mtroyalguy
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by mtroyalguy
-
-
Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
TELUS security services
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
JavaFX 2.1.1
Java 6 Update 30
Java version out of Date!
Adobe Reader 10.1.5 Adobe Reader out of Date!
Google Chrome 24.0.1312.52
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Spybot Teatimer.exe is disabled!
Malwarebytes' Anti-Malware mbamscheduler.exe
Trend Micro AMSP coreServiceShell.exe
Trend Micro UniClient UiFrmWrk uiWatchDog.exe
Trend Micro AMSP coreFrameworkHost.exe
Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````
-
# AdwCleaner v2.105 - Logfile created 01/15/2013 at 22:52:47
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tyler - TYLER-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Tyler\Downloads\adwcleaner.exe
# Option [search]
***** [services] *****
***** [Files / Folders] *****
File Found : C:\END
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Users\Tyler\AppData\Local\Conduit
Folder Found : C:\Users\Tyler\AppData\LocalLow\Conduit
Folder Found : C:\Users\Tyler\AppData\LocalLow\PriceGong
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Google Chrome v24.0.1312.52
File : C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [3400 octets] - [01/01/2013 16:58:32]
AdwCleaner[R2].txt - [1502 octets] - [15/01/2013 22:52:47]
AdwCleaner[s1].txt - [3424 octets] - [01/01/2013 17:08:37]
########## EOF - C:\AdwCleaner[R2].txt - [1622 octets] ##########
-
ESET
C:\Users\Tyler\Documents\media\Plants vs Zombies Full Version\Plants vs Zombies Installer.exe Win32/InstallMonetizer.AH application
-
21:28:30.0276 0656 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:28:31.0011 0656 ============================================================
21:28:31.0011 0656 Current date / time: 2013/01/15 21:28:31.0011
21:28:31.0011 0656 SystemInfo:
21:28:31.0011 0656
21:28:31.0011 0656 OS Version: 6.1.7601 ServicePack: 1.0
21:28:31.0011 0656 Product type: Workstation
21:28:31.0011 0656 ComputerName: TYLER-LAPTOP
21:28:31.0011 0656 UserName: Tyler
21:28:31.0011 0656 Windows directory: C:\windows
21:28:31.0011 0656 System windows directory: C:\windows
21:28:31.0011 0656 Running under WOW64
21:28:31.0011 0656 Processor architecture: Intel x64
21:28:31.0011 0656 Number of processors: 2
21:28:31.0011 0656 Page size: 0x1000
21:28:31.0012 0656 Boot type: Normal boot
21:28:31.0012 0656 ============================================================
21:28:31.0596 0656 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:28:31.0600 0656 ============================================================
21:28:31.0600 0656 \Device\Harddisk0\DR0:
21:28:31.0601 0656 MBR partitions:
21:28:31.0601 0656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38778000
21:28:31.0601 0656 ============================================================
21:28:31.0627 0656 C: <-> \Device\Harddisk0\DR0\Partition1
21:28:31.0627 0656 ============================================================
21:28:31.0627 0656 Initialize success
21:28:31.0627 0656 ============================================================
21:28:33.0079 5344 ============================================================
21:28:33.0079 5344 Scan started
21:28:33.0079 5344 Mode: Manual;
21:28:33.0079 5344 ============================================================
21:28:34.0032 5344 ================ Scan system memory ========================
21:28:34.0032 5344 System memory - ok
21:28:34.0032 5344 ================ Scan services =============================
21:28:34.0357 5344 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:28:34.0362 5344 1394ohci - ok
21:28:34.0436 5344 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:28:34.0441 5344 ACPI - ok
21:28:34.0504 5344 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:28:34.0506 5344 AcpiPmi - ok
21:28:34.0593 5344 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:28:34.0595 5344 AdobeARMservice - ok
21:28:34.0713 5344 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:28:34.0715 5344 AdobeFlashPlayerUpdateSvc - ok
21:28:34.0782 5344 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:28:34.0789 5344 adp94xx - ok
21:28:34.0847 5344 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
21:28:34.0852 5344 adpahci - ok
21:28:34.0875 5344 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:28:34.0879 5344 adpu320 - ok
21:28:34.0926 5344 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:28:34.0928 5344 AeLookupSvc - ok
21:28:34.0985 5344 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:28:34.0991 5344 AFD - ok
21:28:35.0025 5344 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:28:35.0027 5344 agp440 - ok
21:28:35.0058 5344 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:28:35.0061 5344 ALG - ok
21:28:35.0089 5344 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:28:35.0090 5344 aliide - ok
21:28:35.0106 5344 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:28:35.0108 5344 amdide - ok
21:28:35.0127 5344 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:28:35.0129 5344 AmdK8 - ok
21:28:35.0144 5344 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:28:35.0146 5344 AmdPPM - ok
21:28:35.0183 5344 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:28:35.0185 5344 amdsata - ok
21:28:35.0205 5344 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:28:35.0208 5344 amdsbs - ok
21:28:35.0225 5344 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:28:35.0226 5344 amdxata - ok
21:28:35.0340 5344 [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
21:28:35.0342 5344 Amsp - ok
21:28:35.0363 5344 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:28:35.0366 5344 AppID - ok
21:28:35.0392 5344 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:28:35.0394 5344 AppIDSvc - ok
21:28:35.0410 5344 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:28:35.0412 5344 Appinfo - ok
21:28:35.0457 5344 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
21:28:35.0459 5344 arc - ok
21:28:35.0469 5344 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
21:28:35.0472 5344 arcsas - ok
21:28:35.0493 5344 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:28:35.0495 5344 AsyncMac - ok
21:28:35.0518 5344 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:28:35.0519 5344 atapi - ok
21:28:35.0569 5344 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:28:35.0578 5344 AudioEndpointBuilder - ok
21:28:35.0589 5344 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:28:35.0594 5344 AudioSrv - ok
21:28:35.0629 5344 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:28:35.0632 5344 AxInstSV - ok
21:28:35.0672 5344 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:28:35.0678 5344 b06bdrv - ok
21:28:35.0717 5344 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:28:35.0721 5344 b57nd60a - ok
21:28:35.0760 5344 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:28:35.0762 5344 BDESVC - ok
21:28:35.0783 5344 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:28:35.0785 5344 Beep - ok
21:28:35.0826 5344 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:28:35.0835 5344 BFE - ok
21:28:35.0881 5344 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
21:28:35.0892 5344 BITS - ok
21:28:35.0932 5344 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:28:35.0934 5344 blbdrive - ok
21:28:35.0957 5344 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:28:35.0959 5344 bowser - ok
21:28:35.0990 5344 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:28:35.0991 5344 BrFiltLo - ok
21:28:36.0019 5344 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:28:36.0020 5344 BrFiltUp - ok
21:28:36.0067 5344 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:28:36.0069 5344 BridgeMP - ok
21:28:36.0108 5344 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:28:36.0111 5344 Browser - ok
21:28:36.0151 5344 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:28:36.0155 5344 Brserid - ok
21:28:36.0166 5344 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:28:36.0168 5344 BrSerWdm - ok
21:28:36.0206 5344 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:28:36.0208 5344 BrUsbMdm - ok
21:28:36.0216 5344 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:28:36.0218 5344 BrUsbSer - ok
21:28:36.0234 5344 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:28:36.0236 5344 BTHMODEM - ok
21:28:36.0276 5344 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:28:36.0278 5344 bthserv - ok
21:28:36.0312 5344 catchme - ok
21:28:36.0342 5344 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:28:36.0344 5344 cdfs - ok
21:28:36.0377 5344 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:28:36.0380 5344 cdrom - ok
21:28:36.0419 5344 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:28:36.0421 5344 CertPropSvc - ok
21:28:36.0451 5344 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
21:28:36.0453 5344 circlass - ok
21:28:36.0481 5344 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:28:36.0486 5344 CLFS - ok
21:28:36.0570 5344 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:28:36.0572 5344 clr_optimization_v2.0.50727_32 - ok
21:28:36.0650 5344 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:28:36.0653 5344 clr_optimization_v2.0.50727_64 - ok
21:28:36.0729 5344 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:28:36.0731 5344 clr_optimization_v4.0.30319_32 - ok
21:28:36.0774 5344 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:28:36.0775 5344 clr_optimization_v4.0.30319_64 - ok
21:28:36.0803 5344 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:28:36.0805 5344 CmBatt - ok
21:28:36.0818 5344 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:28:36.0820 5344 cmdide - ok
21:28:36.0875 5344 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:28:36.0881 5344 CNG - ok
21:28:36.0970 5344 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:28:36.0971 5344 Compbatt - ok
21:28:36.0980 5344 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
21:28:36.0982 5344 CompositeBus - ok
21:28:36.0996 5344 COMSysApp - ok
21:28:37.0044 5344 [ 723E3512D6D1FF75E5398981B38FCEF7 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
21:28:37.0048 5344 cphs - ok
21:28:37.0061 5344 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:28:37.0063 5344 crcdisk - ok
21:28:37.0125 5344 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
21:28:37.0128 5344 CryptSvc - ok
21:28:37.0162 5344 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:28:37.0169 5344 DcomLaunch - ok
21:28:37.0196 5344 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:28:37.0200 5344 defragsvc - ok
21:28:37.0230 5344 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:28:37.0232 5344 DfsC - ok
21:28:37.0273 5344 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:28:37.0278 5344 Dhcp - ok
21:28:37.0317 5344 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:28:37.0319 5344 discache - ok
21:28:37.0344 5344 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
21:28:37.0346 5344 Disk - ok
21:28:37.0369 5344 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:28:37.0372 5344 Dnscache - ok
21:28:37.0388 5344 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:28:37.0392 5344 dot3svc - ok
21:28:37.0412 5344 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:28:37.0415 5344 DPS - ok
21:28:37.0451 5344 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:28:37.0453 5344 drmkaud - ok
21:28:37.0486 5344 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:28:37.0493 5344 DXGKrnl - ok
21:28:37.0530 5344 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:28:37.0533 5344 EapHost - ok
21:28:37.0619 5344 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
21:28:37.0687 5344 ebdrv - ok
21:28:37.0748 5344 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:28:37.0750 5344 EFS - ok
21:28:37.0809 5344 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:28:37.0818 5344 ehRecvr - ok
21:28:37.0835 5344 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:28:37.0837 5344 ehSched - ok
21:28:37.0878 5344 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:28:37.0885 5344 elxstor - ok
21:28:37.0900 5344 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:28:37.0902 5344 ErrDev - ok
21:28:37.0940 5344 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:28:37.0946 5344 EventSystem - ok
21:28:37.0967 5344 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:28:37.0970 5344 exfat - ok
21:28:37.0999 5344 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:28:38.0002 5344 fastfat - ok
21:28:38.0038 5344 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:28:38.0047 5344 Fax - ok
21:28:38.0070 5344 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
21:28:38.0072 5344 fdc - ok
21:28:38.0101 5344 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:28:38.0103 5344 fdPHost - ok
21:28:38.0117 5344 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:28:38.0119 5344 FDResPub - ok
21:28:38.0148 5344 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:28:38.0151 5344 FileInfo - ok
21:28:38.0154 5344 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:28:38.0157 5344 Filetrace - ok
21:28:38.0177 5344 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:28:38.0179 5344 flpydisk - ok
21:28:38.0209 5344 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:28:38.0213 5344 FltMgr - ok
21:28:38.0345 5344 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:28:38.0359 5344 FontCache - ok
21:28:38.0436 5344 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:28:38.0438 5344 FontCache3.0.0.0 - ok
21:28:38.0462 5344 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:28:38.0464 5344 FsDepends - ok
21:28:38.0499 5344 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
21:28:38.0501 5344 fssfltr - ok
21:28:38.0601 5344 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:28:38.0618 5344 fsssvc - ok
21:28:38.0647 5344 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:28:38.0649 5344 Fs_Rec - ok
21:28:38.0671 5344 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:28:38.0675 5344 fvevol - ok
21:28:38.0706 5344 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:28:38.0708 5344 gagp30kx - ok
21:28:38.0782 5344 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:28:38.0785 5344 GamesAppService - ok
21:28:38.0825 5344 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:28:38.0837 5344 gpsvc - ok
21:28:38.0890 5344 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:28:38.0892 5344 gupdate - ok
21:28:38.0902 5344 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:28:38.0904 5344 gupdatem - ok
21:28:38.0949 5344 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:28:38.0951 5344 hcw85cir - ok
21:28:39.0021 5344 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:28:39.0033 5344 HdAudAddService - ok
21:28:39.0053 5344 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:28:39.0055 5344 HDAudBus - ok
21:28:39.0070 5344 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:28:39.0072 5344 HidBatt - ok
21:28:39.0097 5344 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:28:39.0099 5344 HidBth - ok
21:28:39.0124 5344 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
21:28:39.0126 5344 HidIr - ok
21:28:39.0152 5344 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:28:39.0154 5344 hidserv - ok
21:28:39.0198 5344 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:28:39.0200 5344 HidUsb - ok
21:28:39.0235 5344 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:28:39.0238 5344 hkmsvc - ok
21:28:39.0269 5344 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:28:39.0273 5344 HomeGroupListener - ok
21:28:39.0299 5344 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:28:39.0303 5344 HomeGroupProvider - ok
21:28:39.0326 5344 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:28:39.0329 5344 HpSAMD - ok
21:28:39.0372 5344 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:28:39.0381 5344 HTTP - ok
21:28:39.0398 5344 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:28:39.0400 5344 hwpolicy - ok
21:28:39.0429 5344 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:28:39.0431 5344 i8042prt - ok
21:28:39.0470 5344 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:28:39.0474 5344 iaStor - ok
21:28:39.0504 5344 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:28:39.0510 5344 iaStorV - ok
21:28:39.0581 5344 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:28:39.0591 5344 idsvc - ok
21:28:39.0868 5344 [ 9AA61DC7AA32C1D1260C4267FF07E0C1 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:28:40.0119 5344 igfx - ok
21:28:40.0169 5344 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:28:40.0171 5344 iirsp - ok
21:28:40.0215 5344 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:28:40.0225 5344 IKEEXT - ok
21:28:40.0336 5344 [ 7C49C45A86CC0CD59C36701FB2A91E77 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:28:40.0362 5344 IntcAzAudAddService - ok
21:28:40.0409 5344 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:28:40.0413 5344 IntcDAud - ok
21:28:40.0493 5344 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:28:40.0497 5344 Intel® Capability Licensing Service Interface - ok
21:28:40.0538 5344 [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
21:28:40.0540 5344 Intel® ME Service - ok
21:28:40.0558 5344 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:28:40.0560 5344 intelide - ok
21:28:40.0602 5344 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:28:40.0603 5344 intelppm - ok
21:28:40.0636 5344 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:28:40.0639 5344 IPBusEnum - ok
21:28:40.0651 5344 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:28:40.0653 5344 IpFilterDriver - ok
21:28:40.0703 5344 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:28:40.0711 5344 iphlpsvc - ok
21:28:40.0728 5344 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:28:40.0730 5344 IPMIDRV - ok
21:28:40.0752 5344 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:28:40.0755 5344 IPNAT - ok
21:28:40.0781 5344 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:28:40.0783 5344 IRENUM - ok
21:28:40.0799 5344 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:28:40.0801 5344 isapnp - ok
21:28:40.0837 5344 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:28:40.0842 5344 iScsiPrt - ok
21:28:40.0909 5344 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
21:28:40.0910 5344 iusb3hcs - ok
21:28:40.0933 5344 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
21:28:40.0936 5344 iusb3hub - ok
21:28:40.0956 5344 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
21:28:40.0961 5344 iusb3xhc - ok
21:28:41.0000 5344 [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:28:41.0002 5344 jhi_service - ok
21:28:41.0022 5344 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:28:41.0023 5344 kbdclass - ok
21:28:41.0057 5344 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:28:41.0058 5344 kbdhid - ok
21:28:41.0071 5344 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:28:41.0072 5344 KeyIso - ok
21:28:41.0104 5344 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:28:41.0106 5344 KSecDD - ok
21:28:41.0111 5344 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:28:41.0114 5344 KSecPkg - ok
21:28:41.0143 5344 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:28:41.0145 5344 ksthunk - ok
21:28:41.0181 5344 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:28:41.0186 5344 KtmRm - ok
21:28:41.0233 5344 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
21:28:41.0237 5344 LanmanServer - ok
21:28:41.0268 5344 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:28:41.0271 5344 LanmanWorkstation - ok
21:28:41.0306 5344 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:28:41.0309 5344 lltdio - ok
21:28:41.0326 5344 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:28:41.0331 5344 lltdsvc - ok
21:28:41.0371 5344 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:28:41.0373 5344 lmhosts - ok
21:28:41.0431 5344 [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:28:41.0433 5344 LMS - ok
21:28:41.0456 5344 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:28:41.0459 5344 LSI_FC - ok
21:28:41.0485 5344 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:28:41.0488 5344 LSI_SAS - ok
21:28:41.0499 5344 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:28:41.0502 5344 LSI_SAS2 - ok
21:28:41.0521 5344 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:28:41.0523 5344 LSI_SCSI - ok
21:28:41.0542 5344 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:28:41.0545 5344 luafv - ok
21:28:41.0595 5344 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
21:28:41.0596 5344 MBAMProtector - ok
21:28:41.0665 5344 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:28:41.0704 5344 MBAMScheduler - ok
21:28:41.0738 5344 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:28:41.0789 5344 MBAMService - ok
21:28:41.0817 5344 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:28:41.0820 5344 Mcx2Svc - ok
21:28:41.0840 5344 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
21:28:41.0842 5344 megasas - ok
21:28:41.0877 5344 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:28:41.0882 5344 MegaSR - ok
21:28:41.0919 5344 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:28:41.0920 5344 MEIx64 - ok
21:28:41.0961 5344 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:28:41.0964 5344 MMCSS - ok
21:28:41.0980 5344 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:28:41.0982 5344 Modem - ok
21:28:42.0015 5344 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:28:42.0016 5344 monitor - ok
21:28:42.0028 5344 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:28:42.0030 5344 mouclass - ok
21:28:42.0055 5344 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:28:42.0057 5344 mouhid - ok
21:28:42.0072 5344 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:28:42.0074 5344 mountmgr - ok
21:28:42.0089 5344 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:28:42.0093 5344 mpio - ok
21:28:42.0108 5344 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:28:42.0111 5344 mpsdrv - ok
21:28:42.0143 5344 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:28:42.0153 5344 MpsSvc - ok
21:28:42.0169 5344 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:28:42.0172 5344 MRxDAV - ok
21:28:42.0204 5344 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:28:42.0206 5344 mrxsmb - ok
21:28:42.0217 5344 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:28:42.0222 5344 mrxsmb10 - ok
21:28:42.0239 5344 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:28:42.0241 5344 mrxsmb20 - ok
21:28:42.0264 5344 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
21:28:42.0266 5344 msahci - ok
21:28:42.0280 5344 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:28:42.0283 5344 msdsm - ok
21:28:42.0300 5344 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:28:42.0304 5344 MSDTC - ok
21:28:42.0326 5344 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:28:42.0327 5344 Msfs - ok
21:28:42.0346 5344 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:28:42.0347 5344 mshidkmdf - ok
21:28:42.0354 5344 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:28:42.0356 5344 msisadrv - ok
21:28:42.0377 5344 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:28:42.0380 5344 MSiSCSI - ok
21:28:42.0384 5344 msiserver - ok
21:28:42.0419 5344 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:28:42.0421 5344 MSKSSRV - ok
21:28:42.0429 5344 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:28:42.0431 5344 MSPCLOCK - ok
21:28:42.0438 5344 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:28:42.0440 5344 MSPQM - ok
21:28:42.0461 5344 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:28:42.0466 5344 MsRPC - ok
21:28:42.0484 5344 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
21:28:42.0485 5344 mssmbios - ok
21:28:42.0498 5344 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:28:42.0500 5344 MSTEE - ok
21:28:42.0519 5344 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:28:42.0521 5344 MTConfig - ok
21:28:42.0535 5344 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:28:42.0537 5344 Mup - ok
21:28:42.0573 5344 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:28:42.0580 5344 napagent - ok
21:28:42.0620 5344 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:28:42.0625 5344 NativeWifiP - ok
21:28:42.0686 5344 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:28:42.0697 5344 NDIS - ok
21:28:42.0739 5344 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:28:42.0740 5344 NdisCap - ok
21:28:42.0761 5344 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:28:42.0763 5344 NdisTapi - ok
21:28:42.0779 5344 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:28:42.0780 5344 Ndisuio - ok
21:28:42.0792 5344 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:28:42.0795 5344 NdisWan - ok
21:28:42.0818 5344 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:28:42.0820 5344 NDProxy - ok
21:28:42.0857 5344 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:28:42.0858 5344 NetBIOS - ok
21:28:42.0872 5344 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:28:42.0876 5344 NetBT - ok
21:28:42.0905 5344 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:28:42.0907 5344 Netlogon - ok
21:28:42.0956 5344 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:28:42.0962 5344 Netman - ok
21:28:42.0985 5344 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:28:42.0991 5344 netprofm - ok
21:28:43.0019 5344 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:28:43.0022 5344 NetTcpPortSharing - ok
21:28:43.0060 5344 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:28:43.0062 5344 nfrd960 - ok
21:28:43.0084 5344 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:28:43.0089 5344 NlaSvc - ok
21:28:43.0106 5344 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:28:43.0107 5344 Npfs - ok
21:28:43.0134 5344 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:28:43.0136 5344 nsi - ok
21:28:43.0151 5344 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:28:43.0153 5344 nsiproxy - ok
21:28:43.0211 5344 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:28:43.0229 5344 Ntfs - ok
21:28:43.0260 5344 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:28:43.0261 5344 Null - ok
21:28:43.0292 5344 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:28:43.0295 5344 nvraid - ok
21:28:43.0310 5344 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:28:43.0313 5344 nvstor - ok
21:28:43.0342 5344 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:28:43.0345 5344 nv_agp - ok
21:28:43.0360 5344 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:28:43.0362 5344 ohci1394 - ok
21:28:43.0394 5344 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:28:43.0399 5344 p2pimsvc - ok
21:28:43.0415 5344 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:28:43.0422 5344 p2psvc - ok
21:28:43.0442 5344 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
21:28:43.0445 5344 Parport - ok
21:28:43.0463 5344 Partizan - ok
21:28:43.0492 5344 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:28:43.0494 5344 partmgr - ok
21:28:43.0525 5344 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:28:43.0529 5344 PcaSvc - ok
21:28:43.0556 5344 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:28:43.0559 5344 pci - ok
21:28:43.0579 5344 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
21:28:43.0581 5344 pciide - ok
21:28:43.0623 5344 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:28:43.0627 5344 pcmcia - ok
21:28:43.0642 5344 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:28:43.0643 5344 pcw - ok
21:28:43.0667 5344 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:28:43.0676 5344 PEAUTH - ok
21:28:43.0760 5344 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:28:43.0763 5344 PerfHost - ok
21:28:43.0822 5344 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:28:43.0839 5344 pla - ok
21:28:43.0879 5344 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:28:43.0885 5344 PlugPlay - ok
21:28:43.0912 5344 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:28:43.0915 5344 PNRPAutoReg - ok
21:28:43.0927 5344 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:28:43.0930 5344 PNRPsvc - ok
21:28:43.0963 5344 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:28:43.0970 5344 PolicyAgent - ok
21:28:43.0988 5344 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
21:28:43.0992 5344 Power - ok
21:28:44.0022 5344 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:28:44.0025 5344 PptpMiniport - ok
21:28:44.0040 5344 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
21:28:44.0043 5344 Processor - ok
21:28:44.0076 5344 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:28:44.0079 5344 ProfSvc - ok
21:28:44.0094 5344 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:28:44.0096 5344 ProtectedStorage - ok
21:28:44.0123 5344 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:28:44.0125 5344 Psched - ok
21:28:44.0188 5344 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:28:44.0205 5344 ql2300 - ok
21:28:44.0227 5344 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:28:44.0230 5344 ql40xx - ok
21:28:44.0260 5344 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:28:44.0265 5344 QWAVE - ok
21:28:44.0290 5344 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:28:44.0292 5344 QWAVEdrv - ok
21:28:44.0363 5344 [ E6E6FF608EBCE808298F8EF08D1DDABA ] Radialpoint Security Services C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RpsSecurityAwareR.exe
21:28:44.0365 5344 Radialpoint Security Services - ok
21:28:44.0384 5344 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:28:44.0385 5344 RasAcd - ok
21:28:44.0419 5344 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:28:44.0420 5344 RasAgileVpn - ok
21:28:44.0449 5344 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:28:44.0452 5344 RasAuto - ok
21:28:44.0476 5344 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:28:44.0479 5344 Rasl2tp - ok
21:28:44.0512 5344 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:28:44.0518 5344 RasMan - ok
21:28:44.0534 5344 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:28:44.0536 5344 RasPppoe - ok
21:28:44.0556 5344 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:28:44.0559 5344 RasSstp - ok
21:28:44.0573 5344 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:28:44.0577 5344 rdbss - ok
21:28:44.0602 5344 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:28:44.0604 5344 rdpbus - ok
21:28:44.0620 5344 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:28:44.0621 5344 RDPCDD - ok
21:28:44.0634 5344 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:28:44.0635 5344 RDPENCDD - ok
21:28:44.0648 5344 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:28:44.0650 5344 RDPREFMP - ok
21:28:44.0679 5344 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:28:44.0683 5344 RDPWD - ok
21:28:44.0716 5344 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:28:44.0719 5344 rdyboost - ok
21:28:44.0745 5344 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:28:44.0748 5344 RemoteAccess - ok
21:28:44.0772 5344 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:28:44.0775 5344 RemoteRegistry - ok
21:28:44.0803 5344 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:28:44.0806 5344 RpcEptMapper - ok
21:28:44.0833 5344 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:28:44.0835 5344 RpcLocator - ok
21:28:44.0907 5344 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:28:44.0912 5344 RpcSs - ok
21:28:44.0930 5344 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:28:44.0932 5344 rspndr - ok
21:28:44.0965 5344 [ BB1C3DF1D6CC0972E9C7268A19E62D2E ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:28:44.0967 5344 RSUSBSTOR - ok
21:28:45.0003 5344 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:28:45.0007 5344 RTL8167 - ok
21:28:45.0057 5344 [ F33E70E48A54A7A1BFBEEB4F3B273E4A ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
21:28:45.0064 5344 RTL8192Ce - ok
21:28:45.0072 5344 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:28:45.0073 5344 SamSs - ok
21:28:45.0095 5344 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:28:45.0098 5344 sbp2port - ok
21:28:45.0130 5344 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:28:45.0135 5344 SCardSvr - ok
21:28:45.0159 5344 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:28:45.0161 5344 scfilter - ok
21:28:45.0197 5344 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:28:45.0210 5344 Schedule - ok
21:28:45.0231 5344 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:28:45.0233 5344 SCPolicySvc - ok
21:28:45.0262 5344 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:28:45.0266 5344 SDRSVC - ok
21:28:45.0335 5344 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:28:45.0342 5344 SDScannerService - ok
21:28:45.0418 5344 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:28:45.0427 5344 SDUpdateService - ok
21:28:45.0479 5344 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:28:45.0481 5344 SDWSCService - ok
21:28:45.0500 5344 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:28:45.0502 5344 secdrv - ok
21:28:45.0525 5344 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:28:45.0527 5344 seclogon - ok
21:28:45.0556 5344 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:28:45.0559 5344 SENS - ok
21:28:45.0570 5344 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:28:45.0573 5344 SensrSvc - ok
21:28:45.0595 5344 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
21:28:45.0597 5344 Serenum - ok
21:28:45.0633 5344 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
21:28:45.0635 5344 Serial - ok
21:28:45.0660 5344 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
21:28:45.0662 5344 sermouse - ok
21:28:45.0944 5344 [ 92FE5797E7FB6E405254AF0EBC9A53B4 ] ServicepointService C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe
21:28:46.0005 5344 ServicepointService - ok
21:28:46.0032 5344 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:28:46.0036 5344 SessionEnv - ok
21:28:46.0055 5344 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:28:46.0057 5344 sffdisk - ok
21:28:46.0074 5344 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:28:46.0076 5344 sffp_mmc - ok
21:28:46.0094 5344 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:28:46.0095 5344 sffp_sd - ok
21:28:46.0107 5344 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:28:46.0108 5344 sfloppy - ok
21:28:46.0132 5344 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:28:46.0137 5344 SharedAccess - ok
21:28:46.0163 5344 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:28:46.0169 5344 ShellHWDetection - ok
21:28:46.0200 5344 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:28:46.0202 5344 SiSRaid2 - ok
21:28:46.0217 5344 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:28:46.0220 5344 SiSRaid4 - ok
21:28:46.0257 5344 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:28:46.0259 5344 SkypeUpdate - ok
21:28:46.0294 5344 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:28:46.0296 5344 Smb - ok
21:28:46.0345 5344 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:28:46.0347 5344 SNMPTRAP - ok
21:28:46.0354 5344 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:28:46.0355 5344 spldr - ok
21:28:46.0392 5344 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:28:46.0397 5344 Spooler - ok
21:28:46.0472 5344 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:28:46.0495 5344 sppsvc - ok
21:28:46.0514 5344 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:28:46.0517 5344 sppuinotify - ok
21:28:46.0544 5344 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:28:46.0550 5344 srv - ok
21:28:46.0566 5344 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:28:46.0571 5344 srv2 - ok
21:28:46.0584 5344 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:28:46.0587 5344 srvnet - ok
21:28:46.0615 5344 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:28:46.0620 5344 SSDPSRV - ok
21:28:46.0634 5344 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:28:46.0637 5344 SstpSvc - ok
21:28:46.0689 5344 Steam Client Service - ok
21:28:46.0706 5344 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
21:28:46.0708 5344 stexstor - ok
21:28:46.0738 5344 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:28:46.0746 5344 stisvc - ok
21:28:46.0769 5344 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
21:28:46.0770 5344 swenum - ok
21:28:46.0805 5344 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:28:46.0813 5344 swprv - ok
21:28:46.0873 5344 [ B868E292FBA5B62B9FC71572A5FAEF5C ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:28:46.0876 5344 SynTP - ok
21:28:46.0942 5344 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:28:46.0962 5344 SysMain - ok
21:28:46.0971 5344 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:28:46.0974 5344 TabletInputService - ok
21:28:47.0002 5344 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:28:47.0008 5344 TapiSrv - ok
21:28:47.0020 5344 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:28:47.0023 5344 TBS - ok
21:28:47.0095 5344 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:28:47.0116 5344 Tcpip - ok
21:28:47.0172 5344 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:28:47.0185 5344 TCPIP6 - ok
21:28:47.0226 5344 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:28:47.0228 5344 tcpipreg - ok
21:28:47.0275 5344 TDEIO - ok
21:28:47.0298 5344 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:28:47.0300 5344 TDPIPE - ok
21:28:47.0312 5344 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:28:47.0314 5344 TDTCP - ok
21:28:47.0339 5344 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:28:47.0342 5344 tdx - ok
21:28:47.0356 5344 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
21:28:47.0358 5344 TermDD - ok
21:28:47.0391 5344 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:28:47.0400 5344 TermService - ok
21:28:47.0410 5344 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:28:47.0413 5344 Themes - ok
21:28:47.0429 5344 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:28:47.0431 5344 THREADORDER - ok
21:28:47.0464 5344 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
21:28:47.0466 5344 tmactmon - ok
21:28:47.0484 5344 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
21:28:47.0485 5344 tmcomm - ok
21:28:47.0503 5344 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
21:28:47.0504 5344 tmevtmgr - ok
21:28:47.0545 5344 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
21:28:47.0546 5344 tmtdi - ok
21:28:47.0589 5344 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
21:28:47.0595 5344 tos_sps64 - ok
21:28:47.0621 5344 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:28:47.0625 5344 TrkWks - ok
21:28:47.0670 5344 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:28:47.0673 5344 TrustedInstaller - ok
21:28:47.0698 5344 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:28:47.0700 5344 tssecsrv - ok
21:28:47.0723 5344 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:28:47.0725 5344 TsUsbFlt - ok
21:28:47.0744 5344 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:28:47.0746 5344 TsUsbGD - ok
21:28:47.0781 5344 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:28:47.0784 5344 tunnel - ok
21:28:47.0803 5344 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:28:47.0804 5344 TVALZ - ok
21:28:47.0816 5344 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:28:47.0818 5344 uagp35 - ok
21:28:47.0843 5344 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:28:47.0847 5344 udfs - ok
21:28:47.0877 5344 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:28:47.0880 5344 UI0Detect - ok
21:28:47.0899 5344 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:28:47.0901 5344 uliagpkx - ok
21:28:47.0929 5344 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:28:47.0930 5344 umbus - ok
21:28:47.0956 5344 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
21:28:47.0957 5344 UmPass - ok
21:28:48.0047 5344 [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:28:48.0050 5344 UNS - ok
21:28:48.0076 5344 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:28:48.0082 5344 upnphost - ok
21:28:48.0104 5344 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:28:48.0107 5344 usbccgp - ok
21:28:48.0128 5344 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:28:48.0131 5344 usbcir - ok
21:28:48.0150 5344 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:28:48.0152 5344 usbehci - ok
21:28:48.0189 5344 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:28:48.0193 5344 usbhub - ok
21:28:48.0211 5344 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:28:48.0213 5344 usbohci - ok
21:28:48.0241 5344 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:28:48.0243 5344 usbprint - ok
21:28:48.0342 5344 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:28:48.0344 5344 usbscan - ok
21:28:48.0362 5344 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:28:48.0365 5344 USBSTOR - ok
21:28:48.0394 5344 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:28:48.0396 5344 usbuhci - ok
21:28:48.0440 5344 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:28:48.0443 5344 usbvideo - ok
21:28:48.0472 5344 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:28:48.0475 5344 UxSms - ok
21:28:48.0483 5344 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:28:48.0484 5344 VaultSvc - ok
21:28:48.0509 5344 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:28:48.0510 5344 vdrvroot - ok
21:28:48.0539 5344 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:28:48.0547 5344 vds - ok
21:28:48.0567 5344 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:28:48.0569 5344 vga - ok
21:28:48.0584 5344 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:28:48.0586 5344 VgaSave - ok
21:28:48.0602 5344 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:28:48.0606 5344 vhdmp - ok
21:28:48.0625 5344 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:28:48.0627 5344 viaide - ok
21:28:48.0654 5344 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:28:48.0656 5344 volmgr - ok
21:28:48.0677 5344 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:28:48.0682 5344 volmgrx - ok
21:28:48.0704 5344 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
21:28:48.0707 5344 volsnap - ok
21:28:48.0739 5344 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:28:48.0742 5344 vsmraid - ok
21:28:48.0797 5344 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:28:48.0809 5344 VSS - ok
21:28:48.0827 5344 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:28:48.0829 5344 vwifibus - ok
21:28:48.0872 5344 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:28:48.0874 5344 vwififlt - ok
21:28:48.0915 5344 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:28:48.0917 5344 vwifimp - ok
21:28:48.0949 5344 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:28:48.0955 5344 W32Time - ok
21:28:48.0975 5344 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:28:48.0977 5344 WacomPen - ok
21:28:49.0000 5344 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:28:49.0003 5344 WANARP - ok
21:28:49.0018 5344 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:28:49.0019 5344 Wanarpv6 - ok
21:28:49.0079 5344 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:28:49.0094 5344 WatAdminSvc - ok
21:28:49.0142 5344 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:28:49.0160 5344 wbengine - ok
21:28:49.0178 5344 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:28:49.0182 5344 WbioSrvc - ok
21:28:49.0218 5344 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:28:49.0224 5344 wcncsvc - ok
21:28:49.0236 5344 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:28:49.0239 5344 WcsPlugInService - ok
21:28:49.0263 5344 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
21:28:49.0264 5344 Wd - ok
21:28:49.0309 5344 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:28:49.0319 5344 Wdf01000 - ok
21:28:49.0343 5344 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:28:49.0347 5344 WdiServiceHost - ok
21:28:49.0350 5344 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:28:49.0353 5344 WdiSystemHost - ok
21:28:49.0374 5344 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:28:49.0379 5344 WebClient - ok
21:28:49.0391 5344 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:28:49.0396 5344 Wecsvc - ok
21:28:49.0424 5344 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:28:49.0427 5344 wercplsupport - ok
21:28:49.0450 5344 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:28:49.0453 5344 WerSvc - ok
21:28:49.0461 5344 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:28:49.0462 5344 WfpLwf - ok
21:28:49.0492 5344 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:28:49.0494 5344 WIMMount - ok
21:28:49.0508 5344 WinDefend - ok
21:28:49.0513 5344 WinHttpAutoProxySvc - ok
21:28:49.0563 5344 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:28:49.0567 5344 Winmgmt - ok
21:28:49.0626 5344 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:28:49.0650 5344 WinRM - ok
21:28:49.0699 5344 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:28:49.0711 5344 Wlansvc - ok
21:28:49.0773 5344 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:28:49.0775 5344 wlcrasvc - ok
21:28:49.0837 5344 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:28:49.0852 5344 wlidsvc - ok
21:28:49.0878 5344 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
21:28:49.0879 5344 WmiAcpi - ok
21:28:49.0906 5344 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:28:49.0910 5344 wmiApSrv - ok
21:28:49.0941 5344 WMPNetworkSvc - ok
21:28:49.0967 5344 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:28:49.0969 5344 WPCSvc - ok
21:28:49.0985 5344 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:28:49.0988 5344 WPDBusEnum - ok
21:28:50.0010 5344 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:28:50.0012 5344 ws2ifsl - ok
21:28:50.0040 5344 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
21:28:50.0043 5344 wscsvc - ok
21:28:50.0047 5344 WSearch - ok
21:28:50.0108 5344 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:28:50.0136 5344 wuauserv - ok
21:28:50.0160 5344 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:28:50.0163 5344 WudfPf - ok
21:28:50.0191 5344 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:28:50.0195 5344 WUDFRd - ok
21:28:50.0220 5344 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:28:50.0223 5344 wudfsvc - ok
21:28:50.0245 5344 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\windows\System32\wwansvc.dll
21:28:50.0250 5344 WwanSvc - ok
21:28:50.0272 5344 ================ Scan global ===============================
21:28:50.0297 5344 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:28:50.0331 5344 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
21:28:50.0339 5344 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
21:28:50.0363 5344 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:28:50.0392 5344 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:28:50.0396 5344 [Global] - ok
21:28:50.0397 5344 ================ Scan MBR ==================================
21:28:50.0408 5344 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:28:50.0634 5344 \Device\Harddisk0\DR0 - ok
21:28:50.0635 5344 ================ Scan VBR ==================================
21:28:50.0643 5344 [ 952C4584D5D595A10AF3BC2D7E2F8A5C ] \Device\Harddisk0\DR0\Partition1
21:28:50.0645 5344 \Device\Harddisk0\DR0\Partition1 - ok
21:28:50.0646 5344 ============================================================
21:28:50.0646 5344 Scan finished
21:28:50.0646 5344 ============================================================
21:28:50.0657 3820 Detected object count: 0
21:28:50.0657 3820 Actual detected object count: 0
21:29:11.0242 6956 Deinitialize success
-
Didn't know it was there, left over from my ex. Gone now. What is the next step.
-
ComboFix 13-01-06.01 - Tyler 07/01/2013 17:25:03.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3986.2170 [GMT -7:00]
Running from: c:\users\Tyler\Downloads\ComboFix.exe
AV: TELUS security services *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: TELUS security services *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Tyler\AppData\Roaming\PlantsVsZombiesSetup_20110727_2_1.com
.
.
((((((((((((((((((((((((( Files Created from 2012-12-08 to 2013-01-08 )))))))))))))))))))))))))))))))
.
.
2013-01-08 01:39 . 2013-01-08 01:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-06 20:10 . 2013-01-06 20:10 -------- d-----w- c:\users\Tyler\AppData\Roaming\AnvSoft
2013-01-06 20:10 . 2013-01-06 20:10 -------- d-----w- c:\program files (x86)\AnvSoft
2013-01-06 15:59 . 2013-01-06 15:59 -------- d-----w- c:\program files (x86)\Conduit
2013-01-06 15:59 . 2013-01-06 15:59 -------- d-----w- c:\users\Tyler\AppData\Local\Conduit
2013-01-06 15:58 . 2013-01-06 15:59 -------- d-----w- c:\program files (x86)\Vuze
2013-01-05 22:15 . 2013-01-05 22:15 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-28 23:21 . 2012-12-28 23:21 -------- d-----w- c:\users\Tyler\AppData\Roaming\Malwarebytes
2012-12-28 23:20 . 2012-12-28 23:20 -------- d-----w- c:\programdata\Malwarebytes
2012-12-28 23:20 . 2012-12-28 23:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-28 23:20 . 2012-12-14 23:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-28 07:48 . 2012-12-28 07:48 -------- d-----w- c:\program files (x86)\FileASSASSIN
2012-12-26 20:52 . 2012-12-26 20:52 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-12-26 20:47 . 2012-12-26 20:47 2 --shatr- c:\windows\winstart.bat
2012-12-26 20:47 . 2013-01-06 18:03 -------- d-----w- c:\programdata\RegRun
2012-12-26 20:47 . 2012-12-26 20:47 35816 ----a-w- c:\windows\SysWow64\drivers\Partizan.sys
2012-12-26 20:47 . 2012-12-25 20:06 12800 ----a-w- c:\windows\SysWow64\drivers\UnHackMeDrv.sys
2012-12-26 20:46 . 2013-01-02 00:17 -------- d-----w- c:\program files (x86)\UnHackMe
2012-12-24 22:40 . 2012-12-28 23:09 -------- d-----w- c:\program files (x86)\Calibre2
2012-12-24 10:03 . 2012-12-24 17:15 -------- d-----w- c:\users\Tyler\AppData\Roaming\Skype
2012-12-24 10:02 . 2012-12-24 10:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-24 10:02 . 2012-12-24 10:02 -------- d-----r- c:\program files (x86)\Skype
2012-12-24 09:32 . 2012-12-26 07:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-24 09:31 . 2009-01-25 19:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2012-12-24 09:31 . 2012-12-24 09:32 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2012-12-24 09:31 . 2012-12-24 09:31 -------- d-----w- c:\users\Tyler\AppData\Local\Programs
2012-12-23 04:40 . 2013-01-02 00:18 -------- d-----w- c:\users\Tyler\AppData\Local\Windows Live
2012-12-23 04:30 . 2013-01-06 00:23 -------- d-----w- c:\users\Tyler\Tracing
2012-12-21 14:31 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 14:31 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 14:31 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 14:31 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-12 01:46 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 01:46 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 01:46 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 01:44 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 01:44 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-28 22:58 . 2012-08-06 09:04 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-27 22:00 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 22:00 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 22:00 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-04 1354736]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-04-14 39408]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-05 291608]
"Tsa.exe"="c:\program files (x86)\TELUS\TELUS security advisor\Tsa.exe" [2012-03-09 10208568]
"TELUS security services"="c:\program files (x86)\TELUS\TELUS security services\10.0.41.60099\RPS.exe" [2012-04-18 541400]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 TDEIO;TDEIO;c:\windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-08 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-05 16152]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 Radialpoint Security Services;TELUS security services;c:\program files (x86)\TELUS\TELUS security services\10.0.41.60099\RpsSecurityAwareR.exe [2012-04-18 154632]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 ServicepointService;ServicepointService;c:\program files (x86)\TELUS\TELUS security advisor\ServicepointService.exe [2012-03-09 10294584]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-05 355096]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-05 786200]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-08-17 251496]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-18 1145448]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 06:29]
.
2013-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-14 06:42]
.
2013-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-14 06:42]
.
2013-01-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-01-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-16 12459112]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-09-17 192008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-10 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-10 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-10 440088]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.toshiba.ca/welcome/?w=20
mDefault_Page_URL = hxxp://www.toshiba.ca/welcome/?w=20
mStart Page = hxxp://www.toshiba.ca/welcome/?w=20
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{1036AD63-AEAC-460B-9060-C96005D4DC86} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\08\01\06\16.6\14"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-07 18:46:04
ComboFix-quarantined-files.txt 2013-01-08 01:46
.
Pre-Run: 392,496,144,384 bytes free
Post-Run: 393,601,007,616 bytes free
.
- - End Of File - - E4FF78218B08615BA79611746CEC0CD0
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1
Run by Tyler at 18:51:24 on 2013-01-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3986.1939 [GMT -7:00]
.
AV: TELUS security services *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: TELUS security services *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RpsSecurityAwareR.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.toshiba.ca/welcome/?w=20
mStart Page = hxxp://www.toshiba.ca/welcome/?w=20
mDefault_Page_URL = hxxp://www.toshiba.ca/welcome/?w=20
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Vuze Remote Toolbar: {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Tsa.exe] "C:\Program Files (x86)\TELUS\TELUS security advisor\Tsa.exe" /AUTORUN
mRun: [TELUS security services] "C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RPS.exe" -set Silent "1" SplashURL ""
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\2516D616461675962756C6563737 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\543484F40224143554 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\7474 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\84F64756C61427473775962756C6563737 : DHCPNameServer = 4.2.2.1
Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://www.toshiba.ca/welcome/?w=20
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-1-5 16152]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-8-5 267480]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-6-17 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-6-17 161560]
R2 Radialpoint Security Services;TELUS security services;C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RpsSecurityAwareR.exe [2012-8-5 154632]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-24 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-24 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-24 168384]
R2 ServicepointService;ServicepointService;C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe [2012-8-5 10294584]
R2 tmevtmgr;tmevtmgr;C:\windows\System32\drivers\tmevtmgr.sys [2012-8-5 67664]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-17 363800]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-1-5 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-1-5 786200]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-6-17 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-17 565352]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-6-17 1145448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-28 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-28 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-6-17 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-12-28 24176]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-7 1255736]
.
=============== Created Last 30 ================
.
2013-01-08 00:20:38 256000 ----a-w- C:\windows\PEV.exe
2013-01-08 00:20:38 208896 ----a-w- C:\windows\MBR.exe
2013-01-08 00:20:37 98816 ----a-w- C:\windows\sed.exe
2013-01-06 20:10:52 -------- d-----w- C:\Users\Tyler\AppData\Roaming\AnvSoft
2013-01-06 20:10:22 -------- d-----w- C:\Program Files (x86)\AnvSoft
2013-01-06 15:59:25 -------- d-----w- C:\Program Files (x86)\Conduit
2013-01-06 15:59:21 -------- d-----w- C:\Users\Tyler\AppData\Local\Conduit
2013-01-06 15:59:19 -------- d-----w- C:\Program Files (x86)\Vuze_Remote
2013-01-06 15:58:52 -------- d-----w- C:\Program Files (x86)\Vuze
2013-01-05 22:15:28 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-12-28 23:21:00 -------- d-----w- C:\Users\Tyler\AppData\Roaming\Malwarebytes
2012-12-28 23:20:42 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-28 23:20:39 24176 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-12-28 23:20:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-28 07:48:53 -------- d-----w- C:\Program Files (x86)\FileASSASSIN
2012-12-26 20:52:31 39184 ----a-w- C:\windows\System32\Partizan.exe
2012-12-26 20:47:13 2 --shatr- C:\windows\winstart.bat
2012-12-26 20:47:10 -------- d-----w- C:\ProgramData\RegRun
2012-12-26 20:47:08 35816 ----a-w- C:\windows\SysWow64\drivers\Partizan.sys
2012-12-26 20:47:01 12800 ----a-w- C:\windows\SysWow64\drivers\UnHackMeDrv.sys
2012-12-26 20:46:55 -------- d-----w- C:\Program Files (x86)\UnHackMe
2012-12-24 22:40:21 -------- d-----w- C:\Program Files (x86)\Calibre2
2012-12-24 10:02:57 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-24 09:32:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-24 09:31:57 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2012-12-24 09:31:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-12-24 09:31:10 -------- d-----w- C:\Users\Tyler\AppData\Local\Programs
2012-12-23 04:40:45 -------- d-----w- C:\Users\Tyler\AppData\Local\Windows Live
2012-12-23 04:30:44 -------- d-----w- C:\Users\Tyler\Tracing
2012-12-21 14:31:34 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-21 14:31:33 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-21 14:31:33 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-21 14:31:32 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-12 01:46:54 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-12-12 01:46:54 2048 ----a-w- C:\windows\System32\tzres.dll
2012-12-12 01:46:09 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-12-12 01:44:18 478208 ----a-w- C:\windows\System32\dpnet.dll
2012-12-12 01:44:18 376832 ----a-w- C:\windows\SysWow64\dpnet.dll
.
==================== Find3M ====================
.
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-10-16 08:38:37 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\windows\apppatch\AcLayers.dll
.
============= FINISH: 18:53:19.23 ===============
I wasnt sure if you wanted the Attach file as well so I included it just in case.
Thank you again for your time.
-
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.06.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tyler :: TYLER-LAPTOP [administrator]
Protection: Enabled
06/01/2013 7:33:43 PM
mbam-log-2013-01-06 (19-33-43).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207392
Time elapsed: 7 minute(s), 24 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1
Run by Tyler at 19:42:39 on 2013-01-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3986.1542 [GMT -7:00]
.
AV: TELUS security services *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: TELUS security services *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RpsSecurityAwareR.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\TELUS\TELUS security advisor\Tsa.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\Rps.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.toshiba.ca/welcome/?w=20
uWindow Title = Presented by TOSHIBA Leading Innovation >>>
uDefault_Page_URL = hxxp://www.toshiba.ca/welcome/?w=20
mStart Page = hxxp://www.toshiba.ca/welcome/?w=20
mDefault_Page_URL = hxxp://www.toshiba.ca/welcome/?w=20
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mWinlogon: Userinit = userinit.exe,
BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Vuze Remote Toolbar: {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Tsa.exe] "C:\Program Files (x86)\TELUS\TELUS security advisor\Tsa.exe" /AUTORUN
mRun: [TELUS security services] "C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RPS.exe" -set Silent "1" SplashURL ""
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\2516D616461675962756C6563737 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\543484F40224143554 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\7474 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{D4297182-DE5C-4525-A260-03BEBEFBA422}\84F64756C61427473775962756C6563737 : DHCPNameServer = 4.2.2.1
Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://www.toshiba.ca/welcome/?w=20
x64-mDefault_Page_URL = hxxp://www.toshiba.ca/welcome/?w=20
x64-BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-1-5 16152]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-8-5 267480]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-6-17 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-6-17 161560]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-28 682344]
R2 Radialpoint Security Services;TELUS security services;C:\Program Files (x86)\TELUS\TELUS security services\10.0.41.60099\RpsSecurityAwareR.exe [2012-8-5 154632]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-24 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-24 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-24 168384]
R2 ServicepointService;ServicepointService;C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe [2012-8-5 10294584]
R2 tmevtmgr;tmevtmgr;C:\windows\System32\drivers\tmevtmgr.sys [2012-8-5 67664]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-17 363800]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-1-5 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-1-5 786200]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-12-28 24176]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-6-17 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-17 565352]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-6-17 1145448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-28 398184]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-6-17 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-7 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-06 20:10:52 -------- d-----w- C:\Users\Tyler\AppData\Roaming\AnvSoft
2013-01-06 20:10:22 -------- d-----w- C:\Program Files (x86)\AnvSoft
2013-01-06 15:59:25 -------- d-----w- C:\Program Files (x86)\Conduit
2013-01-06 15:59:21 -------- d-----w- C:\Users\Tyler\AppData\Local\Conduit
2013-01-06 15:59:19 -------- d-----w- C:\Program Files (x86)\Vuze_Remote
2013-01-06 15:58:52 -------- d-----w- C:\Program Files (x86)\Vuze
2013-01-05 22:15:28 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-12-28 23:21:00 -------- d-----w- C:\Users\Tyler\AppData\Roaming\Malwarebytes
2012-12-28 23:20:42 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-28 23:20:39 24176 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-12-28 23:20:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-28 07:48:53 -------- d-----w- C:\Program Files (x86)\FileASSASSIN
2012-12-26 20:52:31 39184 ----a-w- C:\windows\System32\Partizan.exe
2012-12-26 20:47:13 2 --shatr- C:\windows\winstart.bat
2012-12-26 20:47:10 -------- d-----w- C:\ProgramData\RegRun
2012-12-26 20:47:08 35816 ----a-w- C:\windows\SysWow64\drivers\Partizan.sys
2012-12-26 20:47:01 12800 ----a-w- C:\windows\SysWow64\drivers\UnHackMeDrv.sys
2012-12-26 20:46:55 -------- d-----w- C:\Program Files (x86)\UnHackMe
2012-12-24 22:40:21 -------- d-----w- C:\Program Files (x86)\Calibre2
2012-12-24 10:02:57 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-24 09:32:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-24 09:31:57 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2012-12-24 09:31:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-12-24 09:31:10 -------- d-----w- C:\Users\Tyler\AppData\Local\Programs
2012-12-23 04:40:45 -------- d-----w- C:\Users\Tyler\AppData\Local\Windows Live
2012-12-23 04:30:44 -------- d-----w- C:\Users\Tyler\Tracing
2012-12-21 14:31:34 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-21 14:31:33 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-21 14:31:33 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-21 14:31:32 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-12 01:46:54 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-12-12 01:46:54 2048 ----a-w- C:\windows\System32\tzres.dll
2012-12-12 01:46:09 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-12-12 01:44:18 478208 ----a-w- C:\windows\System32\dpnet.dll
2012-12-12 01:44:18 376832 ----a-w- C:\windows\SysWow64\dpnet.dll
.
==================== Find3M ====================
.
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-10-16 08:38:37 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\windows\SysWow64\dhcpcore6.dll
.
============= FINISH: 19:44:39.69 ===============
Thank you so much for your time.
-
I was being directed to galagoogle or something similar. I tried my regular antivirus, fsecure online scan, malwarebytes, adwcleaner, the windows malicious software remover, suprantispyware, spybot search and destroy, and a couple of kaspersky programs.
I also ran MB, kaspersky, and windows remover in both safe mode and safe mode with networking.
None of them detect anything beyond a few cookies and similar. But my internet speed opening new pages is seriously degraded and while I am no longer redirected, I constantly get a popup saying
"MalwareBytes Antimalware
Successfully blocked access to a potentially malicious website: 93.170.104.62
type: outgoing
port 51234, process: chrome.exe (the port varies as does the process, but chrome is the most common)"
Also in task manager all my chrome processes, steam, malware bytes and some others have a *32 which they did not previously have.
I am running Toshiba notebook Intel Pentium B950 @ 2.10 GHz
64 bit
windows 7 premium, service pack 1, auto update active
Here are the requested logs from the pinned thread.
Thank you
redirect, blocked by Malwarebytes but not detected on scan
in Resolved Malware Removal Logs
Posted
Seems to be running ok. However my malware bytes trial has expired so I don't know if the thing it kept blocking is still happening or of it was cleared.
Several processes are still showing the *32 as well and I don't recall them having it previously.