0484 4076 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:38:22.0496 4076 SiSRaid4 - ok 19:38:22.0728 4076 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 19:38:22.0839 4076 Skype C2C Service - ok 19:38:22.0961 4076 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe 19:38:23.0028 4076 SkypeUpdate - ok 19:38:23.0264 4076 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:38:23.0349 4076 Smb - ok 19:38:23.0437 4076 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:38:23.0476 4076 SNMPTRAP - ok 19:38:23.0520 4076 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:38:23.0533 4076 spldr - ok 19:38:23.0588 4076 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 19:38:23.0642 4076 Spooler - ok 19:38:23.0773 4076 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 19:38:23.0870 4076 sppsvc - ok 19:38:23.0923 4076 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:38:23.0962 4076 sppuinotify - ok 19:38:24.0061 4076 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 19:38:24.0146 4076 srv - ok 19:38:24.0222 4076 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 19:38:24.0306 4076 srv2 - ok 19:38:24.0355 4076 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 19:38:24.0386 4076 srvnet - ok 19:38:24.0425 4076 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:38:24.0485 4076 SSDPSRV - ok 19:38:24.0509 4076 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:38:24.0555 4076 SstpSvc - ok 19:38:24.0580 4076 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:38:24.0597 4076 stexstor - ok 19:38:24.0633 4076 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 19:38:24.0684 4076 stisvc - ok 19:38:24.0716 4076 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 19:38:24.0731 4076 swenum - ok 19:38:24.0757 4076 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:38:24.0824 4076 swprv - ok 19:38:24.0939 4076 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 19:38:24.0997 4076 SysMain - ok 19:38:25.0089 4076 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 19:38:25.0110 4076 TabletInputService - ok 19:38:25.0139 4076 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 19:38:25.0180 4076 TapiSrv - ok 19:38:25.0194 4076 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:38:25.0234 4076 TBS - ok 19:38:25.0369 4076 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 19:38:25.0447 4076 Tcpip - ok 19:38:25.0554 4076 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 19:38:25.0589 4076 TCPIP6 - ok 19:38:25.0632 4076 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 19:38:25.0667 4076 tcpipreg - ok 19:38:25.0686 4076 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:38:25.0725 4076 TDPIPE - ok 19:38:25.0766 4076 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 19:38:25.0796 4076 TDTCP - ok 19:38:25.0828 4076 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 19:38:25.0873 4076 tdx - ok 19:38:25.0882 4076 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 19:38:25.0894 4076 TermDD - ok 19:38:25.0931 4076 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 19:38:25.0992 4076 TermService - ok 19:38:26.0015 4076 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:38:26.0033 4076 Themes - ok 19:38:26.0052 4076 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:38:26.0091 4076 THREADORDER - ok 19:38:26.0103 4076 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:38:26.0140 4076 TrkWks - ok 19:38:26.0225 4076 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 19:38:26.0240 4076 TrustedInstaller - ok 19:38:26.0257 4076 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:38:26.0299 4076 tssecsrv - ok 19:38:26.0334 4076 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 19:38:26.0384 4076 tunnel - ok 19:38:26.0417 4076 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:38:26.0429 4076 uagp35 - ok 19:38:26.0453 4076 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 19:38:26.0504 4076 udfs - ok 19:38:26.0530 4076 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:38:26.0549 4076 UI0Detect - ok 19:38:26.0573 4076 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 19:38:26.0585 4076 uliagpkx - ok 19:38:26.0712 4076 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 19:38:26.0740 4076 umbus - ok 19:38:26.0759 4076 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:38:26.0930 4076 UmPass - ok 19:38:26.0958 4076 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:38:26.0998 4076 upnphost - ok 19:38:27.0039 4076 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 19:38:27.0083 4076 USBAAPL64 - ok 19:38:27.0116 4076 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 19:38:27.0145 4076 usbaudio - ok 19:38:27.0179 4076 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 19:38:27.0221 4076 usbccgp - ok 19:38:27.0260 4076 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 19:38:27.0288 4076 usbcir - ok 19:38:27.0303 4076 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 19:38:27.0318 4076 usbehci - ok 19:38:27.0350 4076 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 19:38:27.0392 4076 usbhub - ok 19:38:27.0415 4076 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 19:38:27.0443 4076 usbohci - ok 19:38:27.0461 4076 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:38:27.0476 4076 usbprint - ok 19:38:27.0512 4076 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:38:27.0531 4076 usbscan - ok 19:38:27.0554 4076 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:38:27.0609 4076 USBSTOR - ok 19:38:27.0620 4076 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys 19:38:27.0633 4076 usbuhci - ok 19:38:27.0665 4076 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys 19:38:27.0714 4076 usbvideo - ok 19:38:27.0738 4076 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:38:27.0777 4076 UxSms - ok 19:38:27.0802 4076 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 19:38:27.0813 4076 VaultSvc - ok 19:38:27.0819 4076 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 19:38:27.0834 4076 vdrvroot - ok 19:38:27.0863 4076 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 19:38:27.0886 4076 vds - ok 19:38:27.0912 4076 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:38:27.0937 4076 vga - ok 19:38:27.0953 4076 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:38:27.0994 4076 VgaSave - ok 19:38:28.0016 4076 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 19:38:28.0033 4076 vhdmp - ok 19:38:28.0050 4076 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 19:38:28.0062 4076 viaide - ok 19:38:28.0074 4076 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 19:38:28.0087 4076 volmgr - ok 19:38:28.0108 4076 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 19:38:28.0126 4076 volmgrx - ok 19:38:28.0152 4076 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 19:38:28.0169 4076 volsnap - ok 19:38:28.0188 4076 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:38:28.0201 4076 vsmraid - ok 19:38:28.0296 4076 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 19:38:28.0363 4076 VSS - ok 19:38:28.0455 4076 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 19:38:28.0485 4076 vwifibus - ok 19:38:28.0517 4076 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 19:38:28.0548 4076 vwififlt - ok 19:38:28.0576 4076 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:38:28.0614 4076 W32Time - ok 19:38:28.0626 4076 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:38:28.0652 4076 WacomPen - ok 19:38:28.0684 4076 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 19:38:28.0719 4076 WANARP - ok 19:38:28.0724 4076 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 19:38:28.0759 4076 Wanarpv6 - ok 19:38:28.0820 4076 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:38:28.0871 4076 WatAdminSvc - ok 19:38:28.0954 4076 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 19:38:29.0032 4076 wbengine - ok 19:38:29.0072 4076 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:38:29.0099 4076 WbioSrvc - ok 19:38:29.0131 4076 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 19:38:29.0181 4076 wcncsvc - ok 19:38:29.0204 4076 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:38:29.0236 4076 WcsPlugInService - ok 19:38:29.0279 4076 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:38:29.0292 4076 Wd - ok 19:38:29.0326 4076 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:38:29.0349 4076 Wdf01000 - ok 19:38:29.0363 4076 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:38:29.0394 4076 WdiServiceHost - ok 19:38:29.0398 4076 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:38:29.0423 4076 WdiSystemHost - ok 19:38:29.0452 4076 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 19:38:29.0479 4076 WebClient - ok 19:38:29.0498 4076 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:38:29.0553 4076 Wecsvc - ok 19:38:29.0573 4076 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:38:29.0623 4076 wercplsupport - ok 19:38:29.0649 4076 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:38:29.0695 4076 WerSvc - ok 19:38:29.0716 4076 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:38:29.0752 4076 WfpLwf - ok 19:38:29.0764 4076 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:38:29.0776 4076 WIMMount - ok 19:38:29.0800 4076 WinDefend - ok 19:38:29.0810 4076 WinHttpAutoProxySvc - ok 19:38:29.0849 4076 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:38:29.0904 4076 Winmgmt - ok 19:38:29.0934 4076 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 19:38:29.0947 4076 WinRing0_1_2_0 - ok 19:38:30.0013 4076 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 19:38:30.0185 4076 WinRM - ok 19:38:30.0312 4076 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 19:38:30.0334 4076 WinUsb - ok 19:38:30.0400 4076 WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe 19:38:30.0413 4076 WLANBelkinService ( UnsignedFile.Multi.Generic ) - warning 19:38:30.0413 4076 WLANBelkinService - detected UnsignedFile.Multi.Generic (1) 19:38:30.0464 4076 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:38:30.0501 4076 Wlansvc - ok 19:38:30.0554 4076 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:38:30.0564 4076 wlcrasvc - ok 19:38:30.0662 4076 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:38:30.0739 4076 wlidsvc - ok 19:38:30.0967 4076 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 19:38:30.0992 4076 WmiAcpi - ok 19:38:31.0063 4076 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:38:31.0091 4076 wmiApSrv - ok 19:38:31.0112 4076 WMPNetworkSvc - ok 19:38:31.0126 4076 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:38:31.0172 4076 WPCSvc - ok 19:38:31.0188 4076 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 19:38:31.0238 4076 WPDBusEnum - ok 19:38:31.0253 4076 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:38:31.0314 4076 ws2ifsl - ok 19:38:31.0344 4076 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll 19:38:31.0367 4076 wscsvc - ok 19:38:31.0372 4076 WSearch - ok 19:38:31.0466 4076 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 19:38:31.0556 4076 wuauserv - ok 19:38:31.0664 4076 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 19:38:31.0720 4076 WudfPf - ok 19:38:31.0736 4076 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:38:31.0770 4076 WUDFRd - ok 19:38:31.0779 4076 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 19:38:31.0818 4076 wudfsvc - ok 19:38:31.0836 4076 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:38:31.0867 4076 WwanSvc - ok 19:38:31.0914 4076 MBR (0x1B8) (c96b20439f04268559cdafc6258a08c5) \Device\Harddisk0\DR0 19:38:31.0940 4076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 19:38:31.0940 4076 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 19:38:31.0971 4076 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 19:38:31.0971 4076 \Device\Harddisk0\DR0 - detected TDSS File System (1) 19:38:31.0999 4076 Boot (0x1200) (dfaf3bfccbb9c443f7ca2f1a6f148f6b) \Device\Harddisk0\DR0\Partition0 19:38:32.0001 4076 \Device\Harddisk0\DR0\Partition0 - ok 19:38:32.0014 4076 Boot (0x1200) (1a86b1877594f4c19ad295b0f619ce33) \Device\Harddisk0\DR0\Partition1 19:38:32.0016 4076 \Device\Harddisk0\DR0\Partition1 - ok 19:38:32.0040 4076 Boot (0x1200) (16678dcadc69f645f2ac322db1fe3e9a) \Device\Harddisk0\DR0\Partition2 19:38:32.0042 4076 \Device\Harddisk0\DR0\Partition2 - ok 19:38:32.0042 4076 ============================================================ 19:38:32.0042 4076 Scan finished 19:38:32.0042 4076 ============================================================ 19:38:32.0061 4660 Detected object count: 4 19:38:32.0061 4660 Actual detected object count: 4 19:39:23.0613 4660 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:23.0613 4660 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:39:23.0615 4660 WLANBelkinService ( UnsignedFile.Multi.Generic ) - skipped by user 19:39:23.0615 4660 WLANBelkinService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:39:24.0362 4660 \Device\Harddisk0\DR0\# - copied to quarantine 19:39:24.0363 4660 \Device\Harddisk0\DR0 - copied to quarantine 19:39:24.0406 4660 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 19:39:24.0408 4660 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 19:39:24.0413 4660 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 19:39:24.0423 4660 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 19:39:24.0439 4660 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 19:39:24.0448 4660 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 19:39:24.0449 4660 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 19:39:24.0449 4660 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 19:39:24.0451 4660 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 19:39:24.0453 4660 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 19:39:24.0455 4660 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 19:39:24.0456 4660 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 19:39:24.0458 4660 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 19:39:24.0459 4660 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 19:39:24.0470 4660 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 19:39:24.0487 4660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 19:39:24.0488 4660 \Device\Harddisk0\DR0 - ok 19:39:24.0846 4660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 19:39:24.0847 4660 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 19:39:24.0847 4660 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 19:40:05.0417 0528 Deinitialize success Here is the log, and thank you so much!
  8. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/25/2010 13:15:22 System Uptime: 7/14/2012 01:58:24 (9 hours ago) . Motherboard: PEGATRON CORPORATION | | 2A94 Processor: Pentium® Dual-Core CPU E5500 @ 2.80GHz | CPU 1 | 2803/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 687 GiB total, 546.468 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.456 GiB free. E: is CDROM (CDFS) F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Hamachi Network Interface Device ID: ROOT\NET\0000 Manufacturer: LogMeIn, Inc. Name: Hamachi Network Interface PNP Device ID: ROOT\NET\0000 Service: hamachi . ==== System Restore Points =================== . RP213: 7/4/2012 03:00:42 - Windows Update RP214: 7/5/2012 03:00:42 - Windows Update RP215: 7/6/2012 03:00:42 - Windows Update RP216: 7/7/2012 03:00:21 - Windows Update RP217: 7/11/2012 18:54:56 - Windows Update RP218: 7/12/2012 14:58:47 - Restore Operation RP219: 7/12/2012 20:13:31 - Windows Update RP220: 7/12/2012 21:43:04 - Windows Update RP221: 7/12/2012 23:16:39 - Windows Update RP222: 7/12/2012 23:56:44 - Windows Update RP223: 7/13/2012 00:06:39 - Windows Update RP224: 7/13/2012 01:16:58 - Removed League of Legends RP225: 7/13/2012 11:58:20 - Windows Update RP226: 7/14/2012 03:00:41 - Windows Update . ==== Installed Programs ====================== . µTorrent Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 aiofw aioscnnr Apple Application Support Apple Software Update Ask Toolbar Ask Toolbar Updater Bejeweled 2 Deluxe Belkin Setup and Router Monitor Bing Bar Blackhawk Striker 2 Build-a-lot 2 center Chuzzle Deluxe CinemaNow Media Manager Complitly CyberLink DVD Suite Deluxe D3DX10 Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure DVD Menu Pack for HP MediaSmart Video Dyyno Broadcaster Escape Rosecliff Island FATE ffdshow [rev 3154] [2009-12-09] Final Drive Nitro Game Booster 3 Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Heroes of Hellas 2 - Olympia Hewlett-Packard ACLM.NET v1.1.2.0 HP Advisor HP Customer Experience Enhancements HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart/TouchSmart Netflix HP Odometer HP Product Detection HP Setup HP Support Assistant HP Support Information HP Update Hulu Desktop InstallIQ Updater Intel® Graphics Media Accelerator Driver Java Auto Updater Java™ 6 Update 26 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update K-Lite Codec Pack 7.0.0 (Full) Kobo KODAK AiO Home Center ksDIP LabelPrint League of Legends LightScribe System Software LogMeIn Hamachi Magic ISO Maker v5.5 (build 0281) Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Messenger Companion Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Norton Online Backup Pando Media Booster PDF Complete Special Edition Penguins! PhotoNow! PictureMover Plants vs. Zombies Play Wireless USB Adapter Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector PreReq PressReader QuickTime Realtek High Definition Audio Driver Recovery Manager Roxio CinemaNow 2.0 Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Skype Click to Call Skype™ 5.10 System Requirements Lab for Intel TuneUp Companion 2.4.4.3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) uTorrentControl2 Toolbar Virtual Families Virtual Villagers - The Secret City Wheel of Fortune 2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver Yahoo! Detect YouTube Downloader 2.7 Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 7/14/2012 03:07:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715). 7/14/2012 01:00:18, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e51117, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\Minidump\071412-25287-01.dmp. Report Id: 071412-25287-01. 7/13/2012 11:53:55, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002f7ffea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\Minidump\071312-23977-01.dmp. Report Id: 071312-23977-01. 7/12/2012 18:42:58, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. 7/12/2012 18:42:58, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/12/2012 18:42:57, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/12/2012 16:54:48, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s). 7/12/2012 14:50:39, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x1000007e (0xffffffffc000001d, 0xfffff88005de94f8, 0xfffff880020aa988, 0xfffff880020aa1f0). A dump was saved in: C:\Windows\Minidump\071212-22698-01.dmp. Report Id: 071212-22698-01. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26 Run by Ultimate Electronics at 10:11:48 on 2012-07-14 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5085.3368 [GMT -6:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\XXXX\mbamgui.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe -netsvcs C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\conhost.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\XXXX\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.76\deploy\LoLLauncher.exe C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.171\deploy\LolClient.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uSearch Page = hxxp://search.searchcompletion.com/?si=10211&home=1 uDefault_Search_URL = hxxp://search.searchcompletion.com/?si=10211&home=1 uSearch Bar = hxxp://search.searchcompletion.com/?si=10211&home=1 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll uURLSearchHooks: H - No File uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Complitly: {d27fc31c-6e3d-4305-8d53-acdaefa5f862} - C:\Users\Ultimate Electronics\AppData\Roaming\Complitly\Complitly.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 uRun: [Dyyno Launcher] "C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" 30100 30101 30102 30103 30104 uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [Google Update] "C:\Users\Ultimate Electronics\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [Conime] %windir%\system32\conime.exe mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\XXXX\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PLAYWI~1.LNK - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.137.1 TCP: Interfaces\{4959FB23-C933-4E7F-A044-217CF0251BF1} : DhcpNameServer = 192.168.137.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll BHO-X64: uTorrentControl2 - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Complitly: {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Ultimate Electronics\AppData\Roaming\Complitly\Complitly.dll BHO-X64: Complitly - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO-X64: Ask Toolbar BHO - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" TB-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [Conime] %windir%\system32\conime.exe mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\XXXX\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll FF - component: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll . ============= SERVICES / DRIVERS =============== . R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\rsdrvx64.sys --> C:\Windows\system32\drivers\rsdrvx64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-3-15 415072] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-5-17 308592] R2 MBAMService;MBAMService;C:\Program Files (x86)\XXXX\mbamservice.exe [2012-7-12 655944] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-17 635416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-20 250056] S3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?] S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176] S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-21 113120] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-20 14544] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-13 23:03:07 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70DB5393-09D2-41D0-8E47-258920030BE5}\mpengine.dll 2012-07-13 18:52:13 20480 ------w- C:\Windows\svchost.exe 2012-07-13 11:15:37 -------- d-----w- C:\ProgramData\Recovery 2012-07-13 07:20:05 -------- d-----w- C:\Program Files\League of legends 2012-07-13 05:35:06 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Roaming\Malwarebytes 2012-07-13 05:34:59 -------- d-----w- C:\ProgramData\Malwarebytes 2012-07-13 05:34:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-13 05:34:58 -------- d-----w- C:\Program Files (x86)\XXXX 2012-07-13 03:45:38 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-07-13 02:16:09 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-13 02:16:09 1880064 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-13 02:16:08 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-13 02:16:08 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-13 02:15:07 459216 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-07-13 02:15:07 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-07-13 02:15:06 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-07-13 02:15:06 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-07-13 02:15:06 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-07-13 02:15:06 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-07-13 02:15:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-07-13 02:15:06 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-07-13 02:15:06 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-07-13 02:14:36 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-13 02:14:36 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-13 00:42:56 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2012-07-12 01:32:13 -------- d-----w- C:\Users\Ultimate Electronics\riotsGamesLogs 2012-06-29 23:22:46 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Roaming\Sony Creative Software Inc 2012-06-22 21:30:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-22 21:30:13 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-22 21:29:46 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-22 21:29:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 23:28:21 -------- d-----w- C:\Riot Games 2012-06-19 23:35:14 4967624 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-18 02:32:39 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-18 02:32:39 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll . ==================== Find3M ==================== . 2012-07-13 00:49:17 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-13 00:49:17 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-31 18:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 03:56:59 1197568 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 03:08:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:59:45 182272 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:59:45 1460224 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 05:59:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 04:47:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:47:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-24 04:47:03 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-20 06:22:18 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2012-04-20 05:05:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2012-04-20 05:00:31 482816 ----a-w- C:\Windows\System32\html.iec 2012-04-20 04:15:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-04-20 03:58:07 386048 ----a-w- C:\Windows\SysWow64\html.iec 2012-04-20 03:24:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 10:12:57.28 =============== Those are my logs in which i was told to post. Attatch being first and DDS being second.
  9. Alright, i am really new to all of this and have been searching for a solution to my problems for the past couple of days. After reading many forums and this one in specific i found that i should not copy anything that the "expert" had told another individual. I dont know if this is the right place to post this Topic but i am in desperate need of help, i have downloaded a program called "Malwarebytes Anti-Malware" and every problem that it is blocking has a provess "svchost.exe" i have tried to end this process but it keeps starting itself up again. What do i do?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.