disinfectPL
-
Posts
31 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by disinfectPL
-
-
Ahem......maybe I spoke to soon.
Why does my Mbam Web Protection getting turned off. When that happens I am unable to open my Mabam, although its in the tray and clickable.
It keeps saying "real-time protection turned off". If I use task manager and quit all processes and then restart it works for some time and then whem I am browsing I get the message.
Is there a known issue with Mbam?
-
Malwarebytes shows its clean !! That's why I have Mbam on every device.
Thank you so much for your help. Highly appreciated.
-
-
Sorry for the lateness! I was having problems with my battery not being detected anymore, and my cpu is overheating. I hope this is not related to this virus crap.
My new FRST is attached.
-
-
-
They all seem real.
In my 15+ years of computer-ing, I have never had this crop up so out of the blue. I may get 2-3 on occasional MBam scans, but the last scan had 705 !! Of course, that is counting component files of the programs/malwares. But now I really need help to figure out what is happening.
I have saved the MBAm scan output. So that is attached.
Any help to do a thorough comp clean would be highly appreciated !! Thanks!
-
@AdvancedSetupSorry that I am so late !! I actually gave up trying to get MBAM going and forgot about getting back. But I am back to trying again. I ran the script, it did its thing, I rebooted and tried to activate again. The screenshot is attached.
-
Hi AdvancedSetup,
Thanks for the reply and help.
The mbam_check log is in my previous post. The other two logs are attached.
-
I have been using MBAM for quite sometime, but now on Windows 10 I get the following error: I have a lifetime key.
"There is problem with your license key and we are unable to activate your license."
1. I entered the key manually - several times. No change.
2. I used MBAM clean ver 2.3 to completely clean MBAM. REBOOTED and reinstalled MBAM. Still same error with activation.
3. Clicking update seems to connect to server, since it says no new updates.
4. Disabled "Windows defender" - the only antivirus I have. No change.
5. Cleaned and re-installed after reboots multiple times - same error.
Attached is the mbam_check output.
Your help is appreciated.
-
I agree with greyowl. Ver 1.70 causes some really serious boot problems. I spent couple of weeks troubleshooting this here but to no avail. MBAM 1.70 hangs and completely freezes the computer. Only a restart works. Selective startup - done in safe mode - where I turned off MBAM start up fixes boot problems, but then scans always cause computer to freeze.....
http://forums.malwarebytes.org/index.php?showtopic=120151&st=0
-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2012 (ATTENTION: FRST version is 29 days old)
Ran by SYSTEM at 26-01-2013 14:32:03
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet003
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe" [193536 2010-10-08] (Mediafour Corporation)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup [481608 2008-08-22] (Corel, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe [37888 2008-08-22] ()
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [356376 2012-12-29] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [336992 2012-05-30] (Power Software Ltd)
HKU\Dibbs\...\Run: [Akamai NetSession Interface] "C:\Users\Dibbs\AppData\Local\Akamai\netsession_win.exe" [x]
HKU\Dibbs\...\Run: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29S215PP05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1 [2573416 2012-10-17] (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\NI Error Reporting.lnk
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
Startup: C:\Users\Dibbs\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
Startup: C:\Users\Dibbs\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk -> C:\Windows\System32\RunDll32.exe (Microsoft Corporation)
==================== Services (Whitelisted) ===================
2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [356376 2012-12-29] (Kaspersky Lab ZAO)
2 Crypkey License; crypserv.exe [122880 2008-05-07] (CrypKey (Canada) Ltd.)
2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
2 M4LIC; "C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE" [205312 2010-07-20] (Mediafour Corporation)
4 MacDrive8Service; "C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe" [149504 2010-10-08] (Mediafour Corporation)
2 mxssvr; "C:\Program Files (x86)\National Instruments\MAX\nimxs.exe" [12696 2011-06-14] (National Instruments Corporation)
2 NIApplicationWebServer; "C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [50336 2011-05-27] (National Instruments Corporation)
4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [68256 2011-05-27] (National Instruments Corporation)
2 NIDomainService; "C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe" [362104 2011-06-14] (National Instruments Corporation)
3 NILM License Manager; "C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe" [1427688 2010-08-02] (Macrovision Corporation)
2 nimDNSResponder; "C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe" [194224 2011-06-01] (National Instruments Corporation)
2 niSvcLoc; "C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe" -system [50328 2011-05-27] (National Instruments Corporation)
2 NITaggerService; "C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe" [676016 2011-06-14] (National Instruments Corporation)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2012-09-21] ()
2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
2 SSUService; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [370504 2012-03-14] (Splashtop Inc.)
==================== Drivers (Whitelisted) =====================
3 BTWUSB; C:\Windows\System32\Drivers\BTWUSB.sys [63744 2006-06-07] (Broadcom Corporation.)
1 CBDisk; C:\Windows\System32\Drivers\CBDisk.sys [70344 2010-05-12] (EldoS Corporation)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-06-15] (DT Soft Ltd)
0 KL1; C:\Windows\System32\Drivers\KL1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
1 KLIF; C:\Windows\System32\Drivers\KLIF.sys [613720 2012-12-29] (Kaspersky Lab)
1 KLIM6; C:\Windows\System32\Drivers\KLIM6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
3 klkbdflt; C:\Windows\System32\Drivers\klkbdflt.sys [29016 2012-10-25] (Kaspersky Lab)
3 klmouflt; C:\Windows\System32\Drivers\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
1 kltdi; C:\Windows\System32\Drivers\kltdi.sys [54104 2012-12-29] (Kaspersky Lab)
1 kneps; C:\Windows\System32\Drivers\kneps.sys [178008 2012-08-13] (Kaspersky Lab)
0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [307888 2010-10-07] (Mediafour Corporation)
0 MDPMGRNT; C:\Windows\System32\Drivers\MDPMGRNT.sys [32424 2010-10-21] (Mediafour Corporation)
1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
3 pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] ()
3 pwdspio; \??\C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
3 UBNRedir; C:\Windows\SysWow64\Drivers\UBNRedir.sys [6784 2011-12-31] (UniversalBox)
3 catchme; \??\C:\ComboFix\catchme.sys [x]
2 MCSTRM; [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2013-01-26 11:01 - 2013-01-26 11:01 - 01464303 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64(1).exe
2013-01-26 07:08 - 2013-01-26 07:08 - 00021732 ____A C:\ComboFix.txt
2013-01-25 15:45 - 2013-01-25 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-01-24 15:45 - 2013-01-26 06:40 - 05026751 ____R (Swearware) C:\Users\Dibbs\Downloads\ComboFix.exe
2013-01-23 17:18 - 2013-01-23 17:18 - 00881914 ____A C:\Users\Dibbs\Downloads\SecurityCheck.exe
2013-01-23 17:08 - 2013-01-23 17:08 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill(1).com
2013-01-22 18:42 - 2013-01-22 18:43 - 00007168 __ASH C:\Users\Dibbs\Documents\Thumbs.db
2013-01-22 18:41 - 2013-01-22 18:41 - 01172020 ____A C:\Users\Dibbs\Documents\elements finish 2.pptx
2013-01-21 04:24 - 2013-01-21 04:24 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple
2013-01-21 04:23 - 2013-01-21 04:23 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple Computer
2013-01-20 11:44 - 2013-01-20 11:45 - 00295488 ____A C:\Windows\Minidump\012013-28657-01.dmp
2013-01-20 11:36 - 2013-01-23 17:09 - 00002470 ____A C:\Users\Dibbs\Desktop\Rkill.txt
2013-01-20 11:35 - 2013-01-20 11:35 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill.com
2013-01-20 11:31 - 2013-01-20 11:31 - 02057199 ____A C:\Users\Dibbs\Downloads\ParanoidPreferences.apk
2013-01-20 11:29 - 2013-01-20 11:29 - 22330090 ____A C:\Users\Dibbs\Downloads\i717-ICS-UCLF6-Modem.zip
2013-01-19 19:39 - 2013-01-19 19:39 - 00000000 ____D C:\Users\Dibbs\Desktop\Doctor Who - The Snowmen Christmas Special 2012 [MP4-AAC](oan)
2013-01-19 13:28 - 2013-01-19 13:28 - 14513085 ____A C:\Users\Dibbs\Desktop\ebaypics.zip
2013-01-19 12:44 - 2013-01-19 13:28 - 00000000 ____D C:\Users\Dibbs\Desktop\ebaypics
2013-01-19 10:28 - 2013-01-19 10:28 - 00001703 ____A C:\Users\Dibbs\Desktop\RKreport[5]_S_01192013_02d1328.txt
2013-01-19 10:27 - 2013-01-19 10:27 - 00764416 ____A C:\Users\Dibbs\Downloads\RogueKiller.exe
2013-01-19 10:25 - 2013-01-19 10:25 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Dibbs\Downloads\tdsskiller.exe
2013-01-19 10:25 - 2013-01-19 10:25 - 00001434 ____A C:\AdwCleaner[R2].txt
2013-01-19 10:24 - 2013-01-19 10:24 - 00574677 ____A C:\Users\Dibbs\Downloads\adwcleaner(1).exe
2013-01-19 10:23 - 2013-01-19 10:23 - 00000960 ____A C:\Users\Dibbs\Desktop\NTREGOPT.lnk
2013-01-19 10:23 - 2013-01-19 10:23 - 00000941 ____A C:\Users\Dibbs\Desktop\ERUNT.lnk
2013-01-19 10:23 - 2013-01-19 10:23 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-01-19 10:22 - 2013-01-19 10:22 - 00791393 ____A (Lars Hederer ) C:\Users\Dibbs\Downloads\erunt-setup.exe
2013-01-19 08:42 - 2013-01-19 09:07 - 00010627 ____A C:\Users\Dibbs\Desktop\Pratima_CoachesList.xlsx
2013-01-19 08:42 - 2013-01-19 08:42 - 00000165 ___AH C:\Users\Dibbs\Desktop\~$Pratima_CoachesList.xlsx
2013-01-18 17:38 - 2013-01-18 17:38 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-01-18 15:36 - 2013-01-18 15:36 - 00001929 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2013-01-18 15:36 - 2013-01-18 15:36 - 00000000 ____D C:\Program Files\HitmanPro
2013-01-18 15:35 - 2013-01-18 17:39 - 00000000 ____D C:\Users\All Users\HitmanPro
2013-01-18 15:34 - 2013-01-18 15:35 - 09703176 ____A (SurfRight B.V.) C:\Users\Dibbs\Downloads\HitmanPro_x64.exe
2013-01-18 15:32 - 2013-01-18 15:32 - 02436672 ____A C:\Users\Dibbs\Downloads\bitdefender_antivirus.exe
2013-01-18 15:13 - 2013-01-18 15:13 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds(1).com
2013-01-18 15:03 - 2013-01-18 15:03 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100(1).exe
2013-01-18 14:57 - 2013-01-18 15:12 - 00000472 ____A C:\Users\Dibbs\Downloads\defogger_disable.log
2013-01-18 14:57 - 2013-01-18 14:57 - 00050477 ____A C:\Users\Dibbs\Downloads\Defogger.exe
2013-01-18 14:57 - 2013-01-18 14:57 - 00000168 ____A C:\Users\Dibbs\defogger_reenable
2013-01-16 15:12 - 2013-01-18 15:16 - 00000000 ____D C:\Users\Dibbs\Documents\New folder
2013-01-16 15:10 - 2013-01-16 15:10 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds.com
2013-01-10 15:34 - 2013-01-10 17:59 - 728018944 ____A C:\Users\Dibbs\Downloads\ubuntu-12.04.1-desktop-amd64.iso
2013-01-08 06:05 - 2013-01-08 06:05 - 00774144 ____A (Microsoft Corporation) C:\Users\Dibbs\Downloads\nusb33e.exe
2013-01-08 05:57 - 2013-01-08 05:57 - 00010481 ____A C:\Users\Dibbs\Downloads\wtgenusb.zip
2013-01-08 05:51 - 2013-01-08 05:55 - 00000000 ____D C:\Users\Dibbs\Downloads\Windows 98_SECOND_English
2013-01-06 06:33 - 2013-01-06 06:34 - 00993824 ____A C:\Windows\Minidump\010613-29468-01.dmp
2013-01-04 05:30 - 2013-01-04 05:30 - 00003712 ____A C:\Windows\SysWOW64\ealregsnapshot1.reg
2013-01-04 05:07 - 2013-01-04 05:07 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Criterion Games
2013-01-02 17:41 - 2013-01-04 05:00 - 00000000 ____D C:\Users\Dibbs\Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED
2013-01-01 11:40 - 2013-01-01 11:40 - 00000381 ____A C:\Users\Dibbs\Documents\Rohan's type art (frowny face) unfinished.txt
2013-01-01 09:46 - 2013-01-01 09:46 - 00002152 ____A C:\Users\Dibbs\Documents\Rohan's type art (smiley face).txt
2012-12-30 11:47 - 2013-01-19 20:16 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\vlc
2012-12-30 11:47 - 2012-12-30 11:47 - 00001102 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-12-30 11:46 - 2012-12-30 11:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2012-12-30 11:45 - 2012-12-30 11:46 - 22916830 ____A C:\Users\Dibbs\Downloads\vlc-2.0.5-win32.exe
2012-12-29 16:55 - 2012-12-29 16:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2012-12-29 16:45 - 2012-12-29 16:45 - 00001334 ____A C:\Users\Dibbs\Desktop\3D Èíñòðóêòîð 2.2. Äîìàøíÿÿ âåðñèÿ.lnk
2012-12-29 16:45 - 2012-12-29 16:45 - 00000079 ____A C:\Users\Dibbs\Desktop\Èíôîðìàöèÿ ïî àêòèâàöèè ïðîäóêòà.url
2012-12-29 16:42 - 2012-12-29 16:44 - 00000000 ____D C:\Program Files (x86)\3D Instructor 2.2 Home
2012-12-29 16:41 - 2012-12-29 16:41 - 00000000 ____D C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng
2012-12-29 16:38 - 2012-12-29 21:26 - 00002376 ____A C:\Users\Dibbs\Desktop\Safe Money.lnk
2012-12-29 16:34 - 2012-12-29 16:33 - 00001182 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2012-12-29 16:33 - 2012-12-29 16:33 - 00000000 ____D C:\Windows\ELAMBKUP
2012-12-29 16:33 - 2012-07-11 14:09 - 00064856 ____A (Kaspersky Lab) C:\Windows\System32\klfphc.dll
2012-12-29 16:28 - 2012-12-29 16:30 - 175777304 ____A (Kaspersky Lab) C:\Users\Dibbs\Downloads\kis2013_13.0.1.4190EN_3458.exe
2012-12-29 16:18 - 2012-12-29 16:18 - 00017408 ____A C:\Users\Dibbs\AppData\Local\WebpageIcons.db
2012-12-29 16:02 - 2013-01-24 14:01 - 00000000 ____D C:\Users\All Users\Kaspersky Lab
2012-12-29 16:02 - 2012-12-29 16:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2012-12-29 15:52 - 2012-12-29 15:52 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware(1).exe
2012-12-29 15:14 - 2012-12-29 15:14 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100.exe
2012-12-29 15:07 - 2012-12-29 15:07 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware.exe
2012-12-29 12:11 - 2012-12-29 12:11 - 00001172 ____A C:\Users\Dibbs\Desktop\eMusic Download Manager 6.lnk
2012-12-29 12:11 - 2012-12-29 12:11 - 00000000 ____D C:\Program Files (x86)\eMusic Download Manager 6
2012-12-29 12:10 - 2012-12-29 12:11 - 14552720 ____A C:\Users\Dibbs\Downloads\emusic-dlm-installer-windows-6.0.2.exe
2012-12-29 11:18 - 2013-01-05 12:20 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\HpUpdate
2012-12-29 11:18 - 2012-12-29 11:18 - 00002272 ____A C:\Users\Public\Desktop\HP Officejet 4620 series.lnk
2012-12-29 11:18 - 2012-12-29 11:18 - 00001209 ____A C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4620 series.lnk
2012-12-29 11:18 - 2012-10-17 01:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\System32\HPDiscoPM6412.dll
2012-12-29 11:17 - 2012-12-29 11:22 - 00000000 ____D C:\Users\Dibbs\AppData\Local\HP
2012-12-29 11:17 - 2012-12-29 11:18 - 00000000 ____D C:\Program Files (x86)\HP
2012-12-29 11:17 - 2012-12-29 11:17 - 00000057 ____A C:\Users\All Users\Ament.ini
2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Users\All Users\HP
2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Program Files\HP
2012-12-29 11:12 - 2012-12-29 11:13 - 119887328 ____A C:\Users\Dibbs\Downloads\OJ4620_1315.exe
2012-12-29 10:39 - 2012-12-29 10:39 - 00000000 ____D C:\FRST
2012-12-29 07:50 - 2013-01-19 12:38 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Adobe
2012-12-29 07:35 - 2012-12-29 07:35 - 01463381 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64.exe
2012-12-28 23:52 - 2012-12-28 23:52 - 00000000 ____D C:\found.000
2012-12-28 22:06 - 2012-12-29 08:23 - 00000000 ____D C:\Windows\pss
2012-12-28 21:18 - 2012-12-28 21:21 - 105603488 ____A C:\Users\Dibbs\Downloads\avira_free_antivirus_en.exe
2012-12-28 20:41 - 2012-12-28 20:41 - 00003636 ____A C:\AdwCleaner[s2].txt
2012-12-28 20:40 - 2012-12-28 20:40 - 00550017 ____A C:\Users\Dibbs\Downloads\adwcleaner.exe
2012-12-28 20:40 - 2012-12-28 20:40 - 00039699 ____A C:\AdwCleaner[R1].txt
2012-12-28 19:11 - 2012-12-28 19:11 - 00028566 ____A C:\Users\Dibbs\Documents\Attach.txt
2012-12-28 19:11 - 2012-12-28 19:11 - 00018388 ____A C:\Users\Dibbs\Documents\DDS.txt
2012-12-28 19:10 - 2013-01-18 15:15 - 00023933 ____A C:\Users\Dibbs\Desktop\dds.txt
2012-12-28 19:10 - 2013-01-18 15:15 - 00008856 ____A C:\Users\Dibbs\Desktop\attach.txt
2012-12-28 18:37 - 2013-01-18 15:30 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\QuickScan
2012-12-28 18:02 - 2012-12-29 15:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-12-28 17:53 - 2012-12-28 17:53 - 00001491 ____A C:\Users\Dibbs\Desktop\RKreport[3]_S_12282012_02d2053.txt
2012-12-28 17:53 - 2012-12-28 17:53 - 00001457 ____A C:\Users\Dibbs\Desktop\RKreport[4]_D_12282012_02d2053.txt
2012-12-28 17:20 - 2013-01-26 07:09 - 00000000 ____D C:\Qoobox
2012-12-28 17:20 - 2013-01-20 11:50 - 00000000 ____D C:\Windows\erdnt
2012-12-28 17:20 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-12-28 17:20 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-12-28 17:20 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-12-28 17:20 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-12-28 17:20 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-12-28 17:20 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-12-28 17:20 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-12-28 17:20 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-12-28 17:14 - 2012-12-28 17:14 - 00000132 ____A C:\Users\Dibbs\Documents\CFScript.txt
2012-12-28 17:01 - 2012-12-28 17:01 - 00002162 ____A C:\Users\Dibbs\Desktop\RKreport[2]_D_12282012_02d2001.txt
2012-12-28 17:00 - 2012-12-28 17:00 - 00002107 ____A C:\Users\Dibbs\Desktop\RKreport[1]_S_12282012_02d2000.txt
2012-12-28 16:59 - 2013-01-19 10:28 - 00000000 ____D C:\Users\Dibbs\Desktop\RK_Quarantine
2012-12-28 16:57 - 2012-12-28 21:07 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\EurekaLog
2012-12-28 16:54 - 2012-12-28 16:57 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
2012-12-28 16:54 - 2012-12-28 16:54 - 00001072 ____A C:\Users\Dibbs\Desktop\Your Unin-staller!.lnk
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\URSoft
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Babylon
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Babylon
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\All Users\Babylon
2012-12-28 16:36 - 2012-12-28 16:36 - 00000513 ____A C:\Users\Dibbs\Documents\WinZip TrialPzy.txt
2012-12-28 16:34 - 2012-12-28 16:34 - 00368856 ____A (WinZip Computing) C:\Users\Dibbs\Downloads\WinZip170.exe
2012-12-28 14:46 - 2012-12-28 15:20 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
2012-12-28 11:47 - 2012-12-28 11:47 - 00001264 ____A C:\Users\Dibbs\Desktop\Revo Uninstaller.lnk
2012-12-28 11:47 - 2012-12-28 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-12-28 11:46 - 2012-12-28 11:47 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dibbs\Downloads\revosetup.exe
2012-12-28 08:08 - 2012-12-28 08:08 - 00000000 ____D C:\Users\Dibbs\AppData\Local\RadonLabs
2012-12-28 08:03 - 2010-03-15 01:31 - 00165376 ____A C:\Windows\SysWOW64\unrar.dll
2012-12-28 08:00 - 2012-12-29 16:45 - 00001057 ____A C:\Windows\NLSDownlevelMapping.log
2012-12-28 07:59 - 2012-12-29 16:44 - 00000000 ____D C:\Users\Dibbs\Documents\Multisoft
2012-12-28 07:50 - 2012-12-28 07:55 - 408504248 ____A C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng.rar
2012-12-27 19:52 - 2012-12-27 20:05 - 00000000 ____D C:\Users\Dibbs\Desktop\4GB USB DRIVE RED
2012-12-27 19:50 - 2012-12-27 19:53 - 00000000 ____D C:\Users\Dibbs\Downloads\imageusb
2012-12-27 19:49 - 2012-12-27 19:49 - 00432327 ___RA C:\Users\Dibbs\Downloads\imageusb.zip
==================== One Month Modified Files and Folders =======
2013-01-26 11:24 - 2011-12-11 00:59 - 00410096 ____A C:\Windows\PFRO.log
2013-01-26 11:16 - 2011-12-10 22:45 - 01574240 ____A C:\Windows\WindowsUpdate.log
2013-01-26 11:14 - 2009-07-13 21:13 - 00778150 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-26 11:07 - 2011-12-10 22:18 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Skype
2013-01-26 11:01 - 2013-01-26 11:01 - 01464303 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64(1).exe
2013-01-26 10:33 - 2012-01-09 14:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000UA.job
2013-01-26 07:09 - 2012-12-28 17:20 - 00000000 ____D C:\Qoobox
2013-01-26 07:08 - 2013-01-26 07:08 - 00021732 ____A C:\ComboFix.txt
2013-01-26 06:55 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2013-01-26 06:40 - 2013-01-24 15:45 - 05026751 ____R (Swearware) C:\Users\Dibbs\Downloads\ComboFix.exe
2013-01-26 06:30 - 2012-01-09 14:03 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000Core.job
2013-01-26 06:21 - 2012-03-31 05:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-25 15:45 - 2013-01-25 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-01-24 14:01 - 2012-12-29 16:02 - 00000000 ____D C:\Users\All Users\Kaspersky Lab
2013-01-24 00:34 - 2012-01-09 14:04 - 00002364 ____A C:\Users\Dibbs\Desktop\Google Chrome.lnk
2013-01-23 17:18 - 2013-01-23 17:18 - 00881914 ____A C:\Users\Dibbs\Downloads\SecurityCheck.exe
2013-01-23 17:09 - 2013-01-20 11:36 - 00002470 ____A C:\Users\Dibbs\Desktop\Rkill.txt
2013-01-23 17:08 - 2013-01-23 17:08 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill(1).com
2013-01-22 18:43 - 2013-01-22 18:42 - 00007168 __ASH C:\Users\Dibbs\Documents\Thumbs.db
2013-01-22 18:41 - 2013-01-22 18:41 - 01172020 ____A C:\Users\Dibbs\Documents\elements finish 2.pptx
2013-01-22 18:40 - 2009-07-13 20:51 - 00120697 ____A C:\Windows\setupact.log
2013-01-22 13:02 - 2009-07-13 20:45 - 00014592 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-22 13:02 - 2009-07-13 20:45 - 00014592 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-22 12:55 - 2011-12-10 23:36 - 00000000 ____D C:\users\Dibbs
2013-01-22 12:54 - 2011-12-11 00:50 - 00016864 ____A C:\Windows\error.log
2013-01-22 12:54 - 2011-12-11 00:50 - 00003892 ____A C:\Windows\errord.log
2013-01-22 12:54 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-22 05:04 - 2011-12-27 16:52 - 00000000 ____D C:\Users\Dibbs\AppData\Local\CrashDumps
2013-01-21 04:24 - 2013-01-21 04:24 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple
2013-01-21 04:23 - 2013-01-21 04:23 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Apple Computer
2013-01-20 12:04 - 2011-12-10 22:16 - 00000000 ____D C:\Users\All Users\Skype
2013-01-20 11:54 - 2009-07-13 21:08 - 00032630 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-01-20 11:50 - 2012-12-28 17:20 - 00000000 ____D C:\Windows\erdnt
2013-01-20 11:45 - 2013-01-20 11:44 - 00295488 ____A C:\Windows\Minidump\012013-28657-01.dmp
2013-01-20 11:44 - 2012-07-19 02:49 - 632107619 ____A C:\Windows\MEMORY.DMP
2013-01-20 11:44 - 2012-02-11 10:08 - 00000000 ____D C:\Windows\Minidump
2013-01-20 11:35 - 2013-01-20 11:35 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Dibbs\Downloads\rkill.com
2013-01-20 11:31 - 2013-01-20 11:31 - 02057199 ____A C:\Users\Dibbs\Downloads\ParanoidPreferences.apk
2013-01-20 11:29 - 2013-01-20 11:29 - 22330090 ____A C:\Users\Dibbs\Downloads\i717-ICS-UCLF6-Modem.zip
2013-01-19 20:16 - 2012-12-30 11:47 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\vlc
2013-01-19 19:39 - 2013-01-19 19:39 - 00000000 ____D C:\Users\Dibbs\Desktop\Doctor Who - The Snowmen Christmas Special 2012 [MP4-AAC](oan)
2013-01-19 13:28 - 2013-01-19 13:28 - 14513085 ____A C:\Users\Dibbs\Desktop\ebaypics.zip
2013-01-19 13:28 - 2013-01-19 12:44 - 00000000 ____D C:\Users\Dibbs\Desktop\ebaypics
2013-01-19 12:38 - 2012-12-29 07:50 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Adobe
2013-01-19 12:35 - 2012-01-10 09:44 - 00000000 ____D C:\Users\All Users\FLEXnet
2013-01-19 10:28 - 2013-01-19 10:28 - 00001703 ____A C:\Users\Dibbs\Desktop\RKreport[5]_S_01192013_02d1328.txt
2013-01-19 10:28 - 2012-12-28 16:59 - 00000000 ____D C:\Users\Dibbs\Desktop\RK_Quarantine
2013-01-19 10:27 - 2013-01-19 10:27 - 00764416 ____A C:\Users\Dibbs\Downloads\RogueKiller.exe
2013-01-19 10:25 - 2013-01-19 10:25 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Dibbs\Downloads\tdsskiller.exe
2013-01-19 10:25 - 2013-01-19 10:25 - 00001434 ____A C:\AdwCleaner[R2].txt
2013-01-19 10:24 - 2013-01-19 10:24 - 00574677 ____A C:\Users\Dibbs\Downloads\adwcleaner(1).exe
2013-01-19 10:23 - 2013-01-19 10:23 - 00000960 ____A C:\Users\Dibbs\Desktop\NTREGOPT.lnk
2013-01-19 10:23 - 2013-01-19 10:23 - 00000941 ____A C:\Users\Dibbs\Desktop\ERUNT.lnk
2013-01-19 10:23 - 2013-01-19 10:23 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-01-19 10:22 - 2013-01-19 10:22 - 00791393 ____A (Lars Hederer ) C:\Users\Dibbs\Downloads\erunt-setup.exe
2013-01-19 09:07 - 2013-01-19 08:42 - 00010627 ____A C:\Users\Dibbs\Desktop\Pratima_CoachesList.xlsx
2013-01-19 08:42 - 2013-01-19 08:42 - 00000165 ___AH C:\Users\Dibbs\Desktop\~$Pratima_CoachesList.xlsx
2013-01-18 17:39 - 2013-01-18 15:35 - 00000000 ____D C:\Users\All Users\HitmanPro
2013-01-18 17:38 - 2013-01-18 17:38 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-01-18 17:38 - 2012-06-02 11:39 - 00000000 ____D C:\Users\Dibbs\Downloads\DigiDNA.DiskAid.v5.1.2.Incl.Keygen-Lz0
2013-01-18 15:36 - 2013-01-18 15:36 - 00001929 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2013-01-18 15:36 - 2013-01-18 15:36 - 00000000 ____D C:\Program Files\HitmanPro
2013-01-18 15:35 - 2013-01-18 15:34 - 09703176 ____A (SurfRight B.V.) C:\Users\Dibbs\Downloads\HitmanPro_x64.exe
2013-01-18 15:32 - 2013-01-18 15:32 - 02436672 ____A C:\Users\Dibbs\Downloads\bitdefender_antivirus.exe
2013-01-18 15:30 - 2012-12-28 18:37 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\QuickScan
2013-01-18 15:16 - 2013-01-16 15:12 - 00000000 ____D C:\Users\Dibbs\Documents\New folder
2013-01-18 15:15 - 2012-12-28 19:10 - 00023933 ____A C:\Users\Dibbs\Desktop\dds.txt
2013-01-18 15:15 - 2012-12-28 19:10 - 00008856 ____A C:\Users\Dibbs\Desktop\attach.txt
2013-01-18 15:13 - 2013-01-18 15:13 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds(1).com
2013-01-18 15:12 - 2013-01-18 14:57 - 00000472 ____A C:\Users\Dibbs\Downloads\defogger_disable.log
2013-01-18 15:03 - 2013-01-18 15:03 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100(1).exe
2013-01-18 14:57 - 2013-01-18 14:57 - 00050477 ____A C:\Users\Dibbs\Downloads\Defogger.exe
2013-01-18 14:57 - 2013-01-18 14:57 - 00000168 ____A C:\Users\Dibbs\defogger_reenable
2013-01-16 17:59 - 2011-12-27 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2013-01-16 15:10 - 2013-01-16 15:10 - 00688992 ____R (Swearware) C:\Users\Dibbs\Downloads\dds.com
2013-01-10 17:59 - 2013-01-10 15:34 - 728018944 ____A C:\Users\Dibbs\Downloads\ubuntu-12.04.1-desktop-amd64.iso
2013-01-08 06:05 - 2013-01-08 06:05 - 00774144 ____A (Microsoft Corporation) C:\Users\Dibbs\Downloads\nusb33e.exe
2013-01-08 05:57 - 2013-01-08 05:57 - 00010481 ____A C:\Users\Dibbs\Downloads\wtgenusb.zip
2013-01-08 05:55 - 2013-01-08 05:51 - 00000000 ____D C:\Users\Dibbs\Downloads\Windows 98_SECOND_English
2013-01-06 08:41 - 2012-02-13 18:16 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Corel
2013-01-06 08:24 - 2012-02-13 18:17 - 00000952 __ASH C:\Windows\SysWOW64\KGyGaAvL.sys
2013-01-06 06:34 - 2013-01-06 06:33 - 00993824 ____A C:\Windows\Minidump\010613-29468-01.dmp
2013-01-05 12:20 - 2012-12-29 11:18 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\HpUpdate
2013-01-04 05:30 - 2013-01-04 05:30 - 00003712 ____A C:\Windows\SysWOW64\ealregsnapshot1.reg
2013-01-04 05:29 - 2011-12-11 00:53 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Downloaded Installations
2013-01-04 05:11 - 2011-12-23 12:33 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-01-04 05:11 - 2011-12-23 12:32 - 00435055 ____A C:\Windows\DirectX.log
2013-01-04 05:07 - 2013-01-04 05:07 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Criterion Games
2013-01-04 05:00 - 2013-01-02 17:41 - 00000000 ____D C:\Users\Dibbs\Downloads\Burnout.Paradise.The.Ultimate.Box-RELOADED
2013-01-03 17:05 - 2012-10-25 16:15 - 00000000 ____D C:\Users\Dibbs\Documents\18 WoS Extreme Trucker 2
2013-01-01 11:40 - 2013-01-01 11:40 - 00000381 ____A C:\Users\Dibbs\Documents\Rohan's type art (frowny face) unfinished.txt
2013-01-01 09:46 - 2013-01-01 09:46 - 00002152 ____A C:\Users\Dibbs\Documents\Rohan's type art (smiley face).txt
2012-12-30 11:47 - 2012-12-30 11:47 - 00001102 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-12-30 11:46 - 2012-12-30 11:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2012-12-30 11:46 - 2012-12-30 11:45 - 22916830 ____A C:\Users\Dibbs\Downloads\vlc-2.0.5-win32.exe
2012-12-29 21:26 - 2012-12-29 16:38 - 00002376 ____A C:\Users\Dibbs\Desktop\Safe Money.lnk
2012-12-29 18:22 - 2012-10-25 14:23 - 00613720 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys
2012-12-29 18:22 - 2012-06-08 08:38 - 00054104 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\kltdi.sys
2012-12-29 17:40 - 2012-11-29 17:52 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-12-29 16:55 - 2012-12-29 16:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2012-12-29 16:45 - 2012-12-29 16:45 - 00001334 ____A C:\Users\Dibbs\Desktop\3D Èíñòðóêòîð 2.2. Äîìàøíÿÿ âåðñèÿ.lnk
2012-12-29 16:45 - 2012-12-29 16:45 - 00000079 ____A C:\Users\Dibbs\Desktop\Èíôîðìàöèÿ ïî àêòèâàöèè ïðîäóêòà.url
2012-12-29 16:45 - 2012-12-28 08:00 - 00001057 ____A C:\Windows\NLSDownlevelMapping.log
2012-12-29 16:44 - 2012-12-29 16:42 - 00000000 ____D C:\Program Files (x86)\3D Instructor 2.2 Home
2012-12-29 16:44 - 2012-12-28 07:59 - 00000000 ____D C:\Users\Dibbs\Documents\Multisoft
2012-12-29 16:41 - 2012-12-29 16:41 - 00000000 ____D C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng
2012-12-29 16:35 - 2012-12-29 16:02 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2012-12-29 16:33 - 2012-12-29 16:34 - 00001182 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2012-12-29 16:33 - 2012-12-29 16:33 - 00000000 ____D C:\Windows\ELAMBKUP
2012-12-29 16:30 - 2012-12-29 16:28 - 175777304 ____A (Kaspersky Lab) C:\Users\Dibbs\Downloads\kis2013_13.0.1.4190EN_3458.exe
2012-12-29 16:18 - 2012-12-29 16:18 - 00017408 ____A C:\Users\Dibbs\AppData\Local\WebpageIcons.db
2012-12-29 15:54 - 2012-12-28 18:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-12-29 15:52 - 2012-12-29 15:52 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware(1).exe
2012-12-29 15:14 - 2012-12-29 15:14 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Dibbs\Downloads\mbam-setup-1.70.0.1100.exe
2012-12-29 15:07 - 2012-12-29 15:07 - 22911336 ____A (SUPERAntiSpyware.com) C:\Users\Dibbs\Downloads\SUPERAntiSpyware.exe
2012-12-29 12:11 - 2012-12-29 12:11 - 00001172 ____A C:\Users\Dibbs\Desktop\eMusic Download Manager 6.lnk
2012-12-29 12:11 - 2012-12-29 12:11 - 00000000 ____D C:\Program Files (x86)\eMusic Download Manager 6
2012-12-29 12:11 - 2012-12-29 12:10 - 14552720 ____A C:\Users\Dibbs\Downloads\emusic-dlm-installer-windows-6.0.2.exe
2012-12-29 11:22 - 2012-12-29 11:17 - 00000000 ____D C:\Users\Dibbs\AppData\Local\HP
2012-12-29 11:18 - 2012-12-29 11:18 - 00002272 ____A C:\Users\Public\Desktop\HP Officejet 4620 series.lnk
2012-12-29 11:18 - 2012-12-29 11:18 - 00001209 ____A C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4620 series.lnk
2012-12-29 11:18 - 2012-12-29 11:17 - 00000000 ____D C:\Program Files (x86)\HP
2012-12-29 11:17 - 2012-12-29 11:17 - 00000057 ____A C:\Users\All Users\Ament.ini
2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Users\All Users\HP
2012-12-29 11:17 - 2012-12-29 11:17 - 00000000 ____D C:\Program Files\HP
2012-12-29 11:13 - 2012-12-29 11:12 - 119887328 ____A C:\Users\Dibbs\Downloads\OJ4620_1315.exe
2012-12-29 10:39 - 2012-12-29 10:39 - 00000000 ____D C:\FRST
2012-12-29 08:23 - 2012-12-28 22:06 - 00000000 ____D C:\Windows\pss
2012-12-29 07:35 - 2012-12-29 07:35 - 01463381 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64.exe
2012-12-28 23:52 - 2012-12-28 23:52 - 00000000 ____D C:\found.000
2012-12-28 22:26 - 2011-12-27 19:10 - 00000000 ____D C:\Program Files (x86)\Steam
2012-12-28 21:21 - 2012-12-28 21:18 - 105603488 ____A C:\Users\Dibbs\Downloads\avira_free_antivirus_en.exe
2012-12-28 21:07 - 2012-12-28 16:57 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\EurekaLog
2012-12-28 20:41 - 2012-12-28 20:41 - 00003636 ____A C:\AdwCleaner[s2].txt
2012-12-28 20:40 - 2012-12-28 20:40 - 00550017 ____A C:\Users\Dibbs\Downloads\adwcleaner.exe
2012-12-28 20:40 - 2012-12-28 20:40 - 00039699 ____A C:\AdwCleaner[R1].txt
2012-12-28 19:11 - 2012-12-28 19:11 - 00028566 ____A C:\Users\Dibbs\Documents\Attach.txt
2012-12-28 19:11 - 2012-12-28 19:11 - 00018388 ____A C:\Users\Dibbs\Documents\DDS.txt
2012-12-28 19:09 - 2012-07-26 15:27 - 00000000 ____D C:\Users\Dibbs\Downloads\TOSHIBA
2012-12-28 17:53 - 2012-12-28 17:53 - 00001491 ____A C:\Users\Dibbs\Desktop\RKreport[3]_S_12282012_02d2053.txt
2012-12-28 17:53 - 2012-12-28 17:53 - 00001457 ____A C:\Users\Dibbs\Desktop\RKreport[4]_D_12282012_02d2053.txt
2012-12-28 17:14 - 2012-12-28 17:14 - 00000132 ____A C:\Users\Dibbs\Documents\CFScript.txt
2012-12-28 17:01 - 2012-12-28 17:01 - 00002162 ____A C:\Users\Dibbs\Desktop\RKreport[2]_D_12282012_02d2001.txt
2012-12-28 17:00 - 2012-12-28 17:00 - 00002107 ____A C:\Users\Dibbs\Desktop\RKreport[1]_S_12282012_02d2000.txt
2012-12-28 16:57 - 2012-12-28 16:54 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
2012-12-28 16:54 - 2012-12-28 16:54 - 00001072 ____A C:\Users\Dibbs\Desktop\Your Unin-staller!.lnk
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\URSoft
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Babylon
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Babylon
2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\All Users\Babylon
2012-12-28 16:36 - 2012-12-28 16:36 - 00000513 ____A C:\Users\Dibbs\Documents\WinZip TrialPzy.txt
2012-12-28 16:34 - 2012-12-28 16:34 - 00368856 ____A (WinZip Computing) C:\Users\Dibbs\Downloads\WinZip170.exe
2012-12-28 15:20 - 2012-12-28 14:46 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
2012-12-28 11:49 - 2012-05-06 17:36 - 00870128 ____A C:\Users\Dibbs\AppData\Roaming\mcs.rma
2012-12-28 11:47 - 2012-12-28 11:47 - 00001264 ____A C:\Users\Dibbs\Desktop\Revo Uninstaller.lnk
2012-12-28 11:47 - 2012-12-28 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-12-28 11:47 - 2012-12-28 11:46 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dibbs\Downloads\revosetup.exe
2012-12-28 11:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Resources
2012-12-28 11:06 - 2012-06-02 11:25 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\DiskAid
2012-12-28 08:08 - 2012-12-28 08:08 - 00000000 ____D C:\Users\Dibbs\AppData\Local\RadonLabs
2012-12-28 07:55 - 2012-12-28 07:50 - 408504248 ____A C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng.rar
2012-12-27 20:05 - 2012-12-27 19:52 - 00000000 ____D C:\Users\Dibbs\Desktop\4GB USB DRIVE RED
2012-12-27 19:53 - 2012-12-27 19:50 - 00000000 ____D C:\Users\Dibbs\Downloads\imageusb
2012-12-27 19:49 - 2012-12-27 19:49 - 00432327 ___RA C:\Users\Dibbs\Downloads\imageusb.zip
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-01-22 14:24:29
Restore point made on: 2013-01-24 15:48:08
Restore point made on: 2013-01-26 06:40:54
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 3893.86 MB
Available physical RAM: 3261.83 MB
Total Pagefile: 3892.01 MB
Available Pagefile: 3247.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:337.41 GB) (Free:132.97 GB) NTFS
3 Drive f: () (Removable) (Total:7.46 GB) (Free:6.37 GB) FAT32
4 Drive g: (Blank) (Removable) (Total:0.96 GB) (Free:0.02 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 7647 MB 0 B
Disk 2 Online 984 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 337 GB 101 MB
Partition 3 Primary 117 GB 337 GB
Partition 4 Primary 10 GB 455 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 337 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 83
Hidden: Yes
Active: No
There is no volume associated with this partition.
=========================================================
Disk: 0
Partition 4
Type : 82
Hidden: Yes
Active: No
There is no volume associated with this partition.
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7646 MB 1024 KB
==================================================================================
Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 7646 MB Healthy
=========================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 983 MB 16 KB
==================================================================================
Disk: 2
Partition 1
Type : 06
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G Blank FAT Removable 983 MB Healthy
=========================================================
Last Boot: 2013-01-23 21:02
==================== End Of Log =============================
-
Thanks so much for your reply. I'm running farbar.
Yes, I have MBAM pro license - lifetime version.
MBAM was the only software for virus/malware I installed. I did install Kaspersky when MBAM was on there, and it was a ~4 months ago I think (??). Other software like BitDefender, SuperAntispyware and Avira seem to run through a quick scan all right. This is only happening on the newest version of MBAM (sorry, do not remember version #) - the one with the blue M icon. The old RED Icon M seems t run fine - at least on my other computer. Aha, maybe I should try to udpate the other computer and see if I get a freeze, then it has to be sotware ??? Just srtruck me.....
1. Where is ComboFix-quarantined-files.txt stored?
Many thanks.
-
Hi,
Here is ComboFix log. BTW, re the freezing of MBAM, I have waited even overnight for it to finish. But everything is just completely forzen.... no mouse movements, no nothing.
ComboFix 13-01-26.02 - Dibbs 01/26/2013 9:41.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.2320 [GMT -5:00]
Running from: c:\users\Dibbs\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 14:55 . 2013-01-26 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-22 13:45 . 2013-01-23 09:36 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\offreg.dll
2013-01-21 12:24 . 2013-01-21 12:24 -------- d-----w- c:\users\Dibbs\AppData\Local\Apple
2013-01-21 12:23 . 2013-01-21 12:23 -------- d-----w- c:\users\Dibbs\AppData\Local\Apple Computer
2013-01-19 18:23 . 2013-01-19 18:23 -------- d-----w- c:\program files (x86)\ERUNT
2013-01-19 01:38 . 2013-01-19 01:38 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-01-18 23:36 . 2013-01-18 23:36 -------- d-----w- c:\program files\HitmanPro
2013-01-18 23:35 . 2013-01-19 01:39 -------- d-----w- c:\programdata\HitmanPro
2013-01-04 13:30 . 2013-01-04 13:30 3712 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2013-01-04 13:07 . 2013-01-04 13:07 -------- d-----w- c:\users\Dibbs\AppData\Local\Criterion Games
2012-12-30 19:47 . 2013-01-20 04:16 -------- d-----w- c:\users\Dibbs\AppData\Roaming\vlc
2012-12-30 19:46 . 2012-12-30 19:46 -------- d-----w- c:\program files (x86)\VideoLAN
2012-12-30 00:55 . 2012-12-30 00:55 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2012-12-30 00:42 . 2012-12-30 00:44 -------- d-----w- c:\program files (x86)\3D Instructor 2.2 Home
2012-12-30 00:33 . 2012-07-11 22:09 64856 ----a-w- c:\windows\system32\klfphc.dll
2012-12-30 00:33 . 2012-12-30 00:33 -------- d-----w- c:\windows\ELAMBKUP
2012-12-30 00:02 . 2012-12-30 00:35 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2012-12-30 00:02 . 2013-01-24 22:01 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-29 20:11 . 2012-12-29 20:11 -------- d-----w- c:\users\Dibbs\AppData\Local\eMusic
2012-12-29 20:11 . 2012-12-29 20:11 -------- d-----w- c:\program files (x86)\eMusic Download Manager 6
2012-12-29 19:18 . 2013-01-05 20:20 -------- d-----w- c:\users\Dibbs\AppData\Roaming\HpUpdate
2012-12-29 19:18 . 2012-10-17 09:31 741480 ------w- c:\windows\system32\HPDiscoPM6412.dll
2012-12-29 19:17 . 2012-12-29 19:18 -------- d-----w- c:\program files (x86)\HP
2012-12-29 19:17 . 2012-12-29 19:17 -------- d-----w- c:\programdata\HP
2012-12-29 19:17 . 2012-12-29 19:17 -------- d-----w- c:\program files\HP
2012-12-29 19:17 . 2012-12-29 19:22 -------- d-----w- c:\users\Dibbs\AppData\Local\HP
2012-12-29 18:39 . 2012-12-29 18:39 -------- d-----w- C:\FRST
2012-12-29 15:50 . 2013-01-19 20:38 -------- d-----w- c:\users\Dibbs\AppData\Local\Adobe
2012-12-29 07:52 . 2012-12-29 07:52 -------- d-----w- C:\found.000
2012-12-29 02:37 . 2013-01-18 23:30 -------- d-----w- c:\users\Dibbs\AppData\Roaming\QuickScan
2012-12-29 02:02 . 2012-12-29 23:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-12-29 00:57 . 2012-12-29 05:07 -------- d-----w- c:\users\Dibbs\AppData\Roaming\EurekaLog
2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\users\Dibbs\AppData\Roaming\URSoft
2012-12-29 00:54 . 2012-12-29 00:57 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\users\Dibbs\AppData\Local\Babylon
2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\users\Dibbs\AppData\Roaming\Babylon
2012-12-29 00:54 . 2012-12-29 00:54 -------- d-----w- c:\programdata\Babylon
2012-12-29 00:36 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\mpengine.dll
2012-12-28 22:46 . 2012-12-28 23:20 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-12-28 19:47 . 2012-12-28 19:47 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-12-28 19:04 . 2012-12-28 19:04 -------- d-----w- c:\users\Dibbs\AppData\Local\Programs
2012-12-28 16:08 . 2012-12-28 16:08 -------- d-----w- c:\users\Dibbs\AppData\Local\RadonLabs
2012-12-28 16:03 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-30 02:22 . 2012-10-25 22:23 613720 ----a-w- c:\windows\system32\drivers\klif.sys
2012-12-30 02:22 . 2012-06-08 16:38 54104 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-12-21 21:52 . 2012-07-02 22:18 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-21 21:52 . 2011-12-11 08:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Dibbs\AppData\Local\Akamai\netsession_win.exe" [bU]
"HP Officejet 4620 series (NET)"="c:\program files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe" [2008-08-22 37888]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-12-30 356376]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-05-31 336992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
c:\users\Dibbs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk - c:\windows\system32\RunDll32.exe [2009-7-13 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Belkin\Bluetooth Software\BTTray.exe [2007-2-27 982320]
NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2011-6-19 619672]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-10 1038088]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech Webcam C260(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2011-11-01 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-11-01 171008]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-09-03 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-09-03 13280]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 UBNRedir;UBNRedir;c:\windows\system32\DRIVERS\ubnredir.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R4 MacDrive8Service;MacDrive 8 service;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-08 149504]
R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256]
S0 MDFSYSNT;MacDrive file system driver; [x]
S0 MDPMGRNT;MacDrive Partition Driver;c:\windows\system32\DRIVERS\MDPMGRNT.SYS [2010-10-21 32424]
S1 CBDisk;CBDisk;c:\windows\system32\drivers\CBDisk.sys [2010-05-12 70344]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-15 283200]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-12-30 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S2 M4LIC;Mediafour M4LIC service;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE [2010-07-20 205312]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336]
S2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-06-15 548264]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-03-15 370504]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000Core.job
- c:\users\Dibbs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-09 22:03]
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000UA.job
- c:\users\Dibbs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-09 22:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-10 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-10 386584]
"MacDrive 8 application"="c:\program files\Mediafour\MacDrive 8\MacDrive.exe" [2010-10-08 193536]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-10 415256]
"Corel Photo Downloader"="c:\program files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" [2008-08-22 481608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie.htm
Trusted Zone: rhapsody.com\rhap-app-4-0
Trusted Zone: rhapsody.com\rhapreg
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\
FF - ExtSQL: 2012-12-29 19:33; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF - ExtSQL: 2013-01-18 18:30; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-MacDrive volume icons - (no file)
AddRemove-Akamai - c:\users\Dibbs\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1616424981-3898423210-350200610-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{49CA60F3-7D7F-D540-3F44-7A99EEF0DD39}*]
"bbemohkjfbokbpgcjepnbjjcmenjofagdkcf"=hex:61,62,6a,68,6f,61,6c,69,62,6b,64,6a,
70,65,64,64,64,61,6c,64,67,61,68,69,65,70,6d,63,67,62,62,6f,6d,6e,00,00
"abemohkjfbokbpgcjecoobljmjnpjiikjl"=hex:61,62,6f,67,6b,67,63,63,70,61,70,64,
70,70,6c,6f,63,6c,6d,6f,70,69,6a,65,67,62,70,63,65,6d,64,6f,70,68,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-26 10:08:46
ComboFix-quarantined-files.txt 2013-01-26 15:08
ComboFix2.txt 2012-12-29 01:42
.
Pre-Run: 143,303,532,544 bytes free
Post-Run: 142,841,683,968 bytes free
.
- - End Of File - - 143AC534FE9450D52AA50DF87D1CF5B1
-
Results of screen317's Security Check version 0.99.57
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 6 Update 35
Java version out of Date!
Adobe Flash Player 11.5.502.135
Adobe Reader XI
Mozilla Firefox (19.0)
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 2013 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
-
My apologies I am slow to reply back. I am quite swamped..... and thanks for your time and patience.
Step 1. Nothing showed up. So nothing to delete/fix.
Step 2. Rkill log below.
Step 3. MBAM freezes and computer hangs. Cannot run MBAM even in safe mode, still freezes and hangs computer needing to restart.
I had to uninstall MBAM to proceed to next step.
Step 4. Security check log in next reply.
Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 01/23/2013 08:09:12 PM in x64 mode.
Windows Version: Windows 7 Home Premium
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Windows\system32\crypserv.exe (PID: 1684) [WD-HEUR]
1 proccess terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Firewall Disabled
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 01/23/2013 08:09:33 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)
-
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Dibbs [Admin rights]
Mode : Scan -- Date : 01/19/2013 13:28:55
¤¤¤ Bad processes : 1 ¤¤¤
[DLL] rundll32.exe -- C:\Windows\SysWOW64\rundll32.exe : C:\Users\Dibbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll -> KILLED [TermProc]
¤¤¤ Registry Entries : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BPVT-00HXZT3 ATA Device +++++
--- User ---
[MBR] fede1a3f111c563547d8f5d09ae11300
[bSP] 86c639b09967ec76f8f44519cf44c738 : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 345509 Mo
2 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 707809280 | Size: 120504 Mo
3 - [XXXXXX] LINUX-SWP (0x82) [VISIBLE] Offset (sectors): 954601472 | Size: 10825 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[5]_S_01192013_02d1328.txt >>
RKreport[1]_S_12282012_02d2000.txt ; RKreport[2]_D_12282012_02d2001.txt ; RKreport[3]_S_12282012_02d2053.txt ; RKreport[4]_D_12282012_02d2053.txt ; RKreport[5]_S_01192013_02d1328.txt
-
13:26:03.0513 7504 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:26:04.0043 7504 ============================================================
13:26:04.0043 7504 Current date / time: 2013/01/19 13:26:04.0043
13:26:04.0043 7504 SystemInfo:
13:26:04.0043 7504
13:26:04.0043 7504 OS Version: 6.1.7600 ServicePack: 0.0
13:26:04.0043 7504 Product type: Workstation
13:26:04.0043 7504 ComputerName: DIBBS-PC
13:26:04.0043 7504 UserName: Dibbs
13:26:04.0043 7504 Windows directory: C:\Windows
13:26:04.0043 7504 System windows directory: C:\Windows
13:26:04.0043 7504 Running under WOW64
13:26:04.0043 7504 Processor architecture: Intel x64
13:26:04.0043 7504 Number of processors: 4
13:26:04.0043 7504 Page size: 0x1000
13:26:04.0043 7504 Boot type: Normal boot
13:26:04.0043 7504 ============================================================
13:26:05.0373 7504 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:26:05.0383 7504 ============================================================
13:26:05.0383 7504 \Device\Harddisk0\DR0:
13:26:05.0383 7504 MBR partitions:
13:26:05.0383 7504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:26:05.0383 7504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2A2D2800
13:26:05.0383 7504 ============================================================
13:26:05.0403 7504 C: <-> \Device\Harddisk0\DR0\Partition2
13:26:05.0403 7504 ============================================================
13:26:05.0403 7504 Initialize success
13:26:05.0403 7504 ============================================================
13:26:06.0643 2636 ============================================================
13:26:06.0643 2636 Scan started
13:26:06.0643 2636 Mode: Manual;
13:26:06.0643 2636 ============================================================
13:26:07.0974 2636 ================ Scan system memory ========================
13:26:07.0974 2636 System memory - ok
13:26:07.0974 2636 ================ Scan services =============================
13:26:08.0134 2636 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:26:08.0144 2636 1394ohci - ok
13:26:08.0194 2636 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
13:26:08.0204 2636 ACPI - ok
13:26:08.0234 2636 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
13:26:08.0234 2636 AcpiPmi - ok
13:26:08.0294 2636 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys
13:26:08.0304 2636 adfs - ok
13:26:08.0394 2636 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:26:08.0394 2636 AdobeARMservice - ok
13:26:08.0434 2636 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:26:08.0454 2636 adp94xx - ok
13:26:08.0474 2636 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:26:08.0484 2636 adpahci - ok
13:26:08.0484 2636 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:26:08.0494 2636 adpu320 - ok
13:26:08.0514 2636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:26:08.0524 2636 AeLookupSvc - ok
13:26:08.0554 2636 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
13:26:08.0554 2636 AFD - ok
13:26:08.0574 2636 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
13:26:08.0574 2636 agp440 - ok
13:26:08.0594 2636 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:26:08.0594 2636 ALG - ok
13:26:08.0614 2636 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
13:26:08.0614 2636 aliide - ok
13:26:08.0624 2636 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
13:26:08.0624 2636 amdide - ok
13:26:08.0634 2636 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:26:08.0644 2636 AmdK8 - ok
13:26:08.0654 2636 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:26:08.0654 2636 AmdPPM - ok
13:26:08.0674 2636 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
13:26:08.0674 2636 amdsata - ok
13:26:08.0684 2636 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:26:08.0684 2636 amdsbs - ok
13:26:08.0694 2636 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
13:26:08.0694 2636 amdxata - ok
13:26:08.0714 2636 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
13:26:08.0724 2636 AppID - ok
13:26:08.0734 2636 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:26:08.0744 2636 AppIDSvc - ok
13:26:08.0754 2636 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
13:26:08.0754 2636 Appinfo - ok
13:26:08.0814 2636 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:26:08.0824 2636 Apple Mobile Device - ok
13:26:08.0844 2636 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:26:08.0844 2636 arc - ok
13:26:08.0864 2636 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:26:08.0864 2636 arcsas - ok
13:26:08.0994 2636 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:26:08.0994 2636 aspnet_state - ok
13:26:09.0014 2636 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:26:09.0014 2636 AsyncMac - ok
13:26:09.0034 2636 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
13:26:09.0034 2636 atapi - ok
13:26:09.0064 2636 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:26:09.0074 2636 AudioEndpointBuilder - ok
13:26:09.0094 2636 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:26:09.0094 2636 AudioSrv - ok
13:26:09.0154 2636 AVP - ok
13:26:09.0164 2636 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:26:09.0164 2636 AxInstSV - ok
13:26:09.0184 2636 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:26:09.0194 2636 b06bdrv - ok
13:26:09.0214 2636 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:26:09.0214 2636 b57nd60a - ok
13:26:09.0224 2636 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:26:09.0234 2636 BDESVC - ok
13:26:09.0244 2636 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:26:09.0244 2636 Beep - ok
13:26:09.0264 2636 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
13:26:09.0274 2636 BFE - ok
13:26:09.0314 2636 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
13:26:09.0324 2636 BITS - ok
13:26:09.0364 2636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:26:09.0364 2636 blbdrive - ok
13:26:09.0434 2636 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:26:09.0434 2636 Bonjour Service - ok
13:26:09.0454 2636 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:26:09.0454 2636 bowser - ok
13:26:09.0474 2636 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:26:09.0474 2636 BrFiltLo - ok
13:26:09.0484 2636 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:26:09.0494 2636 BrFiltUp - ok
13:26:09.0524 2636 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:26:09.0534 2636 BridgeMP - ok
13:26:09.0554 2636 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
13:26:09.0554 2636 Browser - ok
13:26:09.0584 2636 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:26:09.0584 2636 Brserid - ok
13:26:09.0594 2636 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:26:09.0594 2636 BrSerWdm - ok
13:26:09.0614 2636 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:26:09.0614 2636 BrUsbMdm - ok
13:26:09.0624 2636 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:26:09.0624 2636 BrUsbSer - ok
13:26:09.0654 2636 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
13:26:09.0654 2636 BthEnum - ok
13:26:09.0664 2636 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:26:09.0664 2636 BTHMODEM - ok
13:26:09.0684 2636 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:26:09.0684 2636 BthPan - ok
13:26:09.0744 2636 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
13:26:09.0754 2636 BTHPORT - ok
13:26:09.0784 2636 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:26:09.0794 2636 bthserv - ok
13:26:09.0804 2636 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
13:26:09.0814 2636 BTHUSB - ok
13:26:09.0844 2636 [ 3A75A1FB8E752911CE14E1CC41478055 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
13:26:09.0844 2636 btwaudio - ok
13:26:09.0884 2636 [ 765AF0B72B9CE0CAA821B86E12B73C58 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
13:26:09.0884 2636 btwavdt - ok
13:26:09.0914 2636 [ 11E80DA0A0698C203115610AD19DB410 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
13:26:09.0914 2636 btwrchid - ok
13:26:09.0934 2636 [ AE34BE2969A5D42266746B68370BA97C ] BTWUSB C:\Windows\system32\Drivers\btwusb.sys
13:26:09.0934 2636 BTWUSB - ok
13:26:09.0944 2636 catchme - ok
13:26:09.0974 2636 [ B99D91E4CD9017F213645AA2E80EB425 ] CBDisk C:\Windows\system32\drivers\CBDisk.sys
13:26:09.0974 2636 CBDisk - ok
13:26:10.0004 2636 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:26:10.0004 2636 cdfs - ok
13:26:10.0044 2636 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:26:10.0044 2636 cdrom - ok
13:26:10.0074 2636 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
13:26:10.0074 2636 CertPropSvc - ok
13:26:10.0104 2636 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:26:10.0104 2636 circlass - ok
13:26:10.0144 2636 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:26:10.0154 2636 CLFS - ok
13:26:10.0224 2636 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:26:10.0224 2636 clr_optimization_v2.0.50727_32 - ok
13:26:10.0264 2636 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:26:10.0264 2636 clr_optimization_v2.0.50727_64 - ok
13:26:10.0364 2636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:26:10.0364 2636 clr_optimization_v4.0.30319_32 - ok
13:26:10.0384 2636 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:26:10.0384 2636 clr_optimization_v4.0.30319_64 - ok
13:26:10.0414 2636 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:26:10.0414 2636 CmBatt - ok
13:26:10.0434 2636 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
13:26:10.0434 2636 cmdide - ok
13:26:10.0464 2636 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
13:26:10.0464 2636 CNG - ok
13:26:10.0524 2636 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
13:26:10.0534 2636 CnxtHdAudService - ok
13:26:10.0604 2636 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:26:10.0604 2636 Compbatt - ok
13:26:10.0624 2636 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:26:10.0624 2636 CompositeBus - ok
13:26:10.0634 2636 COMSysApp - ok
13:26:10.0644 2636 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:26:10.0654 2636 crcdisk - ok
13:26:10.0654 2636 Crypkey License - ok
13:26:10.0704 2636 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:26:10.0714 2636 CryptSvc - ok
13:26:10.0754 2636 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:26:10.0754 2636 DcomLaunch - ok
13:26:10.0784 2636 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:26:10.0784 2636 defragsvc - ok
13:26:10.0804 2636 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:26:10.0804 2636 DfsC - ok
13:26:10.0844 2636 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
13:26:10.0854 2636 dg_ssudbus - ok
13:26:10.0874 2636 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
13:26:10.0874 2636 Dhcp - ok
13:26:10.0894 2636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:26:10.0894 2636 discache - ok
13:26:10.0914 2636 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:26:10.0914 2636 Disk - ok
13:26:10.0934 2636 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:26:10.0934 2636 Dnscache - ok
13:26:10.0954 2636 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
13:26:10.0964 2636 dot3svc - ok
13:26:10.0984 2636 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
13:26:10.0984 2636 DPS - ok
13:26:11.0004 2636 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:26:11.0004 2636 drmkaud - ok
13:26:11.0064 2636 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:26:11.0064 2636 dtsoftbus01 - ok
13:26:11.0104 2636 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:26:11.0144 2636 DXGKrnl - ok
13:26:11.0164 2636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:26:11.0174 2636 EapHost - ok
13:26:11.0244 2636 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:26:11.0344 2636 ebdrv - ok
13:26:11.0384 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
13:26:11.0424 2636 EFS - ok
13:26:11.0604 2636 [ 3D69FAE60EDE442E004611A4EE4DB44C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:26:11.0624 2636 ehRecvr - ok
13:26:11.0644 2636 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:26:11.0644 2636 ehSched - ok
13:26:11.0664 2636 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:26:11.0674 2636 elxstor - ok
13:26:11.0684 2636 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
13:26:11.0684 2636 ErrDev - ok
13:26:11.0724 2636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:26:11.0734 2636 EventSystem - ok
13:26:11.0754 2636 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:26:11.0754 2636 exfat - ok
13:26:11.0775 2636 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:26:11.0775 2636 fastfat - ok
13:26:11.0805 2636 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
13:26:11.0815 2636 Fax - ok
13:26:11.0865 2636 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:26:11.0865 2636 fdc - ok
13:26:11.0885 2636 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:26:11.0885 2636 fdPHost - ok
13:26:11.0905 2636 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:26:11.0905 2636 FDResPub - ok
13:26:11.0915 2636 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:26:11.0915 2636 FileInfo - ok
13:26:11.0925 2636 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:26:11.0925 2636 Filetrace - ok
13:26:11.0975 2636 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:26:11.0985 2636 FLEXnet Licensing Service - ok
13:26:12.0025 2636 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:26:12.0045 2636 FLEXnet Licensing Service 64 - ok
13:26:12.0065 2636 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:26:12.0065 2636 flpydisk - ok
13:26:12.0085 2636 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:26:12.0085 2636 FltMgr - ok
13:26:12.0115 2636 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
13:26:12.0135 2636 FontCache - ok
13:26:12.0175 2636 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:26:12.0185 2636 FontCache3.0.0.0 - ok
13:26:12.0205 2636 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:26:12.0205 2636 FsDepends - ok
13:26:12.0235 2636 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:26:12.0235 2636 Fs_Rec - ok
13:26:12.0255 2636 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:26:12.0255 2636 fvevol - ok
13:26:12.0265 2636 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:26:12.0265 2636 gagp30kx - ok
13:26:12.0305 2636 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:26:12.0305 2636 GEARAspiWDM - ok
13:26:12.0335 2636 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
13:26:12.0345 2636 gpsvc - ok
13:26:12.0365 2636 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:26:12.0365 2636 hcw85cir - ok
13:26:12.0385 2636 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:26:12.0395 2636 HdAudAddService - ok
13:26:12.0405 2636 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:26:12.0415 2636 HDAudBus - ok
13:26:12.0435 2636 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:26:12.0435 2636 HECIx64 - ok
13:26:12.0455 2636 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:26:12.0455 2636 HidBatt - ok
13:26:12.0465 2636 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:26:12.0465 2636 HidBth - ok
13:26:12.0485 2636 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:26:12.0485 2636 HidIr - ok
13:26:12.0505 2636 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:26:12.0505 2636 hidserv - ok
13:26:12.0525 2636 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:26:12.0525 2636 HidUsb - ok
13:26:12.0535 2636 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:26:12.0535 2636 hkmsvc - ok
13:26:12.0555 2636 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:26:12.0555 2636 HomeGroupListener - ok
13:26:12.0585 2636 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:26:12.0595 2636 HomeGroupProvider - ok
13:26:12.0605 2636 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
13:26:12.0605 2636 HpSAMD - ok
13:26:12.0635 2636 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:26:12.0635 2636 HTTP - ok
13:26:12.0675 2636 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:26:12.0675 2636 hwpolicy - ok
13:26:12.0685 2636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:26:12.0685 2636 i8042prt - ok
13:26:12.0715 2636 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
13:26:12.0715 2636 iaStorV - ok
13:26:12.0825 2636 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:26:12.0825 2636 IDriverT - ok
13:26:12.0875 2636 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:26:12.0895 2636 idsvc - ok
13:26:13.0095 2636 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:26:13.0265 2636 igfx - ok
13:26:13.0275 2636 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:26:13.0275 2636 iirsp - ok
13:26:13.0315 2636 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
13:26:13.0325 2636 IKEEXT - ok
13:26:13.0355 2636 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
13:26:13.0355 2636 Impcd - ok
13:26:13.0385 2636 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:26:13.0385 2636 intelide - ok
13:26:13.0395 2636 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:26:13.0395 2636 intelppm - ok
13:26:13.0405 2636 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:26:13.0415 2636 IPBusEnum - ok
13:26:13.0425 2636 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:26:13.0425 2636 IpFilterDriver - ok
13:26:13.0455 2636 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:26:13.0465 2636 iphlpsvc - ok
13:26:13.0475 2636 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:26:13.0485 2636 IPMIDRV - ok
13:26:13.0495 2636 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:26:13.0505 2636 IPNAT - ok
13:26:13.0545 2636 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:26:13.0555 2636 iPod Service - ok
13:26:13.0575 2636 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:26:13.0575 2636 IRENUM - ok
13:26:13.0585 2636 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
13:26:13.0595 2636 isapnp - ok
13:26:13.0605 2636 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:26:13.0615 2636 iScsiPrt - ok
13:26:13.0625 2636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:26:13.0625 2636 kbdclass - ok
13:26:13.0645 2636 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:26:13.0645 2636 kbdhid - ok
13:26:13.0665 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
13:26:13.0665 2636 KeyIso - ok
13:26:13.0725 2636 [ 8B5219318DF5895ABD230C373F2DF18A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
13:26:13.0725 2636 KL1 - ok
13:26:13.0795 2636 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
13:26:13.0805 2636 KLIF - ok
13:26:13.0855 2636 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
13:26:13.0855 2636 KLIM6 - ok
13:26:13.0905 2636 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
13:26:13.0905 2636 klkbdflt - ok
13:26:13.0915 2636 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
13:26:13.0915 2636 klmouflt - ok
13:26:13.0955 2636 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
13:26:13.0955 2636 kltdi - ok
13:26:13.0965 2636 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
13:26:13.0965 2636 kneps - ok
13:26:13.0995 2636 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:26:13.0995 2636 KSecDD - ok
13:26:14.0025 2636 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:26:14.0025 2636 KSecPkg - ok
13:26:14.0035 2636 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:26:14.0035 2636 ksthunk - ok
13:26:14.0065 2636 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:26:14.0075 2636 KtmRm - ok
13:26:14.0125 2636 [ 655A5D8E80869781CCE23760ADA7E695 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
13:26:14.0125 2636 L1C - ok
13:26:14.0165 2636 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:26:14.0165 2636 LanmanServer - ok
13:26:14.0185 2636 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:26:14.0195 2636 LanmanWorkstation - ok
13:26:14.0365 2636 [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
13:26:14.0385 2636 LkCitadelServer - ok
13:26:14.0395 2636 [ B07D786736E7B1719A90365911BC2D0A ] lkClassAds C:\Windows\SysWOW64\lkads.exe
13:26:14.0395 2636 lkClassAds - ok
13:26:14.0405 2636 [ AB1FAA47332EC2EE43BBFED7A6F0EA09 ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe
13:26:14.0415 2636 lkTimeSync - ok
13:26:14.0435 2636 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:26:14.0435 2636 lltdio - ok
13:26:14.0455 2636 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:26:14.0465 2636 lltdsvc - ok
13:26:14.0485 2636 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:26:14.0495 2636 lmhosts - ok
13:26:14.0515 2636 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:26:14.0525 2636 LSI_FC - ok
13:26:14.0545 2636 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:26:14.0545 2636 LSI_SAS - ok
13:26:14.0565 2636 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:26:14.0565 2636 LSI_SAS2 - ok
13:26:14.0585 2636 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:26:14.0585 2636 LSI_SCSI - ok
13:26:14.0605 2636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:26:14.0605 2636 luafv - ok
13:26:14.0645 2636 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
13:26:14.0655 2636 LVRS64 - ok
13:26:14.0785 2636 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
13:26:14.0885 2636 LVUVC64 - ok
13:26:14.0925 2636 [ 543080D7653128B1FA7CD8F7DB22BADB ] M4LIC C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
13:26:14.0925 2636 M4LIC - ok
13:26:14.0975 2636 [ 95C395FDEAF6813A1DC974DDB7EE04B4 ] MacDrive8Service C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
13:26:14.0985 2636 MacDrive8Service - ok
13:26:14.0985 2636 MCSTRM - ok
13:26:15.0035 2636 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:26:15.0035 2636 Mcx2Svc - ok
13:26:15.0075 2636 [ 99875732A0C1373316AF28ED79C168CC ] MDFSYSNT C:\Windows\system32\drivers\MDFSYSNT.sys
13:26:15.0075 2636 MDFSYSNT - ok
13:26:15.0105 2636 [ 8D3B834090836A01F49B97F22AE9C83C ] MDPMGRNT C:\Windows\system32\DRIVERS\MDPMGRNT.SYS
13:26:15.0105 2636 MDPMGRNT - ok
13:26:15.0125 2636 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:26:15.0125 2636 megasas - ok
13:26:15.0145 2636 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:26:15.0155 2636 MegaSR - ok
13:26:15.0265 2636 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:26:15.0265 2636 Microsoft Office Groove Audit Service - ok
13:26:15.0285 2636 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:26:15.0295 2636 MMCSS - ok
13:26:15.0305 2636 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:26:15.0305 2636 Modem - ok
13:26:15.0325 2636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:26:15.0325 2636 monitor - ok
13:26:15.0365 2636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:26:15.0365 2636 mouclass - ok
13:26:15.0385 2636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:26:15.0385 2636 mouhid - ok
13:26:15.0405 2636 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:26:15.0405 2636 mountmgr - ok
13:26:15.0435 2636 [ C8619D099F8149149045772B60DB09AC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:26:15.0435 2636 MozillaMaintenance - ok
13:26:15.0455 2636 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
13:26:15.0465 2636 mpio - ok
13:26:15.0475 2636 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:26:15.0475 2636 mpsdrv - ok
13:26:15.0525 2636 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:26:15.0535 2636 MpsSvc - ok
13:26:15.0555 2636 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:26:15.0555 2636 MRxDAV - ok
13:26:15.0575 2636 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:26:15.0575 2636 mrxsmb - ok
13:26:15.0605 2636 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:26:15.0605 2636 mrxsmb10 - ok
13:26:15.0625 2636 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:26:15.0625 2636 mrxsmb20 - ok
13:26:15.0645 2636 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
13:26:15.0645 2636 msahci - ok
13:26:15.0665 2636 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
13:26:15.0665 2636 msdsm - ok
13:26:15.0685 2636 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:26:15.0685 2636 MSDTC - ok
13:26:15.0705 2636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:26:15.0705 2636 Msfs - ok
13:26:15.0715 2636 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:26:15.0725 2636 mshidkmdf - ok
13:26:15.0735 2636 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
13:26:15.0735 2636 msisadrv - ok
13:26:15.0765 2636 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:26:15.0775 2636 MSiSCSI - ok
13:26:15.0775 2636 msiserver - ok
13:26:15.0785 2636 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:26:15.0795 2636 MSKSSRV - ok
13:26:15.0806 2636 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:26:15.0806 2636 MSPCLOCK - ok
13:26:15.0816 2636 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:26:15.0816 2636 MSPQM - ok
13:26:15.0826 2636 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:26:15.0836 2636 MsRPC - ok
13:26:15.0886 2636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:26:15.0886 2636 mssmbios - ok
13:26:15.0896 2636 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:26:15.0896 2636 MSTEE - ok
13:26:15.0906 2636 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:26:15.0916 2636 MTConfig - ok
13:26:15.0926 2636 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:26:15.0926 2636 Mup - ok
13:26:16.0036 2636 [ A3BA8A14490FDBF106939C37A125E82C ] mxssvr C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
13:26:16.0036 2636 mxssvr - ok
13:26:16.0076 2636 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
13:26:16.0086 2636 napagent - ok
13:26:16.0116 2636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:26:16.0116 2636 NativeWifiP - ok
13:26:16.0146 2636 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:26:16.0166 2636 NDIS - ok
13:26:16.0176 2636 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:26:16.0176 2636 NdisCap - ok
13:26:16.0196 2636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:26:16.0196 2636 NdisTapi - ok
13:26:16.0206 2636 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:26:16.0206 2636 Ndisuio - ok
13:26:16.0216 2636 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:26:16.0226 2636 NdisWan - ok
13:26:16.0236 2636 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:26:16.0236 2636 NDProxy - ok
13:26:16.0256 2636 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:26:16.0256 2636 NetBIOS - ok
13:26:16.0266 2636 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:26:16.0276 2636 NetBT - ok
13:26:16.0286 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
13:26:16.0286 2636 Netlogon - ok
13:26:16.0306 2636 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:26:16.0316 2636 Netman - ok
13:26:16.0406 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:16.0416 2636 NetMsmqActivator - ok
13:26:16.0416 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:16.0426 2636 NetPipeActivator - ok
13:26:16.0456 2636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:26:16.0466 2636 netprofm - ok
13:26:16.0466 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:16.0476 2636 NetTcpActivator - ok
13:26:16.0476 2636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:16.0476 2636 NetTcpPortSharing - ok
13:26:16.0496 2636 [ 2263727032E9B19231A706046B8C82D3 ] NetworkX C:\Windows\system32\ckldrv.sys
13:26:16.0506 2636 NetworkX - ok
13:26:16.0526 2636 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:26:16.0536 2636 nfrd960 - ok
13:26:16.0666 2636 [ F0E38750822EECC47B9913C55990F86A ] NIApplicationWebServer C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
13:26:16.0666 2636 NIApplicationWebServer - ok
13:26:16.0816 2636 [ 633CDF3EF922DD438F82468DE1C10700 ] NIApplicationWebServer64 C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
13:26:16.0816 2636 NIApplicationWebServer64 - ok
13:26:16.0876 2636 [ 908B9667F2FD7453CBCF3A2A0444DCC1 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
13:26:16.0876 2636 NIDomainService - ok
13:26:16.0976 2636 [ AA8896BCD689851665EFC02DC41181AC ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
13:26:17.0006 2636 NILM License Manager - ok
13:26:17.0046 2636 [ 8FED4893CB017F81CD1769448AD567E5 ] nimDNSResponder C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
13:26:17.0046 2636 nimDNSResponder - ok
13:26:17.0056 2636 [ FC87856060BD0B667D2086B7050240A3 ] niSvcLoc C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
13:26:17.0056 2636 niSvcLoc - ok
13:26:17.0116 2636 [ 4DC8C4EC1F9637110142C7D65FFB40E5 ] NITaggerService C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
13:26:17.0126 2636 NITaggerService - ok
13:26:17.0156 2636 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:26:17.0156 2636 NlaSvc - ok
13:26:17.0226 2636 [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
13:26:17.0226 2636 nmservice - ok
13:26:17.0266 2636 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
13:26:17.0266 2636 nmwcd - ok
13:26:17.0276 2636 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
13:26:17.0286 2636 nmwcdc - ok
13:26:17.0316 2636 [ 697CA586209E022D15DD0C838B235D6A ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
13:26:17.0326 2636 nmwcdnsucx64 - ok
13:26:17.0366 2636 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
13:26:17.0376 2636 nmwcdnsux64 - ok
13:26:17.0396 2636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:26:17.0396 2636 Npfs - ok
13:26:17.0426 2636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:26:17.0436 2636 nsi - ok
13:26:17.0456 2636 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:26:17.0456 2636 nsiproxy - ok
13:26:17.0506 2636 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:26:17.0556 2636 Ntfs - ok
13:26:17.0576 2636 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:26:17.0586 2636 Null - ok
13:26:17.0606 2636 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
13:26:17.0606 2636 nvraid - ok
13:26:17.0626 2636 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
13:26:17.0626 2636 nvstor - ok
13:26:17.0636 2636 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
13:26:17.0636 2636 nv_agp - ok
13:26:17.0716 2636 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:26:17.0726 2636 odserv - ok
13:26:17.0756 2636 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:26:17.0756 2636 ohci1394 - ok
13:26:17.0866 2636 [ EAE6208900E2986F66F68B30AEF86E4D ] OpcEnum C:\Windows\SysWOW64\OpcEnum.exe
13:26:17.0876 2636 OpcEnum - ok
13:26:17.0916 2636 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:26:17.0916 2636 ose - ok
13:26:17.0966 2636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:26:17.0976 2636 p2pimsvc - ok
13:26:18.0016 2636 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:26:18.0016 2636 p2psvc - ok
13:26:18.0036 2636 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:26:18.0036 2636 Parport - ok
13:26:18.0056 2636 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:26:18.0056 2636 partmgr - ok
13:26:18.0066 2636 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:26:18.0076 2636 PcaSvc - ok
13:26:18.0106 2636 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
13:26:18.0106 2636 pccsmcfd - ok
13:26:18.0126 2636 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
13:26:18.0126 2636 pci - ok
13:26:18.0136 2636 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
13:26:18.0136 2636 pciide - ok
13:26:18.0156 2636 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:26:18.0156 2636 pcmcia - ok
13:26:18.0166 2636 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:26:18.0166 2636 pcw - ok
13:26:18.0196 2636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:26:18.0196 2636 PEAUTH - ok
13:26:18.0236 2636 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:26:18.0236 2636 PerfHost - ok
13:26:18.0286 2636 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
13:26:18.0326 2636 pla - ok
13:26:18.0366 2636 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:26:18.0366 2636 PlugPlay - ok
13:26:18.0406 2636 [ FB83B6C62DFF5ABE36304351D2BED581 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
13:26:18.0406 2636 pnarp - ok
13:26:18.0416 2636 PnkBstrA - ok
13:26:18.0426 2636 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:26:18.0436 2636 PNRPAutoReg - ok
13:26:18.0446 2636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:26:18.0456 2636 PNRPsvc - ok
13:26:18.0476 2636 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:26:18.0486 2636 PolicyAgent - ok
13:26:18.0516 2636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:26:18.0516 2636 Power - ok
13:26:18.0546 2636 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:26:18.0546 2636 PptpMiniport - ok
13:26:18.0566 2636 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:26:18.0566 2636 Processor - ok
13:26:18.0596 2636 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
13:26:18.0606 2636 ProfSvc - ok
13:26:18.0616 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
13:26:18.0616 2636 ProtectedStorage - ok
13:26:18.0656 2636 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
13:26:18.0666 2636 ProtexisLicensing - ok
13:26:18.0676 2636 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:26:18.0676 2636 Psched - ok
13:26:18.0716 2636 [ 1B3434642CE3C26E6F24D3A76D749C2A ] purendis C:\Windows\system32\DRIVERS\purendis.sys
13:26:18.0726 2636 purendis - ok
13:26:18.0746 2636 [ 595A22C4CCE855E72D475835F3DF2D53 ] pwdrvio C:\Windows\system32\pwdrvio.sys
13:26:18.0746 2636 pwdrvio - ok
13:26:18.0776 2636 [ 70EB529F6FEDAC79D0A8E3BB79999277 ] pwdspio C:\Windows\system32\pwdspio.sys
13:26:18.0776 2636 pwdspio - ok
13:26:18.0836 2636 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:26:18.0876 2636 ql2300 - ok
13:26:18.0886 2636 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:26:18.0896 2636 ql40xx - ok
13:26:18.0916 2636 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:26:18.0926 2636 QWAVE - ok
13:26:18.0936 2636 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:26:18.0946 2636 QWAVEdrv - ok
13:26:18.0986 2636 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
13:26:18.0986 2636 RapiMgr - ok
13:26:18.0996 2636 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:26:18.0996 2636 RasAcd - ok
13:26:19.0016 2636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:26:19.0016 2636 RasAgileVpn - ok
13:26:19.0036 2636 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:26:19.0046 2636 RasAuto - ok
13:26:19.0056 2636 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:26:19.0056 2636 Rasl2tp - ok
13:26:19.0076 2636 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
13:26:19.0076 2636 RasMan - ok
13:26:19.0096 2636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:26:19.0096 2636 RasPppoe - ok
13:26:19.0106 2636 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:26:19.0106 2636 RasSstp - ok
13:26:19.0126 2636 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:26:19.0136 2636 rdbss - ok
13:26:19.0156 2636 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:26:19.0156 2636 rdpbus - ok
13:26:19.0166 2636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:26:19.0166 2636 RDPCDD - ok
13:26:19.0186 2636 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:26:19.0196 2636 RDPENCDD - ok
13:26:19.0206 2636 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:26:19.0216 2636 RDPREFMP - ok
13:26:19.0226 2636 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:26:19.0236 2636 RDPWD - ok
13:26:19.0246 2636 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:26:19.0256 2636 rdyboost - ok
13:26:19.0306 2636 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:26:19.0316 2636 RemoteAccess - ok
13:26:19.0346 2636 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:26:19.0346 2636 RemoteRegistry - ok
13:26:19.0396 2636 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:26:19.0396 2636 RFCOMM - ok
13:26:19.0436 2636 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:26:19.0436 2636 RimUsb - ok
13:26:19.0486 2636 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:26:19.0486 2636 RimVSerPort - ok
13:26:19.0506 2636 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
13:26:19.0506 2636 ROOTMODEM - ok
13:26:19.0536 2636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:26:19.0536 2636 RpcEptMapper - ok
13:26:19.0556 2636 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:26:19.0566 2636 RpcLocator - ok
13:26:19.0586 2636 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
13:26:19.0586 2636 RpcSs - ok
13:26:19.0606 2636 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:26:19.0606 2636 rspndr - ok
13:26:19.0656 2636 [ A8ED9726734D403217A4861A6788B144 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
13:26:19.0666 2636 rtl8192se - ok
13:26:19.0676 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
13:26:19.0676 2636 SamSs - ok
13:26:19.0716 2636 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
13:26:19.0716 2636 sbp2port - ok
13:26:19.0736 2636 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:26:19.0746 2636 SCardSvr - ok
13:26:19.0786 2636 [ EFD61BD67E5CE72CA5CE8BB6AD3E1FDB ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
13:26:19.0786 2636 SCDEmu - ok
13:26:19.0806 2636 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:26:19.0806 2636 scfilter - ok
13:26:19.0846 2636 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
13:26:19.0876 2636 Schedule - ok
13:26:19.0916 2636 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:26:19.0926 2636 SCPolicySvc - ok
13:26:19.0926 2636 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:26:19.0936 2636 SDRSVC - ok
13:26:19.0946 2636 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:26:19.0956 2636 secdrv - ok
13:26:19.0966 2636 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
13:26:19.0966 2636 seclogon - ok
13:26:19.0996 2636 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:26:19.0996 2636 SENS - ok
13:26:20.0006 2636 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:26:20.0006 2636 SensrSvc - ok
13:26:20.0016 2636 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:26:20.0026 2636 Serenum - ok
13:26:20.0046 2636 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:26:20.0046 2636 Serial - ok
13:26:20.0066 2636 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:26:20.0066 2636 sermouse - ok
13:26:20.0136 2636 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
13:26:20.0146 2636 ServiceLayer - ok
13:26:20.0186 2636 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
13:26:20.0186 2636 SessionEnv - ok
13:26:20.0206 2636 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:26:20.0206 2636 sffdisk - ok
13:26:20.0216 2636 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:26:20.0216 2636 sffp_mmc - ok
13:26:20.0226 2636 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:26:20.0226 2636 sffp_sd - ok
13:26:20.0236 2636 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:26:20.0236 2636 sfloppy - ok
13:26:20.0296 2636 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:26:20.0306 2636 SharedAccess - ok
13:26:20.0376 2636 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:26:20.0386 2636 ShellHWDetection - ok
13:26:20.0416 2636 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:26:20.0426 2636 SiSRaid2 - ok
13:26:20.0446 2636 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:26:20.0446 2636 SiSRaid4 - ok
13:26:20.0506 2636 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:26:20.0506 2636 SkypeUpdate - ok
13:26:20.0526 2636 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:26:20.0526 2636 Smb - ok
13:26:20.0546 2636 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:26:20.0546 2636 SNMPTRAP - ok
13:26:20.0626 2636 [ 5FA669007BD7874FBB70199211FFF64D ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
13:26:20.0636 2636 SplashtopRemoteService - ok
13:26:20.0656 2636 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:26:20.0656 2636 spldr - ok
13:26:20.0676 2636 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
13:26:20.0686 2636 Spooler - ok
13:26:20.0756 2636 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
13:26:20.0827 2636 sppsvc - ok
13:26:20.0837 2636 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:26:20.0847 2636 sppuinotify - ok
13:26:20.0867 2636 [ 43067A65522EAEC33D31A12D6FA8E3F4 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:26:20.0877 2636 srv - ok
13:26:20.0887 2636 [ 03715CF9C30B563DA35FC5F2B8F7B8E0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:26:20.0897 2636 srv2 - ok
13:26:20.0907 2636 [ FBD09635227A8026C0F7790F604343C6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:26:20.0917 2636 srvnet - ok
13:26:20.0957 2636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:26:20.0957 2636 SSDPSRV - ok
13:26:20.0977 2636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:26:20.0977 2636 SstpSvc - ok
13:26:21.0017 2636 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
13:26:21.0017 2636 ssudmdm - ok
13:26:21.0067 2636 [ 1CFA4A1F3C7BB4C8F299E00428EB8677 ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
13:26:21.0077 2636 SSUService - ok
13:26:21.0107 2636 Steam Client Service - ok
13:26:21.0127 2636 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:26:21.0127 2636 stexstor - ok
13:26:21.0187 2636 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
13:26:21.0187 2636 StillCam - ok
13:26:21.0237 2636 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
13:26:21.0247 2636 stisvc - ok
13:26:21.0267 2636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:26:21.0267 2636 swenum - ok
13:26:21.0307 2636 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:26:21.0317 2636 swprv - ok
13:26:21.0357 2636 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
13:26:21.0397 2636 SysMain - ok
13:26:21.0407 2636 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:26:21.0407 2636 TabletInputService - ok
13:26:21.0437 2636 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
13:26:21.0447 2636 TapiSrv - ok
13:26:21.0477 2636 [ 93F0F5EF8A4CA261372DF98B31B2BD05 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
13:26:21.0477 2636 tbhsd - ok
13:26:21.0507 2636 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:26:21.0507 2636 TBS - ok
13:26:21.0577 2636 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:26:21.0607 2636 Tcpip - ok
13:26:21.0647 2636 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:26:21.0657 2636 TCPIP6 - ok
13:26:21.0667 2636 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:26:21.0677 2636 tcpipreg - ok
13:26:21.0687 2636 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:26:21.0687 2636 TDPIPE - ok
13:26:21.0707 2636 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:26:21.0707 2636 TDTCP - ok
13:26:21.0727 2636 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:26:21.0727 2636 tdx - ok
13:26:21.0737 2636 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:26:21.0747 2636 TermDD - ok
13:26:21.0777 2636 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
13:26:21.0787 2636 TermService - ok
13:26:21.0847 2636 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:26:21.0857 2636 Themes - ok
13:26:21.0887 2636 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:26:21.0887 2636 THREADORDER - ok
13:26:21.0907 2636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:26:21.0907 2636 TrkWks - ok
13:26:21.0957 2636 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:26:21.0957 2636 TrustedInstaller - ok
13:26:21.0987 2636 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:26:21.0997 2636 tssecsrv - ok
13:26:22.0007 2636 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:26:22.0007 2636 tunnel - ok
13:26:22.0047 2636 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:26:22.0047 2636 TVALZ - ok
13:26:22.0067 2636 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:26:22.0077 2636 uagp35 - ok
13:26:22.0077 2636 UBNRedir - ok
13:26:22.0107 2636 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:26:22.0117 2636 udfs - ok
13:26:22.0147 2636 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:26:22.0147 2636 UI0Detect - ok
13:26:22.0177 2636 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
13:26:22.0177 2636 uliagpkx - ok
13:26:22.0187 2636 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:26:22.0187 2636 umbus - ok
13:26:22.0197 2636 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:26:22.0197 2636 UmPass - ok
13:26:22.0217 2636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:26:22.0227 2636 upnphost - ok
13:26:22.0267 2636 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:26:22.0267 2636 USBAAPL64 - ok
13:26:22.0307 2636 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:26:22.0307 2636 usbaudio - ok
13:26:22.0327 2636 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:26:22.0327 2636 usbccgp - ok
13:26:22.0337 2636 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
13:26:22.0347 2636 usbcir - ok
13:26:22.0367 2636 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:26:22.0377 2636 usbehci - ok
13:26:22.0407 2636 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:26:22.0417 2636 usbhub - ok
13:26:22.0437 2636 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:26:22.0437 2636 usbohci - ok
13:26:22.0447 2636 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:26:22.0457 2636 usbprint - ok
13:26:22.0487 2636 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:26:22.0487 2636 usbscan - ok
13:26:22.0507 2636 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:26:22.0507 2636 USBSTOR - ok
13:26:22.0517 2636 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:26:22.0517 2636 usbuhci - ok
13:26:22.0557 2636 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:26:22.0557 2636 usbvideo - ok
13:26:22.0607 2636 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
13:26:22.0607 2636 usb_rndisx - ok
13:26:22.0637 2636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:26:22.0637 2636 UxSms - ok
13:26:22.0647 2636 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
13:26:22.0647 2636 VaultSvc - ok
13:26:22.0677 2636 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
13:26:22.0677 2636 vdrvroot - ok
13:26:22.0707 2636 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
13:26:22.0717 2636 vds - ok
13:26:22.0717 2636 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:26:22.0717 2636 vga - ok
13:26:22.0757 2636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:26:22.0757 2636 VgaSave - ok
13:26:22.0807 2636 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:26:22.0807 2636 vhdmp - ok
13:26:22.0837 2636 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
13:26:22.0837 2636 viaide - ok
13:26:22.0857 2636 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
13:26:22.0857 2636 volmgr - ok
13:26:22.0887 2636 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:26:22.0897 2636 volmgrx - ok
13:26:22.0957 2636 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
13:26:22.0967 2636 volsnap - ok
13:26:22.0987 2636 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:26:22.0987 2636 vsmraid - ok
13:26:23.0057 2636 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
13:26:23.0087 2636 VSS - ok
13:26:23.0137 2636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:26:23.0137 2636 vwifibus - ok
13:26:23.0157 2636 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:26:23.0157 2636 vwififlt - ok
13:26:23.0177 2636 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:26:23.0177 2636 vwifimp - ok
13:26:23.0187 2636 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:26:23.0197 2636 W32Time - ok
13:26:23.0207 2636 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:26:23.0207 2636 WacomPen - ok
13:26:23.0227 2636 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:26:23.0227 2636 WANARP - ok
13:26:23.0227 2636 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:26:23.0227 2636 Wanarpv6 - ok
13:26:23.0277 2636 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
13:26:23.0327 2636 wbengine - ok
13:26:23.0357 2636 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:26:23.0357 2636 WbioSrvc - ok
13:26:23.0407 2636 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
13:26:23.0417 2636 WcesComm - ok
13:26:23.0437 2636 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:26:23.0447 2636 wcncsvc - ok
13:26:23.0467 2636 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:26:23.0467 2636 WcsPlugInService - ok
13:26:23.0497 2636 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:26:23.0497 2636 Wd - ok
13:26:23.0517 2636 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:26:23.0527 2636 Wdf01000 - ok
13:26:23.0537 2636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:26:23.0537 2636 WdiServiceHost - ok
13:26:23.0547 2636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:26:23.0547 2636 WdiSystemHost - ok
13:26:23.0557 2636 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
13:26:23.0567 2636 WebClient - ok
13:26:23.0577 2636 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:26:23.0587 2636 Wecsvc - ok
13:26:23.0597 2636 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:26:23.0607 2636 wercplsupport - ok
13:26:23.0617 2636 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:26:23.0617 2636 WerSvc - ok
13:26:23.0647 2636 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:26:23.0647 2636 WfpLwf - ok
13:26:23.0667 2636 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:26:23.0667 2636 WIMMount - ok
13:26:23.0697 2636 WinDefend - ok
13:26:23.0697 2636 WinHttpAutoProxySvc - ok
13:26:23.0767 2636 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:26:23.0777 2636 Winmgmt - ok
13:26:23.0837 2636 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
13:26:23.0897 2636 WinRM - ok
13:26:23.0937 2636 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:26:23.0937 2636 WinUsb - ok
13:26:23.0977 2636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:26:23.0997 2636 Wlansvc - ok
13:26:24.0017 2636 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:26:24.0027 2636 WmiAcpi - ok
13:26:24.0057 2636 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:26:24.0057 2636 wmiApSrv - ok
13:26:24.0077 2636 WMPNetworkSvc - ok
13:26:24.0087 2636 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:26:24.0097 2636 WPCSvc - ok
13:26:24.0107 2636 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:26:24.0107 2636 WPDBusEnum - ok
13:26:24.0117 2636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:26:24.0127 2636 ws2ifsl - ok
13:26:24.0137 2636 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:26:24.0137 2636 wscsvc - ok
13:26:24.0147 2636 WSearch - ok
13:26:24.0227 2636 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
13:26:24.0297 2636 wuauserv - ok
13:26:24.0317 2636 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:26:24.0317 2636 WudfPf - ok
13:26:24.0337 2636 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:26:24.0337 2636 WUDFRd - ok
13:26:24.0357 2636 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:26:24.0357 2636 wudfsvc - ok
13:26:24.0377 2636 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:26:24.0377 2636 WwanSvc - ok
13:26:24.0407 2636 ================ Scan global ===============================
13:26:24.0437 2636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:26:24.0467 2636 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
13:26:24.0477 2636 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
13:26:24.0497 2636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:26:24.0537 2636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:26:24.0537 2636 [Global] - ok
13:26:24.0537 2636 ================ Scan MBR ==================================
13:26:24.0557 2636 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
13:26:24.0607 2636 \Device\Harddisk0\DR0 - ok
13:26:24.0607 2636 ================ Scan VBR ==================================
13:26:24.0617 2636 [ FB91A2245085D1EFB5639B1EC3A0DE9D ] \Device\Harddisk0\DR0\Partition1
13:26:24.0617 2636 \Device\Harddisk0\DR0\Partition1 - ok
13:26:24.0637 2636 [ FD677C4947BB8B313760B7C5B5F05B2C ] \Device\Harddisk0\DR0\Partition2
13:26:24.0637 2636 \Device\Harddisk0\DR0\Partition2 - ok
13:26:24.0637 2636 ============================================================
13:26:24.0637 2636 Scan finished
13:26:24.0637 2636 ============================================================
13:26:24.0657 6536 Detected object count: 0
13:26:24.0657 6536 Actual detected object count: 0
13:27:26.0684 6828 Deinitialize success
-
Thanks for your reply.
IThe three logs are as 3 separate posts:
AdwCleaner:
# AdwCleaner v2.106 - Logfile created 01/19/2013 at 13:25:12
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Dibbs - DIBBS-PC
# Boot Mode : Normal
# Running from : C:\Users\Dibbs\Downloads\adwcleaner(1).exe
# Option [search]
***** [services] *****
***** [Files / Folders] *****
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\Users\Dibbs\AppData\Local\Babylon
Folder Found : C:\Users\Dibbs\AppData\Roaming\Babylon
***** [Registry] *****
***** [internet Browsers] *****
-\\ Internet Explorer v8.0.7600.16385
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0 (en-US)
File : C:\Users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v24.0.1312.52
File : C:\Users\Dibbs\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.12.1707.0
File : C:\Users\Dibbs\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [39699 octets] - [28/12/2012 23:40:55]
AdwCleaner[R2].txt - [1245 octets] - [19/01/2013 13:25:12]
AdwCleaner[s2].txt - [3636 octets] - [28/12/2012 23:41:46]
########## EOF - C:\AdwCleaner[R2].txt - [1365 octets] ##########
-
PS: I already have Kaspersky AV installed foer some time now, so am a little surprised it did not show up?
Thanks.
-
OK.
1. No P2P - all removed.
2. I ran Defogger. It finished successfully. I then reinstalled MBAM. It again got stuck in middle of scan and computer froze. REbooted and uninstalled MBAM. Reboot was very slow and sluggish, until MBAM removed. Computer recovers.
3. The ran DDS.com.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2011 2:36:43 AM
System Uptime: 1/18/2013 6:06:02 PM (0 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 2130/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 337 GiB total, 134.685 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\QCI0701\2&DABA3FF&1
Manufacturer:
Name:
PNP Device ID: ACPI\QCI0701\2&DABA3FF&1
Service:
.
==== System Restore Points ===================
.
RP161: 1/15/2013 6:53:42 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
«3D Èíñòðóêòîð 2.2.0 Äîìàøíÿÿ âåðñèÿ»
18 WoS Extreme Trucker 2 (v.1.0)
Adobe Acrobat X Pro
Adobe AIR
Adobe Anchor Service CS4
Adobe Anchor Service x64 CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe CMaps x64 CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe CSI CS4 x64
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe Drive CS4 x64
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 11 ActiveX 64-bit
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Fonts All x64
Adobe Linguistics CS4
Adobe Linguistics CS4 x64
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe PDF Library Files x64 CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 (64 Bit)
Adobe Photoshop CS4 Support
Adobe Reader XI
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Type Support CS4
Adobe Type Support x64 CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe WinSoft Linguistics Plugin x64
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Akamai NetSession Interface
Android SDK Tools
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Android USB Drivers
ASUS Sync
ASUS WebStorage
Audials
Audials TV
BELKIN Bluetooth Software 6.0.1.4400
Bonjour
Burnout Paradise The Ultimate Box
CamToPrint
CDBurnerXP
Cisco Network Magic
Conexant HD Audio
Connect
Corel Clip Art
Corel Photo Album 7
Cytoscape 2.8.2
DAEMON Tools Lite
DiskAid 5.12
EASEUS Data Recovery Wizard Professional 5.5.1
EGAN WebStart
eMusic Download Manager 6
EPSON Printer Software
FlatOut Ultimate Carnage
Ford Racing 3
Form Pilot Pro version 2.27
GenePattern
geWorkbench_2.2.2
GIMP 2.6.11
Google Chrome
Google Talk Plugin
GTI Racing
HP Officejet 4620 series Basic Device Software
HP Officejet 4620 series Help
HP Update
I.R.I.S. OCR
ImgBurn
Intel® Graphics Media Accelerator Driver
iPhoneBrowser
iTunes
J-Express 2011
Java 7 Update 7 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 7 (64-bit)
Java 6 Update 35
Java SE Development Kit 7 Update 2 (64-bit)
JavaFX 2.0.2 (64-bit)
JavaFX 2.0.2 SDK (64-bit)
K-Lite Codec Pack 5.9.0 (Basic)
Kaspersky Internet Security 2013
kuler
LEGO MINDSTORMS NXT - English Language Pack
LEGO MINDSTORMS NXT Driver for x64
LEGO MINDSTORMS NXT Migration Package
LEGO MINDSTORMS NXT Patch v2.0f3
LEGO MINDSTORMS NXT Software v2.0
Logitech Vid HD
MacDrive 8
MATLAB Component Runtime
MediaFACE
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
MiniTool Partition Wizard Home Edition 7.0
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSXML 4.0 SP3 Parser
National Instruments Software
NAVIGON Fresh 3.4.1
Need for Speed™ ProStreet
NI-RPC 4.2.2f0
NI-RPC 4.2.2f0 for 64 Bit Windows
NI-RPC 4.2.2f0 for Phar Lap ETS
NI Authentication 2.0
NI Authentication 2.0 (64-bit)
NI Curl 1.1
NI Curl 1.1 (64-bit)
NI DataSocket 4.9
NI DataSocket 4.9 (64-bit)
NI Error Reporting 2011
NI EulaDepot
NI GMP Windows 32-bit Installer 11.0.0
NI GMP Windows 64-bit Installer 11.0.0
NI Help Assistant
NI Help Assistant (64bit)
NI LabVIEW 2011 Deployable License
NI LabVIEW 2011 Deployment Framework
NI LabVIEW 2011 Real-Time NBFifo
NI LabVIEW 2011 Run-Time Engine Non-English Support.
NI LabVIEW Run-Time Engine 2011
NI LabVIEW Run-Time Engine Interop 2011
NI LabVIEW Web Server for Run-Time Engine
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original)
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated)
NI License Manager
NI Logos 5.3.0
NI Logos XT Support
NI Logos64 5.3.0
NI Logos64 XT Support
NI Math Kernel Libraries
NI Math Kernel Libraries (64-bit)
NI MDF Support
NI mDNS Responder 1.6 for Windows 64-bit
NI mDNS Responder 1.6.0
NI MXS 5.0.0
NI MXS 5.0.0 for 64 Bit Windows
NI OPC Support
NI SSL Support
NI SSL Support (64-bit)
NI System State Publisher
NI System State Publisher (64-bit)
NI System Web Server 2.0
NI System Web Server Base 2.0
NI System Web Server Base 2.0 (64-bit)
NI TDMS
NI TDMS (64-bit)
NI Trace Engine
NI Trace Engine (64-bit)
NI Uninstaller
NI USI 1.9.0
NI USI 1.9.0 64-Bit
NI Variable Engine (64-bit)
NI Variable Engine 2.5.0
NI VC2005MSMs x64
NI VC2005MSMs x86
NI VC2008MSMs x64
NI VC2008MSMs x86
NI Web Application Server 2.0
NI Web Application Server 2.0 (64-bit)
NI Xerces Delay Load 2.7.3
NI Xerces Delay Load 2.7.3 64-bit
Nokia Connectivity Cable Driver
Nokia Suite
OBO-Edit2 2.1.0
Octoshape add-in for Adobe Flash Player
Opera 12.12
PandoraRecovery (Remove Only)
PC Connectivity Solution
PDF Settings CS4
PFConfig 1.0.163
PhotoScape
Photoshop Camera Raw
Photoshop Camera Raw_x64
PowerISO
Pure Networks Platform
Realtek WLAN Driver
Revo Uninstaller 1.94
Rhapsody
RIM USB Driver 4.1.0
Router Screenshot Grabber 1.0.117
SAMSUNG USB Driver for Mobile Phones
SDFormatter
Skype Click to Call
Skype™ 6.0
Splashtop Streamer
Spotify
Steam
Stellar Phoenix Windows Data Recovery
Stellar Phoenix Windows v4.2
Suite Shared Configuration CS4
swMSM
Unity Web Player
UniversalBox
Universe Sandbox
VLC media player 2.0.5
WBFS Manager 3.0
WBFS Manager 4.0
WinDirStat 1.1.2
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Driver Package - UniversalBox Driver package (10/22/2009 2.06.00)
Windows Media Player Firefox Plugin
Windows Mobile Device Center
WinRAR 4.10 beta 5 (64-bit)
Xpand Rally
Your Uninstaller! 7
.
==== Event Viewer Messages From Past Week ========
.
1/18/2013 6:06:25 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
1/18/2013 6:04:54 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
1/14/2013 11:20:39 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
1/13/2013 9:35:36 AM, Error: Service Control Manager [7034] - The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_35
Run by Dibbs at 18:14:16 on 2013-01-18
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.1727 [GMT -5:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\crypserv.exe
C:\Windows\SysWOW64\lkads.exe
C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PSIService.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lktsrv.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [Akamai NetSession Interface] "C:\Users\Dibbs\AppData\Local\Akamai\netsession_win.exe"
uRun: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29S215PP05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
dRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\Users\Dibbs\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5}\F6074796D657D677966696 : DHCPNameServer = 10.240.205.161 10.240.205.162
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe"
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\eMusic Download Manager 6\npEMusic602.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll
FF - plugin: C:\Users\Dibbs\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dibbs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-29 19:33; anti_banner@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; content_blocker@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; online_banking@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; url_advisor@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2012-12-29 19:33; virtual_keyboard@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
.
============= SERVICES / DRIVERS ===============
.
R0 MDFSYSNT;MacDrive file system driver;C:\Windows\System32\drivers\MDFSYSNT.SYS [2010-10-7 307888]
R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\System32\drivers\MDPMGRNT.SYS [2011-12-17 32424]
R1 CBDisk;CBDisk;C:\Windows\System32\drivers\CBDisk.sys [2011-12-17 70344]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-15 283200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54104]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178008]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?]
R2 M4LIC;Mediafour M4LIC service;C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2010-7-20 205312]
R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336]
R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-10-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-10-25 29528]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-12-11 946688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-10 1038088]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech Webcam C260(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2011-11-1 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-11-1 171008]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2011-12-17 19936]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2011-12-17 13280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S4 MacDrive8Service;MacDrive 8 service;C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-8 149504]
S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256]
.
=============== Created Last 30 ================
.
2013-01-11 13:27:53 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\offreg.dll
2013-01-04 13:30:02 3712 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg
2013-01-04 13:07:47 -------- d-----w- C:\Users\Dibbs\AppData\Local\Criterion Games
2012-12-30 19:46:49 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-12-30 00:55:03 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2012-12-30 00:42:48 -------- d-----w- C:\Program Files (x86)\3D Instructor 2.2 Home
2012-12-30 00:33:58 64856 ----a-w- C:\Windows\System32\klfphc.dll
2012-12-30 00:33:20 -------- d-----w- C:\Windows\ELAMBKUP
2012-12-30 00:02:58 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-12-30 00:02:57 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-12-29 20:11:31 -------- d-----w- C:\Users\Dibbs\AppData\Local\eMusic
2012-12-29 20:11:20 -------- d-----w- C:\Program Files (x86)\eMusic Download Manager 6
2012-12-29 19:18:18 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\HpUpdate
2012-12-29 19:18:12 741480 ------w- C:\Windows\System32\HPDiscoPM6412.dll
2012-12-29 19:17:49 -------- d-----w- C:\Program Files (x86)\HP
2012-12-29 19:17:48 -------- d-----w- C:\Program Files\HP
2012-12-29 19:17:25 -------- d-----w- C:\Users\Dibbs\AppData\Local\HP
2012-12-29 18:39:29 -------- d-----w- C:\FRST
2012-12-29 15:50:39 -------- d-----w- C:\Users\Dibbs\AppData\Local\Adobe
2012-12-29 07:52:07 -------- d-sh--w- C:\found.000
2012-12-29 06:06:27 -------- d-----w- C:\Windows\pss
2012-12-29 02:37:00 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\QuickScan
2012-12-29 02:02:14 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-29 01:57:24 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-29 01:20:28 98816 ----a-w- C:\Windows\sed.exe
2012-12-29 01:20:28 256000 ----a-w- C:\Windows\PEV.exe
2012-12-29 01:20:28 208896 ----a-w- C:\Windows\MBR.exe
2012-12-29 00:57:36 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\EurekaLog
2012-12-29 00:54:42 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\URSoft
2012-12-29 00:54:39 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7
2012-12-29 00:54:28 -------- d-----w- C:\Users\Dibbs\AppData\Local\Babylon
2012-12-29 00:54:27 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\Babylon
2012-12-29 00:54:27 -------- d-----w- C:\ProgramData\Babylon
2012-12-29 00:36:56 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\mpengine.dll
2012-12-28 22:46:25 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-12-28 19:47:15 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-12-28 19:04:42 -------- d-----w- C:\Users\Dibbs\AppData\Local\Programs
2012-12-28 16:08:02 -------- d-----w- C:\Users\Dibbs\AppData\Local\RadonLabs
2012-12-28 16:03:20 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
.
==================== Find3M ====================
.
2013-01-06 16:24:16 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2012-12-30 02:22:15 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys
2012-12-21 21:52:34 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-21 21:52:34 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-25 22:23:06 29528 ----a-w- C:\Windows\System32\drivers\klmouflt.sys
2012-10-25 22:23:06 29016 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys
.
============= FINISH: 18:15:24.67 ===============
-
Sure. My apologies again. I am very aware of the way this forum works. Just a screw loose there !
ATTACH.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2011 2:36:43 AM
System Uptime: 12/28/2012 9:39:05 PM (1 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | CPU | 2261/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 337 GiB total, 150.145 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 128 GiB total, 128.196 GiB free.
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\QCI0701\2&DABA3FF&1
Manufacturer:
Name:
PNP Device ID: ACPI\QCI0701\2&DABA3FF&1
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
18 WoS Extreme Trucker 2 (v.1.0)
Adobe Acrobat X Pro
Adobe AIR
Adobe Anchor Service CS4
Adobe Anchor Service x64 CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe CMaps x64 CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe CSI CS4 x64
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe Drive CS4 x64
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 11 ActiveX 64-bit
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Fonts All x64
Adobe Linguistics CS4
Adobe Linguistics CS4 x64
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe PDF Library Files x64 CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 (64 Bit)
Adobe Photoshop CS4 Support
Adobe Reader XI
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Type Support CS4
Adobe Type Support x64 CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe WinSoft Linguistics Plugin x64
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Akamai NetSession Interface
Android SDK Tools
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Android USB Drivers
ASUS Sync
ASUS WebStorage
Audials
Audials TV
BELKIN Bluetooth Software 6.0.1.4400
Bonjour
CamToPrint
CDBurnerXP
Cisco Network Magic
Conexant HD Audio
Connect
Corel Clip Art
Corel Photo Album 7
Cytoscape 2.8.2
DAEMON Tools Lite
DiskAid 5.12
EASEUS Data Recovery Wizard Professional 5.5.1
EGAN WebStart
EPSON Printer Software
FlatOut Ultimate Carnage
Ford Racing 3
Form Pilot Pro version 2.27
GenePattern
geWorkbench_2.2.2
GIMP 2.6.11
Google Chrome
Google Talk Plugin
GTI Racing
ImgBurn
Intel® Graphics Media Accelerator Driver
iPhoneBrowser
iTunes
J-Express 2011
Jamcast
Java 7 Update 7 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 7 (64-bit)
Java™ 6 Update 35
Java™ SE Development Kit 7 Update 2 (64-bit)
JavaFX 2.0.2 (64-bit)
JavaFX 2.0.2 SDK (64-bit)
kuler
LEGO MINDSTORMS NXT - English Language Pack
LEGO MINDSTORMS NXT Driver for x64
LEGO MINDSTORMS NXT Migration Package
LEGO MINDSTORMS NXT Patch v2.0f3
LEGO MINDSTORMS NXT Software v2.0
Logitech Vid HD
MacDrive 8
Malwarebytes Anti-Malware version 1.70.0.1100
MATLAB Component Runtime
MediaFACE
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
MiniTool Partition Wizard Home Edition 7.0
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSXML 4.0 SP3 Parser
National Instruments Software
NAVIGON Fresh 3.4.1
Need for Speed™ ProStreet
NI-RPC 4.2.2f0
NI-RPC 4.2.2f0 for 64 Bit Windows
NI-RPC 4.2.2f0 for Phar Lap ETS
NI Authentication 2.0
NI Authentication 2.0 (64-bit)
NI Curl 1.1
NI Curl 1.1 (64-bit)
NI DataSocket 4.9
NI DataSocket 4.9 (64-bit)
NI Error Reporting 2011
NI EulaDepot
NI GMP Windows 32-bit Installer 11.0.0
NI GMP Windows 64-bit Installer 11.0.0
NI Help Assistant
NI Help Assistant (64bit)
NI LabVIEW 2011 Deployable License
NI LabVIEW 2011 Deployment Framework
NI LabVIEW 2011 Real-Time NBFifo
NI LabVIEW 2011 Run-Time Engine Non-English Support.
NI LabVIEW Run-Time Engine 2011
NI LabVIEW Run-Time Engine Interop 2011
NI LabVIEW Web Server for Run-Time Engine
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original)
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated)
NI License Manager
NI Logos 5.3.0
NI Logos XT Support
NI Logos64 5.3.0
NI Logos64 XT Support
NI Math Kernel Libraries
NI Math Kernel Libraries (64-bit)
NI MDF Support
NI mDNS Responder 1.6 for Windows 64-bit
NI mDNS Responder 1.6.0
NI MXS 5.0.0
NI MXS 5.0.0 for 64 Bit Windows
NI OPC Support
NI SSL Support
NI SSL Support (64-bit)
NI System State Publisher
NI System State Publisher (64-bit)
NI System Web Server 2.0
NI System Web Server Base 2.0
NI System Web Server Base 2.0 (64-bit)
NI TDMS
NI TDMS (64-bit)
NI Trace Engine
NI Trace Engine (64-bit)
NI Uninstaller
NI USI 1.9.0
NI USI 1.9.0 64-Bit
NI Variable Engine (64-bit)
NI Variable Engine 2.5.0
NI VC2005MSMs x64
NI VC2005MSMs x86
NI VC2008MSMs x64
NI VC2008MSMs x86
NI Web Application Server 2.0
NI Web Application Server 2.0 (64-bit)
NI Xerces Delay Load 2.7.3
NI Xerces Delay Load 2.7.3 64-bit
Nokia Connectivity Cable Driver
Nokia Suite
OBO-Edit2 2.1.0
Octoshape add-in for Adobe Flash Player
Opera 12.00
PandoraRecovery (Remove Only)
PC Connectivity Solution
PDF Settings CS4
PFConfig 1.0.163
PhotoScape
Photoshop Camera Raw
Photoshop Camera Raw_x64
PowerISO
Pure Networks Platform
Realtek WLAN Driver
Revo Uninstaller 1.94
Rhapsody
RIM USB Driver 4.1.0
Router Screenshot Grabber 1.0.117
SAMSUNG USB Driver for Mobile Phones
SDFormatter
Skype Click to Call
Skype™ 6.0
Splashtop Streamer
Spotify
Steam
Stellar Phoenix Windows Data Recovery
Stellar Phoenix Windows v4.2
Suite Shared Configuration CS4
swMSM
Unity Web Player
UniversalBox
Universe Sandbox
WBFS Manager 3.0
WBFS Manager 4.0
WinDirStat 1.1.2
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Driver Package - UniversalBox Driver package (10/22/2009 2.06.00)
Windows Media Player Firefox Plugin
Windows Mobile Device Center
WinRAR 4.10 beta 5 (64-bit)
Xpand Rally
Your Uninstaller! 7
.
==== Event Viewer Messages From Past Week ========
.
12/28/2012 9:42:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
12/28/2012 9:42:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/28/2012 9:40:11 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 9:40:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/28/2012 9:40:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/28/2012 9:40:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/28/2012 9:39:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/28/2012 9:39:45 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CBDisk discache MDFSYSNT NetworkX SASDIFSV SASKUTIL SCDEmu spldr Wanarpv6
12/28/2012 9:37:11 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
12/28/2012 9:23:36 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
12/28/2012 8:57:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CBDisk discache MDFSYSNT NetworkX SCDEmu spldr Wanarpv6
12/28/2012 8:40:56 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/28/2012 8:40:26 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/28/2012 8:20:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
12/28/2012 7:57:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
12/28/2012 7:36:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/28/2012 7:24:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service COMSysApp with arguments "" in order to run the server: {182C40F0-32E4-11D0-818B-00A0C9231C29}
12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Extensible Authentication Protocol service, but this action failed with the following error: An instance of the service is already running.
12/28/2012 7:16:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
12/28/2012 7:15:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
12/28/2012 7:15:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Application Experience service, but this action failed with the following error: An instance of the service is already running.
12/28/2012 7:14:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Jamcast service to connect.
12/28/2012 7:14:54 PM, Error: Service Control Manager [7000] - The Jamcast service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:45 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:14:40 AM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/28/2012 7:12:51 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/28/2012 7:12:18 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
12/28/2012 2:56:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
12/28/2012 2:49:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WcesComm with arguments "" in order to run the server: {FF4C4832-2BEA-4472-98A3-F931BEB8F62B}
12/28/2012 2:38:15 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:34:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/28/2012 2:34:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/28/2012 2:24:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CBDisk DfsC discache MDFSYSNT NetBIOS NetBT NetworkX nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 2:24:41 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2012 11:36:10 AM, Error: Service Control Manager [7022] - The Windows Mobile-2003-based device connectivity service hung on starting.
12/28/2012 11:34:10 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
12/28/2012 11:33:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
12/28/2012 11:32:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.
12/28/2012 11:32:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
12/28/2012 11:31:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service.
12/28/2012 11:31:27 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
12/28/2012 11:31:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
12/28/2012 11:30:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapiMgr service.
12/28/2012 10:10:32 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 1:57:23 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
12/28/2012 1:49:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
12/28/2012 1:49:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SplashtopRemoteService service.
12/28/2012 1:47:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service.
12/28/2012 1:46:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
12/28/2012 1:46:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/28/2012 1:28:05 AM, Error: Service Control Manager [7034] - The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).
12/21/2012 9:08:25 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.104. The computer with the IP address 192.168.0.102 did not allow the name to be claimed by this computer.
12/21/2012 3:14:30 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HP-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C708EEA2-D231-465D-BF71-4884588D68A5}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
DDS.TXT
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_35
Run by Dibbs at 22:09:57 on 2012-12-28
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.2900 [GMT -5:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [spotify] "C:\Users\Dibbs\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [spotify Web Helper] "C:\Users\Dibbs\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Dibbs\AppData\Local\Akamai\netsession_win.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.110.223\AsusWSPanel.exe /S
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [MediaFace Integration] C:\Program Files (x86)\Fellowes\MediaFACE 5.0\SetHook.exe
mRun: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup
mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Photo Album 7\CorelIOMonitor.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [Jamcast System Tray Utility] "C:\Program Files (x86)\Jamcast\jctray.exe"
mRun: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C708EEA2-D231-465D-BF71-4884588D68A5}\F6074796D657D677966696 : DHCPNameServer = 10.240.205.161 10.240.205.162
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe"
x64-Run: [Getting started with MacDrive 8] "C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe" /auto
x64-Run: [Form Pilot Pro virtual printer agent] "C:\Program Files\Form Pilot Pro\fppragent.exe"
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel Photo Album 7\Corel Photo Downloader.exe" -startup
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dibbs\AppData\Roaming\Mozilla\Firefox\Profiles\zpncz643.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/
FF - prefs.js: network.proxy.ftp - 122.165.59.98
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 122.165.59.98
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 122.165.59.98
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 122.165.59.98
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll
FF - plugin: C:\Users\Dibbs\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dibbs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dibbs\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\System32\drivers\MDPMGRNT.SYS [2011-12-17 32424]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-15 283200]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-12-11 946688]
S0 MDFSYSNT;MacDrive file system driver;C:\Windows\System32\drivers\MDFSYSNT.SYS [2010-10-7 307888]
S1 CBDisk;CBDisk;C:\Windows\System32\drivers\CBDisk.sys [2011-12-17 70344]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Jamcast;Jamcast;C:\Program Files (x86)\Jamcast\jamcastsvc.exe [2012-7-9 64240]
S2 M4LIC;Mediafour M4LIC service;C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2010-7-20 205312]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-27 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-27 682344]
S2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336]
S2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264]
S2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-10 1038088]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech Webcam C260(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2012-12-28 36680]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-11 24176]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2011-11-1 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-11-1 171008]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2011-12-17 19936]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2011-12-17 13280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S4 MacDrive8Service;MacDrive 8 service;C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-8 149504]
S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256]
.
=============== Created Last 30 ================
.
2012-12-29 02:37:00 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\QuickScan
2012-12-29 02:16:59 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2012-12-29 02:02:30 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\SUPERAntiSpyware.com
2012-12-29 02:02:14 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-12-29 02:02:14 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-29 01:57:24 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-29 01:20:28 98816 ----a-w- C:\Windows\sed.exe
2012-12-29 01:20:28 256000 ----a-w- C:\Windows\PEV.exe
2012-12-29 01:20:28 208896 ----a-w- C:\Windows\MBR.exe
2012-12-29 00:57:36 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\EurekaLog
2012-12-29 00:54:42 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\URSoft
2012-12-29 00:54:39 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7
2012-12-29 00:54:28 -------- d-----w- C:\Users\Dibbs\AppData\Local\Babylon
2012-12-29 00:54:27 -------- d-----w- C:\Users\Dibbs\AppData\Roaming\Babylon
2012-12-29 00:54:27 -------- d-----w- C:\ProgramData\Babylon
2012-12-29 00:36:56 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFC8448-AE01-4C5C-863D-ABFF87C948AC}\mpengine.dll
2012-12-28 19:47:15 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-12-28 19:04:42 -------- d-----w- C:\Users\Dibbs\AppData\Local\Programs
2012-12-28 16:08:02 -------- d-----w- C:\Users\Dibbs\AppData\Local\RadonLabs
2012-12-28 16:03:20 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2012-12-08 16:09:27 33328 ----a-w- C:\Windows\System32\drivers\pnarp.sys
2012-12-08 16:09:20 35376 ----a-w- C:\Windows\System32\drivers\purendis.sys
2012-12-08 16:09:20 -------- d-----w- C:\Program Files (x86)\Common Files\Pure Networks Shared
2012-12-08 16:09:10 -------- d-----w- C:\ProgramData\Pure Networks
2012-12-05 03:11:29 -------- d-----w- C:\Program Files (x86)\Pure Networks
.
==================== Find3M ====================
.
2012-12-21 21:52:34 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-21 21:52:34 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-08 16:28:38 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2012-10-02 20:55:22 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-10-02 20:55:22 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-02 20:55:22 1034216 ----a-w- C:\Windows\System32\npdeployJava1.dll
.
============= FINISH: 22:10:44.18 ===============
-
Awww..... sorry to blow off there. Will post scan logs.
-
Remarks:
You should only have 1 MBAM installed, version 1.70.0.1100
Your system should not have 2.
If MBAM is getting stuck, I need for you to do any other steps/tools I outlined.
Regarding the DDS tool, I need a new run and then for you to copy/paste the new logs.
p.s.s. When starting a reply, you do not need (and I'd prefer you not use) the Quote button.
Just press the More Reply Options button at the bottom of forum window.
Oh, come on now !! I am not that daft to have two versions of Malwarebytes installed on the same computer.
I said "older version still works on my other computer". Installing the new version on any computer BY ITSELF gives the same problem.Not every one who complains about any software is clueless......
I said "older version still works on my
OUT OF THE BLUE - 705 infections -all real! What did I do?
in Resolved Malware Removal Logs
Posted
Thanks again! Much appreciated.
Can close this.