Ads playing in the background on my computer.

Complex · July 13, 2012

Alright, i am really new to all of this and have been searching for a solution to my problems for the past couple of days. After reading many forums and this one in specific i found that i should not copy anything that the "expert" had told another individual. I dont know if this is the right place to post this Topic but i am in desperate need of help, i have downloaded a program called "Malwarebytes Anti-Malware" and every problem that it is blocking has a provess "svchost.exe" i have tried to end this process but it keeps starting itself up again. What do i do?

Maniac · July 13, 2012

Hello Complex and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow our instructions here:

http://forums.malwarebytes.org/index.php?showtopic=9573

Post the log files in your next reply.

Complex · July 14, 2012

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 10/25/2010 13:15:22

System Uptime: 7/14/2012 01:58:24 (9 hours ago)

.

Motherboard: PEGATRON CORPORATION | | 2A94

Processor: Pentium® Dual-Core CPU E5500 @ 2.80GHz | CPU 1 | 2803/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 687 GiB total, 546.468 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.456 GiB free.

E: is CDROM (CDFS)

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Hamachi Network Interface

Device ID: ROOT\NET\0000

Manufacturer: LogMeIn, Inc.

Name: Hamachi Network Interface

PNP Device ID: ROOT\NET\0000

Service: hamachi

.

==== System Restore Points ===================

.

RP213: 7/4/2012 03:00:42 - Windows Update

RP214: 7/5/2012 03:00:42 - Windows Update

RP215: 7/6/2012 03:00:42 - Windows Update

RP216: 7/7/2012 03:00:21 - Windows Update

RP217: 7/11/2012 18:54:56 - Windows Update

RP218: 7/12/2012 14:58:47 - Restore Operation

RP219: 7/12/2012 20:13:31 - Windows Update

RP220: 7/12/2012 21:43:04 - Windows Update

RP221: 7/12/2012 23:16:39 - Windows Update

RP222: 7/12/2012 23:56:44 - Windows Update

RP223: 7/13/2012 00:06:39 - Windows Update

RP224: 7/13/2012 01:16:58 - Removed League of Legends

RP225: 7/13/2012 11:58:20 - Windows Update

RP226: 7/14/2012 03:00:41 - Windows Update

.

==== Installed Programs ======================

.

µTorrent

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.1

aiofw

aioscnnr

Apple Application Support

Apple Software Update

Ask Toolbar

Ask Toolbar Updater

Bejeweled 2 Deluxe

Belkin Setup and Router Monitor

Bing Bar

Blackhawk Striker 2

Build-a-lot 2

center

Chuzzle Deluxe

CinemaNow Media Manager

Complitly

CyberLink DVD Suite Deluxe

D3DX10

Diner Dash 2 Restaurant Rescue

Dora's Carnival Adventure

DVD Menu Pack for HP MediaSmart Video

Dyyno Broadcaster

Escape Rosecliff Island

FATE

ffdshow [rev 3154] [2009-12-09]

Final Drive Nitro

Game Booster 3

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

Heroes of Hellas 2 - Olympia

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP Game Console

HP Games

HP MediaSmart CinemaNow 2.0

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart Video

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP Product Detection

HP Setup

HP Support Assistant

HP Support Information

HP Update

Hulu Desktop

InstallIQ Updater

Intel® Graphics Media Accelerator Driver

Java Auto Updater

Java™ 6 Update 26

Jewel Quest 3

Jewel Quest Solitaire 2

Junk Mail filter update

K-Lite Codec Pack 7.0.0 (Full)

Kobo

KODAK AiO Home Center

ksDIP

LabelPrint

League of Legends

LightScribe System Software

LogMeIn Hamachi

Magic ISO Maker v5.5 (build 0281)

Malwarebytes Anti-Malware version 1.62.0.1300

Mesh Runtime

Messenger Companion

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Norton Online Backup

Pando Media Booster

PDF Complete Special Edition

Penguins!

PhotoNow!

PictureMover

Plants vs. Zombies

Play Wireless USB Adapter

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

PreReq

PressReader

QuickTime

Realtek High Definition Audio Driver

Recovery Manager

Roxio CinemaNow 2.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Skype Click to Call

Skype™ 5.10

System Requirements Lab for Intel

TuneUp Companion 2.4.4.3

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

uTorrentControl2 Toolbar

Virtual Families

Virtual Villagers - The Secret City

Wheel of Fortune 2

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

Yahoo! Detect

YouTube Downloader 2.7

Zinio Reader 4

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

7/14/2012 03:07:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).

7/14/2012 01:00:18, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e51117, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\Minidump\071412-25287-01.dmp. Report Id: 071412-25287-01.

7/13/2012 11:53:55, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002f7ffea, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\Minidump\071312-23977-01.dmp. Report Id: 071312-23977-01.

7/12/2012 18:42:58, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

7/12/2012 18:42:58, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/12/2012 18:42:57, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

7/12/2012 16:54:48, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s).

7/12/2012 14:50:39, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x1000007e (0xffffffffc000001d, 0xfffff88005de94f8, 0xfffff880020aa988, 0xfffff880020aa1f0). A dump was saved in: C:\Windows\Minidump\071212-22698-01.dmp. Report Id: 071212-22698-01.

.

==== End Of File ===========================

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26

Run by Ultimate Electronics at 10:11:48 on 2012-07-14

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5085.3368 [GMT -6:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\XXXX\mbamgui.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

-netsvcs

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\conhost.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\XXXX\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.76\deploy\LoLLauncher.exe

C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.171\deploy\LolClient.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253

uSearch Page = hxxp://search.searchcompletion.com/?si=10211&home=1

uDefault_Search_URL = hxxp://search.searchcompletion.com/?si=10211&home=1

uSearch Bar = hxxp://search.searchcompletion.com/?si=10211&home=1

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

uURLSearchHooks: H - No File

uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO: Complitly: {d27fc31c-6e3d-4305-8d53-acdaefa5f862} - C:\Users\Ultimate Electronics\AppData\Roaming\Complitly\Complitly.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"

TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1

uRun: [Dyyno Launcher] "C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" 30100 30101 30102 30103 30104

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [Google Update] "C:\Users\Ultimate Electronics\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

mRun: [Conime] %windir%\system32\conime.exe

mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\XXXX\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PLAYWI~1.LNK - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.137.1

TCP: Interfaces\{4959FB23-C933-4E7F-A044-217CF0251BF1} : DhcpNameServer = 192.168.137.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

BHO-X64: uTorrentControl2 - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO-X64: Complitly: {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Ultimate Electronics\AppData\Roaming\Complitly\Complitly.dll

BHO-X64: Complitly - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll

BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO-X64: Ask Toolbar BHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll

BHO-X64: Yontoo Layers - No File

TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll"

TB-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

mRun-x64: [Conime] %windir%\system32\conime.exe

mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\XXXX\mbamgui.exe" /starttray

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

FF - component: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll

FF - component: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll

FF - plugin: C:\Users\Ultimate Electronics\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll

FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\Firefox\Profiles\8927j250.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll

FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Ultimate Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\rsdrvx64.sys --> C:\Windows\system32\drivers\rsdrvx64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-3-15 415072]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-5-17 308592]

R2 MBAMService;MBAMService;C:\Program Files (x86)\XXXX\mbamservice.exe [2012-7-12 655944]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-17 635416]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136]

R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-20 250056]

S3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?]

S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-19 136176]

S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-21 113120]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-20 14544]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-07-13 23:03:07 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70DB5393-09D2-41D0-8E47-258920030BE5}\mpengine.dll

2012-07-13 18:52:13 20480 ------w- C:\Windows\svchost.exe

2012-07-13 11:15:37 -------- d-----w- C:\ProgramData\Recovery

2012-07-13 07:20:05 -------- d-----w- C:\Program Files\League of legends

2012-07-13 05:35:06 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Roaming\Malwarebytes

2012-07-13 05:34:59 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-13 05:34:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-13 05:34:58 -------- d-----w- C:\Program Files (x86)\XXXX

2012-07-13 03:45:38 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-07-13 02:16:09 2003968 ----a-w- C:\Windows\System32\msxml6.dll

2012-07-13 02:16:09 1880064 ----a-w- C:\Windows\System32\msxml3.dll

2012-07-13 02:16:08 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-07-13 02:16:08 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-07-13 02:15:07 459216 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-07-13 02:15:07 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-07-13 02:15:06 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-07-13 02:15:06 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-07-13 02:15:06 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-07-13 02:15:06 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-07-13 02:15:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-07-13 02:15:06 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-07-13 02:15:06 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-07-13 02:14:36 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll

2012-07-13 02:14:36 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll

2012-07-13 00:42:56 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2012-07-12 01:32:13 -------- d-----w- C:\Users\Ultimate Electronics\riotsGamesLogs

2012-06-29 23:22:46 -------- d-----w- C:\Users\Ultimate Electronics\AppData\Roaming\Sony Creative Software Inc

2012-06-22 21:30:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-22 21:30:13 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-22 21:29:46 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-22 21:29:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-21 23:28:21 -------- d-----w- C:\Riot Games

2012-06-19 23:35:14 4967624 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2012-06-18 02:32:39 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll

2012-06-18 02:32:39 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll

.

==================== Find3M ====================

.

2012-07-13 00:49:17 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-13 00:49:17 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-05-31 18:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-05-15 03:56:59 1197568 ----a-w- C:\Windows\System32\wininet.dll

2012-05-15 03:08:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-04-24 05:59:45 182272 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:59:45 1460224 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 05:59:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 04:47:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:47:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-24 04:47:03 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-20 06:22:18 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2012-04-20 05:05:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2012-04-20 05:00:31 482816 ----a-w- C:\Windows\System32\html.iec

2012-04-20 04:15:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-04-20 03:58:07 386048 ----a-w- C:\Windows\SysWow64\html.iec

2012-04-20 03:24:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 10:12:57.28 ===============

Those are my logs in which i was told to post. Attatch being first and DDS being second.

Maniac · July 14, 2012

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Step 1

Please uninstall the following applications:

µTorrent

Ask Toolbar

Ask Toolbar Updater

uTorrentControl2 Toolbar

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log file

Complex · July 15, 2012

19:37:18.0723 5792 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

19:37:19.0183 5792 ============================================================

19:37:19.0183 5792 Current date / time: 2012/07/14 19:37:19.0183

19:37:19.0183 5792 SystemInfo:

19:37:19.0183 5792

19:37:19.0183 5792 OS Version: 6.1.7600 ServicePack: 0.0

19:37:19.0183 5792 Product type: Workstation

19:37:19.0183 5792 ComputerName: HPP6614F

19:37:19.0184 5792 UserName: Ultimate Electronics

19:37:19.0184 5792 Windows directory: C:\Windows

19:37:19.0184 5792 System windows directory: C:\Windows

19:37:19.0184 5792 Running under WOW64

19:37:19.0184 5792 Processor architecture: Intel x64

19:37:19.0184 5792 Number of processors: 2

19:37:19.0184 5792 Page size: 0x1000

19:37:19.0184 5792 Boot type: Normal boot

19:37:19.0184 5792 ============================================================

19:37:20.0889 5792 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:37:20.0929 5792 ============================================================

19:37:20.0929 5792 \Device\Harddisk0\DR0:

19:37:20.0939 5792 MBR partitions:

19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55D3F000

19:37:20.0939 5792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x55D71800, BlocksNum 0x17D4000

19:37:20.0939 5792 ============================================================

19:37:20.0981 5792 C: <-> \Device\Harddisk0\DR0\Partition1

19:37:21.0023 5792 D: <-> \Device\Harddisk0\DR0\Partition2

19:37:21.0086 5792 ============================================================

19:37:21.0086 5792 Initialize success

19:37:21.0086 5792 ============================================================

19:37:51.0801 4076 ============================================================

19:37:51.0801 4076 Scan started

19:37:51.0801 4076 Mode: Manual; SigCheck; TDLFS;

19:37:51.0801 4076 ============================================================

19:37:54.0652 4076 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

19:37:54.0838 4076 1394ohci - ok

19:37:54.0868 4076 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

19:37:54.0886 4076 ACPI - ok

19:37:54.0904 4076 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

19:37:55.0000 4076 AcpiPmi - ok

19:37:55.0112 4076 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:37:55.0126 4076 AdobeFlashPlayerUpdateSvc - ok

19:37:55.0173 4076 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

19:37:55.0191 4076 adp94xx - ok

19:37:55.0216 4076 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

19:37:55.0233 4076 adpahci - ok

19:37:55.0251 4076 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

19:37:55.0264 4076 adpu320 - ok

19:37:55.0294 4076 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

19:37:55.0403 4076 AeLookupSvc - ok

19:37:55.0452 4076 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

19:37:55.0525 4076 AFD - ok

19:37:55.0627 4076 AffinegyService (7f1130830b3ba85921519a5616e29803) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

19:37:55.0645 4076 AffinegyService - ok

19:37:55.0664 4076 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

19:37:55.0677 4076 agp440 - ok

19:37:55.0694 4076 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

19:37:55.0734 4076 ALG - ok

19:37:55.0755 4076 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

19:37:55.0766 4076 aliide - ok

19:37:55.0781 4076 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

19:37:55.0792 4076 amdide - ok

19:37:55.0821 4076 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

19:37:55.0860 4076 AmdK8 - ok

19:37:55.0875 4076 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

19:37:55.0906 4076 AmdPPM - ok

19:37:55.0935 4076 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

19:37:55.0947 4076 amdsata - ok

19:37:55.0982 4076 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

19:37:55.0997 4076 amdsbs - ok

19:37:56.0014 4076 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

19:37:56.0025 4076 amdxata - ok

19:37:56.0037 4076 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

19:37:56.0124 4076 AppID - ok

19:37:56.0138 4076 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

19:37:56.0199 4076 AppIDSvc - ok

19:37:56.0232 4076 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

19:37:56.0280 4076 Appinfo - ok

19:37:56.0351 4076 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:37:56.0362 4076 Apple Mobile Device - ok

19:37:56.0379 4076 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

19:37:56.0391 4076 arc - ok

19:37:56.0406 4076 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

19:37:56.0419 4076 arcsas - ok

19:37:56.0465 4076 aspnet_state - ok

19:37:56.0490 4076 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

19:37:56.0534 4076 AsyncMac - ok

19:37:56.0551 4076 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

19:37:56.0562 4076 atapi - ok

19:37:56.0590 4076 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

19:37:56.0657 4076 AudioEndpointBuilder - ok

19:37:56.0665 4076 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

19:37:56.0705 4076 AudioSrv - ok

19:37:56.0794 4076 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

19:37:56.0859 4076 AxInstSV - ok

19:37:56.0919 4076 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

19:37:56.0953 4076 b06bdrv - ok

19:37:56.0987 4076 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

19:37:57.0018 4076 b57nd60a - ok

19:37:57.0093 4076 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe

19:37:57.0113 4076 BBSvc - ok

19:37:57.0157 4076 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe

19:37:57.0174 4076 BBUpdate - ok

19:37:57.0244 4076 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys

19:37:57.0294 4076 BCMH43XX - ok

19:37:57.0314 4076 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

19:37:57.0372 4076 BDESVC - ok

19:37:57.0403 4076 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

19:37:57.0454 4076 Beep - ok

19:37:57.0515 4076 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

19:37:57.0574 4076 BFE - ok

19:37:57.0632 4076 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

19:37:57.0688 4076 BITS - ok

19:37:57.0732 4076 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

19:37:57.0766 4076 blbdrive - ok

19:37:57.0845 4076 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

19:37:57.0861 4076 Bonjour Service - ok

19:37:57.0884 4076 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

19:37:57.0932 4076 bowser - ok

19:37:57.0967 4076 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:37:57.0995 4076 BrFiltLo - ok

19:37:58.0023 4076 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:37:58.0036 4076 BrFiltUp - ok

19:37:58.0061 4076 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

19:37:58.0109 4076 Browser - ok

19:37:58.0136 4076 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

19:37:58.0170 4076 Brserid - ok

19:37:58.0182 4076 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

19:37:58.0205 4076 BrSerWdm - ok

19:37:58.0223 4076 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:37:58.0238 4076 BrUsbMdm - ok

19:37:58.0249 4076 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

19:37:58.0261 4076 BrUsbSer - ok

19:37:58.0279 4076 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

19:37:58.0305 4076 BTHMODEM - ok

19:37:58.0326 4076 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

19:37:58.0373 4076 bthserv - ok

19:37:58.0392 4076 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

19:37:58.0425 4076 cdfs - ok

19:37:58.0460 4076 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

19:37:58.0474 4076 cdrom - ok

19:37:58.0502 4076 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

19:37:58.0551 4076 CertPropSvc - ok

19:37:58.0646 4076 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

19:37:58.0663 4076 CinemaNow Service - ok

19:37:58.0688 4076 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

19:37:58.0703 4076 circlass - ok

19:37:58.0723 4076 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

19:37:58.0741 4076 CLFS - ok

19:37:58.0793 4076 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:37:58.0805 4076 clr_optimization_v2.0.50727_32 - ok

19:37:58.0839 4076 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:37:58.0851 4076 clr_optimization_v2.0.50727_64 - ok

19:37:58.0931 4076 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:37:58.0957 4076 clr_optimization_v4.0.30319_32 - ok

19:37:58.0997 4076 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:37:59.0015 4076 clr_optimization_v4.0.30319_64 - ok

19:37:59.0038 4076 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

19:37:59.0079 4076 CmBatt - ok

19:37:59.0097 4076 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

19:37:59.0108 4076 cmdide - ok

19:37:59.0159 4076 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys

19:37:59.0195 4076 CNG - ok

19:37:59.0213 4076 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

19:37:59.0224 4076 Compbatt - ok

19:37:59.0252 4076 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

19:37:59.0282 4076 CompositeBus - ok

19:37:59.0300 4076 COMSysApp - ok

19:37:59.0369 4076 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys

19:37:59.0418 4076 cpudrv64 - ok

19:37:59.0447 4076 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

19:37:59.0488 4076 crcdisk - ok

19:37:59.0577 4076 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll

19:37:59.0701 4076 CryptSvc - ok

19:37:59.0803 4076 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

19:37:59.0829 4076 cvhsvc - ok

19:37:59.0889 4076 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

19:37:59.0945 4076 DcomLaunch - ok

19:38:00.0138 4076 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

19:38:00.0299 4076 defragsvc - ok

19:38:00.0354 4076 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

19:38:00.0541 4076 DfsC - ok

19:38:00.0580 4076 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

19:38:00.0692 4076 Dhcp - ok

19:38:00.0711 4076 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

19:38:00.0801 4076 discache - ok

19:38:00.0824 4076 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

19:38:00.0853 4076 Disk - ok

19:38:00.0895 4076 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

19:38:00.0958 4076 Dnscache - ok

19:38:00.0973 4076 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

19:38:01.0257 4076 dot3svc - ok

19:38:01.0357 4076 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

19:38:01.0458 4076 DPS - ok

19:38:01.0494 4076 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

19:38:01.0508 4076 drmkaud - ok

19:38:01.0553 4076 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys

19:38:01.0581 4076 DXGKrnl - ok

19:38:01.0672 4076 Dyyno Launcher (4af117b55c76cebfc6c52bff1eebaec5) C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe

19:38:01.0688 4076 Dyyno Launcher - ok

19:38:01.0769 4076 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

19:38:01.0843 4076 EapHost - ok

19:38:01.0952 4076 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

19:38:02.0086 4076 ebdrv - ok

19:38:02.0186 4076 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

19:38:02.0272 4076 EFS - ok

19:38:02.0363 4076 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

19:38:02.0473 4076 ehRecvr - ok

19:38:02.0518 4076 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

19:38:02.0551 4076 ehSched - ok

19:38:02.0638 4076 ElRawDisk (4778eeecb75c6fb419745beed3530b9d) C:\Windows\system32\drivers\rsdrvx64.sys

19:38:02.0655 4076 ElRawDisk - ok

19:38:02.0895 4076 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

19:38:02.0923 4076 elxstor - ok

19:38:02.0948 4076 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

19:38:02.0980 4076 ErrDev - ok

19:38:03.0052 4076 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

19:38:03.0117 4076 EventSystem - ok

19:38:03.0158 4076 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

19:38:03.0217 4076 exfat - ok

19:38:03.0268 4076 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

19:38:03.0485 4076 fastfat - ok

19:38:03.0782 4076 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

19:38:03.0873 4076 Fax - ok

19:38:03.0894 4076 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

19:38:03.0927 4076 fdc - ok

19:38:03.0947 4076 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

19:38:04.0010 4076 fdPHost - ok

19:38:04.0028 4076 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

19:38:04.0093 4076 FDResPub - ok

19:38:04.0100 4076 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

19:38:04.0116 4076 FileInfo - ok

19:38:04.0125 4076 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

19:38:04.0193 4076 Filetrace - ok

19:38:04.0212 4076 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

19:38:04.0227 4076 flpydisk - ok

19:38:04.0261 4076 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

19:38:04.0278 4076 FltMgr - ok

19:38:04.0345 4076 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

19:38:04.0445 4076 FontCache - ok

19:38:04.0486 4076 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:38:04.0499 4076 FontCache3.0.0.0 - ok

19:38:04.0534 4076 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

19:38:04.0552 4076 FsDepends - ok

19:38:04.0590 4076 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

19:38:04.0603 4076 fssfltr - ok

19:38:04.0723 4076 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

19:38:04.0823 4076 fsssvc - ok

19:38:04.0922 4076 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

19:38:04.0941 4076 Fs_Rec - ok

19:38:05.0014 4076 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

19:38:05.0036 4076 fvevol - ok

19:38:05.0049 4076 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:38:05.0064 4076 gagp30kx - ok

19:38:05.0258 4076 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

19:38:05.0274 4076 GameConsoleService - ok

19:38:05.0325 4076 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:38:05.0336 4076 GEARAspiWDM - ok

19:38:05.0383 4076 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

19:38:05.0430 4076 gpsvc - ok

19:38:05.0516 4076 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:38:05.0527 4076 gupdate - ok

19:38:05.0545 4076 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:38:05.0556 4076 gupdatem - ok

19:38:05.0592 4076 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

19:38:05.0604 4076 gusvc - ok

19:38:05.0655 4076 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

19:38:05.0668 4076 hamachi - ok

19:38:05.0817 4076 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

19:38:05.0933 4076 Hamachi2Svc - ok

19:38:06.0038 4076 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

19:38:06.0100 4076 hcw85cir - ok

19:38:06.0135 4076 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

19:38:06.0178 4076 HdAudAddService - ok

19:38:06.0234 4076 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:38:06.0270 4076 HDAudBus - ok

19:38:06.0297 4076 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

19:38:06.0329 4076 HidBatt - ok

19:38:06.0353 4076 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

19:38:06.0394 4076 HidBth - ok

19:38:06.0417 4076 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

19:38:06.0454 4076 HidIr - ok

19:38:06.0481 4076 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

19:38:06.0530 4076 hidserv - ok

19:38:06.0550 4076 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

19:38:06.0574 4076 HidUsb - ok

19:38:06.0595 4076 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

19:38:06.0661 4076 hkmsvc - ok

19:38:06.0684 4076 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

19:38:06.0732 4076 HomeGroupListener - ok

19:38:06.0762 4076 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

19:38:06.0797 4076 HomeGroupProvider - ok

19:38:06.0942 4076 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

19:38:06.0951 4076 HP Support Assistant Service - ok

19:38:07.0006 4076 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

19:38:07.0018 4076 HPDrvMntSvc.exe - ok

19:38:07.0066 4076 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

19:38:07.0092 4076 hpqwmiex - ok

19:38:07.0153 4076 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

19:38:07.0171 4076 HpSAMD - ok

19:38:07.0218 4076 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

19:38:07.0271 4076 HTTP - ok

19:38:07.0276 4076 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

19:38:07.0288 4076 hwpolicy - ok

19:38:07.0334 4076 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

19:38:07.0360 4076 i8042prt - ok

19:38:07.0421 4076 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

19:38:07.0455 4076 iaStorV - ok

19:38:07.0527 4076 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:38:07.0566 4076 idsvc - ok

19:38:08.0630 4076 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys

19:38:09.0474 4076 igfx - ok

19:38:09.0576 4076 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

19:38:09.0589 4076 iirsp - ok

19:38:09.0639 4076 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

19:38:09.0740 4076 IKEEXT - ok

19:38:09.0776 4076 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

19:38:09.0815 4076 Impcd - ok

19:38:09.0959 4076 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys

19:38:10.0216 4076 IntcAzAudAddService - ok

19:38:10.0311 4076 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

19:38:10.0326 4076 intelide - ok

19:38:10.0392 4076 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

19:38:10.0421 4076 intelppm - ok

19:38:10.0456 4076 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

19:38:10.0518 4076 IPBusEnum - ok

19:38:10.0569 4076 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:38:10.0626 4076 IpFilterDriver - ok

19:38:10.0679 4076 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

19:38:10.0741 4076 iphlpsvc - ok

19:38:10.0764 4076 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

19:38:10.0780 4076 IPMIDRV - ok

19:38:10.0803 4076 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

19:38:10.0858 4076 IPNAT - ok

19:38:10.0939 4076 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe

19:38:10.0966 4076 iPod Service - ok

19:38:10.0983 4076 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

19:38:11.0017 4076 IRENUM - ok

19:38:11.0036 4076 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

19:38:11.0060 4076 isapnp - ok

19:38:11.0093 4076 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

19:38:11.0111 4076 iScsiPrt - ok

19:38:11.0155 4076 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

19:38:11.0175 4076 kbdclass - ok

19:38:11.0191 4076 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

19:38:11.0222 4076 kbdhid - ok

19:38:11.0244 4076 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

19:38:11.0263 4076 KeyIso - ok

19:38:11.0368 4076 Kodak AiO Network Discovery Service (f8d454fba97dc28f02931c588bafe4cf) C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe

19:38:11.0383 4076 Kodak AiO Network Discovery Service - ok

19:38:11.0415 4076 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys

19:38:11.0429 4076 KSecDD - ok

19:38:11.0458 4076 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys

19:38:11.0475 4076 KSecPkg - ok

19:38:11.0498 4076 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

19:38:11.0548 4076 ksthunk - ok

19:38:11.0585 4076 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

19:38:11.0639 4076 KtmRm - ok

19:38:11.0680 4076 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

19:38:11.0732 4076 LanmanServer - ok

19:38:11.0757 4076 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

19:38:11.0808 4076 LanmanWorkstation - ok

19:38:11.0852 4076 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

19:38:11.0859 4076 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

19:38:11.0859 4076 LightScribeService - detected UnsignedFile.Multi.Generic (1)

19:38:11.0885 4076 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

19:38:11.0928 4076 lltdio - ok

19:38:11.0964 4076 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

19:38:12.0013 4076 lltdsvc - ok

19:38:12.0023 4076 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

19:38:12.0067 4076 lmhosts - ok

19:38:12.0104 4076 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:38:12.0116 4076 LSI_FC - ok

19:38:12.0143 4076 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:38:12.0159 4076 LSI_SAS - ok

19:38:12.0186 4076 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:38:12.0198 4076 LSI_SAS2 - ok

19:38:12.0221 4076 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:38:12.0235 4076 LSI_SCSI - ok

19:38:12.0273 4076 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

19:38:12.0330 4076 luafv - ok

19:38:12.0375 4076 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys

19:38:12.0386 4076 MBAMProtector - ok

19:38:12.0446 4076 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\XXXX\mbamservice.exe

19:38:12.0473 4076 MBAMService - ok

19:38:12.0506 4076 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

19:38:12.0526 4076 Mcx2Svc - ok

19:38:12.0555 4076 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

19:38:12.0568 4076 megasas - ok

19:38:12.0591 4076 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

19:38:12.0608 4076 MegaSR - ok

19:38:12.0640 4076 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:38:12.0684 4076 MMCSS - ok

19:38:12.0706 4076 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

19:38:12.0753 4076 Modem - ok

19:38:12.0784 4076 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

19:38:12.0809 4076 monitor - ok

19:38:12.0836 4076 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

19:38:12.0848 4076 mouclass - ok

19:38:12.0868 4076 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

19:38:12.0885 4076 mouhid - ok

19:38:12.0898 4076 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

19:38:12.0910 4076 mountmgr - ok

19:38:12.0987 4076 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:38:12.0999 4076 MozillaMaintenance - ok

19:38:13.0017 4076 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

19:38:13.0033 4076 mpio - ok

19:38:13.0052 4076 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

19:38:13.0085 4076 mpsdrv - ok

19:38:13.0162 4076 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

19:38:13.0220 4076 MpsSvc - ok

19:38:13.0245 4076 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

19:38:13.0273 4076 MRxDAV - ok

19:38:13.0327 4076 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:38:13.0360 4076 mrxsmb - ok

19:38:13.0379 4076 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:38:13.0402 4076 mrxsmb10 - ok

19:38:13.0427 4076 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:38:13.0451 4076 mrxsmb20 - ok

19:38:13.0469 4076 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

19:38:13.0482 4076 msahci - ok

19:38:13.0499 4076 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

19:38:13.0513 4076 msdsm - ok

19:38:13.0527 4076 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

19:38:13.0546 4076 MSDTC - ok

19:38:13.0576 4076 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

19:38:13.0612 4076 Msfs - ok

19:38:13.0623 4076 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

19:38:13.0668 4076 mshidkmdf - ok

19:38:13.0701 4076 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

19:38:13.0714 4076 msisadrv - ok

19:38:13.0782 4076 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

19:38:13.0833 4076 MSiSCSI - ok

19:38:13.0843 4076 msiserver - ok

19:38:13.0876 4076 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

19:38:13.0924 4076 MSKSSRV - ok

19:38:13.0945 4076 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

19:38:13.0984 4076 MSPCLOCK - ok

19:38:14.0011 4076 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

19:38:14.0070 4076 MSPQM - ok

19:38:14.0105 4076 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

19:38:14.0122 4076 MsRPC - ok

19:38:14.0161 4076 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

19:38:14.0180 4076 mssmbios - ok

19:38:14.0193 4076 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

19:38:14.0241 4076 MSTEE - ok

19:38:14.0271 4076 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

19:38:14.0285 4076 MTConfig - ok

19:38:14.0316 4076 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

19:38:14.0328 4076 Mup - ok

19:38:14.0368 4076 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

19:38:14.0433 4076 napagent - ok

19:38:14.0476 4076 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

19:38:14.0514 4076 NativeWifiP - ok

19:38:14.0565 4076 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

19:38:14.0600 4076 NDIS - ok

19:38:14.0631 4076 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

19:38:14.0674 4076 NdisCap - ok

19:38:14.0715 4076 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

19:38:14.0750 4076 NdisTapi - ok

19:38:14.0767 4076 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

19:38:14.0824 4076 Ndisuio - ok

19:38:14.0844 4076 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

19:38:14.0882 4076 NdisWan - ok

19:38:14.0902 4076 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

19:38:14.0952 4076 NDProxy - ok

19:38:14.0969 4076 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

19:38:15.0008 4076 NetBIOS - ok

19:38:15.0022 4076 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

19:38:15.0070 4076 NetBT - ok

19:38:15.0098 4076 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

19:38:15.0110 4076 Netlogon - ok

19:38:15.0126 4076 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

19:38:15.0187 4076 Netman - ok

19:38:15.0213 4076 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

19:38:15.0281 4076 netprofm - ok

19:38:15.0530 4076 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:38:15.0545 4076 NetTcpPortSharing - ok

19:38:15.0562 4076 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

19:38:15.0595 4076 nfrd960 - ok

19:38:15.0635 4076 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

19:38:15.0703 4076 NlaSvc - ok

19:38:15.0878 4076 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

19:38:15.0981 4076 NOBU - ok

19:38:16.0068 4076 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

19:38:16.0113 4076 Npfs - ok

19:38:16.0125 4076 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

19:38:16.0174 4076 nsi - ok

19:38:16.0183 4076 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

19:38:16.0231 4076 nsiproxy - ok

19:38:16.0299 4076 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

19:38:16.0362 4076 Ntfs - ok

19:38:16.0411 4076 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

19:38:16.0449 4076 Null - ok

19:38:16.0501 4076 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

19:38:16.0513 4076 nvraid - ok

19:38:16.0530 4076 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

19:38:16.0546 4076 nvstor - ok

19:38:16.0572 4076 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

19:38:16.0587 4076 nv_agp - ok

19:38:16.0627 4076 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

19:38:16.0644 4076 ohci1394 - ok

19:38:16.0680 4076 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:38:16.0699 4076 ose - ok

19:38:16.0915 4076 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

19:38:17.0011 4076 osppsvc - ok

19:38:17.0077 4076 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:38:17.0142 4076 p2pimsvc - ok

19:38:17.0184 4076 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

19:38:17.0216 4076 p2psvc - ok

19:38:17.0263 4076 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

19:38:17.0277 4076 Parport - ok

19:38:17.0321 4076 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

19:38:17.0334 4076 partmgr - ok

19:38:17.0354 4076 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

19:38:17.0391 4076 PcaSvc - ok

19:38:17.0421 4076 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

19:38:17.0435 4076 pci - ok

19:38:17.0447 4076 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

19:38:17.0459 4076 pciide - ok

19:38:17.0479 4076 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

19:38:17.0495 4076 pcmcia - ok

19:38:17.0519 4076 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

19:38:17.0533 4076 pcw - ok

19:38:17.0555 4076 pdfcDispatcher - ok

19:38:17.0606 4076 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

19:38:17.0668 4076 PEAUTH - ok

19:38:17.0719 4076 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

19:38:17.0779 4076 PerfHost - ok

19:38:18.0001 4076 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

19:38:18.0166 4076 pla - ok

19:38:18.0221 4076 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

19:38:18.0259 4076 PlugPlay - ok

19:38:18.0274 4076 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

19:38:18.0287 4076 PNRPAutoReg - ok

19:38:18.0315 4076 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:38:18.0337 4076 PNRPsvc - ok

19:38:18.0383 4076 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

19:38:18.0439 4076 PolicyAgent - ok

19:38:18.0475 4076 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

19:38:18.0528 4076 Power - ok

19:38:18.0628 4076 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

19:38:18.0666 4076 PptpMiniport - ok

19:38:18.0693 4076 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

19:38:18.0709 4076 Processor - ok

19:38:18.0754 4076 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll

19:38:18.0805 4076 ProfSvc - ok

19:38:18.0836 4076 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

19:38:18.0849 4076 ProtectedStorage - ok

19:38:18.0865 4076 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

19:38:18.0911 4076 Psched - ok

19:38:18.0969 4076 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

19:38:19.0049 4076 ql2300 - ok

19:38:19.0133 4076 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

19:38:19.0147 4076 ql40xx - ok

19:38:19.0172 4076 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

19:38:19.0192 4076 QWAVE - ok

19:38:19.0202 4076 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

19:38:19.0236 4076 QWAVEdrv - ok

19:38:19.0259 4076 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

19:38:19.0312 4076 RasAcd - ok

19:38:19.0361 4076 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:38:19.0399 4076 RasAgileVpn - ok

19:38:19.0424 4076 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

19:38:19.0475 4076 RasAuto - ok

19:38:19.0504 4076 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:38:19.0543 4076 Rasl2tp - ok

19:38:19.0568 4076 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

19:38:19.0615 4076 RasMan - ok

19:38:19.0629 4076 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

19:38:19.0663 4076 RasPppoe - ok

19:38:19.0697 4076 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

19:38:19.0737 4076 RasSstp - ok

19:38:19.0756 4076 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

19:38:19.0799 4076 rdbss - ok

19:38:19.0810 4076 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

19:38:19.0839 4076 rdpbus - ok

19:38:19.0857 4076 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:38:19.0888 4076 RDPCDD - ok

19:38:19.0915 4076 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

19:38:19.0945 4076 RDPENCDD - ok

19:38:19.0967 4076 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

19:38:20.0005 4076 RDPREFMP - ok

19:38:20.0108 4076 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys

19:38:20.0163 4076 RDPWD - ok

19:38:20.0183 4076 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

19:38:20.0206 4076 rdyboost - ok

19:38:20.0237 4076 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

19:38:20.0285 4076 RemoteAccess - ok

19:38:20.0312 4076 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

19:38:20.0358 4076 RemoteRegistry - ok

19:38:20.0393 4076 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

19:38:20.0426 4076 RpcEptMapper - ok

19:38:20.0444 4076 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

19:38:20.0466 4076 RpcLocator - ok

19:38:20.0502 4076 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

19:38:20.0547 4076 RpcSs - ok

19:38:20.0634 4076 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

19:38:20.0745 4076 rspndr - ok

19:38:20.0800 4076 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

19:38:20.0816 4076 RTL8167 - ok

19:38:20.0852 4076 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

19:38:20.0863 4076 SamSs - ok

19:38:20.0882 4076 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

19:38:20.0895 4076 sbp2port - ok

19:38:20.0918 4076 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

19:38:20.0957 4076 SCardSvr - ok

19:38:20.0969 4076 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

19:38:21.0003 4076 scfilter - ok

19:38:21.0058 4076 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

19:38:21.0164 4076 Schedule - ok

19:38:21.0188 4076 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

19:38:21.0222 4076 SCPolicySvc - ok

19:38:21.0233 4076 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

19:38:21.0277 4076 SDRSVC - ok

19:38:21.0325 4076 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

19:38:21.0367 4076 secdrv - ok

19:38:21.0373 4076 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

19:38:21.0424 4076 seclogon - ok

19:38:21.0444 4076 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

19:38:21.0495 4076 SENS - ok

19:38:21.0516 4076 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

19:38:21.0565 4076 SensrSvc - ok

19:38:21.0590 4076 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

19:38:21.0603 4076 Serenum - ok

19:38:21.0626 4076 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

19:38:21.0645 4076 Serial - ok

19:38:21.0655 4076 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

19:38:21.0679 4076 sermouse - ok

19:38:21.0707 4076 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

19:38:21.0759 4076 SessionEnv - ok

19:38:21.0784 4076 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

19:38:21.0827 4076 sffdisk - ok

19:38:21.0855 4076 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

19:38:21.0880 4076 sffp_mmc - ok

19:38:21.0899 4076 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

19:38:21.0914 4076 sffp_sd - ok

19:38:21.0932 4076 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

19:38:21.0944 4076 sfloppy - ok

19:38:22.0005 4076 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

19:38:22.0030 4076 Sftfs - ok

19:38:22.0108 4076 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

19:38:22.0125 4076 sftlist - ok

19:38:22.0160 4076 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

19:38:22.0175 4076 Sftplay - ok

19:38:22.0188 4076 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

19:38:22.0198 4076 Sftredir - ok

19:38:22.0208 4076 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

19:38:22.0220 4076 Sftvol - ok

19:38:22.0236 4076 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

19:38:22.0249 4076 sftvsa - ok

19:38:22.0276 4076 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

19:38:22.0349 4076 SharedAccess - ok

19:38:22.0389 4076 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

19:38:22.0429 4076 ShellHWDetection - ok

19:38:22.0454 4076 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:38:22.0467 4076 SiSRaid2 - ok

19:38:22.0484 4076 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

19:38:22.0496 4076 SiSRaid4 - ok

19:38:22.0728 4076 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

19:38:22.0839 4076 Skype C2C Service - ok

19:38:22.0961 4076 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe

19:38:23.0028 4076 SkypeUpdate - ok

19:38:23.0264 4076 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

19:38:23.0349 4076 Smb - ok

19:38:23.0437 4076 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

19:38:23.0476 4076 SNMPTRAP - ok

19:38:23.0520 4076 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

19:38:23.0533 4076 spldr - ok

19:38:23.0588 4076 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

19:38:23.0642 4076 Spooler - ok

19:38:23.0773 4076 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

19:38:23.0870 4076 sppsvc - ok

19:38:23.0923 4076 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

19:38:23.0962 4076 sppuinotify - ok

19:38:24.0061 4076 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

19:38:24.0146 4076 srv - ok

19:38:24.0222 4076 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

19:38:24.0306 4076 srv2 - ok

19:38:24.0355 4076 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

19:38:24.0386 4076 srvnet - ok

19:38:24.0425 4076 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

19:38:24.0485 4076 SSDPSRV - ok

19:38:24.0509 4076 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

19:38:24.0555 4076 SstpSvc - ok

19:38:24.0580 4076 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

19:38:24.0597 4076 stexstor - ok

19:38:24.0633 4076 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

19:38:24.0684 4076 stisvc - ok

19:38:24.0716 4076 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

19:38:24.0731 4076 swenum - ok

19:38:24.0757 4076 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

19:38:24.0824 4076 swprv - ok

19:38:24.0939 4076 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

19:38:24.0997 4076 SysMain - ok

19:38:25.0089 4076 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

19:38:25.0110 4076 TabletInputService - ok

19:38:25.0139 4076 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

19:38:25.0180 4076 TapiSrv - ok

19:38:25.0194 4076 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

19:38:25.0234 4076 TBS - ok

19:38:25.0369 4076 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

19:38:25.0447 4076 Tcpip - ok

19:38:25.0554 4076 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

19:38:25.0589 4076 TCPIP6 - ok

19:38:25.0632 4076 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

19:38:25.0667 4076 tcpipreg - ok

19:38:25.0686 4076 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

19:38:25.0725 4076 TDPIPE - ok

19:38:25.0766 4076 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

19:38:25.0796 4076 TDTCP - ok

19:38:25.0828 4076 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

19:38:25.0873 4076 tdx - ok

19:38:25.0882 4076 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

19:38:25.0894 4076 TermDD - ok

19:38:25.0931 4076 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

19:38:25.0992 4076 TermService - ok

19:38:26.0015 4076 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

19:38:26.0033 4076 Themes - ok

19:38:26.0052 4076 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:38:26.0091 4076 THREADORDER - ok

19:38:26.0103 4076 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

19:38:26.0140 4076 TrkWks - ok

19:38:26.0225 4076 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

19:38:26.0240 4076 TrustedInstaller - ok

19:38:26.0257 4076 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:38:26.0299 4076 tssecsrv - ok

19:38:26.0334 4076 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

19:38:26.0384 4076 tunnel - ok

19:38:26.0417 4076 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

19:38:26.0429 4076 uagp35 - ok

19:38:26.0453 4076 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

19:38:26.0504 4076 udfs - ok

19:38:26.0530 4076 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

19:38:26.0549 4076 UI0Detect - ok

19:38:26.0573 4076 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

19:38:26.0585 4076 uliagpkx - ok

19:38:26.0712 4076 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

19:38:26.0740 4076 umbus - ok

19:38:26.0759 4076 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

19:38:26.0930 4076 UmPass - ok

19:38:26.0958 4076 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

19:38:26.0998 4076 upnphost - ok

19:38:27.0039 4076 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

19:38:27.0083 4076 USBAAPL64 - ok

19:38:27.0116 4076 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

19:38:27.0145 4076 usbaudio - ok

19:38:27.0179 4076 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

19:38:27.0221 4076 usbccgp - ok

19:38:27.0260 4076 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

19:38:27.0288 4076 usbcir - ok

19:38:27.0303 4076 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

19:38:27.0318 4076 usbehci - ok

19:38:27.0350 4076 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

19:38:27.0392 4076 usbhub - ok

19:38:27.0415 4076 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

19:38:27.0443 4076 usbohci - ok

19:38:27.0461 4076 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

19:38:27.0476 4076 usbprint - ok

19:38:27.0512 4076 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

19:38:27.0531 4076 usbscan - ok

19:38:27.0554 4076 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:38:27.0609 4076 USBSTOR - ok

19:38:27.0620 4076 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys

19:38:27.0633 4076 usbuhci - ok

19:38:27.0665 4076 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys

19:38:27.0714 4076 usbvideo - ok

19:38:27.0738 4076 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

19:38:27.0777 4076 UxSms - ok

19:38:27.0802 4076 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

19:38:27.0813 4076 VaultSvc - ok

19:38:27.0819 4076 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

19:38:27.0834 4076 vdrvroot - ok

19:38:27.0863 4076 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

19:38:27.0886 4076 vds - ok

19:38:27.0912 4076 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

19:38:27.0937 4076 vga - ok

19:38:27.0953 4076 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

19:38:27.0994 4076 VgaSave - ok

19:38:28.0016 4076 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

19:38:28.0033 4076 vhdmp - ok

19:38:28.0050 4076 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

19:38:28.0062 4076 viaide - ok

19:38:28.0074 4076 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

19:38:28.0087 4076 volmgr - ok

19:38:28.0108 4076 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

19:38:28.0126 4076 volmgrx - ok

19:38:28.0152 4076 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

19:38:28.0169 4076 volsnap - ok

19:38:28.0188 4076 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

19:38:28.0201 4076 vsmraid - ok

19:38:28.0296 4076 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

19:38:28.0363 4076 VSS - ok

19:38:28.0455 4076 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

19:38:28.0485 4076 vwifibus - ok

19:38:28.0517 4076 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

19:38:28.0548 4076 vwififlt - ok

19:38:28.0576 4076 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

19:38:28.0614 4076 W32Time - ok

19:38:28.0626 4076 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

19:38:28.0652 4076 WacomPen - ok

19:38:28.0684 4076 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

19:38:28.0719 4076 WANARP - ok

19:38:28.0724 4076 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

19:38:28.0759 4076 Wanarpv6 - ok

19:38:28.0820 4076 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

19:38:28.0871 4076 WatAdminSvc - ok

19:38:28.0954 4076 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

19:38:29.0032 4076 wbengine - ok

19:38:29.0072 4076 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

19:38:29.0099 4076 WbioSrvc - ok

19:38:29.0131 4076 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

19:38:29.0181 4076 wcncsvc - ok

19:38:29.0204 4076 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

19:38:29.0236 4076 WcsPlugInService - ok

19:38:29.0279 4076 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

19:38:29.0292 4076 Wd - ok

19:38:29.0326 4076 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

19:38:29.0349 4076 Wdf01000 - ok

19:38:29.0363 4076 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:38:29.0394 4076 WdiServiceHost - ok

19:38:29.0398 4076 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:38:29.0423 4076 WdiSystemHost - ok

19:38:29.0452 4076 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

19:38:29.0479 4076 WebClient - ok

19:38:29.0498 4076 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

19:38:29.0553 4076 Wecsvc - ok

19:38:29.0573 4076 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

19:38:29.0623 4076 wercplsupport - ok

19:38:29.0649 4076 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

19:38:29.0695 4076 WerSvc - ok

19:38:29.0716 4076 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

19:38:29.0752 4076 WfpLwf - ok

19:38:29.0764 4076 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

19:38:29.0776 4076 WIMMount - ok

19:38:29.0800 4076 WinDefend - ok

19:38:29.0810 4076 WinHttpAutoProxySvc - ok

19:38:29.0849 4076 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

19:38:29.0904 4076 Winmgmt - ok

19:38:29.0934 4076 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys

19:38:29.0947 4076 WinRing0_1_2_0 - ok

19:38:30.0013 4076 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

19:38:30.0185 4076 WinRM - ok

19:38:30.0312 4076 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

19:38:30.0334 4076 WinUsb - ok

19:38:30.0400 4076 WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe

19:38:30.0413 4076 WLANBelkinService ( UnsignedFile.Multi.Generic ) - warning

19:38:30.0413 4076 WLANBelkinService - detected UnsignedFile.Multi.Generic (1)

19:38:30.0464 4076 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

19:38:30.0501 4076 Wlansvc - ok

19:38:30.0554 4076 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

19:38:30.0564 4076 wlcrasvc - ok

19:38:30.0662 4076 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:38:30.0739 4076 wlidsvc - ok

19:38:30.0967 4076 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

19:38:30.0992 4076 WmiAcpi - ok

19:38:31.0063 4076 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

19:38:31.0091 4076 wmiApSrv - ok

19:38:31.0112 4076 WMPNetworkSvc - ok

19:38:31.0126 4076 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

19:38:31.0172 4076 WPCSvc - ok

19:38:31.0188 4076 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

19:38:31.0238 4076 WPDBusEnum - ok

19:38:31.0253 4076 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

19:38:31.0314 4076 ws2ifsl - ok

19:38:31.0344 4076 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

19:38:31.0367 4076 wscsvc - ok

19:38:31.0372 4076 WSearch - ok

19:38:31.0466 4076 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

19:38:31.0556 4076 wuauserv - ok

19:38:31.0664 4076 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

19:38:31.0720 4076 WudfPf - ok

19:38:31.0736 4076 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:38:31.0770 4076 WUDFRd - ok

19:38:31.0779 4076 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

19:38:31.0818 4076 wudfsvc - ok

19:38:31.0836 4076 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

19:38:31.0867 4076 WwanSvc - ok

19:38:31.0914 4076 MBR (0x1B8) (c96b20439f04268559cdafc6258a08c5) \Device\Harddisk0\DR0

19:38:31.0940 4076 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

19:38:31.0940 4076 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

19:38:31.0971 4076 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:38:31.0971 4076 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:38:31.0999 4076 Boot (0x1200) (dfaf3bfccbb9c443f7ca2f1a6f148f6b) \Device\Harddisk0\DR0\Partition0

19:38:32.0001 4076 \Device\Harddisk0\DR0\Partition0 - ok

19:38:32.0014 4076 Boot (0x1200) (1a86b1877594f4c19ad295b0f619ce33) \Device\Harddisk0\DR0\Partition1

19:38:32.0016 4076 \Device\Harddisk0\DR0\Partition1 - ok

19:38:32.0040 4076 Boot (0x1200) (16678dcadc69f645f2ac322db1fe3e9a) \Device\Harddisk0\DR0\Partition2

19:38:32.0042 4076 \Device\Harddisk0\DR0\Partition2 - ok

19:38:32.0042 4076 ============================================================

19:38:32.0042 4076 Scan finished

19:38:32.0042 4076 ============================================================

19:38:32.0061 4660 Detected object count: 4

19:38:32.0061 4660 Actual detected object count: 4

19:39:23.0613 4660 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

19:39:23.0613 4660 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:39:23.0615 4660 WLANBelkinService ( UnsignedFile.Multi.Generic ) - skipped by user

19:39:23.0615 4660 WLANBelkinService ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:39:24.0362 4660 \Device\Harddisk0\DR0\# - copied to quarantine

19:39:24.0363 4660 \Device\Harddisk0\DR0 - copied to quarantine

19:39:24.0406 4660 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

19:39:24.0408 4660 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

19:39:24.0413 4660 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

19:39:24.0423 4660 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

19:39:24.0439 4660 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

19:39:24.0448 4660 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

19:39:24.0449 4660 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

19:39:24.0449 4660 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

19:39:24.0451 4660 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

19:39:24.0453 4660 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

19:39:24.0455 4660 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

19:39:24.0456 4660 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

19:39:24.0458 4660 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

19:39:24.0459 4660 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

19:39:24.0470 4660 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

19:39:24.0487 4660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

19:39:24.0488 4660 \Device\Harddisk0\DR0 - ok

19:39:24.0846 4660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

19:39:24.0847 4660 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

19:39:24.0847 4660 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

19:40:05.0417 0528 Deinitialize success

Here is the log, and thank you so much!

Complex · July 15, 2012

I am very sorry the last reply that i posted was obviously not all of the information that you needed, i will post the three logs right after this post. Also was the fresh new DDS Log the first log i posted? i will be posting that just in-case. Again sorry for the confusion.

Complex · July 15, 2012

I am Sorry i did not read the last part of what you had told me. I had just posted the Log from TDDS Killer, below are the rest of the things you wanted. I am getting an error that the post is too long so i guess i will break it up in this specific order in replies:

1. TDDSkiller Log

2. MBAM Log

3. DDS Log

I also ran the scan and it seems that i didnt need to do these steps:

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)

Complex · July 15, 2012

TDDSkiller Log: