Jump to content

I think im infected


Recommended Posts

Recently i downloaded some programmes and my PC started to lag really badly and performance has decreased drastically.

Also, I noticed that now when i open my google chrome, when i type a website address into the address bar, e.g. http://facebook.com, i notice that the status bar at the bottom of the page shows 'Waiting for www.facebook.com' then it flashes to some random website 'Waiting for www.blablabla.com' and switches back to 'waiting for www.facebook.com' and then loads facebook. My computer used to run really fast, now it takes longer to start up and also, i get like lag spikes. e.g. when im watching youtube my audio plays continuously but the video keeps jumping.

In my windows live messenger, 'You are about to view pages over a secure connection. Any information you exchange with this website cannot be viewed by anyone else on the web.' keeps popping up and random times.

Here is a list of programmes i downloaded lately:

MySQL

TortoiseSVN

Notepad++

Using TortoiseSVN i downloaded some stuff from some repositories like:

https://subversion.a...m/svn/weetools/

Also, i was on teamviewer with some guy the other day cause he was supposedly suppose to help me with some stuff.

However i'm not that close to him.

He went to cmd to install the weetools i got from tortoisesvn. Aside from that he was just scrolling down in some of my pictures folder. I didn't see him do anything funny.

I performed full system scans with Malwarebytes Anti-Malware but no threats were detected.

Am i infected? Cause my PC's performance has really decreased..

Here are the requested files.

attach.txt

dds.txt

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2

Run by Computer at 1:50:03 on 2012-12-23

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8109.4896 [GMT 8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\PPStream\PPSAP.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Users\Computer\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe

C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Garena Plus\bbtalk\GarenaTalkOverlay.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Computer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\msiexec.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.facebook.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [RockMelt Update] "C:\Users\Computer\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c

uRun: [PPS Accelerator] C:\Program Files (x86)\PPStream\PPSAP.exe

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

uRun: [Akamai NetSession Interface] "C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe"

uRun: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [sAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe

mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe

mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{41237AF2-D557-4829-AE02-1913BCC48034} : DHCPNameServer = 10.0.0.1

TCP: Interfaces\{DE944B74-EE8B-4FAA-A566-91D31CBA817F} : DHCPNameServer = 192.168.1.254

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-11-10 1263200]

R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2011-11-10 21104]

R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-11-10 3975088]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-13 204288]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]

R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-19 3463080]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-10 2655768]

R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-11-10 279136]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-6-7 231440]

R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-5-25 52608]

R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-5-25 76160]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-10 317440]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

R3 Razerlow;Razer Pro|Solutions;C:\Windows\System32\drivers\DB3G.sys [2005-11-7 21120]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-10 533096]

R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2011-11-10 35112]

R3 wolf;wolf;C:\Game\SoftnyxGame\WolfTeamIS\avital\wolf64.sys [2012-9-14 89560]

S2 AVGIDSAgent;AVGIDSAgent;"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" --> C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-11-2 102368]

S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2011-11-15 271640]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-11-15 327704]

S3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-11-15 6379288]

S3 Lycosa;Lycosa Keyboard;C:\Windows\System32\drivers\Lycosa.sys [2008-1-17 18816]

S3 Mkd2Nadr;Mkd2Nadr;C:\Windows\System32\drivers\Mkd2Nadr.sys [2011-12-13 106040]

S3 Mkd3kfNt;Mkd3kfNt;C:\Windows\System32\drivers\mkd3kfnt.sys [2011-12-13 180280]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-11-11 20992]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-11-2 203104]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-11-11 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 VaneFltr;Lachesis Mouse Driver;C:\Windows\System32\drivers\Lachesis.sys [2007-8-17 30336]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-10-26 14544]

.

=============== Created Last 30 ================

.

2012-12-22 16:55:42 -------- d-----w- C:\Program Files (x86)\MySQL

2012-12-22 14:48:48 -------- d-----w- C:\Users\Computer\AppData\Roaming\MySQL

2012-12-22 13:54:54 -------- d-----w- C:\Users\Computer\AppData\Local\{69184D1B-413A-42A0-9177-11D9EB4920D4}

2012-12-22 02:03:47 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7B7CB2CD-98D1-460A-B522-29BE7BEE5617}\mpengine.dll

2012-12-22 01:54:01 -------- d-----w- C:\Users\Computer\AppData\Local\{AA06DA13-0CEC-402C-B185-0A9D41BA5193}

2012-12-21 06:44:17 -------- d-----w- C:\Users\Computer\AppData\Local\{69726074-5639-4756-BFD0-012B9BBC4E90}

2012-12-20 18:43:49 -------- d-----w- C:\Users\Computer\AppData\Local\{CB67CAD5-9006-4402-8461-0A477C1B4C50}

2012-12-20 18:39:01 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-20 18:23:11 -------- d-----w- C:\Users\Computer\AppData\Local\{4C654A9C-0607-46BE-8885-A41CDCE16F57}

2012-12-20 16:59:45 -------- d-----w- C:\Users\Computer\AppData\Local\{AD7B8840-9127-4ADD-BA72-4205B184615A}

2012-12-20 16:58:13 -------- d-----w- C:\Users\Computer\AppData\Local\TSVNCache

2012-12-20 16:42:03 -------- d-----w- C:\Users\Computer\AppData\Roaming\TortoiseSVN

2012-12-20 16:39:27 -------- d-----w- C:\Users\Computer\AppData\Roaming\Subversion

2012-12-20 16:39:09 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays

2012-12-20 16:39:07 -------- d-----w- C:\Program Files\TortoiseSVN

2012-12-20 16:39:07 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays

2012-12-20 06:42:54 -------- d-----w- C:\Users\Computer\AppData\Local\{3B884C39-E0D5-4746-A203-925A0584364F}

2012-12-19 16:53:50 -------- d-----w- C:\Users\Computer\AppData\Local\{EC069FD8-B18E-4C06-B577-1EE8F62826F0}

2012-12-19 04:53:24 -------- d-----w- C:\Users\Computer\AppData\Local\{44B08728-7867-41CB-B299-173694FBB8DD}

2012-12-18 14:03:22 -------- d-----w- C:\Users\Computer\AppData\Local\{247F2F1B-F5A0-4422-9B0B-B3A532B70800}

2012-12-18 02:03:09 -------- d-----w- C:\Users\Computer\AppData\Local\{0C1487B8-B3D6-4C04-B2B6-510DEBD1AAD6}

2012-12-17 14:02:38 -------- d-----w- C:\Users\Computer\AppData\Local\{ABC241EC-7DF6-48C9-AEC9-205A98DEAB9F}

2012-12-17 06:08:16 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server

2012-12-17 04:42:44 -------- d-----w- C:\Users\Computer\AppData\Local\{3C6E9905-F678-4D09-B607-5A26887B0FCE}

2012-12-16 16:18:09 -------- d-----w- C:\cygwin

2012-12-16 11:43:11 -------- d-----w- C:\Users\Computer\AppData\Local\{E16E13FC-F52D-49A7-9F43-5B5DFEF0805B}

2012-12-16 09:47:47 -------- d-----w- C:\Users\Computer\AppData\Local\{CA9A27AF-BEE0-4985-86CE-AA6481F1BCC8}

2012-12-07 01:44:39 -------- d-----w- C:\Users\Computer\AppData\Local\{C508FA47-127F-49EF-92B0-B2BB96A4D8B5}

2012-12-06 13:44:14 -------- d-----w- C:\Users\Computer\AppData\Local\{9C769E47-B5C6-432E-981D-FA5F1BEB21C2}

2012-12-06 01:43:50 -------- d-----w- C:\Users\Computer\AppData\Local\{92590755-94B9-4E20-A836-9827D35911AF}

2012-12-05 13:43:25 -------- d-----w- C:\Users\Computer\AppData\Local\{44AE0342-DE35-465E-8041-48B3F3477F41}

2012-12-05 01:43:29 -------- d-----w- C:\Users\Computer\AppData\Local\{8377A19E-402A-440C-BD26-822351E03F23}

2012-12-04 12:58:41 -------- d-----w- C:\Users\Computer\AppData\Local\{DD5125FF-12C7-458A-B8C2-6CD8F4601DE3}

2012-12-04 11:20:54 -------- d-----w- C:\Users\Computer\AppData\Local\{0B08C7C7-9C36-4309-93D8-0E26FC9B155C}

2012-12-04 05:26:32 -------- d-----w- C:\Users\Computer\AppData\Local\{69D340C7-FF9F-4824-8DE5-0C95275A4602}

2012-12-03 14:43:07 -------- d-----w- C:\Users\Computer\AppData\Local\{C8312189-B1D2-48BB-86D7-C493A512DE6F}

2012-12-03 14:40:45 -------- d-----w- C:\Users\Computer\AppData\Local\{B456D260-0393-4A0D-B027-7C591988707F}

2012-12-03 14:24:04 -------- d-----w- C:\Users\Computer\AppData\Local\{0883C0B4-9070-47EE-A405-E8D3184420D1}

2012-12-03 11:23:24 -------- d-----w- C:\Users\Computer\AppData\Local\{9ACAD339-4570-4687-82B1-54AF2629341A}

2012-12-03 01:38:01 -------- d-----w- C:\Users\Computer\AppData\Local\{B1931F63-A507-4F28-AAC5-5CD168D89884}

2012-12-02 13:24:17 -------- d-----w- C:\Users\Computer\AppData\Local\{B0451023-95F1-4290-9371-F83B2D6D174C}

2012-12-02 04:00:09 -------- d-----w- C:\Users\Computer\AppData\Local\{F5BD420E-D64A-48D5-A6BD-EB59D2244EEA}

2012-12-02 03:48:55 -------- d-----w- C:\Users\Computer\AppData\Local\{167C7032-AD5B-43B7-AE9E-BA35FA5072A7}

2012-12-01 11:39:56 -------- d-----w- C:\Users\Computer\AppData\Local\{CF9CDBA3-6C2C-448D-9CD2-EEDCABD85184}

2012-12-01 05:50:19 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8157C6CA-D970-4A18-A012-C64EC5C69DE8}\gapaengine.dll

2012-12-01 05:36:08 -------- d-----w- C:\Users\Computer\AppData\Local\{F9ABF6DB-2CD3-4049-8A63-DDBFCB75E522}

2012-11-28 13:10:47 -------- d-----w- C:\Users\Computer\AppData\Local\{0D777149-8AA4-4F15-8404-78E4437B4EA6}

2012-11-28 07:57:18 -------- d-----w- C:\GarenaDownload

2012-11-28 03:52:36 -------- d-----w- C:\Users\Computer\AppData\Local\{27A5858D-5FDB-4409-B6BE-FD1E2592B736}

2012-11-28 01:39:50 -------- d-----w- C:\Users\Computer\AppData\Local\{3D204375-C030-434F-BAA6-4F2D74D1F72E}

2012-11-28 01:15:07 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-11-28 01:14:34 -------- d-----w- C:\Program Files\iPod

2012-11-28 01:14:33 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-28 01:14:33 -------- d-----w- C:\Program Files\iTunes

2012-11-28 01:14:33 -------- d-----w- C:\Program Files (x86)\iTunes

2012-11-28 00:12:22 -------- d-----w- C:\Users\Computer\AppData\Local\{5F6C347A-2CDA-4C94-84F2-15C26DF491F8}

2012-11-27 16:57:04 -------- d-----w- C:\Users\Computer\AppData\Local\{CD930DC3-5A28-4D26-BC89-C1D7C8843C07}

2012-11-27 07:59:14 -------- d-----w- C:\Users\Computer\AppData\Local\{2FAB9EA6-4B37-47ED-A68E-A493BC7CDE88}

2012-11-27 05:23:26 -------- d-----w- C:\Users\Computer\AppData\Local\{FDFEE4D7-3A12-4E29-A44D-07164D25025F}

2012-11-26 23:25:30 -------- d-----w- C:\Users\Computer\AppData\Local\{6F5B015B-8AAB-4647-A75E-5EA5E01E7DD5}

2012-11-26 14:57:52 -------- d-----w- C:\Users\Computer\AppData\Local\{C37A959E-119F-4501-A8E2-91C5F780C580}

2012-11-26 14:03:09 -------- d-----w- C:\Users\Computer\AppData\Local\{5F6AD3F1-D4DE-460E-B19E-6309667244CC}

2012-11-26 13:52:26 -------- d-----w- C:\Users\Computer\AppData\Local\{EBEFC2C2-06AA-4511-9CD1-59EB302552A3}

2012-11-26 13:49:41 -------- d-----w- C:\Users\Computer\AppData\Local\{66408061-7CA8-447C-9967-1FC22A19ED6C}

2012-11-26 13:45:39 -------- d-----w- C:\RegBackup

2012-11-26 13:44:40 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs

2012-11-26 13:07:41 -------- d-----w- C:\Users\Computer\AppData\Local\{3EC2640A-3AB0-4A1C-BE20-CE21BBF26413}

2012-11-26 01:29:28 -------- d-----w- C:\Users\Computer\AppData\Local\{372C0F7D-CF4B-482B-B3B6-DB4CAB3D63C8}

2012-11-25 14:28:12 -------- d-----w- C:\Users\Computer\AppData\Local\{FF0DBBCE-6B1B-4396-95C2-1F0FC62D45FB}

2012-11-25 14:20:19 -------- d-----w- C:\Users\Computer\AppData\Local\{989A87E2-25EF-4A5C-8362-96B571339C27}

2012-11-25 07:52:51 -------- d-sh--w- C:\$RECYCLE.BIN

2012-11-25 04:58:19 98816 ----a-w- C:\Windows\sed.exe

2012-11-25 04:58:19 256000 ----a-w- C:\Windows\PEV.exe

2012-11-25 04:58:19 208896 ----a-w- C:\Windows\MBR.exe

2012-11-25 04:45:17 -------- d-----w- C:\Users\Computer\AppData\Local\{B055B5D1-5F49-4139-8ADF-6E9342620942}

2012-11-25 04:29:16 -------- d-----w- C:\Users\Computer\AppData\Local\{99C965B6-CFA6-46AF-989E-99801980289C}

2012-11-25 01:12:29 -------- d-----w- C:\Users\Computer\AppData\Local\{8E04DF9C-A70F-4B2D-B8F6-E0C2C9CF5A17}

2012-11-24 15:31:51 -------- d-----w- C:\Windows\ERUNT

2012-11-24 15:31:26 -------- d-----w- C:\JRT

2012-11-24 15:28:20 -------- d-----w- C:\Users\Computer\AppData\Local\{D9DCFE7B-7350-4523-A4FF-DBCB26400DBA}

2012-11-24 09:02:49 -------- d-----w- C:\Users\Computer\AppData\Local\{E0377B0C-1C64-4DE9-A9E1-5DFDAF75A461}

2012-11-24 06:56:44 -------- d-----w- C:\Users\Computer\AppData\Local\{3CDE5054-93F8-4E8B-84D7-33985CA3BBB2}

2012-11-24 06:38:18 -------- d-----w- C:\Users\Computer\AppData\Local\{B3F2A22E-5178-4387-BD8D-FA8FEDFF56B3}

2012-11-24 04:06:56 -------- d-----w- C:\Users\Computer\AppData\Local\{5D7B6897-01F0-4F34-BB0D-B900E1C5462B}

2012-11-24 03:57:24 -------- d-----w- C:\Users\Computer\AppData\Local\{D9B9A500-412E-49C2-961C-188191B33989}

2012-11-24 03:52:29 -------- d-----w- C:\Users\Computer\AppData\Local\{D9253C8E-C511-4910-81CB-F258625DF30B}

2012-11-23 15:52:03 -------- d-----w- C:\Users\Computer\AppData\Local\{24DEEFE8-10FE-46E6-941C-7FE913508742}

2012-11-23 03:51:38 -------- d-----w- C:\Users\Computer\AppData\Local\{F52A8DA6-CD13-4223-A2F1-DBDBD00C4C83}

.

==================== Find3M ====================

.

2012-09-26 22:15:48 4521720 ----a-w- C:\Windows\SysWow64\GameMon.des

2012-09-26 11:57:16 330240 ----a-w- C:\Windows\MASetupCaller.dll

2012-09-26 11:57:14 45320 ----a-w- C:\Windows\SysWow64\MAMACExtract.dll

2011-04-14 07:27:46 79024 ----a-w- C:\Program Files\fraps64.dat

2011-04-14 07:27:46 257200 ----a-w- C:\Program Files\fraps32.dll

2011-04-14 07:27:46 201392 ----a-w- C:\Program Files\fraps64.dll

2011-04-14 07:27:44 2542768 ----a-w- C:\Program Files\fraps.exe

2011-04-14 07:25:52 163840 ----a-w- C:\Program Files\frapslcd.dll

.

============= FINISH: 1:50:10.61 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 11/10/2011 2:26:11 PM

System Uptime: 12/22/2012 9:15:32 PM (4 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | Z68A-D3H-B3

Processor: Intel® Core i5-2500 CPU @ 3.30GHz | Socket 1155 | 3601/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 192 GiB total, 66.961 GiB free.

D: is FIXED (NTFS) - 273 GiB total, 120.672 GiB free.

E: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP188: 12/22/2012 8:10:39 PM - Removed Skype™ 5.10

RP189: 12/22/2012 8:36:01 PM - Installed TortoiseSVN 1.7.11.23600 (64 bit)

RP190: 12/22/2012 9:01:16 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

RP191: 12/22/2012 9:06:47 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

RP192: 12/22/2012 9:08:29 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

RP193: 12/22/2012 9:13:31 PM - Removed TortoiseSVN 1.7.11.23600 (64 bit)

RP194: 12/22/2012 10:47:10 PM - Removed Visual Studio 2008 x64 Redistributables

RP195: 12/22/2012 10:47:56 PM - Installed MySQL Workbench 5.2 CE

RP196: 12/22/2012 11:03:02 PM - Removed MySQL Workbench 5.2 CE

RP197: 12/23/2012 12:55:29 AM - Installed MySQL Installer

RP198: 12/23/2012 1:03:25 AM - Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

RP199: 12/23/2012 1:05:10 AM - Removed MySQL Connector C 6.0.2

RP200: 12/23/2012 1:06:10 AM - Removed MySQL Connector C++ 1.1.0

RP201: 12/23/2012 1:06:32 AM - Removed MySQL Connector J

RP202: 12/23/2012 1:34:19 AM - Removed MySQL Connector Net 6.5.4

RP203: 12/23/2012 1:34:38 AM - Removed MySQL Documents 5.5

RP204: 12/23/2012 1:34:55 AM - Removed MySQL Connector/ODBC 5.1

RP205: 12/23/2012 1:35:14 AM - Removed MySQL Examples and Samples 5.5

RP206: 12/23/2012 1:35:35 AM - Removed MySQL For Excel 1.1.0

RP207: 12/23/2012 1:35:56 AM - Removed MySQL Installer

RP208: 12/23/2012 1:36:20 AM - Removed MySQL Notifier 1.0.3

RP209: 12/23/2012 1:36:38 AM - Removed MySQL Workbench 5.2 CE

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

3DMark06

Acronis True Image Home 2011

Adobe AIR

Adobe Community Help

Adobe Download Assistant

Adobe Flash Player 11 ActiveX 64-bit

Adobe Photoshop CS5.1

Adobe Reader 9.4.0

AhnLab Online Security

Akamai NetSession Interface

Any Video Converter 3.2.5

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AutoHotkey 1.0.48.05

AVG 2012

Bonjour

CCleaner

CDBurnerXP

D3DX10

Dota 2

Etron USB3.0 Host Controller

Facebook Video Calling 1.2.0.287

Fraps (remove only)

Game Booster 3

Google Chrome

Google Earth

Google Update Helper

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

Image Resizer Powertoy Clone for Windows

Intel® Management Engine Components

Intel® Processor Graphics

iTunes

Java 7 Update 7

Java Auto Updater

Logitech Vid HD

Logitech Webcam Software

Logitech Webcam Software Driver Package

Malwarebytes Anti-Malware version 1.62.0.1300

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft AppLocale

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Windows Application Compatibility Database

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Microsoft_VC90_MFCLOC_x86

Microsoft_VC90_MFCLOC_x86_x64

MSVCRT

MSVCRT Redists

MyFreeCodec

ON_OFF Charge B11.0110.1

Paint.NET v3.5.10

PDF Settings CS5

Picasa 3

PPStream V2.7.0.1336 Final

Razer Diamondback 3G

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

RockMelt

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Skype Click to Call

Skype™ 6.0

Spybot - Search & Destroy

SQL Server System CLR Types

Steam

TeamViewer 8

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Vegas Pro 11.0

VLC media player 1.1.7

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

WolfTeam International

YTD YouTube Downloader & Converter 3.6

.

==== Event Viewer Messages From Past Week ========

.

12/22/2012 9:15:47 PM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

12/22/2012 9:15:28 PM, Error: volmgr [46] - Crash dump initialization failed!

12/21/2012 2:29:37 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

12/21/2012 2:07:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2191.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/21/2012 2:01:07 AM, Error: Service Control Manager [7022] - The Intel® Management and Security Application User Notification Service service hung on starting.

12/21/2012 1:59:07 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

12/18/2012 5:50:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.

12/16/2012 7:47:02 PM, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

12/16/2012 6:00:03 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1192.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/16/2012 5:43:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1192.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9002.0&avdelta=1.141.1192.0&asdelta=1.141.1192.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f76 Error description: The requested header was not found

12/16/2012 5:43:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1192.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9002.0&avdelta=1.141.1192.0&asdelta=1.141.1192.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f76 Error description: The requested header was not found

12/16/2012 5:43:27 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1192.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

.

==== End Of File ===========================

There you go DDS and Attach

Link to post
Share on other sites

You have Facebook set as the Start-home page. Did you intend that?

You should know better than to let someone unknown to you to have unfettered/remote access to your system.

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear

Click the Disable button to disable your CD Emulation drivers.

Click Yes to continue

A 'Finished!' message will appear

Click OK

DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

NEXT:

Run the following and post the requested log. Credit Kevinf80 for the following

1. Download Malwarebytes Anti-Rootkit from this link http://www.malwarebytes.org/products/mbar/

2. Unzip the File to a convenient location. (Recommend the Desktop)

3. Open the folder where the contents were unzipped to run mbar.exe

Image1.png

4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

mbarwm.png

5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

6. The following image opens, select Next.

Image2.png

7. The following image opens, select Update

Image3.png

8. When the Update completes, select Next

Image4.png

9. In the following window ensure "Targets" are ticked. Then select "Scan"

Image5.png

10. If an infection/s is found the "Cleanup Button" to remove threats will be available. A list of infected files will be listed like the following example:

MBAntiRKclean.png

11. Do not select the "Clean up Button" select the "Exit" button, there will be a warning as follows:

MBAntiRKclean1.png

12. Select "Yes" to close down the program. If NO infections were found you will see the following image:

Image6.png

13. Select "Exit" to close down.

14. Copy and paste the two following logs from the mbar folder:

System - log

Mbar - log Date and time of scan will also be shown

Image10.png

Post those two logs in your reply.

Link to post
Share on other sites

Malwarebytes Anti-Rootkit 1.01.0.1011

www.malwarebytes.org

Database version: v2012.12.23.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Computer :: COMPUTER-PC [administrator]

12/23/2012 11:58:39 PM

mbar-log-2012-12-23 (23-58-39).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 31011

Time elapsed: 14 minute(s), 54 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1011

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.292000 GHz

Memory total: 8503025664, free: 6327963648

------------ Kernel report ------------

12/23/2012 23:42:50

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\vmbus.sys

\SystemRoot\system32\drivers\winhv.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\MpFilter.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\DRIVERS\timntr.sys

\SystemRoot\system32\drivers\vmstorfl.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\system32\DRIVERS\tdrpm273.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\system32\DRIVERS\snapman.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\AppleCharger.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\DRIVERS\Rt64win7.sys

\SystemRoot\System32\Drivers\EtronXHCI.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\teamviewervpn.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\EtronHub3.sys

\SystemRoot\System32\Drivers\USBD.SYS

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtihdW76.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\system32\drivers\DB3G.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\DRIVERS\NisDrvWFP.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\system32\drivers\spsys.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\DRIVERS\afcdp.sys

\SystemRoot\system32\DRIVERS\LVPr2M64.sys

\SystemRoot\System32\drivers\rdpdr.sys

\SystemRoot\system32\drivers\tdtcp.sys

\SystemRoot\System32\DRIVERS\tssecsrv.sys

\SystemRoot\System32\Drivers\RDPWD.SYS

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8007afe060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP1T1L0-6\

Lower Device Object: 0xfffffa8007561060

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

DriverEntry returned 0x0

Function returned 0x0

Downloaded database version: v2012.12.23.04

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 3

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8007afe060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8007953940, DeviceName: Unknown, DriverName: \Driver\tdrpman273\

DevicePointer: 0xfffffa800794f910, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xfffffa8007950b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007afeb20, DeviceName: Unknown, DriverName: \Driver\tdrpman273\

DevicePointer: 0xfffffa8007afe060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800747b580, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa8007561060, DeviceName: \Device\Ide\IdeDeviceP1T1L0-6\, DriverName: \Driver\atapi\

------------ End ----------

Upper DeviceData: 0xfffff8a00cf5cce0, 0xfffffa8007afe060, 0xfffffa800a024090

Lower DeviceData: 0xfffff8a00c6b6b80, 0xfffffa8007561060, 0xfffffa8006f13e40

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\Windows\system32\drivers...

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: E7721640

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 2048 Numsec = 204800

Partition file system is NTFS

Partition is bootable

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 206848 Numsec = 573233152

Partition 2 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 573440000 Numsec = 403331072

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...

Done!

Performing system, memory and registry scan...

Done!

Scan finished

=======================================

Link to post
Share on other sites

Please proceed and do these next.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 4

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

Sorry i missed your first question. Yes i intended for facebook to be my homepage, haha.

# AdwCleaner v2.102 - Logfile created 12/24/2012 at 10:54:27

# Updated 23/12/2012 by Xplode

# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)

# User : Computer - COMPUTER-PC

# Boot Mode : Normal

# Running from : C:\Users\Computer\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\Softonic

Key Found : HKLM\Software\TENCENT

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [804 octets] - [24/12/2012 10:54:27]

########## EOF - C:\AdwCleaner[R1].txt - [863 octets] ##########

10:55:28.0487 2456 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

10:55:29.0114 2456 ============================================================

10:55:29.0114 2456 Current date / time: 2012/12/24 10:55:29.0114

10:55:29.0114 2456 SystemInfo:

10:55:29.0114 2456

10:55:29.0114 2456 OS Version: 6.1.7601 ServicePack: 1.0

10:55:29.0114 2456 Product type: Workstation

10:55:29.0114 2456 ComputerName: COMPUTER-PC

10:55:29.0114 2456 UserName: Computer

10:55:29.0114 2456 Windows directory: C:\Windows

10:55:29.0114 2456 System windows directory: C:\Windows

10:55:29.0114 2456 Running under WOW64

10:55:29.0114 2456 Processor architecture: Intel x64

10:55:29.0114 2456 Number of processors: 4

10:55:29.0114 2456 Page size: 0x1000

10:55:29.0114 2456 Boot type: Normal boot

10:55:29.0114 2456 ============================================================

10:55:30.0328 2456 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

10:55:30.0331 2456 ============================================================

10:55:30.0331 2456 \Device\Harddisk0\DR0:

10:55:30.0331 2456 MBR partitions:

10:55:30.0331 2456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

10:55:30.0331 2456 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x222AD800

10:55:30.0331 2456 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x222E0000, BlocksNum 0x180A5800

10:55:30.0331 2456 ============================================================

10:55:30.0367 2456 C: <-> \Device\Harddisk0\DR0\Partition3

10:55:30.0403 2456 D: <-> \Device\Harddisk0\DR0\Partition2

10:55:30.0403 2456 ============================================================

10:55:30.0403 2456 Initialize success

10:55:30.0403 2456 ============================================================

10:55:34.0925 4496 ============================================================

10:55:34.0925 4496 Scan started

10:55:34.0925 4496 Mode: Manual;

10:55:34.0925 4496 ============================================================

10:55:35.0233 4496 ================ Scan system memory ========================

10:55:35.0233 4496 System memory - ok

10:55:35.0233 4496 ================ Scan services =============================

10:55:35.0368 4496 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

10:55:35.0371 4496 1394ohci - ok

10:55:35.0413 4496 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

10:55:35.0416 4496 ACPI - ok

10:55:35.0434 4496 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

10:55:35.0435 4496 AcpiPmi - ok

10:55:35.0579 4496 [ 75A130CED608509B1249244E0C891525 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

10:55:35.0585 4496 AcrSch2Svc - ok

10:55:35.0621 4496 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

10:55:35.0625 4496 adp94xx - ok

10:55:35.0641 4496 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

10:55:35.0644 4496 adpahci - ok

10:55:35.0659 4496 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

10:55:35.0660 4496 adpu320 - ok

10:55:35.0674 4496 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

10:55:35.0675 4496 AeLookupSvc - ok

10:55:35.0700 4496 [ CC946C4EBF60CB6DC8816E5F8A941EAD ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys

10:55:35.0702 4496 afcdp - ok

10:55:35.0803 4496 [ 149E8CA66CEADE0D17AC4028A567499F ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

10:55:35.0820 4496 afcdpsrv - ok

10:55:35.0857 4496 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

10:55:35.0860 4496 AFD - ok

10:55:35.0895 4496 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

10:55:35.0896 4496 agp440 - ok

10:55:35.0916 4496 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

10:55:35.0918 4496 ALG - ok

10:55:35.0928 4496 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

10:55:35.0928 4496 aliide - ok

10:55:35.0968 4496 [ C8A4C897AB335D885D0ECB9357D1638F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

10:55:35.0969 4496 AMD External Events Utility - ok

10:55:35.0978 4496 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

10:55:35.0979 4496 amdide - ok

10:55:35.0998 4496 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

10:55:35.0998 4496 AmdK8 - ok

10:55:36.0172 4496 [ 85193E1BCEFE65D0A1BEFD4FDA9180F9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

10:55:36.0209 4496 amdkmdag - ok

10:55:36.0244 4496 [ 60AB0B979198DA597B7251B3C7444F7E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

10:55:36.0246 4496 amdkmdap - ok

10:55:36.0257 4496 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

10:55:36.0257 4496 AmdPPM - ok

10:55:36.0294 4496 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

10:55:36.0295 4496 amdsata - ok

10:55:36.0322 4496 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

10:55:36.0324 4496 amdsbs - ok

10:55:36.0335 4496 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

10:55:36.0336 4496 amdxata - ok

10:55:36.0371 4496 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

10:55:36.0372 4496 AppID - ok

10:55:36.0396 4496 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

10:55:36.0397 4496 AppIDSvc - ok

10:55:36.0440 4496 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

10:55:36.0442 4496 Appinfo - ok

10:55:36.0515 4496 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

10:55:36.0517 4496 Apple Mobile Device - ok

10:55:36.0559 4496 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys

10:55:36.0559 4496 AppleCharger - ok

10:55:36.0575 4496 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe

10:55:36.0576 4496 AppleChargerSrv - ok

10:55:36.0598 4496 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

10:55:36.0600 4496 AppMgmt - ok

10:55:36.0628 4496 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

10:55:36.0629 4496 arc - ok

10:55:36.0632 4496 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

10:55:36.0633 4496 arcsas - ok

10:55:36.0643 4496 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

10:55:36.0644 4496 AsyncMac - ok

10:55:36.0682 4496 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

10:55:36.0683 4496 atapi - ok

10:55:36.0724 4496 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

10:55:36.0726 4496 AtiHDAudioService - ok

10:55:36.0824 4496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

10:55:36.0833 4496 AudioEndpointBuilder - ok

10:55:36.0914 4496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

10:55:36.0920 4496 AudioSrv - ok

10:55:37.0082 4496 AVGIDSAgent - ok

10:55:37.0117 4496 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

10:55:37.0120 4496 AxInstSV - ok

10:55:37.0151 4496 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

10:55:37.0155 4496 b06bdrv - ok

10:55:37.0170 4496 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

10:55:37.0172 4496 b57nd60a - ok

10:55:37.0223 4496 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

10:55:37.0225 4496 BDESVC - ok

10:55:37.0238 4496 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

10:55:37.0238 4496 Beep - ok

10:55:37.0281 4496 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

10:55:37.0290 4496 BFE - ok

10:55:37.0343 4496 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

10:55:37.0355 4496 BITS - ok

10:55:37.0396 4496 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

10:55:37.0397 4496 blbdrive - ok

10:55:37.0462 4496 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

10:55:37.0466 4496 Bonjour Service - ok

10:55:37.0503 4496 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

10:55:37.0504 4496 bowser - ok

10:55:37.0538 4496 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:55:37.0538 4496 BrFiltLo - ok

10:55:37.0549 4496 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:55:37.0549 4496 BrFiltUp - ok

10:55:37.0554 4496 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

10:55:37.0555 4496 BridgeMP - ok

10:55:37.0595 4496 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

10:55:37.0597 4496 Browser - ok

10:55:37.0614 4496 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

10:55:37.0616 4496 Brserid - ok

10:55:37.0620 4496 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

10:55:37.0621 4496 BrSerWdm - ok

10:55:37.0625 4496 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

10:55:37.0626 4496 BrUsbMdm - ok

10:55:37.0630 4496 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

10:55:37.0630 4496 BrUsbSer - ok

10:55:37.0647 4496 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

10:55:37.0648 4496 BTHMODEM - ok

10:55:37.0676 4496 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

10:55:37.0677 4496 bthserv - ok

10:55:37.0715 4496 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

10:55:37.0716 4496 cdfs - ok

10:55:37.0752 4496 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

10:55:37.0754 4496 cdrom - ok

10:55:37.0793 4496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

10:55:37.0795 4496 CertPropSvc - ok

10:55:37.0809 4496 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

10:55:37.0810 4496 circlass - ok

10:55:37.0835 4496 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

10:55:37.0841 4496 CLFS - ok

10:55:37.0885 4496 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:55:37.0886 4496 clr_optimization_v2.0.50727_32 - ok

10:55:37.0932 4496 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:55:37.0935 4496 clr_optimization_v2.0.50727_64 - ok

10:55:38.0014 4496 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:55:38.0015 4496 clr_optimization_v4.0.30319_32 - ok

10:55:38.0039 4496 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:55:38.0042 4496 clr_optimization_v4.0.30319_64 - ok

10:55:38.0066 4496 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

10:55:38.0066 4496 CmBatt - ok

10:55:38.0101 4496 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

10:55:38.0101 4496 cmdide - ok

10:55:38.0146 4496 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

10:55:38.0150 4496 CNG - ok

10:55:38.0167 4496 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

10:55:38.0167 4496 Compbatt - ok

10:55:38.0201 4496 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

10:55:38.0202 4496 CompositeBus - ok

10:55:38.0207 4496 COMSysApp - ok

10:55:38.0225 4496 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

10:55:38.0226 4496 crcdisk - ok

10:55:38.0268 4496 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

10:55:38.0271 4496 CryptSvc - ok

10:55:38.0316 4496 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

10:55:38.0320 4496 CSC - ok

10:55:38.0342 4496 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

10:55:38.0351 4496 CscService - ok

10:55:38.0374 4496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

10:55:38.0378 4496 DcomLaunch - ok

10:55:38.0403 4496 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

10:55:38.0407 4496 defragsvc - ok

10:55:38.0440 4496 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

10:55:38.0441 4496 DfsC - ok

10:55:38.0445 4496 dgderdrv - ok

10:55:38.0464 4496 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys

10:55:38.0465 4496 dg_ssudbus - ok

10:55:38.0501 4496 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

10:55:38.0506 4496 Dhcp - ok

10:55:38.0522 4496 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

10:55:38.0522 4496 discache - ok

10:55:38.0529 4496 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

10:55:38.0530 4496 Disk - ok

10:55:38.0563 4496 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

10:55:38.0565 4496 Dnscache - ok

10:55:38.0606 4496 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

10:55:38.0610 4496 dot3svc - ok

10:55:38.0642 4496 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

10:55:38.0645 4496 DPS - ok

10:55:38.0667 4496 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

10:55:38.0668 4496 drmkaud - ok

10:55:38.0719 4496 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

10:55:38.0725 4496 DXGKrnl - ok

10:55:38.0752 4496 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

10:55:38.0754 4496 EapHost - ok

10:55:38.0824 4496 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

10:55:38.0843 4496 ebdrv - ok

10:55:38.0874 4496 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

10:55:38.0875 4496 EFS - ok

10:55:39.0029 4496 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

10:55:39.0080 4496 ehRecvr - ok

10:55:39.0121 4496 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

10:55:39.0123 4496 ehSched - ok

10:55:39.0178 4496 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

10:55:39.0183 4496 elxstor - ok

10:55:39.0210 4496 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

10:55:39.0210 4496 ErrDev - ok

10:55:39.0249 4496 [ 72ECCB2F5C9CFC32A9B2A60933832501 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys

10:55:39.0250 4496 EtronHub3 - ok

10:55:39.0296 4496 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys

10:55:39.0297 4496 EtronXHCI - ok

10:55:39.0379 4496 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

10:55:39.0385 4496 EventSystem - ok

10:55:39.0414 4496 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

10:55:39.0416 4496 exfat - ok

10:55:39.0450 4496 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

10:55:39.0451 4496 fastfat - ok

10:55:39.0502 4496 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

10:55:39.0511 4496 Fax - ok

10:55:39.0549 4496 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

10:55:39.0550 4496 fdc - ok

10:55:39.0578 4496 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

10:55:39.0580 4496 fdPHost - ok

10:55:39.0609 4496 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

10:55:39.0614 4496 FDResPub - ok

10:55:39.0646 4496 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

10:55:39.0647 4496 FileInfo - ok

10:55:39.0678 4496 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

10:55:39.0679 4496 Filetrace - ok

10:55:39.0716 4496 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

10:55:39.0716 4496 flpydisk - ok

10:55:39.0740 4496 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

10:55:39.0742 4496 FltMgr - ok

10:55:39.0795 4496 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

10:55:39.0808 4496 FontCache - ok

10:55:39.0856 4496 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:55:39.0857 4496 FontCache3.0.0.0 - ok

10:55:39.0887 4496 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

10:55:39.0888 4496 FsDepends - ok

10:55:39.0927 4496 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

10:55:39.0927 4496 Fs_Rec - ok

10:55:39.0967 4496 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

10:55:39.0969 4496 fvevol - ok

10:55:39.0986 4496 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

10:55:39.0987 4496 gagp30kx - ok

10:55:39.0991 4496 gdrv - ok

10:55:40.0029 4496 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

10:55:40.0029 4496 GEARAspiWDM - ok

10:55:40.0104 4496 GGSAFERDriver - ok

10:55:40.0157 4496 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

10:55:40.0166 4496 gpsvc - ok

10:55:40.0205 4496 Gun - ok

10:55:40.0273 4496 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:55:40.0275 4496 gupdate - ok

10:55:40.0281 4496 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:55:40.0283 4496 gupdatem - ok

10:55:40.0316 4496 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

10:55:40.0318 4496 gusvc - ok

10:55:40.0330 4496 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

10:55:40.0331 4496 hcw85cir - ok

10:55:40.0373 4496 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

10:55:40.0376 4496 HdAudAddService - ok

10:55:40.0396 4496 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

10:55:40.0397 4496 HDAudBus - ok

10:55:40.0415 4496 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

10:55:40.0415 4496 HidBatt - ok

10:55:40.0421 4496 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

10:55:40.0422 4496 HidBth - ok

10:55:40.0434 4496 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

10:55:40.0434 4496 HidIr - ok

10:55:40.0451 4496 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

10:55:40.0453 4496 hidserv - ok

10:55:40.0487 4496 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

10:55:40.0487 4496 HidUsb - ok

10:55:40.0526 4496 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

10:55:40.0528 4496 hkmsvc - ok

10:55:40.0566 4496 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

10:55:40.0569 4496 HomeGroupListener - ok

10:55:40.0615 4496 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

10:55:40.0619 4496 HomeGroupProvider - ok

10:55:40.0649 4496 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

10:55:40.0650 4496 HpSAMD - ok

10:55:40.0697 4496 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

10:55:40.0704 4496 HTTP - ok

10:55:40.0715 4496 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

10:55:40.0716 4496 hwpolicy - ok

10:55:40.0760 4496 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

10:55:40.0761 4496 i8042prt - ok

10:55:40.0787 4496 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

10:55:40.0790 4496 iaStorV - ok

10:55:40.0869 4496 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:55:40.0880 4496 idsvc - ok

10:55:41.0074 4496 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

10:55:41.0117 4496 igfx - ok

10:55:41.0136 4496 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

10:55:41.0137 4496 iirsp - ok

10:55:41.0192 4496 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

10:55:41.0203 4496 IKEEXT - ok

10:55:41.0290 4496 [ 392D5C87F282E8E36DF5154418A7BB20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

10:55:41.0305 4496 IntcAzAudAddService - ok

10:55:41.0344 4496 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

10:55:41.0345 4496 IntcDAud - ok

10:55:41.0356 4496 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

10:55:41.0357 4496 intelide - ok

10:55:41.0373 4496 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

10:55:41.0373 4496 intelppm - ok

10:55:41.0392 4496 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

10:55:41.0395 4496 IPBusEnum - ok

10:55:41.0436 4496 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:55:41.0437 4496 IpFilterDriver - ok

10:55:41.0489 4496 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

10:55:41.0497 4496 iphlpsvc - ok

10:55:41.0539 4496 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

10:55:41.0540 4496 IPMIDRV - ok

10:55:41.0570 4496 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

10:55:41.0571 4496 IPNAT - ok

10:55:41.0623 4496 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

10:55:41.0628 4496 iPod Service - ok

10:55:41.0643 4496 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

10:55:41.0644 4496 IRENUM - ok

10:55:41.0659 4496 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

10:55:41.0660 4496 isapnp - ok

10:55:41.0700 4496 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

10:55:41.0702 4496 iScsiPrt - ok

10:55:41.0717 4496 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

10:55:41.0718 4496 kbdclass - ok

10:55:41.0728 4496 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

10:55:41.0728 4496 kbdhid - ok

10:55:41.0741 4496 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

10:55:41.0742 4496 KeyIso - ok

10:55:41.0779 4496 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

10:55:41.0780 4496 KSecDD - ok

10:55:41.0821 4496 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

10:55:41.0822 4496 KSecPkg - ok

10:55:41.0843 4496 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

10:55:41.0844 4496 ksthunk - ok

10:55:41.0878 4496 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

10:55:41.0884 4496 KtmRm - ok

10:55:41.0931 4496 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

10:55:41.0936 4496 LanmanServer - ok

10:55:41.0978 4496 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

10:55:41.0982 4496 LanmanWorkstation - ok

10:55:42.0008 4496 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

10:55:42.0009 4496 lltdio - ok

10:55:42.0030 4496 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

10:55:42.0035 4496 lltdsvc - ok

10:55:42.0050 4496 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

10:55:42.0052 4496 lmhosts - ok

10:55:42.0129 4496 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

10:55:42.0132 4496 LMS - ok

10:55:42.0176 4496 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

10:55:42.0177 4496 LSI_FC - ok

10:55:42.0227 4496 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

10:55:42.0229 4496 LSI_SAS - ok

10:55:42.0262 4496 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:55:42.0263 4496 LSI_SAS2 - ok

10:55:42.0328 4496 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:55:42.0330 4496 LSI_SCSI - ok

10:55:42.0422 4496 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

10:55:42.0423 4496 luafv - ok

10:55:42.0490 4496 [ B2085E335F2B57077B0CBADB6F1245CD ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys

10:55:42.0492 4496 lvpopf64 - ok

10:55:42.0521 4496 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys

10:55:42.0522 4496 LVPr2M64 - ok

10:55:42.0525 4496 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys

10:55:42.0525 4496 LVPr2Mon - ok

10:55:42.0584 4496 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

10:55:42.0585 4496 LVPrcS64 - ok

10:55:42.0630 4496 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys

10:55:42.0633 4496 LVRS64 - ok

10:55:42.0747 4496 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys

10:55:42.0771 4496 LVUVC64 - ok

10:55:42.0805 4496 [ E5ECF40E5FD459141E5F6685FFD51804 ] Lycosa C:\Windows\system32\drivers\Lycosa.sys

10:55:42.0806 4496 Lycosa - ok

10:55:42.0845 4496 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

10:55:42.0848 4496 Mcx2Svc - ok

10:55:42.0872 4496 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

10:55:42.0873 4496 megasas - ok

10:55:42.0908 4496 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

10:55:42.0911 4496 MegaSR - ok

10:55:42.0953 4496 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

10:55:42.0954 4496 MEIx64 - ok

10:55:43.0038 4496 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

10:55:43.0040 4496 Microsoft Office Groove Audit Service - ok

10:55:43.0080 4496 [ B6CCDC7F88354F2D053A8ADF13DD3AAB ] Mkd2Nadr C:\Windows\system32\drivers\Mkd2Nadr.sys

10:55:43.0081 4496 Mkd2Nadr - ok

10:55:43.0125 4496 [ 28630C95D8F1CC313E80B8EF376648F2 ] Mkd3kfNt C:\Windows\system32\drivers\Mkd3kfNt.sys

10:55:43.0127 4496 Mkd3kfNt - ok

10:55:43.0172 4496 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

10:55:43.0175 4496 MMCSS - ok

10:55:43.0204 4496 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

10:55:43.0204 4496 Modem - ok

10:55:43.0223 4496 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

10:55:43.0224 4496 monitor - ok

10:55:43.0265 4496 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

10:55:43.0266 4496 mouclass - ok

10:55:43.0280 4496 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

10:55:43.0281 4496 mouhid - ok

10:55:43.0325 4496 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

10:55:43.0326 4496 mountmgr - ok

10:55:43.0372 4496 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

10:55:43.0374 4496 MpFilter - ok

10:55:43.0410 4496 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

10:55:43.0412 4496 mpio - ok

10:55:43.0448 4496 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

10:55:43.0449 4496 mpsdrv - ok

10:55:43.0497 4496 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

10:55:43.0508 4496 MpsSvc - ok

10:55:43.0553 4496 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

10:55:43.0554 4496 MRxDAV - ok

10:55:43.0593 4496 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

10:55:43.0595 4496 mrxsmb - ok

10:55:43.0613 4496 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:55:43.0615 4496 mrxsmb10 - ok

10:55:43.0630 4496 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:55:43.0632 4496 mrxsmb20 - ok

10:55:43.0669 4496 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

10:55:43.0670 4496 msahci - ok

10:55:43.0717 4496 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

10:55:43.0718 4496 msdsm - ok

10:55:43.0739 4496 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

10:55:43.0743 4496 MSDTC - ok

10:55:43.0775 4496 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

10:55:43.0776 4496 Msfs - ok

10:55:43.0787 4496 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

10:55:43.0788 4496 mshidkmdf - ok

10:55:43.0823 4496 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

10:55:43.0824 4496 msisadrv - ok

10:55:43.0852 4496 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

10:55:43.0855 4496 MSiSCSI - ok

10:55:43.0863 4496 msiserver - ok

10:55:43.0877 4496 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

10:55:43.0878 4496 MSKSSRV - ok

10:55:43.0956 4496 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

10:55:43.0957 4496 MsMpSvc - ok

10:55:43.0976 4496 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

10:55:43.0977 4496 MSPCLOCK - ok

10:55:43.0991 4496 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

10:55:43.0991 4496 MSPQM - ok

10:55:44.0038 4496 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

10:55:44.0041 4496 MsRPC - ok

10:55:44.0091 4496 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

10:55:44.0092 4496 mssmbios - ok

10:55:44.0105 4496 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

10:55:44.0106 4496 MSTEE - ok

10:55:44.0118 4496 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

10:55:44.0118 4496 MTConfig - ok

10:55:44.0137 4496 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

10:55:44.0138 4496 Mup - ok

10:55:44.0183 4496 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

10:55:44.0191 4496 napagent - ok

10:55:44.0218 4496 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

10:55:44.0221 4496 NativeWifiP - ok

10:55:44.0278 4496 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

10:55:44.0285 4496 NDIS - ok

10:55:44.0304 4496 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

10:55:44.0304 4496 NdisCap - ok

10:55:44.0316 4496 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

10:55:44.0317 4496 NdisTapi - ok

10:55:44.0351 4496 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

10:55:44.0351 4496 Ndisuio - ok

10:55:44.0391 4496 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

10:55:44.0392 4496 NdisWan - ok

10:55:44.0438 4496 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

10:55:44.0439 4496 NDProxy - ok

10:55:44.0469 4496 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

10:55:44.0469 4496 NetBIOS - ok

10:55:44.0513 4496 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

10:55:44.0515 4496 NetBT - ok

10:55:44.0532 4496 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

10:55:44.0534 4496 Netlogon - ok

10:55:44.0566 4496 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

10:55:44.0572 4496 Netman - ok

10:55:44.0586 4496 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

10:55:44.0593 4496 netprofm - ok

10:55:44.0627 4496 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys

10:55:44.0634 4496 netr28ux - ok

10:55:44.0663 4496 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:55:44.0665 4496 NetTcpPortSharing - ok

10:55:44.0696 4496 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

10:55:44.0696 4496 nfrd960 - ok

10:55:44.0737 4496 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

10:55:44.0738 4496 NisDrv - ok

10:55:44.0753 4496 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

10:55:44.0756 4496 NisSrv - ok

10:55:44.0801 4496 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

10:55:44.0807 4496 NlaSvc - ok

10:55:44.0881 4496 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

10:55:44.0882 4496 NMSAccess - ok

10:55:44.0913 4496 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

10:55:44.0914 4496 Npfs - ok

10:55:44.0921 4496 npggsvc - ok

10:55:44.0928 4496 NPPTNT2 - ok

10:55:44.0949 4496 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

10:55:44.0951 4496 nsi - ok

10:55:44.0967 4496 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

10:55:44.0968 4496 nsiproxy - ok

10:55:45.0034 4496 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

10:55:45.0047 4496 Ntfs - ok

10:55:45.0067 4496 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

10:55:45.0068 4496 Null - ok

10:55:45.0086 4496 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

10:55:45.0087 4496 nvraid - ok

10:55:45.0120 4496 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

10:55:45.0122 4496 nvstor - ok

10:55:45.0162 4496 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

10:55:45.0163 4496 nv_agp - ok

10:55:45.0256 4496 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

10:55:45.0262 4496 odserv - ok

10:55:45.0282 4496 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

10:55:45.0283 4496 ohci1394 - ok

10:55:45.0324 4496 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:55:45.0326 4496 ose - ok

10:55:45.0363 4496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

10:55:45.0368 4496 p2pimsvc - ok

10:55:45.0388 4496 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

10:55:45.0394 4496 p2psvc - ok

10:55:45.0423 4496 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

10:55:45.0425 4496 Parport - ok

10:55:45.0462 4496 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

10:55:45.0462 4496 partmgr - ok

10:55:45.0487 4496 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

10:55:45.0490 4496 PcaSvc - ok

10:55:45.0501 4496 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

10:55:45.0503 4496 pci - ok

10:55:45.0543 4496 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

10:55:45.0544 4496 pciide - ok

10:55:45.0567 4496 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

10:55:45.0569 4496 pcmcia - ok

10:55:45.0584 4496 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

10:55:45.0585 4496 pcw - ok

10:55:45.0607 4496 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

10:55:45.0611 4496 PEAUTH - ok

10:55:45.0651 4496 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

10:55:45.0668 4496 PeerDistSvc - ok

10:55:45.0748 4496 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

10:55:45.0750 4496 PerfHost - ok

10:55:45.0834 4496 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

10:55:45.0852 4496 pla - ok

10:55:45.0904 4496 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

10:55:45.0911 4496 PlugPlay - ok

10:55:45.0939 4496 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

10:55:45.0941 4496 PNRPAutoReg - ok

10:55:45.0962 4496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

10:55:45.0965 4496 PNRPsvc - ok

10:55:46.0006 4496 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

10:55:46.0013 4496 PolicyAgent - ok

10:55:46.0054 4496 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

10:55:46.0057 4496 Power - ok

10:55:46.0102 4496 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

10:55:46.0104 4496 PptpMiniport - ok

10:55:46.0125 4496 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

10:55:46.0126 4496 Processor - ok

10:55:46.0166 4496 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

10:55:46.0170 4496 ProfSvc - ok

10:55:46.0183 4496 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

10:55:46.0185 4496 ProtectedStorage - ok

10:55:46.0229 4496 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

10:55:46.0230 4496 Psched - ok

10:55:46.0286 4496 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

10:55:46.0298 4496 ql2300 - ok

10:55:46.0321 4496 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

10:55:46.0322 4496 ql40xx - ok

10:55:46.0349 4496 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

10:55:46.0354 4496 QWAVE - ok

10:55:46.0377 4496 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

10:55:46.0378 4496 QWAVEdrv - ok

10:55:46.0398 4496 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

10:55:46.0399 4496 RasAcd - ok

10:55:46.0420 4496 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

10:55:46.0421 4496 RasAgileVpn - ok

10:55:46.0447 4496 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

10:55:46.0449 4496 RasAuto - ok

10:55:46.0498 4496 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

10:55:46.0499 4496 Rasl2tp - ok

10:55:46.0525 4496 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

10:55:46.0531 4496 RasMan - ok

10:55:46.0562 4496 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

10:55:46.0563 4496 RasPppoe - ok

10:55:46.0573 4496 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

10:55:46.0574 4496 RasSstp - ok

10:55:46.0614 4496 [ 81DDBF4FE998EF1F4BA230F7E8D8C67E ] Razerlow C:\Windows\system32\drivers\DB3G.sys

10:55:46.0615 4496 Razerlow - ok

10:55:46.0662 4496 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

10:55:46.0665 4496 rdbss - ok

10:55:46.0679 4496 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

10:55:46.0680 4496 rdpbus - ok

10:55:46.0695 4496 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

10:55:46.0696 4496 RDPCDD - ok

10:55:46.0737 4496 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

10:55:46.0739 4496 RDPDR - ok

10:55:46.0752 4496 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

10:55:46.0753 4496 RDPENCDD - ok

10:55:46.0772 4496 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

10:55:46.0773 4496 RDPREFMP - ok

10:55:46.0863 4496 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

10:55:46.0864 4496 RdpVideoMiniport - ok

10:55:46.0923 4496 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

10:55:46.0926 4496 RDPWD - ok

10:55:46.0951 4496 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

10:55:46.0953 4496 rdyboost - ok

10:55:47.0008 4496 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

10:55:47.0011 4496 RemoteAccess - ok

10:55:47.0042 4496 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

10:55:47.0046 4496 RemoteRegistry - ok

10:55:47.0065 4496 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

10:55:47.0068 4496 RpcEptMapper - ok

10:55:47.0076 4496 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

10:55:47.0077 4496 RpcLocator - ok

10:55:47.0125 4496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

10:55:47.0130 4496 RpcSs - ok

10:55:47.0153 4496 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

10:55:47.0154 4496 rspndr - ok

10:55:47.0196 4496 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

10:55:47.0199 4496 RTL8167 - ok

10:55:47.0233 4496 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

10:55:47.0234 4496 s3cap - ok

10:55:47.0250 4496 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

10:55:47.0252 4496 SamSs - ok

10:55:47.0273 4496 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

10:55:47.0274 4496 sbp2port - ok

10:55:47.0321 4496 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

10:55:47.0325 4496 SCardSvr - ok

10:55:47.0367 4496 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

10:55:47.0367 4496 scfilter - ok

10:55:47.0428 4496 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

10:55:47.0443 4496 Schedule - ok

10:55:47.0485 4496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

10:55:47.0488 4496 SCPolicySvc - ok

10:55:47.0560 4496 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

10:55:47.0564 4496 SDRSVC - ok

10:55:47.0592 4496 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

10:55:47.0592 4496 secdrv - ok

10:55:47.0608 4496 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

10:55:47.0610 4496 seclogon - ok

10:55:47.0638 4496 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

10:55:47.0640 4496 SENS - ok

10:55:47.0649 4496 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

10:55:47.0651 4496 SensrSvc - ok

10:55:47.0659 4496 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

10:55:47.0659 4496 Serenum - ok

10:55:47.0667 4496 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

10:55:47.0668 4496 Serial - ok

10:55:47.0703 4496 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

10:55:47.0704 4496 sermouse - ok

10:55:47.0760 4496 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

10:55:47.0775 4496 SessionEnv - ok

10:55:47.0801 4496 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

10:55:47.0801 4496 sffdisk - ok

10:55:47.0835 4496 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

10:55:47.0835 4496 sffp_mmc - ok

10:55:47.0856 4496 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

10:55:47.0856 4496 sffp_sd - ok

10:55:47.0882 4496 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

10:55:47.0883 4496 sfloppy - ok

10:55:47.0932 4496 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

10:55:47.0937 4496 SharedAccess - ok

10:55:48.0001 4496 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

10:55:48.0007 4496 ShellHWDetection - ok

10:55:48.0027 4496 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:55:48.0028 4496 SiSRaid2 - ok

10:55:48.0048 4496 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

10:55:48.0049 4496 SiSRaid4 - ok

10:55:48.0187 4496 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

10:55:48.0215 4496 Skype C2C Service - ok

10:55:48.0284 4496 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

10:55:48.0286 4496 SkypeUpdate - ok

10:55:48.0320 4496 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

10:55:48.0321 4496 Smb - ok

10:55:48.0380 4496 [ B2C19AE46C5A109679B4FB38058DF05A ] snapman C:\Windows\system32\DRIVERS\snapman.sys

10:55:48.0382 4496 snapman - ok

10:55:48.0413 4496 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

10:55:48.0416 4496 SNMPTRAP - ok

10:55:48.0435 4496 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

10:55:48.0435 4496 spldr - ok

10:55:48.0479 4496 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

10:55:48.0484 4496 Spooler - ok

10:55:48.0582 4496 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

10:55:48.0612 4496 sppsvc - ok

10:55:48.0658 4496 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

10:55:48.0661 4496 sppuinotify - ok

10:55:48.0721 4496 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys

10:55:48.0727 4496 sptd - ok

10:55:48.0777 4496 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

10:55:48.0781 4496 srv - ok

10:55:48.0804 4496 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

10:55:48.0807 4496 srv2 - ok

10:55:48.0827 4496 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

10:55:48.0828 4496 srvnet - ok

10:55:48.0892 4496 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

10:55:48.0896 4496 SSDPSRV - ok

10:55:48.0920 4496 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

10:55:48.0924 4496 SstpSvc - ok

10:55:48.0971 4496 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys

10:55:48.0973 4496 ssudmdm - ok

10:55:49.0029 4496 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys

10:55:49.0029 4496 StarOpen - ok

10:55:49.0057 4496 Steam Client Service - ok

10:55:49.0088 4496 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

10:55:49.0088 4496 stexstor - ok

10:55:49.0136 4496 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

10:55:49.0144 4496 stisvc - ok

10:55:49.0188 4496 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

10:55:49.0189 4496 storflt - ok

10:55:49.0205 4496 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

10:55:49.0206 4496 storvsc - ok

10:55:49.0228 4496 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

10:55:49.0228 4496 swenum - ok

10:55:49.0306 4496 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

10:55:49.0313 4496 SwitchBoard - ok

10:55:49.0345 4496 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

10:55:49.0353 4496 swprv - ok

10:55:49.0381 4496 Synth3dVsc - ok

10:55:49.0446 4496 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

10:55:49.0466 4496 SysMain - ok

10:55:49.0507 4496 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

10:55:49.0510 4496 TabletInputService - ok

10:55:49.0527 4496 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

10:55:49.0532 4496 TapiSrv - ok

10:55:49.0579 4496 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

10:55:49.0582 4496 TBS - ok

10:55:49.0658 4496 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

10:55:49.0672 4496 Tcpip - ok

10:55:49.0700 4496 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

10:55:49.0711 4496 TCPIP6 - ok

10:55:49.0755 4496 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

10:55:49.0756 4496 tcpipreg - ok

10:55:49.0811 4496 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

10:55:49.0812 4496 TDPIPE - ok

10:55:49.0873 4496 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys

10:55:49.0881 4496 tdrpman273 - ok

10:55:49.0922 4496 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

10:55:49.0922 4496 TDTCP - ok

10:55:49.0966 4496 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

10:55:49.0967 4496 tdx - ok

10:55:50.0072 4496 [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

10:55:50.0091 4496 TeamViewer8 - ok

10:55:50.0126 4496 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys

10:55:50.0126 4496 teamviewervpn - ok

10:55:50.0161 4496 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

10:55:50.0162 4496 TermDD - ok

10:55:50.0217 4496 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

10:55:50.0224 4496 TermService - ok

10:55:50.0258 4496 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

10:55:50.0259 4496 Themes - ok

10:55:50.0273 4496 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

10:55:50.0274 4496 THREADORDER - ok

10:55:50.0321 4496 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys

10:55:50.0324 4496 timounter - ok

10:55:50.0367 4496 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

10:55:50.0371 4496 TrkWks - ok

10:55:50.0430 4496 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

10:55:50.0433 4496 TrustedInstaller - ok

10:55:50.0486 4496 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

10:55:50.0487 4496 tssecsrv - ok

10:55:50.0527 4496 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

10:55:50.0528 4496 TsUsbFlt - ok

10:55:50.0539 4496 tsusbhub - ok

10:55:50.0576 4496 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

10:55:50.0577 4496 tunnel - ok

10:55:50.0606 4496 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

10:55:50.0607 4496 uagp35 - ok

10:55:50.0649 4496 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

10:55:50.0651 4496 udfs - ok

10:55:50.0703 4496 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

10:55:50.0705 4496 UI0Detect - ok

10:55:50.0726 4496 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

10:55:50.0727 4496 uliagpkx - ok

10:55:50.0764 4496 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

10:55:50.0765 4496 umbus - ok

10:55:50.0794 4496 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

10:55:50.0794 4496 UmPass - ok

10:55:50.0846 4496 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

10:55:50.0850 4496 UmRdpService - ok

10:55:50.0925 4496 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

10:55:50.0929 4496 UMVPFSrv - ok

10:55:51.0066 4496 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

10:55:51.0082 4496 UNS - ok

10:55:51.0111 4496 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

10:55:51.0115 4496 upnphost - ok

10:55:51.0153 4496 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

10:55:51.0154 4496 USBAAPL64 - ok

10:55:51.0192 4496 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

10:55:51.0193 4496 usbaudio - ok

10:55:51.0229 4496 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

10:55:51.0230 4496 usbccgp - ok

10:55:51.0259 4496 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

10:55:51.0261 4496 usbcir - ok

10:55:51.0292 4496 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

10:55:51.0293 4496 usbehci - ok

10:55:51.0317 4496 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

10:55:51.0320 4496 usbhub - ok

10:55:51.0342 4496 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

10:55:51.0342 4496 usbohci - ok

10:55:51.0373 4496 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

10:55:51.0373 4496 usbprint - ok

10:55:51.0411 4496 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:55:51.0412 4496 USBSTOR - ok

10:55:51.0436 4496 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

10:55:51.0437 4496 usbuhci - ok

10:55:51.0470 4496 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

10:55:51.0472 4496 UxSms - ok

10:55:51.0507 4496 [ 81A9F455BF2C9180348949F7C8D93E66 ] VaneFltr C:\Windows\system32\drivers\Lachesis.sys

10:55:51.0507 4496 VaneFltr - ok

10:55:51.0525 4496 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

10:55:51.0526 4496 VaultSvc - ok

10:55:51.0563 4496 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

10:55:51.0563 4496 vdrvroot - ok

10:55:51.0616 4496 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

10:55:51.0624 4496 vds - ok

10:55:51.0660 4496 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

10:55:51.0661 4496 vga - ok

10:55:51.0683 4496 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

10:55:51.0684 4496 VgaSave - ok

10:55:51.0696 4496 VGPU - ok

10:55:51.0732 4496 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

10:55:51.0734 4496 vhdmp - ok

10:55:51.0774 4496 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

10:55:51.0774 4496 viaide - ok

10:55:51.0801 4496 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

10:55:51.0803 4496 vmbus - ok

10:55:51.0827 4496 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

10:55:51.0827 4496 VMBusHID - ok

10:55:51.0857 4496 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

10:55:51.0858 4496 volmgr - ok

10:55:51.0909 4496 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

10:55:51.0912 4496 volmgrx - ok

10:55:51.0954 4496 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

10:55:51.0957 4496 volsnap - ok

10:55:51.0993 4496 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

10:55:51.0995 4496 vsmraid - ok

10:55:52.0057 4496 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

10:55:52.0075 4496 VSS - ok

10:55:52.0100 4496 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

10:55:52.0101 4496 vwifibus - ok

10:55:52.0124 4496 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

10:55:52.0125 4496 vwififlt - ok

10:55:52.0155 4496 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

10:55:52.0160 4496 W32Time - ok

10:55:52.0200 4496 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

10:55:52.0200 4496 WacomPen - ok

10:55:52.0235 4496 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

10:55:52.0236 4496 WANARP - ok

10:55:52.0244 4496 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

10:55:52.0244 4496 Wanarpv6 - ok

10:55:52.0307 4496 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

10:55:52.0323 4496 wbengine - ok

10:55:52.0354 4496 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

10:55:52.0357 4496 WbioSrvc - ok

10:55:52.0405 4496 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

10:55:52.0412 4496 wcncsvc - ok

10:55:52.0434 4496 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

10:55:52.0436 4496 WcsPlugInService - ok

10:55:52.0463 4496 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

10:55:52.0464 4496 Wd - ok

10:55:52.0489 4496 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

10:55:52.0492 4496 Wdf01000 - ok

10:55:52.0508 4496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

10:55:52.0510 4496 WdiServiceHost - ok

10:55:52.0518 4496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

10:55:52.0520 4496 WdiSystemHost - ok

10:55:52.0567 4496 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

10:55:52.0570 4496 WebClient - ok

10:55:52.0593 4496 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

10:55:52.0596 4496 Wecsvc - ok

10:55:52.0609 4496 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

10:55:52.0611 4496 wercplsupport - ok

10:55:52.0623 4496 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

10:55:52.0625 4496 WerSvc - ok

10:55:52.0646 4496 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

10:55:52.0646 4496 WfpLwf - ok

10:55:52.0663 4496 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

10:55:52.0664 4496 WIMMount - ok

10:55:52.0696 4496 WinDefend - ok

10:55:52.0717 4496 WinHttpAutoProxySvc - ok

10:55:52.0771 4496 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

10:55:52.0774 4496 Winmgmt - ok

10:55:52.0854 4496 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys

10:55:52.0855 4496 WinRing0_1_2_0 - ok

10:55:52.0973 4496 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

10:55:52.0996 4496 WinRM - ok

10:55:53.0051 4496 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

10:55:53.0051 4496 WinUsb - ok

10:55:53.0109 4496 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

10:55:53.0121 4496 Wlansvc - ok

10:55:53.0235 4496 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:55:53.0249 4496 wlidsvc - ok

10:55:53.0303 4496 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

10:55:53.0304 4496 WmiAcpi - ok

10:55:53.0343 4496 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

10:55:53.0344 4496 wmiApSrv - ok

10:55:53.0371 4496 WMPNetworkSvc - ok

10:55:53.0488 4496 [ EA747D4B752622AFF2952B7758CEE7B8 ] wolf C:\Game\SoftnyxGame\WolfTeamIS\avital\wolf64.sys

10:55:53.0490 4496 wolf - ok

10:55:53.0520 4496 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

10:55:53.0523 4496 WPCSvc - ok

10:55:53.0586 4496 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

10:55:53.0590 4496 WPDBusEnum - ok

10:55:53.0619 4496 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

10:55:53.0620 4496 ws2ifsl - ok

10:55:53.0643 4496 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

10:55:53.0646 4496 wscsvc - ok

10:55:53.0656 4496 WSearch - ok

10:55:53.0748 4496 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

10:55:53.0774 4496 wuauserv - ok

10:55:53.0790 4496 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

10:55:53.0791 4496 WudfPf - ok

10:55:53.0827 4496 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

10:55:53.0828 4496 WUDFRd - ok

10:55:53.0867 4496 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

10:55:53.0869 4496 wudfsvc - ok

10:55:53.0928 4496 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

10:55:53.0934 4496 WwanSvc - ok

10:55:53.0974 4496 ================ Scan global ===============================

10:55:54.0032 4496 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

10:55:54.0062 4496 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

10:55:54.0072 4496 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

10:55:54.0097 4496 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

10:55:54.0121 4496 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

10:55:54.0126 4496 [Global] - ok

10:55:54.0126 4496 ================ Scan MBR ==================================

10:55:54.0152 4496 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

10:55:54.0309 4496 \Device\Harddisk0\DR0 - ok

10:55:54.0309 4496 ================ Scan VBR ==================================

10:55:54.0312 4496 [ B9E62EBB1DCD667EF7498C7799E409CE ] \Device\Harddisk0\DR0\Partition1

10:55:54.0313 4496 \Device\Harddisk0\DR0\Partition1 - ok

10:55:54.0325 4496 [ 8E7D17579AECC8E055B3972FF154B840 ] \Device\Harddisk0\DR0\Partition2

10:55:54.0327 4496 \Device\Harddisk0\DR0\Partition2 - ok

10:55:54.0351 4496 [ 7CC537F6E46D8B226A8ABC7E56408F2D ] \Device\Harddisk0\DR0\Partition3

10:55:54.0352 4496 \Device\Harddisk0\DR0\Partition3 - ok

10:55:54.0353 4496 ============================================================

10:55:54.0353 4496 Scan finished

10:55:54.0353 4496 ============================================================

10:55:54.0364 4484 Detected object count: 0

10:55:54.0364 4484 Actual detected object count: 0

10:56:00.0264 3108 Deinitialize success

RogueKiller V8.4.1 [Dec 23 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Computer [Admin rights]

Mode : Scan -- Date : 12/24/2012 10:58:32

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] RockMeltCrashHandler.exe -- C:\Users\Computer\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤

[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\RunOnce : Z1 (C:\Users\Computer\Desktop\mbar\mbar.exe /cleanup /s) -> FOUND

[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721050CLA662 ATA Device +++++

--- User ---

[MBR] 252f6f6fc242b94e1545156746344a35

[bSP] f5347690fb329d73c4b82301a5920bff : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 279899 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 573440000 | Size: 196939 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_12242012_02d1058.txt >>

RKreport[1]_S_12242012_02d1058.txt

Link to post
Share on other sites

The last 2 logs are ok.

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member only. If you are a casual viewer, do NOT try this on your system!

If you are not and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop cf-icon.jpg and select "Run as Administrator".

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log and tell me, How is the system now ?

Re-enable your antivirus program.

Link to post
Share on other sites

I feel my pc still lags slightly. Is my PC clean though?

ComboFix 12-12-23.01 - Computer 12/25/2012 0:08.2.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8109.6375 [GMT 8:00]

Running from: c:\users\Computer\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\wininit.ini

.

.

((((((((((((((((((((((((( Files Created from 2012-11-24 to 2012-12-24 )))))))))))))))))))))))))))))))

.

.

2012-12-24 16:14 . 2012-12-24 16:14 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-24 15:54 . 2012-12-24 15:56 -------- d-----w- c:\program files (x86)\GarenaHoN

2012-12-24 11:10 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9BB13909-9418-4496-BA63-DD06A2AD04AC}\mpengine.dll

2012-12-24 02:43 . 2012-12-24 02:43 -------- d-----w- c:\program files (x86)\ERUNT

2012-12-23 03:40 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-22 16:55 . 2012-12-22 17:36 -------- d-----w- c:\program files (x86)\MySQL

2012-12-22 14:48 . 2012-12-22 15:01 -------- d-----w- c:\users\Computer\AppData\Roaming\MySQL

2012-12-22 12:13 . 2012-12-22 12:13 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-12-20 17:15 . 2012-12-20 17:27 -------- d-----w- c:\users\Computer\AppData\Roaming\Notepad++

2012-12-20 16:58 . 2012-12-24 10:59 -------- d-----w- c:\users\Computer\AppData\Local\TSVNCache

2012-12-20 16:42 . 2012-12-20 16:42 -------- d-----w- c:\users\Computer\AppData\Roaming\TortoiseSVN

2012-12-20 16:39 . 2012-12-20 16:39 -------- d-----w- c:\users\Computer\AppData\Roaming\Subversion

2012-12-20 16:39 . 2012-12-23 05:51 -------- d-----w- c:\program files (x86)\Common Files\TortoiseOverlays

2012-12-20 16:39 . 2012-12-23 05:51 -------- d-----w- c:\program files\TortoiseSVN

2012-12-20 16:39 . 2012-12-23 05:51 -------- d-----w- c:\program files\Common Files\TortoiseOverlays

2012-12-17 06:08 . 2012-12-17 06:08 -------- d-----w- c:\program files (x86)\Microsoft SQL Server

2012-12-17 06:05 . 2012-12-20 18:43 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0

2012-12-16 16:18 . 2012-12-16 16:19 -------- d-----w- C:\cygwin

2012-12-01 05:50 . 2012-12-01 05:49 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8157C6CA-D970-4A18-A012-C64EC5C69DE8}\gapaengine.dll

2012-11-28 07:57 . 2012-11-28 07:57 -------- d-----w- C:\GarenaDownload

2012-11-28 01:15 . 2012-08-21 05:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-11-28 01:14 . 2012-11-28 01:14 -------- d-----w- c:\program files\iPod

2012-11-28 01:14 . 2012-11-28 01:15 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-28 01:14 . 2012-11-28 01:15 -------- d-----w- c:\program files\iTunes

2012-11-28 01:14 . 2012-11-28 01:15 -------- d-----w- c:\program files (x86)\iTunes

2012-11-26 13:46 . 2012-11-26 13:50 181064 ----a-w- c:\windows\PSEXESVC.EXE

2012-11-26 13:45 . 2012-11-26 13:45 -------- d-----w- C:\RegBackup

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-10 15:47 . 2011-11-10 14:57 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-03 03:00 . 2011-11-10 15:55 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2012-09-26 22:15 . 2011-11-26 07:20 4521720 ----a-w- c:\windows\SysWow64\GameMon.des

2012-09-26 11:57 . 2012-01-30 17:15 330240 ----a-w- c:\windows\MASetupCaller.dll

2012-09-26 11:57 . 2012-01-30 17:15 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll

2011-04-14 07:27 . 2011-04-14 07:27 79024 ----a-w- c:\program files\fraps64.dat

2011-04-14 07:27 . 2011-04-14 07:27 257200 ----a-w- c:\program files\fraps32.dll

2011-04-14 07:27 . 2011-04-14 07:27 201392 ----a-w- c:\program files\fraps64.dll

2011-04-14 07:27 . 2011-04-14 07:27 2542768 ----a-w- c:\program files\fraps.exe

2011-04-14 07:25 . 2011-04-14 07:25 163840 ----a-w- c:\program files\frapslcd.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RockMelt Update"="c:\users\Computer\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2011-11-10 136336]

"PPS Accelerator"="c:\program files (x86)\PPStream\PPSAP.exe" [2010-02-24 214408]

"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-11-02 843208]

"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]

"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]

"Akamai NetSession Interface"="c:\users\Computer\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]

"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2012-12-17 9152968]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-04 1354736]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"SAOB Monitor"="c:\program files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-08-20 2536752]

"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-08-21 5459136]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-22 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456]

"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-11 1523360]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]

@="FSFilter System Recovery"

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]

R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]

R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]

R3 Gun;Gun;c:\users\Computer\Documents\Gunbound\SoftnyxGame\GunBoundIS\Gun64.sys [x]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]

R3 LVUVC64;Logitech Webcam 200(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]

R3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [2008-01-17 18816]

R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-03-12 106040]

R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys [2009-08-18 180280]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2007-08-16 30336]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-10-31 14544]

R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-11-10 834544]

S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2011-11-10 1263200]

S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]

S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-11-10 3975088]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-12 204288]

S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-11-10 279136]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-05-25 52608]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-05-25 76160]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]

S3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-06 21120]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]

S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 35112]

S3 wolf;wolf;c:\game\SoftnyxGame\WolfTeamIS\avital\wolf64.sys [2012-10-17 89560]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-10 15:16]

.

2012-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-10 15:16]

.

2012-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324930820-1359864163-1426119744-1000Core.job

- c:\users\Computer\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-11 06:43]

.

2012-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324930820-1359864163-1426119744-1000UA.job

- c:\users\Computer\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-11 06:43]

.

2012-12-24 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3324930820-1359864163-1426119744-1000Core.job

- c:\users\Computer\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-11-10 14:48]

.

2012-12-24 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3324930820-1359864163-1426119744-1000UA.job

- c:\users\Computer\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-11-10 14:48]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 02:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.facebook.com/

uDefault_Search_URL = hxxp://www.google.com/ie

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;<local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-dmboot.sys

SafeBoot-dmio.sys

SafeBoot-dmload.sys

SafeBoot-dmadmin

SafeBoot-dmserver

SafeBoot-SRService

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-12-25 00:16:41

ComboFix-quarantined-files.txt 2012-12-24 16:16

.

Pre-Run: 64,818,102,272 bytes free

Post-Run: 66,480,082,944 bytes free

.

- - End Of File - - 92F04E2826F59A6476F157C3B00F5931

Link to post
Share on other sites

Looks ok, so far, but need more follow-ups.

javaicon.gifYour Java runtime is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Accept the EULA & Download the latest version of >> Windows Offline << from here and save it to your desktop.
  • Get the Offline version that corresponds to your "bit-tedness" of your Windows (32-bit or 64-bit)
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
  • Close any programs you may have running - especially your web browser(s).
  • Go to Start > Settings > Control Panel, select Programs and Features and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u10-windows-i586.exe to install the newest version.
    ( jre-7u10-windows-x64.exe if this is a 64-bit Windows o.s.)

  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) javaicon.gif
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      • Applications and Applets
        Trace and Log Files

      [*]Click OK on Delete Temporary Files Window

      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

      [*]Click OK to leave the Temporary Files Window

Small tweaks for Java runtime, since most all users do not need to load Java at each Windows startup:

Click Advanced Tab. Expand the Miscellaneous item.

UN-check the line Java quick starter

Press Apply then OK. Close the applet when done.

Step 2

Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Start Internet Explorer

Using Internet Explorer browser only, go to BitDefender Quickscan website:

http://quickscan.bitdefender.com

and click "Start Scan".

Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.

Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.

If prompted, reply yes to allow it to run.

Press the Allow button and follow prompts.

Press the "Start Scan" once more.

You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/

and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.

It may seem to stall at moments, but have patience; it will move on.

You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.

The log report will show in your text editor. Save the log.

Do a Select ALL, Copy. Then paste contents into your next reply.

When all done, Re-Enable your antivirus program.

Step 3

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

I completed step 1.

For step 2, no log showed up,

After 'Allow the download and install of qsax.cab from BitDefender.' it just started uploading file

And then it showed no infections were found and whether i wanted to install their 2013 edition. :(

For step 3, here's the log

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Spybot - Search & Destroy

Malwarebytes Anti-Malware version 1.62.0.1300

Adobe Reader 9 Adobe Reader out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.92

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

Google Chrome 23.0.1271.95

Google Chrome 23.0.1271.97

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Acronis OnlineBackupStandalone TrueImageMonitor.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 6%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

You are highly urged to turn ON User Account Control in Windows. It provides an edge of security and you should not have it off.

You may turn it down a notch from the highest setting.

Go to Control Panel>> All Control Panel Items >>User Accounts

Click on Change User account control settings

Also see http://windows.microsoft.com/en-US/windows7/products/features/user-account-control

Older versions of Adobe Reader pose a potential security risk.

De-install your Adobe Reader: Use Control Panel's Program and Features, Un-install Adobe Reader.

Get latest Adobe Reader version

http://get.adobe.com/reader/

Be sure to un-check the box for Free McAfee Security Scan or any "toolbar" (if offered )

Please download Junkware Removal Tool to your Desktop.

  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click JRT.exe and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply. And tell me, How is the system now?
  • Re-enable your security software.

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

xmas.gif

Link to post
Share on other sites

Merry Christmas!

I ran the JRT scan twice because first time I forgot to run as administrator.

This was the first log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.2.5 (12.24.2012:1)

OS: Windows 7 Ultimate x64

Ran by Computer on Tue 12/25/2012 at 23:08:40.82

Blog: http://thisisudax.blogspot.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\softonic

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 12/25/2012 at 23:12:43.90

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This was the second

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.2.5 (12.24.2012:1)

OS: Windows 7 Ultimate x64

Ran by Computer on Tue 12/25/2012 at 23:22:10.39

Blog: http://thisisudax.blogspot.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 12/25/2012 at 23:26:01.56

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Farbar Service Scanner Version: 23-12-2012

Ran by Computer (administrator) on 25-12-2012 at 23:28:10

Running from "C:\Users\Computer\Desktop"

Windows 7 Ultimate Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

By the way, the only anti virus i have is microsoft security essentials. I also have antimalware which is the malwarebytes anti-malware.

May i know which free anti virus works well? Especially with malwarebytes?

What about a paid version of Norton anti virus?

Link to post
Share on other sites

MSE is just fine. No need to switch. But also know that Avira free a-v is also one that I recommend.

Be sure & aware that you should only have 1 active-monitor antivirus program.

Norton a-v from their "consumer" side I do not recommend. Their business-grade a-v products are ok.

But, just stay with MSE.

Set the trust settings in both MS Security Essentials and in MBAM, see the guides posted in the FAQ's >> here <<

I would also recommend having the MBAM PRO version.

We can wrap this up now. I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used. Advise me after you have completed the cleanups.

We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it ComboFix icon_exclaim.gif),

put that name in the RUN box stated just below.

The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.

Note the space before the slash mark.

The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk.

  • Highlight the line in this CODEBOX.
    Select & Copy the entire line within this codebox (so that it is in Windows clipboard memory)
    c:\users\Computer\Desktop\ComboFix.exe /uninstall


  • Start >> type in cmd >> press the Ctrl+Shift+Enter keyboard combination and cmd.exe will be launched as if you selected Run as Administrator. You will then see a User Account Control prompt asking if you would like to allow the Command Prompt to be able to make changes on your computer. Click on the Yes button and you will now be at the Elevated Command Prompt.
    Do a Right click within the command prompt window and select Paste. This must show the line from Codebox above.
    Then tap Enter

IF in the case Combofix un-install has an issue, skip that step.

NEXT

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use periodically to backup Windows registry.

To re-enable CD Emulation programs using DeFogger please perform these steps:

Please download >> DeFogger <<and save it to your desktop.

  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Enable button to re-enable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been enabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

Delete the following if still present:

MBAR

Defogger.exe

adwcleaner.exe

Roguekiller.exe

TDSSKILLER.exe

JRT.exe

FSS.exe

You may use Control Panel >> Programs and Features and uninstall BitDefender Quickscan.

Safer practices & malware prevention

We are finished here. Best regards.

xmas.gif

Link to post
Share on other sites

I did not notice an infection. I am glad to hear that the lag is gone.

For "future reference" .....Here are some recommended articles:

MS Speed up your pc - Win7 / Vista

http://windows.microsoft.com/en-US/windows/explore/speed-up-your-pc

What to do if your Computer is running slowly

http://www.malwareremoval.com/tutorials/runningslowly.php

See Quietman7's Slow Computer/browser? Check Here First

http://www.bleepingcomputer.com/forums/topic87058.html

See Miekiemoes' Help! My computer is slow!

http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html

Slow Computer/Browser: Check here first!

http://www.bleepingcomputer.com/forums/topic44694.html

Cheers. xmas.gif

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.