Jump to content

Technics

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Everything posted by Technics

  1. Technics
    Thankyou very much for all your help! Very much appreciated.
  2. Technics
    The scan came back all clear. I was unable to locate the view log option. This is the message I got after the scan. Good news! We found no active infections on your PC Keep it clean with Bitdefender Internet Security 2013!
  3. Technics
    Sorry abuot the tags not sure what happenned there.
  4. Technics
    <p>Hi, the system seems to be running normal.</p> <p> </p> <p>Nothing was detected with the MS Safety scanner running a full scan.</p> <p> </p> <p> </p> <p> </p> <p> </p> <div>McAfee® Labs Stinger Version 10.2.0.903 built on Dec 3 2012</div> <div>Copyright © 2012 McAfee, Inc. All Rights Reserved.</div> <div>Virus data file v1000.0000 created on Dec 3 2012.</div> <div>Ready to scan for 5971 viruses, trojans and variants.</div> <div> </div> <div>Scan initiated on Tue Dec 04 10:09:18 2012</div> <div>Rootkit scan result : Not Scanned </div> <div> </div> <div> </div> <div> Master Boot Record(s):....1</div> <div> Possibly Infected:.............0</div> <div> Boot Sector(s):.................1</div> <div> Possibly Infected: ............0</div> <div> </div> <div> Number of clean files: 20235</div> <div> </div>
  5. Technics
    The system seems ok. ComboFix 12-12-01.02 - Rybicki 03/12/2012 12:31:11.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.2012.1184 [GMT 8:00] Running from: c:\users\Rybicki\Desktop\ComboFix.exe Command switches used :: c:\users\Rybicki\Desktop\CFScript.txt AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Rybicki\AppData\Local\{7B977AAD-6363-4B96-9B7B-B7B450C6F185} . . ((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 ))))))))))))))))))))))))))))))) . . 2012-12-03 04:38 . 2012-12-03 04:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-02 04:46 . 2012-12-02 04:46 -------- d-----w- c:\users\Rybicki\AppData\Local\Trend Micro 2012-12-02 04:44 . 2012-12-02 05:07 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2012-12-02 04:43 . 2012-12-02 04:43 -------- d-----w- c:\users\Rybicki\AppData\Roaming\LavasoftStatistics 2012-12-02 04:37 . 2012-12-02 14:35 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus 2012-12-02 04:36 . 2012-12-02 04:36 -------- d-----w- c:\users\Rybicki\AppData\Local\Downloaded Installations 2012-12-02 04:36 . 2012-12-02 04:36 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys 2012-12-02 04:36 . 2012-09-19 21:40 47496 ----a-w- c:\windows\system32\sbbd.exe 2012-12-02 04:35 . 2012-12-02 04:35 -------- d-----w- c:\programdata\blekko toolbars 2012-12-02 04:35 . 2012-12-02 04:35 -------- d-----w- c:\users\Rybicki\AppData\Local\adawarebp 2012-12-02 04:35 . 2012-12-02 04:35 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2012-12-02 04:35 . 2012-12-02 04:35 -------- d-----w- c:\program files (x86)\adawaretb 2012-12-02 04:35 . 2012-12-02 04:35 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2012-12-02 04:34 . 2012-12-03 04:26 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Ad-Aware Antivirus 2012-12-01 14:47 . 2012-12-01 14:47 -------- d-----w- c:\program files (x86)\ERUNT 2012-11-28 13:47 . 2012-12-01 09:48 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Pueny 2012-11-28 13:47 . 2012-11-29 00:47 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Ifweug 2012-11-28 13:47 . 2012-11-28 13:47 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Ilebm 2012-11-23 11:16 . 2012-11-23 11:16 -------- d-----w- c:\users\Rybicki\AppData\Roaming\puush 2012-11-23 11:16 . 2012-11-23 11:17 -------- d-----w- c:\program files (x86)\puush 2012-11-16 19:09 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-16 19:09 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-16 19:09 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-16 19:09 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-16 02:41 . 2012-10-18 18:18 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-11-16 02:41 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-16 02:41 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-03 04:15 . 2010-07-12 09:00 25640 ----a-w- c:\windows\gdrv.sys 2012-10-16 21:20 . 2012-11-28 00:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 21:20 . 2012-11-28 00:50 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 20:34 . 2012-11-28 00:50 559104 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-06 12:42 . 2012-08-08 05:27 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-06 12:42 . 2012-08-08 05:27 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-29 11:54 . 2012-08-03 11:01 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-28 05:16 . 2012-09-28 05:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-28 05:15 . 2012-07-01 05:38 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-28 05:15 . 2010-07-29 07:32 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-09-19 21:40 . 2012-09-19 21:40 47496 ----a-w- c:\windows\SysWow64\sbbd.exe 2012-09-14 19:23 . 2012-10-10 14:40 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:30 . 2012-10-10 14:40 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-12 12:19 . 2012-09-12 12:19 82872 ----a-w- c:\windows\system32\drivers\sbapifs.sys . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\users\Rybicki\AppData\Roaming\Ifweug ---- . . ---- Directory of c:\users\Rybicki\AppData\Roaming\Ilebm ---- . 2010-10-20 19:08 . 2012-11-28 13:48 399066 ----a-w- c:\users\Rybicki\AppData\Roaming\Ilebm\olwet.vuu . ---- Directory of c:\users\Rybicki\AppData\Roaming\Pueny ---- . . ---- Directory of c:\users\Rybicki\AppData\Roaming\puush ---- . 2012-11-23 11:16 . 2012-12-03 04:16 646 ----a-w- c:\users\Rybicki\AppData\Roaming\puush\puush.ini . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Mega Manager"="c:\program files (x86)\Megaupload\Mega Manager\MegaManager.exe" [2011-07-29 2113536] "c:\users\Rybicki\Downloads\LivestreamProcaster.exe"="c:\users\Rybicki\Downloads\LivestreamProcaster.exe" [2012-09-09 18199256] "puush"="c:\program files (x86)\puush\puush.exe" [2012-11-23 565480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X] "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432] "PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472] "UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408] "LGODDFU"="c:\program files (x86)\lg_fwupdate\fwupdate.exe" [2008-10-01 548864] "UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160] "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-11-16 542104] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Kodak EasyShare software.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2010-1-27 323584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-19 3677000] R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-01-06 35840] R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS26.SYS [2009-06-10 411136] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-27 1255736] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-02 14456] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-11-21 1236368] S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360] S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-05-17 308592] S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2012-09-12 82872] S3 CAXHWBS2;CAXHWBS2;c:\windows\system32\DRIVERS\CAXHWBS2.sys [2009-06-29 411136] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544] . . Contents of the 'Scheduled Tasks' folder . 2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-29 07:35] . 2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-29 07:35] . 2012-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2800316101-1893281304-1120784185-1000Core.job - c:\users\Rybicki\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 03:10] . 2012-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2800316101-1893281304-1120784185-1000UA.job - c:\users\Rybicki\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 03:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-25 7883296] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-25 1833504] "EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-05-07 2042368] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com.au/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Rybicki\AppData\Roaming\Mozilla\Firefox\Profiles\h6zd0hbl.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\07\05\1d\07\06\1b?" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-12-03 12:40:30 ComboFix-quarantined-files.txt 2012-12-03 04:40 ComboFix2.txt 2012-12-02 03:59 . Pre-Run: 405,921,566,720 bytes free Post-Run: 405,901,275,136 bytes free . - - End Of File - - 60E13FE01D4B1C4DA5F643F352C789A5 Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.03.01 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Rybicki :: Rybicki-PC [administrator] 3/12/2012 12:47:06 PM mbam-log-2012-12-03 (12-47-06).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 421485 Time elapsed: 51 minute(s), 59 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  6. Technics
    The system seems fine to me. The second registry entry that I checked to delete hasn't shown up on the report though. RogueKiller V8.3.1 [Nov 29 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User : Rybicki [Admin rights] Mode : Remove -- Date : 12/02/2012 11:30:29 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : EPSON NX430 TX435 Series (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBP.EXE /FU "C:\Users\Rybicki\AppData\Local\Temp\E_S7E2.tmp" /EF "HKCU") -> NOT SELECTED [RUN][sUSP PATH] HKCU\[...]\Run : Upyqpai (C:\Users\Rybicki\AppData\Roaming\Pueny\giam.exe) -> DELETED [RUN][sUSP PATH] HKUS\S-1-5-21-2800316101-1893281304-1120784185-1000[...]\Run : EPSON NX430 TX435 Series (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBP.EXE /FU "C:\Users\Rybicki\AppData\Local\Temp\E_S7E2.tmp" /EF "HKCU") -> NOT SELECTED [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NOT SELECTED [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3500418AS ATA Device +++++ --- User --- [MBR] 7effd017c166444088654c548abfb39c [bSP] 3d7eda69ce55cc718d167f25dfdb61ad : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_12022012_02d1130.txt >> RKreport[1]_S_12022012_02d1127.txt ; RKreport[2]_D_12022012_02d1130.txt -------------------------------------------------------------------------------------------------------------------------- ComboFix 12-12-01.02 - Rybicki 02/12/2012 11:47:43.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.2012.990 [GMT 8:00] Running from: c:\users\Rybicki\Desktop\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 ))))))))))))))))))))))))))))))) . . 2012-12-02 03:55 . 2012-12-02 03:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-01 14:47 . 2012-12-01 14:47 -------- d-----w- c:\program files (x86)\ERUNT 2012-11-28 13:47 . 2012-12-01 09:48 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Pueny 2012-11-28 13:47 . 2012-11-29 00:47 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Ifweug 2012-11-28 13:47 . 2012-11-28 13:47 -------- d-----w- c:\users\Rybicki\AppData\Roaming\Ilebm 2012-11-23 11:16 . 2012-11-23 11:16 -------- d-----w- c:\users\Rybicki\AppData\Roaming\puush 2012-11-23 11:16 . 2012-11-23 11:17 -------- d-----w- c:\program files (x86)\puush 2012-11-16 19:09 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-16 19:09 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-16 19:09 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-16 19:09 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-16 02:41 . 2012-10-18 18:18 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-11-16 02:41 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-16 02:41 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-02 03:33 . 2010-07-12 09:00 25640 ----a-w- c:\windows\gdrv.sys 2012-10-16 21:20 . 2012-11-28 00:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 21:20 . 2012-11-28 00:50 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 20:34 . 2012-11-28 00:50 559104 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-06 12:42 . 2012-08-08 05:27 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-06 12:42 . 2012-08-08 05:27 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-29 11:54 . 2012-08-03 11:01 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-28 05:16 . 2012-09-28 05:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-28 05:15 . 2012-07-01 05:38 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-28 05:15 . 2010-07-29 07:32 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-09-14 19:23 . 2012-10-10 14:40 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:30 . 2012-10-10 14:40 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Mega Manager"="c:\program files (x86)\Megaupload\Mega Manager\MegaManager.exe" [2011-07-29 2113536] "c:\users\Rybicki\Downloads\LivestreamProcaster.exe"="c:\users\Rybicki\Downloads\LivestreamProcaster.exe" [2012-09-09 18199256] "puush"="c:\program files (x86)\puush\puush.exe" [2012-11-23 565480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432] "PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472] "UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408] "LGODDFU"="c:\program files (x86)\lg_fwupdate\fwupdate.exe" [2008-10-01 548864] "UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160] "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Kodak EasyShare software.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2010-1-27 323584] McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-27 2152152] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-01-06 35840] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS26.SYS [2009-06-10 411136] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [2009-07-29 595960] R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2009-07-29 917768] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-27 1255736] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-08-18 69376] S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2009-07-29 200720] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360] S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-05-17 308592] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [2010-07-30 42576] S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [2009-07-29 339984] S3 CAXHWBS2;CAXHWBS2;c:\windows\system32\DRIVERS\CAXHWBS2.sys [2009-06-29 411136] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544] . . Contents of the 'Scheduled Tasks' folder . 2012-12-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 07:24] . 2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-29 07:35] . 2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-29 07:35] . 2012-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2800316101-1893281304-1120784185-1000Core.job - c:\users\Rybicki\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 03:10] . 2012-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2800316101-1893281304-1120784185-1000UA.job - c:\users\Rybicki\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 03:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-25 7883296] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-25 1833504] "UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-01-26 1023416] "EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-05-07 2042368] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com.au/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Rybicki\AppData\Roaming\Mozilla\Firefox\Profiles\h6zd0hbl.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\07\05\1d\07\06\1b?" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-12-02 11:59:38 ComboFix-quarantined-files.txt 2012-12-02 03:59 . Pre-Run: 402,050,228,224 bytes free Post-Run: 405,986,254,848 bytes free . - - End Of File - - 50CD595166B0032EC000A113F95FA218
  7. Technics
    Hi Maurice, thankyou for the reply. MBAM Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.01.04 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Rybicki :: Rybicki-PC [administrator] 1/12/2012 5:54:01 PM mbam-log-2012-12-01 (17-54-01).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 225447 Time elapsed: 7 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Users\Rybicki\AppData\Local\Temp\tmp883d96a0\usacagbau.exe (Spyware.Zbot) -> Quarantined and deleted successfully. C:\Users\Rybicki\AppData\Local\Temp\tmpccc434fc\usacagbau.exe (Spyware.Zbot) -> Quarantined and deleted successfully. (end) ADwCleaner # AdwCleaner v2.010 - Logfile created 12/01/2012 at 22:58:35 # Updated 29/11/2012 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : Rybicki - Rybicki-PC # Boot Mode : Normal # Running from : C:\Users\Rybicki\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\ProgramData\Ask ***** [Registry] ***** Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKU\S-1-5-21-2800316101-1893281304-1120784185-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (en-GB) Profile name : default File : C:\Users\Rybicki\AppData\Roaming\Mozilla\Firefox\Profiles\h6zd0hbl.default\prefs.js Found : user_pref("browser.search.order.1", "Ask.com"); Found : user_pref("browser.search.selectedEngine", "Ask.com"); -\\ Google Chrome v23.0.1271.95 File : C:\Users\Rybicki\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v12.1.1532.0 File : C:\Users\Rybicki\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [1704 octets] - [01/12/2012 22:58:35] ########## EOF - C:\AdwCleaner[R1].txt - [1764 octets] ########## TDS 23:02:40.0333 2116 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 23:02:41.0472 2116 ============================================================ 23:02:41.0472 2116 Current date / time: 2012/12/01 23:02:41.0472 23:02:41.0472 2116 SystemInfo: 23:02:41.0472 2116 23:02:41.0472 2116 OS Version: 6.1.7600 ServicePack: 0.0 23:02:41.0472 2116 Product type: Workstation 23:02:41.0472 2116 ComputerName: Rybicki-PC 23:02:41.0472 2116 UserName: Rybicki 23:02:41.0472 2116 Windows directory: C:\Windows 23:02:41.0472 2116 System windows directory: C:\Windows 23:02:41.0472 2116 Running under WOW64 23:02:41.0472 2116 Processor architecture: Intel x64 23:02:41.0472 2116 Number of processors: 2 23:02:41.0472 2116 Page size: 0x1000 23:02:41.0472 2116 Boot type: Normal boot 23:02:41.0472 2116 ============================================================ 23:02:42.0579 2116 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 23:02:42.0595 2116 ============================================================ 23:02:42.0595 2116 \Device\Harddisk0\DR0: 23:02:42.0595 2116 MBR partitions: 23:02:42.0595 2116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 23:02:42.0595 2116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000 23:02:42.0595 2116 ============================================================ 23:02:42.0626 2116 C: <-> \Device\Harddisk0\DR0\Partition2 23:02:42.0626 2116 ============================================================ 23:02:42.0626 2116 Initialize success 23:02:42.0626 2116 ============================================================ 23:02:51.0737 3884 ============================================================ 23:02:51.0737 3884 Scan started 23:02:51.0737 3884 Mode: Manual; 23:02:51.0737 3884 ============================================================ 23:02:54.0342 3884 ================ Scan system memory ======================== 23:02:54.0342 3884 System memory - ok 23:02:54.0342 3884 ================ Scan services ============================= 23:02:54.0435 3884 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 23:02:54.0435 3884 1394ohci - ok 23:02:54.0513 3884 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe 23:02:54.0513 3884 ABBYY.Licensing.FineReader.Sprint.9.0 - ok 23:02:54.0576 3884 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 23:02:54.0591 3884 ACDaemon - ok 23:02:54.0607 3884 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys 23:02:54.0607 3884 ACPI - ok 23:02:54.0623 3884 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys 23:02:54.0623 3884 AcpiPmi - ok 23:02:54.0716 3884 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 23:02:54.0716 3884 AdobeARMservice - ok 23:02:54.0747 3884 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 23:02:54.0747 3884 adp94xx - ok 23:02:54.0763 3884 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 23:02:54.0779 3884 adpahci - ok 23:02:54.0794 3884 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 23:02:54.0794 3884 adpu320 - ok 23:02:54.0810 3884 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:02:54.0825 3884 AeLookupSvc - ok 23:02:54.0872 3884 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys 23:02:54.0872 3884 AFD - ok 23:02:54.0888 3884 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys 23:02:54.0888 3884 agp440 - ok 23:02:54.0903 3884 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 23:02:54.0903 3884 ALG - ok 23:02:54.0919 3884 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys 23:02:54.0919 3884 aliide - ok 23:02:54.0935 3884 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys 23:02:54.0935 3884 amdide - ok 23:02:54.0950 3884 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 23:02:54.0950 3884 AmdK8 - ok 23:02:54.0966 3884 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 23:02:54.0966 3884 AmdPPM - ok 23:02:54.0997 3884 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys 23:02:54.0997 3884 amdsata - ok 23:02:55.0013 3884 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 23:02:55.0028 3884 amdsbs - ok 23:02:55.0044 3884 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys 23:02:55.0044 3884 amdxata - ok 23:02:55.0059 3884 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys 23:02:55.0059 3884 AppID - ok 23:02:55.0075 3884 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 23:02:55.0075 3884 AppIDSvc - ok 23:02:55.0091 3884 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll 23:02:55.0106 3884 Appinfo - ok 23:02:55.0169 3884 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 23:02:55.0169 3884 Apple Mobile Device - ok 23:02:55.0184 3884 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 23:02:55.0184 3884 arc - ok 23:02:55.0200 3884 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 23:02:55.0200 3884 arcsas - ok 23:02:55.0215 3884 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:02:55.0231 3884 AsyncMac - ok 23:02:55.0247 3884 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys 23:02:55.0247 3884 atapi - ok 23:02:55.0278 3884 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:02:55.0278 3884 AudioEndpointBuilder - ok 23:02:55.0293 3884 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll 23:02:55.0293 3884 AudioSrv - ok 23:02:55.0325 3884 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll 23:02:55.0325 3884 AxInstSV - ok 23:02:55.0356 3884 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 23:02:55.0371 3884 b06bdrv - ok 23:02:55.0403 3884 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 23:02:55.0418 3884 b57nd60a - ok 23:02:55.0465 3884 [ F29D375926E36E3A56AF4805C7749302 ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe 23:02:55.0465 3884 BCUService - ok 23:02:55.0481 3884 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 23:02:55.0481 3884 BDESVC - ok 23:02:55.0496 3884 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 23:02:55.0496 3884 Beep - ok 23:02:55.0527 3884 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll 23:02:55.0543 3884 BFE - ok 23:02:55.0574 3884 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll 23:02:55.0621 3884 BITS - ok 23:02:55.0637 3884 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 23:02:55.0637 3884 blbdrive - ok 23:02:55.0715 3884 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 23:02:55.0715 3884 Bonjour Service - ok 23:02:55.0746 3884 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:02:55.0746 3884 bowser - ok 23:02:55.0761 3884 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:02:55.0761 3884 BrFiltLo - ok 23:02:55.0777 3884 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:02:55.0777 3884 BrFiltUp - ok 23:02:55.0808 3884 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll 23:02:55.0808 3884 Browser - ok 23:02:55.0824 3884 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 23:02:55.0839 3884 Brserid - ok 23:02:55.0839 3884 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 23:02:55.0839 3884 BrSerWdm - ok 23:02:55.0855 3884 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 23:02:55.0855 3884 BrUsbMdm - ok 23:02:55.0871 3884 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 23:02:55.0871 3884 BrUsbSer - ok 23:02:55.0886 3884 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 23:02:55.0886 3884 BTHMODEM - ok 23:02:55.0917 3884 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 23:02:55.0917 3884 bthserv - ok 23:02:55.0964 3884 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS 23:02:55.0964 3884 BVRPMPR5a64 - ok 23:02:56.0027 3884 [ 0D004BD9D24DC5F34839B005E65A0FB4 ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys 23:02:56.0027 3884 CAXHWBS2 - ok 23:02:56.0042 3884 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:02:56.0058 3884 cdfs - ok 23:02:56.0089 3884 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 23:02:56.0089 3884 cdrom - ok 23:02:56.0105 3884 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll 23:02:56.0105 3884 CertPropSvc - ok 23:02:56.0120 3884 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 23:02:56.0120 3884 circlass - ok 23:02:56.0151 3884 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 23:02:56.0151 3884 CLFS - ok 23:02:56.0198 3884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:02:56.0198 3884 clr_optimization_v2.0.50727_32 - ok 23:02:56.0229 3884 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:02:56.0229 3884 clr_optimization_v2.0.50727_64 - ok 23:02:56.0307 3884 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:02:56.0339 3884 clr_optimization_v4.0.30319_32 - ok 23:02:56.0370 3884 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:02:56.0370 3884 clr_optimization_v4.0.30319_64 - ok 23:02:56.0385 3884 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 23:02:56.0401 3884 CmBatt - ok 23:02:56.0401 3884 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys 23:02:56.0401 3884 cmdide - ok 23:02:56.0448 3884 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys 23:02:56.0448 3884 CNG - ok 23:02:56.0463 3884 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 23:02:56.0463 3884 Compbatt - ok 23:02:56.0479 3884 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 23:02:56.0495 3884 CompositeBus - ok 23:02:56.0495 3884 COMSysApp - ok 23:02:56.0510 3884 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 23:02:56.0510 3884 crcdisk - ok 23:02:56.0557 3884 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:02:56.0557 3884 CryptSvc - ok 23:02:56.0588 3884 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll 23:02:56.0588 3884 DcomLaunch - ok 23:02:56.0619 3884 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 23:02:56.0619 3884 defragsvc - ok 23:02:56.0651 3884 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:02:56.0651 3884 DfsC - ok 23:02:56.0682 3884 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll 23:02:56.0682 3884 Dhcp - ok 23:02:56.0713 3884 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 23:02:56.0713 3884 discache - ok 23:02:56.0729 3884 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 23:02:56.0729 3884 Disk - ok 23:02:56.0760 3884 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:02:56.0760 3884 Dnscache - ok 23:02:56.0775 3884 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll 23:02:56.0791 3884 dot3svc - ok 23:02:56.0807 3884 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll 23:02:56.0807 3884 DPS - ok 23:02:56.0838 3884 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:02:56.0838 3884 drmkaud - ok 23:02:56.0885 3884 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:02:56.0900 3884 DXGKrnl - ok 23:02:56.0916 3884 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 23:02:56.0916 3884 EapHost - ok 23:02:56.0978 3884 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 23:02:57.0056 3884 ebdrv - ok 23:02:57.0087 3884 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe 23:02:57.0087 3884 EFS - ok 23:02:57.0165 3884 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:02:57.0165 3884 ehRecvr - ok 23:02:57.0181 3884 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 23:02:57.0181 3884 ehSched - ok 23:02:57.0197 3884 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 23:02:57.0212 3884 elxstor - ok 23:02:57.0228 3884 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys 23:02:57.0228 3884 ErrDev - ok 23:02:57.0275 3884 [ 2C31DCAA88D269E13A935910DBB4CC61 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE 23:02:57.0275 3884 ES lite Service - ok 23:02:57.0290 3884 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 23:02:57.0306 3884 EventSystem - ok 23:02:57.0321 3884 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 23:02:57.0321 3884 exfat - ok 23:02:57.0337 3884 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:02:57.0337 3884 fastfat - ok 23:02:57.0368 3884 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe 23:02:57.0384 3884 Fax - ok 23:02:57.0399 3884 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 23:02:57.0399 3884 fdc - ok 23:02:57.0399 3884 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 23:02:57.0415 3884 fdPHost - ok 23:02:57.0415 3884 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 23:02:57.0415 3884 FDResPub - ok 23:02:57.0431 3884 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:02:57.0431 3884 FileInfo - ok 23:02:57.0446 3884 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:02:57.0446 3884 Filetrace - ok 23:02:57.0462 3884 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 23:02:57.0462 3884 flpydisk - ok 23:02:57.0477 3884 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:02:57.0477 3884 FltMgr - ok 23:02:57.0524 3884 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll 23:02:57.0540 3884 FontCache - ok 23:02:57.0587 3884 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:02:57.0587 3884 FontCache3.0.0.0 - ok 23:02:57.0587 3884 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 23:02:57.0602 3884 FsDepends - ok 23:02:57.0633 3884 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:02:57.0633 3884 Fs_Rec - ok 23:02:57.0665 3884 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 23:02:57.0665 3884 fvevol - ok 23:02:57.0680 3884 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 23:02:57.0680 3884 gagp30kx - ok 23:02:57.0711 3884 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys 23:02:57.0711 3884 gdrv - ok 23:02:57.0758 3884 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 23:02:57.0758 3884 GEARAspiWDM - ok 23:02:57.0789 3884 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll 23:02:57.0789 3884 gpsvc - ok 23:02:57.0867 3884 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 23:02:57.0867 3884 gupdate - ok 23:02:57.0899 3884 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 23:02:57.0899 3884 gupdatem - ok 23:02:57.0914 3884 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 23:02:57.0914 3884 hcw85cir - ok 23:02:57.0945 3884 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:02:57.0945 3884 HdAudAddService - ok 23:02:57.0977 3884 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 23:02:57.0977 3884 HDAudBus - ok 23:02:57.0992 3884 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 23:02:58.0008 3884 HidBatt - ok 23:02:58.0008 3884 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 23:02:58.0023 3884 HidBth - ok 23:02:58.0039 3884 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 23:02:58.0039 3884 HidIr - ok 23:02:58.0055 3884 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 23:02:58.0055 3884 hidserv - ok 23:02:58.0086 3884 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 23:02:58.0086 3884 HidUsb - ok 23:02:58.0101 3884 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll 23:02:58.0101 3884 hkmsvc - ok 23:02:58.0117 3884 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 23:02:58.0117 3884 HomeGroupListener - ok 23:02:58.0148 3884 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll 23:02:58.0148 3884 HomeGroupProvider - ok 23:02:58.0164 3884 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys 23:02:58.0164 3884 HpSAMD - ok 23:02:58.0226 3884 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll 23:02:58.0242 3884 HsfXAudioService - ok 23:02:58.0257 3884 [ F6AC1087A131FBB385400667BEA64FBE ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys 23:02:58.0289 3884 HSF_DPV - ok 23:02:58.0320 3884 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:02:58.0335 3884 HTTP - ok 23:02:58.0351 3884 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 23:02:58.0351 3884 hwpolicy - ok 23:02:58.0382 3884 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 23:02:58.0382 3884 i8042prt - ok 23:02:58.0413 3884 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 23:02:58.0429 3884 iaStorV - ok 23:02:58.0460 3884 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:02:58.0476 3884 idsvc - ok 23:02:58.0663 3884 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 23:02:58.0819 3884 igfx - ok 23:02:58.0835 3884 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 23:02:58.0850 3884 iirsp - ok 23:02:58.0881 3884 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll 23:02:58.0881 3884 IKEEXT - ok 23:02:58.0944 3884 [ 135856AC71116CCFF05ED8481745241B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 23:02:58.0975 3884 IntcAzAudAddService - ok 23:02:59.0022 3884 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys 23:02:59.0022 3884 intelide - ok 23:02:59.0037 3884 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 23:02:59.0037 3884 intelppm - ok 23:02:59.0053 3884 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:02:59.0053 3884 IPBusEnum - ok 23:02:59.0069 3884 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:02:59.0069 3884 IpFilterDriver - ok 23:02:59.0084 3884 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:02:59.0100 3884 iphlpsvc - ok 23:02:59.0115 3884 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys 23:02:59.0115 3884 IPMIDRV - ok 23:02:59.0115 3884 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 23:02:59.0131 3884 IPNAT - ok 23:02:59.0178 3884 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 23:02:59.0193 3884 iPod Service - ok 23:02:59.0209 3884 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:02:59.0209 3884 IRENUM - ok 23:02:59.0225 3884 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys 23:02:59.0225 3884 isapnp - ok 23:02:59.0240 3884 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 23:02:59.0256 3884 iScsiPrt - ok 23:02:59.0271 3884 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 23:02:59.0271 3884 kbdclass - ok 23:02:59.0287 3884 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 23:02:59.0287 3884 kbdhid - ok 23:02:59.0303 3884 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe 23:02:59.0303 3884 KeyIso - ok 23:02:59.0427 3884 [ F8D454FBA97DC28F02931C588BAFE4CF ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe 23:02:59.0427 3884 Kodak AiO Network Discovery Service - ok 23:02:59.0474 3884 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:02:59.0474 3884 KSecDD - ok 23:02:59.0490 3884 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 23:02:59.0490 3884 KSecPkg - ok 23:02:59.0521 3884 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 23:02:59.0521 3884 ksthunk - ok 23:02:59.0552 3884 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 23:02:59.0552 3884 KtmRm - ok 23:02:59.0599 3884 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll 23:02:59.0599 3884 LanmanServer - ok 23:02:59.0615 3884 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:02:59.0630 3884 LanmanWorkstation - ok 23:02:59.0693 3884 [ 4D99FCA201B72E0F2CA996E357BAA170 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe 23:02:59.0708 3884 Lavasoft Ad-Aware Service - ok 23:02:59.0755 3884 [ C8B3131857931AE76798A741CC52B021 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys 23:02:59.0755 3884 Lbd - ok 23:02:59.0802 3884 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:02:59.0802 3884 lltdio - ok 23:02:59.0817 3884 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:02:59.0817 3884 lltdsvc - ok 23:02:59.0849 3884 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 23:02:59.0849 3884 lmhosts - ok 23:02:59.0864 3884 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 23:02:59.0864 3884 LSI_FC - ok 23:02:59.0880 3884 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 23:02:59.0880 3884 LSI_SAS - ok 23:02:59.0895 3884 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:02:59.0895 3884 LSI_SAS2 - ok 23:02:59.0911 3884 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:02:59.0927 3884 LSI_SCSI - ok 23:02:59.0942 3884 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 23:02:59.0942 3884 luafv - ok 23:03:00.0020 3884 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 23:03:00.0020 3884 MBAMProtector - ok 23:03:00.0083 3884 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 23:03:00.0083 3884 MBAMScheduler - ok 23:03:00.0129 3884 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 23:03:00.0129 3884 MBAMService - ok 23:03:00.0207 3884 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe 23:03:00.0223 3884 McComponentHostService - ok 23:03:00.0239 3884 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:03:00.0239 3884 Mcx2Svc - ok 23:03:00.0254 3884 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 23:03:00.0254 3884 mdmxsdk - ok 23:03:00.0332 3884 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 23:03:00.0332 3884 megasas - ok 23:03:00.0363 3884 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 23:03:00.0379 3884 MegaSR - ok 23:03:00.0488 3884 Microsoft SharePoint Workspace Audit Service - ok 23:03:00.0519 3884 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 23:03:00.0519 3884 MMCSS - ok 23:03:00.0535 3884 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 23:03:00.0535 3884 Modem - ok 23:03:00.0566 3884 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:03:00.0566 3884 monitor - ok 23:03:00.0582 3884 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 23:03:00.0582 3884 mouclass - ok 23:03:00.0597 3884 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:03:00.0613 3884 mouhid - ok 23:03:00.0629 3884 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 23:03:00.0629 3884 mountmgr - ok 23:03:00.0660 3884 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 23:03:00.0660 3884 MozillaMaintenance - ok 23:03:00.0675 3884 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys 23:03:00.0675 3884 mpio - ok 23:03:00.0691 3884 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:03:00.0707 3884 mpsdrv - ok 23:03:00.0738 3884 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll 23:03:00.0753 3884 MpsSvc - ok 23:03:00.0769 3884 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:03:00.0769 3884 MRxDAV - ok 23:03:00.0800 3884 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:03:00.0800 3884 mrxsmb - ok 23:03:00.0831 3884 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:03:00.0847 3884 mrxsmb10 - ok 23:03:00.0863 3884 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:03:00.0863 3884 mrxsmb20 - ok 23:03:00.0909 3884 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys 23:03:00.0909 3884 msahci - ok 23:03:00.0925 3884 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys 23:03:00.0925 3884 msdsm - ok 23:03:00.0941 3884 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 23:03:00.0941 3884 MSDTC - ok 23:03:00.0972 3884 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:03:00.0972 3884 Msfs - ok 23:03:00.0987 3884 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 23:03:00.0987 3884 mshidkmdf - ok 23:03:01.0003 3884 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys 23:03:01.0003 3884 msisadrv - ok 23:03:01.0034 3884 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:03:01.0050 3884 MSiSCSI - ok 23:03:01.0050 3884 msiserver - ok 23:03:01.0065 3884 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:03:01.0065 3884 MSKSSRV - ok 23:03:01.0081 3884 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:03:01.0081 3884 MSPCLOCK - ok 23:03:01.0097 3884 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:03:01.0097 3884 MSPQM - ok 23:03:01.0112 3884 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:03:01.0112 3884 MsRPC - ok 23:03:01.0128 3884 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 23:03:01.0128 3884 mssmbios - ok 23:03:01.0143 3884 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:03:01.0143 3884 MSTEE - ok 23:03:01.0159 3884 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 23:03:01.0159 3884 MTConfig - ok 23:03:01.0175 3884 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 23:03:01.0175 3884 Mup - ok 23:03:01.0206 3884 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll 23:03:01.0206 3884 napagent - ok 23:03:01.0237 3884 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:03:01.0237 3884 NativeWifiP - ok 23:03:01.0268 3884 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys 23:03:01.0284 3884 NDIS - ok 23:03:01.0299 3884 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 23:03:01.0299 3884 NdisCap - ok 23:03:01.0315 3884 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:03:01.0315 3884 NdisTapi - ok 23:03:01.0331 3884 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:03:01.0331 3884 Ndisuio - ok 23:03:01.0346 3884 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:03:01.0346 3884 NdisWan - ok 23:03:01.0362 3884 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:03:01.0362 3884 NDProxy - ok 23:03:01.0377 3884 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:03:01.0377 3884 NetBIOS - ok 23:03:01.0393 3884 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 23:03:01.0393 3884 NetBT - ok 23:03:01.0409 3884 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe 23:03:01.0409 3884 Netlogon - ok 23:03:01.0440 3884 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 23:03:01.0440 3884 Netman - ok 23:03:01.0455 3884 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 23:03:01.0471 3884 netprofm - ok 23:03:01.0487 3884 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:03:01.0487 3884 NetTcpPortSharing - ok 23:03:01.0502 3884 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 23:03:01.0502 3884 nfrd960 - ok 23:03:01.0518 3884 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll 23:03:01.0533 3884 NlaSvc - ok 23:03:01.0533 3884 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:03:01.0549 3884 Npfs - ok 23:03:01.0549 3884 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 23:03:01.0549 3884 nsi - ok 23:03:01.0565 3884 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:03:01.0565 3884 nsiproxy - ok 23:03:01.0627 3884 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:03:01.0658 3884 Ntfs - ok 23:03:01.0674 3884 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 23:03:01.0674 3884 Null - ok 23:03:01.0705 3884 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:03:01.0705 3884 nvraid - ok 23:03:01.0721 3884 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:03:01.0721 3884 nvstor - ok 23:03:01.0736 3884 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys 23:03:01.0752 3884 nv_agp - ok 23:03:01.0752 3884 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 23:03:01.0767 3884 ohci1394 - ok 23:03:01.0799 3884 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:03:01.0814 3884 ose - ok 23:03:01.0939 3884 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 23:03:02.0048 3884 osppsvc - ok 23:03:02.0064 3884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 23:03:02.0079 3884 p2pimsvc - ok 23:03:02.0095 3884 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 23:03:02.0095 3884 p2psvc - ok 23:03:02.0126 3884 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 23:03:02.0126 3884 Parport - ok 23:03:02.0157 3884 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:03:02.0173 3884 partmgr - ok 23:03:02.0189 3884 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:03:02.0189 3884 PcaSvc - ok 23:03:02.0189 3884 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys 23:03:02.0204 3884 pci - ok 23:03:02.0220 3884 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys 23:03:02.0220 3884 pciide - ok 23:03:02.0235 3884 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 23:03:02.0235 3884 pcmcia - ok 23:03:02.0251 3884 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 23:03:02.0251 3884 pcw - ok 23:03:02.0267 3884 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:03:02.0282 3884 PEAUTH - ok 23:03:02.0298 3884 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 23:03:02.0298 3884 PerfHost - ok 23:03:02.0345 3884 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll 23:03:02.0360 3884 pla - ok 23:03:02.0407 3884 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:03:02.0407 3884 PlugPlay - ok 23:03:02.0423 3884 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 23:03:02.0423 3884 PNRPAutoReg - ok 23:03:02.0454 3884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 23:03:02.0454 3884 PNRPsvc - ok 23:03:02.0485 3884 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:03:02.0485 3884 PolicyAgent - ok 23:03:02.0516 3884 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 23:03:02.0516 3884 Power - ok 23:03:02.0547 3884 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:03:02.0547 3884 PptpMiniport - ok 23:03:02.0563 3884 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 23:03:02.0563 3884 Processor - ok 23:03:02.0594 3884 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll 23:03:02.0594 3884 ProfSvc - ok 23:03:02.0610 3884 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:03:02.0610 3884 ProtectedStorage - ok 23:03:02.0641 3884 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 23:03:02.0641 3884 Psched - ok 23:03:02.0672 3884 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 23:03:02.0703 3884 ql2300 - ok 23:03:02.0719 3884 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 23:03:02.0719 3884 ql40xx - ok 23:03:02.0750 3884 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 23:03:02.0750 3884 QWAVE - ok 23:03:02.0766 3884 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:03:02.0766 3884 QWAVEdrv - ok 23:03:02.0781 3884 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:03:02.0781 3884 RasAcd - ok 23:03:02.0813 3884 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 23:03:02.0813 3884 RasAgileVpn - ok 23:03:02.0828 3884 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 23:03:02.0828 3884 RasAuto - ok 23:03:02.0859 3884 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:03:02.0859 3884 Rasl2tp - ok 23:03:02.0875 3884 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll 23:03:02.0875 3884 RasMan - ok 23:03:02.0891 3884 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:03:02.0891 3884 RasPppoe - ok 23:03:02.0906 3884 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 23:03:02.0906 3884 RasSstp - ok 23:03:02.0922 3884 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:03:02.0922 3884 rdbss - ok 23:03:02.0937 3884 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 23:03:02.0937 3884 rdpbus - ok 23:03:02.0953 3884 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:03:02.0953 3884 RDPCDD - ok 23:03:02.0969 3884 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:03:02.0969 3884 RDPENCDD - ok 23:03:02.0984 3884 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 23:03:02.0984 3884 RDPREFMP - ok 23:03:03.0015 3884 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:03:03.0015 3884 RDPWD - ok 23:03:03.0031 3884 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 23:03:03.0047 3884 rdyboost - ok 23:03:03.0062 3884 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 23:03:03.0062 3884 RemoteAccess - ok 23:03:03.0078 3884 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:03:03.0093 3884 RemoteRegistry - ok 23:03:03.0171 3884 [ 8CFCA7E2FD4B57C2BEF929C1C1A4C56E ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 23:03:03.0171 3884 RichVideo - ok 23:03:03.0203 3884 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 23:03:03.0203 3884 RpcEptMapper - ok 23:03:03.0218 3884 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 23:03:03.0218 3884 RpcLocator - ok 23:03:03.0234 3884 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll 23:03:03.0249 3884 RpcSs - ok 23:03:03.0265 3884 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:03:03.0265 3884 rspndr - ok 23:03:03.0296 3884 [ F65F171165FBB613F7AA3CC78E8CAB42 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 23:03:03.0296 3884 RTL8167 - ok 23:03:03.0312 3884 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe 23:03:03.0312 3884 SamSs - ok 23:03:03.0327 3884 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys 23:03:03.0327 3884 sbp2port - ok 23:03:03.0343 3884 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:03:03.0343 3884 SCardSvr - ok 23:03:03.0359 3884 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 23:03:03.0359 3884 scfilter - ok 23:03:03.0421 3884 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll 23:03:03.0437 3884 Schedule - ok 23:03:03.0468 3884 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll 23:03:03.0468 3884 SCPolicySvc - ok 23:03:03.0483 3884 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:03:03.0483 3884 SDRSVC - ok 23:03:03.0515 3884 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:03:03.0515 3884 secdrv - ok 23:03:03.0515 3884 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll 23:03:03.0530 3884 seclogon - ok 23:03:03.0530 3884 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 23:03:03.0546 3884 SENS - ok 23:03:03.0546 3884 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 23:03:03.0546 3884 SensrSvc - ok 23:03:03.0561 3884 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 23:03:03.0561 3884 Serenum - ok 23:03:03.0593 3884 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 23:03:03.0593 3884 Serial - ok 23:03:03.0608 3884 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 23:03:03.0608 3884 sermouse - ok 23:03:03.0624 3884 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll 23:03:03.0624 3884 SessionEnv - ok 23:03:03.0671 3884 [ 52C525BF4D78125A5064D0D1705F04B6 ] SfCtlCom C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe 23:03:03.0686 3884 SfCtlCom - ok 23:03:03.0686 3884 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 23:03:03.0702 3884 sffdisk - ok 23:03:03.0702 3884 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys 23:03:03.0702 3884 sffp_mmc - ok 23:03:03.0717 3884 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 23:03:03.0717 3884 sffp_sd - ok 23:03:03.0733 3884 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 23:03:03.0733 3884 sfloppy - ok 23:03:03.0764 3884 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:03:03.0780 3884 SharedAccess - ok 23:03:03.0795 3884 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:03:03.0795 3884 ShellHWDetection - ok 23:03:03.0827 3884 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:03:03.0827 3884 SiSRaid2 - ok 23:03:03.0842 3884 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 23:03:03.0842 3884 SiSRaid4 - ok 23:03:03.0858 3884 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:03:03.0858 3884 Smb - ok 23:03:03.0889 3884 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:03:03.0889 3884 SNMPTRAP - ok 23:03:03.0889 3884 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 23:03:03.0905 3884 spldr - ok 23:03:03.0936 3884 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe 23:03:03.0936 3884 Spooler - ok 23:03:04.0014 3884 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe 23:03:04.0076 3884 sppsvc - ok 23:03:04.0092 3884 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 23:03:04.0092 3884 sppuinotify - ok 23:03:04.0123 3884 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys 23:03:04.0123 3884 srv - ok 23:03:04.0154 3884 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:03:04.0154 3884 srv2 - ok 23:03:04.0201 3884 [ 93132C69394A99D992095D8CFE464801 ] SrvHsfPCI C:\Windows\system32\DRIVERS\VSTBS26.SYS 23:03:04.0217 3884 SrvHsfPCI - ok 23:03:04.0248 3884 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 23:03:04.0279 3884 SrvHsfV92 - ok 23:03:04.0310 3884 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 23:03:04.0326 3884 SrvHsfWinac - ok 23:03:04.0341 3884 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:03:04.0341 3884 srvnet - ok 23:03:04.0388 3884 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:03:04.0388 3884 SSDPSRV - ok 23:03:04.0404 3884 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 23:03:04.0404 3884 SstpSvc - ok 23:03:04.0435 3884 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 23:03:04.0435 3884 stexstor - ok 23:03:04.0466 3884 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll 23:03:04.0466 3884 stisvc - ok 23:03:04.0482 3884 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 23:03:04.0482 3884 swenum - ok 23:03:04.0497 3884 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 23:03:04.0497 3884 swprv - ok 23:03:04.0529 3884 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll 23:03:04.0560 3884 SysMain - ok 23:03:04.0575 3884 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:03:04.0575 3884 TabletInputService - ok 23:03:04.0607 3884 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll 23:03:04.0607 3884 TapiSrv - ok 23:03:04.0622 3884 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 23:03:04.0622 3884 TBS - ok 23:03:04.0685 3884 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:03:04.0716 3884 Tcpip - ok 23:03:04.0763 3884 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 23:03:04.0763 3884 TCPIP6 - ok 23:03:04.0794 3884 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:03:04.0794 3884 tcpipreg - ok 23:03:04.0809 3884 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:03:04.0809 3884 TDPIPE - ok 23:03:04.0841 3884 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:03:04.0841 3884 TDTCP - ok 23:03:04.0856 3884 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:03:04.0856 3884 tdx - ok 23:03:04.0872 3884 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 23:03:04.0872 3884 TermDD - ok 23:03:04.0903 3884 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll 23:03:04.0903 3884 TermService - ok 23:03:04.0919 3884 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 23:03:04.0919 3884 Themes - ok 23:03:04.0934 3884 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 23:03:04.0934 3884 THREADORDER - ok 23:03:04.0997 3884 [ 963C903E5176C5CDCAE321D48635B21F ] TMBMServer C:\Program Files\Trend Micro\BM\TMBMSRV.exe 23:03:05.0012 3884 TMBMServer - ok 23:03:05.0059 3884 [ 35A6AEB61C7CF21B10CC05BDA47339B5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys 23:03:05.0059 3884 tmlwf - ok 23:03:05.0090 3884 [ C52867F238EF1AAFCD35F8D134B8AB10 ] TmPfw C:\Program Files\Trend Micro\Internet Security\TmPfw.exe 23:03:05.0090 3884 TmPfw - ok 23:03:05.0153 3884 [ 803EE35DF92815EA5D41CEE7410C8CC1 ] tmpreflt C:\Windows\system32\DRIVERS\tmpreflt.sys 23:03:05.0153 3884 tmpreflt - ok 23:03:05.0168 3884 [ 3AE913B4FBF06EE49831FF9DB2330830 ] TmProxy C:\Program Files\Trend Micro\Internet Security\TmProxy.exe 23:03:05.0184 3884 TmProxy - ok 23:03:05.0215 3884 [ 21CC12B7F8B44E91D03EAD5B17AAF0B2 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys 23:03:05.0215 3884 tmtdi - ok 23:03:05.0231 3884 [ A4670E50C15D7BCE7226E4B62700DF09 ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys 23:03:05.0231 3884 tmwfp - ok 23:03:05.0262 3884 [ 9BD32132A3470CEFB3CBEA5FA492BD6F ] tmxpflt C:\Windows\system32\DRIVERS\tmxpflt.sys 23:03:05.0262 3884 tmxpflt - ok 23:03:05.0293 3884 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 23:03:05.0293 3884 TrkWks - ok 23:03:05.0324 3884 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:03:05.0324 3884 TrustedInstaller - ok 23:03:05.0340 3884 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:03:05.0340 3884 tssecsrv - ok 23:03:05.0371 3884 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:03:05.0371 3884 tunnel - ok 23:03:05.0387 3884 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 23:03:05.0402 3884 uagp35 - ok 23:03:05.0418 3884 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:03:05.0418 3884 udfs - ok 23:03:05.0433 3884 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:03:05.0465 3884 UI0Detect - ok 23:03:05.0496 3884 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys 23:03:05.0527 3884 uliagpkx - ok 23:03:05.0589 3884 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 23:03:05.0589 3884 umbus - ok 23:03:05.0605 3884 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 23:03:05.0605 3884 UmPass - ok 23:03:05.0636 3884 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 23:03:05.0636 3884 upnphost - ok 23:03:05.0667 3884 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 23:03:05.0667 3884 USBAAPL64 - ok 23:03:05.0699 3884 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:03:05.0699 3884 usbccgp - ok 23:03:05.0714 3884 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 23:03:05.0714 3884 usbcir - ok 23:03:05.0745 3884 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:03:05.0745 3884 usbehci - ok 23:03:05.0777 3884 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:03:05.0792 3884 usbhub - ok 23:03:05.0808 3884 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys 23:03:05.0823 3884 usbohci - ok 23:03:05.0823 3884 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 23:03:05.0823 3884 usbprint - ok 23:03:05.0855 3884 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 23:03:05.0855 3884 usbscan - ok 23:03:05.0886 3884 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:03:05.0886 3884 USBSTOR - ok 23:03:05.0901 3884 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 23:03:05.0901 3884 usbuhci - ok 23:03:05.0917 3884 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 23:03:05.0917 3884 UxSms - ok 23:03:05.0933 3884 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe 23:03:05.0933 3884 VaultSvc - ok 23:03:05.0948 3884 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys 23:03:05.0948 3884 vdrvroot - ok 23:03:05.0964 3884 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe 23:03:05.0979 3884 vds - ok 23:03:05.0979 3884 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:03:05.0995 3884 vga - ok 23:03:05.0995 3884 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 23:03:05.0995 3884 VgaSave - ok 23:03:06.0026 3884 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys 23:03:06.0026 3884 vhdmp - ok 23:03:06.0042 3884 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys 23:03:06.0042 3884 viaide - ok 23:03:06.0057 3884 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys 23:03:06.0057 3884 volmgr - ok 23:03:06.0073 3884 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:03:06.0089 3884 volmgrx - ok 23:03:06.0089 3884 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys 23:03:06.0104 3884 volsnap - ok 23:03:06.0135 3884 [ B01CE1F5A44126892240D179A6DBD43F ] vsapint C:\Windows\system32\DRIVERS\vsapint.sys 23:03:06.0182 3884 vsapint - ok 23:03:06.0198 3884 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 23:03:06.0198 3884 vsmraid - ok 23:03:06.0245 3884 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe 23:03:06.0260 3884 VSS - ok 23:03:06.0276 3884 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 23:03:06.0276 3884 vwifibus - ok 23:03:06.0307 3884 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 23:03:06.0307 3884 W32Time - ok 23:03:06.0323 3884 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 23:03:06.0323 3884 WacomPen - ok 23:03:06.0354 3884 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 23:03:06.0354 3884 WANARP - ok 23:03:06.0354 3884 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:03:06.0354 3884 Wanarpv6 - ok 23:03:06.0401 3884 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 23:03:06.0432 3884 WatAdminSvc - ok 23:03:06.0479 3884 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe 23:03:06.0494 3884 wbengine - ok 23:03:06.0525 3884 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 23:03:06.0525 3884 WbioSrvc - ok 23:03:06.0541 3884 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:03:06.0557 3884 wcncsvc - ok 23:03:06.0572 3884 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:03:06.0572 3884 WcsPlugInService - ok 23:03:06.0603 3884 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 23:03:06.0603 3884 Wd - ok 23:03:06.0650 3884 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:03:06.0650 3884 Wdf01000 - ok 23:03:06.0666 3884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:03:06.0666 3884 WdiServiceHost - ok 23:03:06.0681 3884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:03:06.0681 3884 WdiSystemHost - ok 23:03:06.0713 3884 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll 23:03:06.0713 3884 WebClient - ok 23:03:06.0728 3884 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 23:03:06.0728 3884 Wecsvc - ok 23:03:06.0744 3884 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:03:06.0744 3884 wercplsupport - ok 23:03:06.0759 3884 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 23:03:06.0775 3884 WerSvc - ok 23:03:06.0791 3884 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 23:03:06.0791 3884 WfpLwf - ok 23:03:06.0806 3884 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 23:03:06.0806 3884 WIMMount - ok 23:03:06.0837 3884 [ 1EDBBF412A382550AF6EB35F5E46928E ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys 23:03:06.0853 3884 winachsf - ok 23:03:06.0869 3884 WinDefend - ok 23:03:06.0869 3884 WinHttpAutoProxySvc - ok 23:03:06.0915 3884 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:03:06.0915 3884 Winmgmt - ok 23:03:06.0962 3884 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll 23:03:06.0993 3884 WinRM - ok 23:03:07.0056 3884 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 23:03:07.0056 3884 WinUsb - ok 23:03:07.0071 3884 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 23:03:07.0087 3884 Wlansvc - ok 23:03:07.0196 3884 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:03:07.0243 3884 wlidsvc - ok 23:03:07.0259 3884 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 23:03:07.0259 3884 WmiAcpi - ok 23:03:07.0290 3884 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:03:07.0290 3884 wmiApSrv - ok 23:03:07.0305 3884 WMPNetworkSvc - ok 23:03:07.0321 3884 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:03:07.0321 3884 WPCSvc - ok 23:03:07.0352 3884 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:03:07.0352 3884 WPDBusEnum - ok 23:03:07.0368 3884 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:03:07.0368 3884 ws2ifsl - ok 23:03:07.0399 3884 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll 23:03:07.0399 3884 wscsvc - ok 23:03:07.0399 3884 WSearch - ok 23:03:07.0477 3884 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 23:03:07.0524 3884 wuauserv - ok 23:03:07.0555 3884 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 23:03:07.0555 3884 WudfPf - ok 23:03:07.0571 3884 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:03:07.0571 3884 WUDFRd - ok 23:03:07.0602 3884 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:03:07.0617 3884 wudfsvc - ok 23:03:07.0633 3884 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 23:03:07.0633 3884 WwanSvc - ok 23:03:07.0680 3884 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys 23:03:07.0680 3884 XAudio - ok 23:03:07.0695 3884 ================ Scan global =============================== 23:03:07.0711 3884 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 23:03:07.0742 3884 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll 23:03:07.0758 3884 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll 23:03:07.0773 3884 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 23:03:07.0805 3884 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 23:03:07.0805 3884 [Global] - ok 23:03:07.0805 3884 ================ Scan MBR ================================== 23:03:07.0820 3884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 23:03:07.0945 3884 \Device\Harddisk0\DR0 - ok 23:03:07.0945 3884 ================ Scan VBR ================================== 23:03:07.0945 3884 [ 782EA9D446A394A9486A1C0531C023FB ] \Device\Harddisk0\DR0\Partition1 23:03:07.0945 3884 \Device\Harddisk0\DR0\Partition1 - ok 23:03:07.0961 3884 [ 723B10C339665AC68C24561AF2CE7C75 ] \Device\Harddisk0\DR0\Partition2 23:03:07.0961 3884 \Device\Harddisk0\DR0\Partition2 - ok 23:03:07.0961 3884 ============================================================ 23:03:07.0961 3884 Scan finished 23:03:07.0961 3884 ============================================================ 23:03:07.0976 1880 Detected object count: 0 23:03:07.0976 1880 Actual detected object count: 0 RK RogueKiller V8.3.1 [Nov 29 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo...13-roguekiller/ Website : http://tigzy.geeksto...roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User : Rybicki [Admin rights] Mode : Scan -- Date : 12/01/2012 23:08:30 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : EPSON NX430 TX435 Series (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBP.EXE /FU "C:\Users\Rybicki\AppData\Local\Temp\E_S7E2.tmp" /EF "HKCU") -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : Upyqpai (C:\Users\Rybicki\AppData\Roaming\Pueny\giam.exe) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2800316101-1893281304-1120784185-1000[...]\Run : EPSON NX430 TX435 Series (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBP.EXE /FU "C:\Users\Rybicki\AppData\Local\Temp\E_S7E2.tmp" /EF "HKCU") -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2800316101-1893281304-1120784185-1000[...]\Run : Upyqpai (C:\Users\Rybicki\AppData\Roaming\Pueny\giam.exe) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3500418AS ATA Device +++++ --- User --- [MBR] 7effd017c166444088654c548abfb39c [bSP] 3d7eda69ce55cc718d167f25dfdb61ad : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_12012012_02d2308.txt >> RKreport[1]_S_12012012_02d2308.txt
  8. Technics
    Hi, One of my malware removal tools detected and quarantined the following: Trojan.Win32.Generic!BT - Malware unknown - Registry Win32.Malware!Drop. - Malware I then ran Malwarebytes and it detected 2 Spyware.Zbot files. So I am uncertain if I was successful in the removal of this. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.7.2 Run by PC at 18:33:34 on 2012-12-01 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.2012.701 [GMT 8:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\spool\drivers\x64\3\E_IATIHBP.EXE C:\Program Files (x86)\puush\puush.exe C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Rybicki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rybicki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rybicki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\Rybicki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com.au/ uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray uRun: [EPSON NX430 TX435 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHBP.EXE /FU "C:\Users\PC\AppData\Local\Temp\E_S7E2.tmp" /EF "HKCU" uRun: [Google Update] "C:\Users\Rybicki\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [C:\Users\Rybicki\Downloads\LivestreamProcaster.exe] C:\Users\Rybicki\Downloads\LivestreamProcaster.exe /exenoupdates /exelang 0 /prereqs "0" uRun: [puush] C:\Program Files (x86)\puush\puush.exe uRun: [upyqpai] C:\Users\Rybicki\AppData\Roaming\Pueny\giam.exe mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" mRun: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" mRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun mRun: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" mRun: [Conime] C:\Windows\System32\conime.exe mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KODAKE~1.LNK - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{B377F43F-775C-4B19-A889-693D75FE514A} : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe x64-Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\h6zd0hbl.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.81\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Rybicki\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Users\Rybicki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-9-19 69376] R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2009-7-29 200720] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048] R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-7-12 219360] R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2010-7-12 68136] R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-14 27136] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-5-17 308592] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2152152] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-7 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-7 676936] R2 tmpreflt;tmpreflt;C:\Windows\System32\drivers\tmpreflt.sys [2010-9-28 42576] R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2009-7-29 339984] R3 CAXHWBS2;CAXHWBS2;C:\Windows\System32\drivers\CAXHWBS2.sys [2009-6-30 411136] R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-9-19 17152] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-3 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-12 236544] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-10-14 35840] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 SrvHsfPCI;SrvHsfPCI;C:\Windows\System32\drivers\VSTBS26.SYS [2009-7-14 411136] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864] S3 TmPfw;Trend Micro Personal Firewall;C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2010-7-12 595960] S3 TmProxy;Trend Micro Proxy Service;C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-7-12 917768] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-28 1255736] . =============== Created Last 30 ================ . 2012-12-01 10:13:26 -------- d-----w- C:\Users\PC\AppData\Local\{AE98EDFD-BC2D-455D-8C5C-21DC3D811150} 2012-11-30 00:17:05 -------- d-----w- C:\Users\PC\AppData\Local\{8B4007C0-618A-433B-A20D-6E89F89DF53D} 2012-11-29 00:24:32 -------- d-----w- C:\Users\PC\AppData\Local\{1DC6CA24-B5F3-45C2-B1D1-D9A040FB5B6C} 2012-11-28 13:47:25 -------- d-----w- C:\Users\PC\AppData\Roaming\Pueny 2012-11-28 13:47:25 -------- d-----w- C:\Users\PC\AppData\Roaming\Ilebm 2012-11-28 13:47:25 -------- d-----w- C:\Users\PC\AppData\Roaming\Ifweug 2012-11-27 01:54:40 -------- d-----w- C:\Users\PC\AppData\Local\{BCE3CDCB-6000-4A4F-B888-3C2670C6B0D3} 2012-11-25 23:28:24 -------- d-----w- C:\Users\PC\AppData\Local\{7B977AAD-6363-4B96-9B7B-B7B450C6F185} 2012-11-25 02:50:31 -------- d-----w- C:\Users\PC\AppData\Local\{A7E9FF47-25E6-4210-8E87-F5B87CFA93E6} 2012-11-24 03:46:00 -------- d-----w- C:\Users\PC\AppData\Local\{64ACF544-4EBF-4B04-9863-727EC8FEFD28} 2012-11-23 11:16:59 -------- d-----w- C:\Users\PC\AppData\Roaming\puush 2012-11-23 11:16:28 -------- d-----w- C:\Program Files (x86)\puush 2012-11-23 01:56:23 -------- d-----w- C:\Users\PC\AppData\Local\{C6F03B08-55C0-4199-891B-CE70AACE3D81} 2012-11-21 23:13:49 -------- d-----w- C:\Users\PC\AppData\Local\{E71310D3-81A1-40D4-BC19-192B30684FBB} 2012-11-20 23:27:26 -------- d-----w- C:\Users\PC\AppData\Local\{0F7DE8F5-7A5B-4B21-B78B-3EA26A87EB43} 2012-11-20 04:18:49 -------- d-----w- C:\Users\PC\AppData\Local\{E2B18092-AB20-4127-949A-C33DDA4391E0} 2012-11-19 02:21:35 -------- d-----w- C:\Users\PC\AppData\Local\{1C699A29-7365-4DC6-A4A3-A68F3329850E} 2012-11-17 23:47:30 -------- d-----w- C:\Users\PC\AppData\Local\{4EC8C9CC-C4FC-45BE-BF64-595597D65A2F} 2012-11-16 19:33:25 -------- d-----w- C:\Users\PC\AppData\Local\{2C4C0DA2-83D4-467D-9440-2F05F758F6BB} 2012-11-16 19:09:38 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-11-16 19:09:37 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-11-16 19:09:37 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-16 19:09:37 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-16 02:41:52 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-11-16 02:41:21 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-11-16 02:41:21 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-11-16 02:22:36 -------- d-----w- C:\Users\PC\AppData\Local\{D698A225-B9C0-4A7F-88EB-4BE5E080BD3C} 2012-11-14 23:07:20 -------- d-----w- C:\Users\PC\AppData\Local\{6006EC8F-8EF8-4584-A0E8-91EFA3D825E4} 2012-11-14 00:06:53 -------- d-----w- C:\Users\PC\AppData\Local\{4BC21F8D-3048-42E7-8D03-4A3265D877F6} 2012-11-13 03:43:35 -------- d-----w- C:\Users\PC\AppData\Local\{D26F3825-1AB5-4ACC-B2FF-46F0803E804A} 2012-11-12 04:18:22 -------- d-----w- C:\Users\PC\AppData\Local\{2F4E2969-F0F8-49B1-9A78-8E4C235B9A18} 2012-11-11 12:47:42 -------- d-----w- C:\Users\PC\AppData\Local\{041267FB-8EB6-4982-86D5-4D263BE62AB7} 2012-11-10 23:56:24 -------- d-----w- C:\Users\PC\AppData\Local\{5191D5E2-3E8F-47D8-BC45-CA22DD669FCF} 2012-11-10 03:23:58 -------- d-----w- C:\Users\PC\AppData\Local\{3DB773DD-2037-48A1-AF5D-4F9556A7C67D} 2012-11-09 15:05:33 -------- d-----w- C:\Users\PC\AppData\Local\{3D2F9E7F-4E4C-4BBB-A787-7FCB41060185} 2012-11-09 14:42:22 -------- d-----w- C:\Users\PC\AppData\Local\{CB773740-4312-4D8E-BC53-C65E57820A79} 2012-11-08 14:48:53 -------- d-----w- C:\Users\PC\AppData\Local\{3CD6261F-2390-4D02-A737-D4E3678084BA} 2012-11-08 05:01:08 -------- d-----w- C:\Users\PC\AppData\Local\{FDAB9DAF-9B2A-44E2-8560-3DE02D4826A6} 2012-11-08 00:40:39 -------- d-----w- C:\Users\PC\AppData\Local\{36BC9308-6F0C-456E-8D47-62DF6D3C5B39} 2012-11-07 03:10:39 -------- d-----w- C:\Users\PC\AppData\Local\{16967F9F-78F5-4FBB-B046-701569E6CD58} 2012-11-06 14:32:55 -------- d-----w- C:\Users\PC\AppData\Local\{4690DFAA-599C-47EB-9A2A-2D55F47D0067} 2012-11-05 21:25:47 -------- d-----w- C:\Users\PC\AppData\Local\{E478FC88-C180-42AA-95FC-25665F3910DF} 2012-11-05 00:56:51 -------- d-----w- C:\Users\PC\AppData\Local\{80FFE92A-9069-46AF-AAC4-86636449A65F} 2012-11-03 23:38:01 -------- d-----w- C:\Users\PC\AppData\Local\{FFC9B78C-3713-4CC3-B349-24AF098BC593} 2012-11-02 22:02:43 -------- d-----w- C:\Users\PC\AppData\Local\{A808C4F3-6E01-487D-8301-4CDBB45B21C4} 2012-11-02 03:19:22 -------- d-----w- C:\Users\PC\AppData\Local\{319B480A-FCB4-437B-A4FB-EE2F6FFBEF90} . ==================== Find3M ==================== . 2012-12-01 10:12:48 25640 ----a-w- C:\Windows\gdrv.sys 2012-10-16 21:20:49 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 21:20:46 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 20:34:37 559104 ----a-w- C:\Windows\apppatch\AcLayers.dll 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-06 12:42:58 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-06 12:42:58 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-09-29 11:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-28 05:16:00 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-28 05:15:59 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-09-28 05:15:59 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll . ============= FINISH: 18:34:57.88 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/07/2010 3:43:36 PM System Uptime: 1/12/2012 6:12:29 PM (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | G41MT-ES2L Processor: Pentium® Dual-Core CPU E6500 @ 2.93GHz | Socket 775 | 2133/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 371.639 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP212: 8/11/2012 9:41:11 AM - Windows Update RP213: 16/11/2012 11:21:30 AM - Scheduled Checkpoint RP214: 17/11/2012 3:00:41 AM - Windows Update RP215: 23/11/2012 7:15:41 PM - Installed puush RP216: 28/11/2012 11:38:07 PM - Windows Update . ==== Installed Programs ====================== . ABBYY FineReader 9.0 Sprint Ad-Aware Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin (x64) Adobe Reader X (10.1.4) aiofw aioprnt aioscnnr AoA DVD Copy Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Print Creations ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card AutoHotkey 1.0.48.05 Basic Operation Guide EPSON NX430 TX435 Series Bonjour Browser Configuration Utility BurnAware Free 3.5 Camtasia Studio 7 CCScore center D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Download Navigator e-tax 2012 EasySaver B9.0610.1 Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON NX430 TX435 Series Printer Uninstall EPSON Scan EPSON TX110 Series Printer Uninstall EpsonNet Print ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSTOOLS essvatgt Free M4a to MP3 Converter 7.0 Freemake Video Converter version 2.2.0 GameRanger Google Chrome Google Update Helper HiJackThis Intel® Graphics Media Accelerator Driver iTunes Java 7 Update 7 Java Auto Updater JavaFX 2.1.1 KODAK AiO Home Center Kodak EasyShare software ksDIP LG CyberLink LabelPrint LG CyberLink Power2Go LG CyberLink PowerBackup LG CyberLink PowerDVD LG CyberLink PowerProducer LG CyberLink YouCam LG ODD Auto Firmware Update LG Power Tools Livestream Procaster Malwarebytes Anti-Malware version 1.65.1.1000 Maxthon 3 McAfee Security Scan Plus Mega Manager Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 14.0.1 (x86 en-GB) Mozilla Maintenance Service MSVCRT MSVCRT Redists MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) netbrdg Network Guide EPSON NX430 TX435 Series OfotoXMI Opera 12.01 PCI SoftV92 Modem PDFill FREE PDF Tools PreReq puush QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition SFR SHASTA skin0001 SKINXSDK staticcr TeamSpeak 3 Client Trend Micro Internet Security Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition User's Guide EPSON NX430 TX435 Series VLC media player 1.1.11 VPRINTOL Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 4.01 (64-bit) WIRELESS . ==== Event Viewer Messages From Past Week ======== . 30/11/2012 10:46:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service. 29/11/2012 10:51:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 26/11/2012 6:22:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 1/12/2012 7:53:36 AM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.