Malwarebytes will not run, please help

jvansic12 · May 16, 2013

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.6.2

Run by Jeff Vansickle at 22:42:48 on 2013-05-15

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.5571 [GMT -5:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

C:\Users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\splwow64.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\hh.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll

BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

mRunOnce: [1] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe /r /p

StartupFolder: C:\Users\JEFFVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\Dropbox.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} - hxxp://www.ritzpix.com/net/Uploader/LPUploader57.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{C560FE45-8F25-4C26-988C-8A14A3D3B671} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{C560FE45-8F25-4C26-988C-8A14A3D3B671}\2375942554931373 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{C560FE45-8F25-4C26-988C-8A14A3D3B671}\6516E602379636B6C656 : DHCPNameServer = 192.168.1.254

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

AppInit_DLLs= C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>

x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} -

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jeff Vansickle\AppData\Roaming\Mozilla\Firefox\Profiles\hqdnotk0.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7B83e82bd2-eb43-4162-a3ec-a041c7d58d60%7D&mid=aad8641ed57d47d0bebea9ae9720b284-cd27fb62d25487cafda8ef441e0e7a256bff8731&ds=AVG&v=12.2.5.32〈=en&pr=fr&d=2012-08-10%2022%3A49%3A10&sap=ku&q=

FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jeff Vansickle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2009-5-18 231224]

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-10 39768]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-27 204288]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-4-25 4936752]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-5-15 1153368]

R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]

R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-5-13 44480]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-4-27 39480]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 AllShare;SAMSUNG AllShare Service;C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-7-16 6638080]

S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2009-10-9 40320]

S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-11-10 341856]

S3 LVUVC64;Logitech Webcam 600(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-11-10 4162784]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]

S3 pppop;PPPoP WAN Adapter;C:\Windows\System32\drivers\pppop64.sys [2009-7-21 42528]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-29 412776]

S3 ssmirrdr;ssmirrdr;C:\Windows\System32\drivers\ssmirrdr.sys [2010-8-26 10112]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-19 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-23 1255736]

.

=============== Created Last 30 ================

.

2013-05-16 03:13:11 -------- d-----w- C:\Program Files (x86)\MBs' Anti-Malware

2013-05-16 02:56:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-16 02:56:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-16 02:49:51 -------- d-s---w- C:\Windows\SysWow64\Microsoft

2013-05-16 00:49:53 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-05-16 00:35:31 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-05-16 00:35:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2013-05-16 00:25:36 -------- d-----w- C:\Users\Jeff Vansickle\AppData\Roaming\Glarysoft

2013-05-16 00:25:36 -------- d-----w- C:\Program Files (x86)\Glary Utilities

2013-05-15 16:40:24 -------- d-----w- C:\Users\Jeff Vansickle\AppData\Local\Citrix

2013-05-15 16:40:21 103832 ----a-w- C:\Users\Jeff Vansickle\GoToAssistDownloadHelper.exe

2013-05-15 14:55:23 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-15 10:57:57 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 10:57:57 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-15 10:57:57 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-05-15 10:57:47 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 10:57:47 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-15 10:57:47 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-15 10:57:47 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 10:57:41 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-05-14 15:21:55 -------- d-----w- C:\Users\Jeff Vansickle\AppData\Local\Sonos,_Inc

2013-05-09 12:54:08 -------- d-----w- C:\Program Files (x86)\Sonos

2013-05-09 12:53:47 -------- d-----w- C:\ProgramData\Sonos,_Inc

2013-05-09 12:53:17 -------- d-----w- C:\Users\Jeff Vansickle\AppData\Local\Downloaded Installations

2013-04-24 09:27:10 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

.

==================== Find3M ====================

.

2013-05-15 14:55:23 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-15 01:11:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 01:11:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-29 07:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-03-21 08:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-02-18 23:28:51 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-02-15 06:08:40 44032 ----a-w- C:\Windows\System32\tsgqec.dll

2013-02-15 06:06:11 3717632 ----a-w- C:\Windows\System32\mstscax.dll

2013-02-15 06:02:26 158720 ----a-w- C:\Windows\System32\aaclient.dll

2013-02-15 04:37:10 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-02-15 04:34:10 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll

.

============= FINISH: 22:43:10.37 ===============.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 9/23/2010 10:21:49 PM

System Uptime: 5/15/2013 9:51:52 PM (1 hours ago)

.

Motherboard: FOXCONN | | 2A92

Processor: AMD Phenom II X4 830 Processor | CPU 1 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 920 GiB total, 602.109 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.391 GiB free.

E: is CDROM ()

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is Removable

L: is FIXED (NTFS) - 466 GiB total, 465.648 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Realtek PCIe GBE Family Controller

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A92103C&REV_03\4&DE08897&0&0050

Manufacturer: Realtek

Name: Realtek PCIe GBE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A92103C&REV_03\4&DE08897&0&0050

Service: RTL8167

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: 802.11n Wireless LAN Card

Device ID: PCI\VEN_1814&DEV_3090&SUBSYS_663211AD&REV_00\4&7878E7E&0&0028

Manufacturer: Ralink Technology, Corp.

Name: 802.11n Wireless LAN Card

PNP Device ID: PCI\VEN_1814&DEV_3090&SUBSYS_663211AD&REV_00\4&7878E7E&0&0028

Service: netr28x

.

==== System Restore Points ===================

.

RP220: 5/8/2013 11:39:25 PM - Restore Operation

RP221: 5/9/2013 7:53:47 AM - Installed Sonos Controller.

RP222: 5/15/2013 9:42:00 AM - Windows Update

RP223: 5/15/2013 10:29:11 AM - Windows Update

RP224: 5/15/2013 12:16:44 PM - Sonos

RP225: 5/15/2013 12:34:11 PM - Restore Operation

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.02)

Adobe Shockwave Player 11.6

AMD USB Filter Driver

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

AVG 2013

AVG Security Toolbar

Bonjour

CameraHelperMsi

Carbonite

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CinemaNow Media Manager

Citrix Presentation Server Client - Web Only

Compatibility Pack for the 2007 Office system

CyberLink DVD Suite Deluxe

Dropbox

DVD Menu Pack for HP MediaSmart Video

EPSON Scan

EPSON WorkForce 600 Series Printer Uninstall

erLT

FFCB_IEAddon

FrostWire 4.21.8

FrostWire 5.5.5

Garmin ANT Agent

Garmin Communicator Plugin

Garmin Communicator Plugin x64

Garmin USB Drivers

Glary Utilities 2.55.0.1790

Google Chrome

Google Update Helper

Hardware Diagnostic Tools

Hewlett-Packard ACLM.NET v1.2.1.1

HP Advisor

HP Customer Experience Enhancements

HP MediaSmart CinemaNow 2.0

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart SmartMenu

HP MediaSmart Video

HP MediaSmart/TouchSmart Netflix

HP Setup

HP Update

iCloud

iTunes

Java 7 Update 6

Java Auto Updater

Junk Mail filter update

LabelPrint

LeapFrog Connect

LeapFrog LeapPad Explorer Plugin

LightScribe System Software

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS VideoEffects

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

MixMeister BPM Analyzer 1.0

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 5.0.1 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

PhotoNow!

PlayReady PC Runtime amd64

Power2Go

PowerDirector

QuickTime

Realtek High Definition Audio Driver

Recovery Manager

Roxio CinemaNow 2.0

SAMSUNG PC Share Manager

SearchCore for Browsers

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Shared C Run-time for x64

Skype Toolbars

Skype™ 5.10

Sonos Controller

Spybot - Search & Destroy

swMSM

Unity Web Player

Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

VoiceOver Kit

Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)

Windows iLivid Toolbar

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

5/9/2013 9:24:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

5/9/2013 7:40:21 AM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.

5/15/2013 9:53:50 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

5/15/2013 9:53:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.

5/15/2013 9:53:30 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/15/2013 12:41:56 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

5/15/2013 12:41:54 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

5/15/2013 12:41:54 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

5/15/2013 12:40:19 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

5/15/2013 10:22:38 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2847204).

5/15/2013 10:22:38 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2829530).

5/15/2013 10:19:32 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

5/15/2013 1:33:09 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

5/15/2013 1:32:11 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..

5/15/2013 1:10:14 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

5/15/2013 1:10:14 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

5/15/2013 1:02:23 PM, Error: Service Control Manager [7001] - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.

5/15/2013 1:02:23 PM, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.

5/15/2013 1:02:22 PM, Error: Service Control Manager [7023] - The Base Filtering Engine service terminated with the following error: Access is denied.

5/15/2013 1:02:22 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.

.

==== End Of File ===========================

D-FRED-BROWN · May 16, 2013

Hello jvansic12 and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you.

Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.

----------Step 1----------------

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
If TDSSKiller does not run, try renaming it.
To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
Click the Start Scan button.
Do not use the computer during the scan
If the scan completes with nothing found, click Close to exit.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.

----------Step 2----------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

----------Step 3----------------

Please download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 4----------------

In your next reply, please include the following:

TDSSKiller's logfile
ComboFix's report (C:\ComboFix.txt)
Security Check checkup.txt

After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask.

jvansic12 · May 16, 2013

I appreciate the help D-Fred-Brown. I followed the 3 steps you suggested and I am still unable to run Malwarebytes. Each time I click on the Malwarebytes program, I receive an error message that says: "Malwarebytes Anti-malware has stopped working." When I click view problem details, I get the following log:

Problem signature:

Problem Event Name: APPCRASH

Application Name: mbam.exe

Application Version: 1.75.0.1

Application Timestamp: 511f8eb2

Fault Module Name: MSVBVM60.DLL

Fault Module Version: 6.0.98.15

Fault Module Timestamp: 4a5bda6c

Exception Code: c0000005

Exception Offset: 00002006

OS Version: 6.1.7601.2.1.0.768.3

Locale ID: 1033

Additional Information 1: 4c0d

Additional Information 2: 4c0d4d78887f76d971d5d00f1f20a433

Additional Information 3: 4c0d

Additional Information 4: 4c0d4d78887f76d971d5d00f1f20a433

Read our privacy statement online:

http://go.microsoft....88&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:

C:\Windows\system32\en-US\erofflps.txt

jvansic12 · May 16, 2013

As requested here are the following 3 logs from the 3 step process you suggested above:08:39:12.0107 4724 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34

08:39:14.0119 4724 ============================================================

08:39:14.0119 4724 Current date / time: 2013/05/16 08:39:14.0119

08:39:14.0119 4724 SystemInfo:

08:39:14.0119 4724

08:39:14.0119 4724 OS Version: 6.1.7601 ServicePack: 1.0

08:39:14.0119 4724 Product type: Workstation

08:39:14.0119 4724 ComputerName: OFFICECOMPUTER

08:39:14.0119 4724 UserName: Jeff Vansickle

08:39:14.0119 4724 Windows directory: C:\Windows

08:39:14.0119 4724 System windows directory: C:\Windows

08:39:14.0119 4724 Running under WOW64

08:39:14.0119 4724 Processor architecture: Intel x64

08:39:14.0119 4724 Number of processors: 4

08:39:14.0119 4724 Page size: 0x1000

08:39:14.0119 4724 Boot type: Normal boot

08:39:14.0119 4724 ============================================================

08:39:15.0321 4724 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:39:15.0336 4724 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

08:39:15.0383 4724 ============================================================

08:39:15.0383 4724 \Device\Harddisk0\DR0:

08:39:15.0383 4724 MBR partitions:

08:39:15.0383 4724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

08:39:15.0383 4724 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F7D800

08:39:15.0383 4724 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72FB0000, BlocksNum 0x16F4800

08:39:15.0383 4724 \Device\Harddisk2\DR2:

08:39:15.0383 4724 MBR partitions:

08:39:15.0383 4724 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02

08:39:15.0383 4724 ============================================================

08:39:15.0414 4724 C: <-> \Device\Harddisk0\DR0\Partition2

08:39:15.0445 4724 D: <-> \Device\Harddisk0\DR0\Partition3

08:39:15.0461 4724 L: <-> \Device\Harddisk2\DR2\Partition1

08:39:15.0461 4724 ============================================================

08:39:15.0461 4724 Initialize success

08:39:15.0461 4724 ============================================================

08:39:22.0169 3008 ============================================================

08:39:22.0169 3008 Scan started

08:39:22.0169 3008 Mode: Manual;

08:39:22.0169 3008 ============================================================

08:39:22.0918 3008 ================ Scan system memory ========================

08:39:22.0918 3008 System memory - ok

08:39:22.0918 3008 ================ Scan services =============================

08:39:23.0058 3008 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

08:39:23.0074 3008 1394ohci - ok

08:39:23.0121 3008 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

08:39:23.0121 3008 ACPI - ok

08:39:23.0167 3008 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

08:39:23.0167 3008 AcpiPmi - ok

08:39:23.0261 3008 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

08:39:23.0261 3008 AdobeARMservice - ok

08:39:23.0433 3008 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

08:39:23.0448 3008 AdobeFlashPlayerUpdateSvc - ok

08:39:23.0479 3008 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

08:39:23.0479 3008 adp94xx - ok

08:39:23.0511 3008 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

08:39:23.0511 3008 adpahci - ok

08:39:23.0526 3008 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

08:39:23.0526 3008 adpu320 - ok

08:39:23.0557 3008 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

08:39:23.0557 3008 AeLookupSvc - ok

08:39:23.0604 3008 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

08:39:23.0604 3008 AFD - ok

08:39:23.0651 3008 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

08:39:23.0651 3008 agp440 - ok

08:39:23.0682 3008 [ B7103982196EB826BE70F29405C566DB ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys

08:39:23.0682 3008 ahcix64s - ok

08:39:23.0682 3008 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

08:39:23.0682 3008 ALG - ok

08:39:23.0698 3008 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

08:39:23.0698 3008 aliide - ok

08:39:23.0854 3008 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

08:39:23.0916 3008 AllShare - ok

08:39:23.0963 3008 [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

08:39:23.0963 3008 AMD External Events Utility - ok

08:39:24.0025 3008 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

08:39:24.0025 3008 amdide - ok

08:39:24.0041 3008 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

08:39:24.0041 3008 AmdK8 - ok

08:39:24.0197 3008 [ 9920704BF815A5B42DA5264F013AAEB7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

08:39:24.0275 3008 amdkmdag - ok

08:39:24.0306 3008 [ 0D1055A47A8F5DC1CAA2701831293EBB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

08:39:24.0306 3008 amdkmdap - ok

08:39:24.0337 3008 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

08:39:24.0337 3008 AmdPPM - ok

08:39:24.0353 3008 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys

08:39:24.0353 3008 amdsata - ok

08:39:24.0384 3008 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

08:39:24.0384 3008 amdsbs - ok

08:39:24.0384 3008 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys

08:39:24.0384 3008 amdxata - ok

08:39:24.0431 3008 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

08:39:24.0431 3008 AppID - ok

08:39:24.0447 3008 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

08:39:24.0447 3008 AppIDSvc - ok

08:39:24.0478 3008 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

08:39:24.0493 3008 Appinfo - ok

08:39:24.0540 3008 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:39:24.0540 3008 Apple Mobile Device - ok

08:39:24.0587 3008 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

08:39:24.0587 3008 arc - ok

08:39:24.0603 3008 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

08:39:24.0603 3008 arcsas - ok

08:39:24.0618 3008 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

08:39:24.0618 3008 AsyncMac - ok

08:39:24.0665 3008 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

08:39:24.0665 3008 atapi - ok

08:39:24.0681 3008 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys

08:39:24.0696 3008 AtiPcie - ok

08:39:24.0743 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:39:24.0743 3008 AudioEndpointBuilder - ok

08:39:24.0759 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

08:39:24.0759 3008 AudioSrv - ok

08:39:24.0915 3008 [ 0186F7B5BB9CE4CCDFFAE2114BE4367F ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

08:39:24.0930 3008 AVGIDSAgent - ok

08:39:24.0946 3008 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

08:39:24.0946 3008 AVGIDSDriver - ok

08:39:24.0993 3008 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

08:39:24.0993 3008 AVGIDSHA - ok

08:39:25.0086 3008 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

08:39:25.0086 3008 Avgldx64 - ok

08:39:25.0102 3008 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

08:39:25.0102 3008 Avgloga - ok

08:39:25.0149 3008 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

08:39:25.0149 3008 Avgmfx64 - ok

08:39:25.0180 3008 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

08:39:25.0180 3008 Avgrkx64 - ok

08:39:25.0180 3008 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

08:39:25.0180 3008 Avgtdia - ok

08:39:25.0227 3008 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

08:39:25.0227 3008 avgtp - ok

08:39:25.0258 3008 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

08:39:25.0258 3008 avgwd - ok

08:39:25.0320 3008 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

08:39:25.0320 3008 AxInstSV - ok

08:39:25.0336 3008 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

08:39:25.0336 3008 b06bdrv - ok

08:39:25.0351 3008 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

08:39:25.0351 3008 b57nd60a - ok

08:39:25.0383 3008 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

08:39:25.0383 3008 BDESVC - ok

08:39:25.0398 3008 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

08:39:25.0398 3008 Beep - ok

08:39:25.0476 3008 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

08:39:25.0476 3008 BFE - ok

08:39:25.0539 3008 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

08:39:25.0539 3008 BITS - ok

08:39:25.0570 3008 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

08:39:25.0570 3008 blbdrive - ok

08:39:25.0648 3008 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

08:39:25.0648 3008 Bonjour Service - ok

08:39:25.0695 3008 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

08:39:25.0695 3008 bowser - ok

08:39:25.0726 3008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

08:39:25.0726 3008 BrFiltLo - ok

08:39:25.0741 3008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

08:39:25.0741 3008 BrFiltUp - ok

08:39:25.0773 3008 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

08:39:25.0773 3008 BridgeMP - ok

08:39:25.0819 3008 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

08:39:25.0819 3008 Browser - ok

08:39:25.0835 3008 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

08:39:25.0835 3008 Brserid - ok

08:39:25.0851 3008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

08:39:25.0851 3008 BrSerWdm - ok

08:39:25.0866 3008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

08:39:25.0866 3008 BrUsbMdm - ok

08:39:25.0866 3008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

08:39:25.0866 3008 BrUsbSer - ok

08:39:25.0882 3008 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

08:39:25.0882 3008 BTHMODEM - ok

08:39:25.0913 3008 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

08:39:25.0913 3008 bthserv - ok

08:39:26.0038 3008 [ ED1CB67CA2FEE5A44CF90D065D01B76B ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

08:39:26.0069 3008 CarboniteService - ok

08:39:26.0100 3008 catchme - ok

08:39:26.0116 3008 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

08:39:26.0116 3008 cdfs - ok

08:39:26.0178 3008 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

08:39:26.0178 3008 cdrom - ok

08:39:26.0225 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

08:39:26.0241 3008 CertPropSvc - ok

08:39:26.0272 3008 [ 2C24DB5F78F0ACA759803001E6B4F320 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

08:39:26.0272 3008 CinemaNow Service - ok

08:39:26.0287 3008 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

08:39:26.0287 3008 circlass - ok

08:39:26.0319 3008 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

08:39:26.0319 3008 CLFS - ok

08:39:26.0381 3008 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:39:26.0381 3008 clr_optimization_v2.0.50727_32 - ok

08:39:26.0428 3008 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

08:39:26.0428 3008 clr_optimization_v2.0.50727_64 - ok

08:39:26.0475 3008 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:39:26.0490 3008 clr_optimization_v4.0.30319_32 - ok

08:39:26.0506 3008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

08:39:26.0521 3008 clr_optimization_v4.0.30319_64 - ok

08:39:26.0553 3008 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

08:39:26.0553 3008 CmBatt - ok

08:39:26.0568 3008 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

08:39:26.0568 3008 cmdide - ok

08:39:26.0615 3008 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

08:39:26.0631 3008 CNG - ok

08:39:26.0646 3008 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

08:39:26.0646 3008 Compbatt - ok

08:39:26.0662 3008 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

08:39:26.0662 3008 CompositeBus - ok

08:39:26.0677 3008 COMSysApp - ok

08:39:26.0693 3008 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

08:39:26.0693 3008 crcdisk - ok

08:39:26.0740 3008 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

08:39:26.0740 3008 CryptSvc - ok

08:39:26.0771 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

08:39:26.0771 3008 DcomLaunch - ok

08:39:26.0818 3008 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

08:39:26.0818 3008 defragsvc - ok

08:39:26.0865 3008 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

08:39:26.0865 3008 DfsC - ok

08:39:26.0880 3008 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

08:39:26.0896 3008 Dhcp - ok

08:39:26.0927 3008 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

08:39:26.0927 3008 discache - ok

08:39:26.0943 3008 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

08:39:26.0943 3008 Disk - ok

08:39:26.0989 3008 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

08:39:26.0989 3008 Dnscache - ok

08:39:27.0036 3008 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

08:39:27.0036 3008 dot3svc - ok

08:39:27.0083 3008 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

08:39:27.0083 3008 DPS - ok

08:39:27.0099 3008 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

08:39:27.0099 3008 drmkaud - ok

08:39:27.0145 3008 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

08:39:27.0145 3008 DXGKrnl - ok

08:39:27.0177 3008 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

08:39:27.0177 3008 EapHost - ok

08:39:27.0223 3008 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

08:39:27.0255 3008 ebdrv - ok

08:39:27.0286 3008 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

08:39:27.0286 3008 EFS - ok

08:39:27.0348 3008 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

08:39:27.0364 3008 ehRecvr - ok

08:39:27.0379 3008 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

08:39:27.0379 3008 ehSched - ok

08:39:27.0411 3008 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

08:39:27.0411 3008 elxstor - ok

08:39:27.0520 3008 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

08:39:27.0520 3008 EPSON_EB_RPCV4_01 - ok

08:39:27.0551 3008 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

08:39:27.0551 3008 EPSON_PM_RPCV4_01 - ok

08:39:27.0598 3008 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

08:39:27.0598 3008 ErrDev - ok

08:39:27.0660 3008 esgiguard - ok

08:39:27.0691 3008 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

08:39:27.0691 3008 EventSystem - ok

08:39:27.0723 3008 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

08:39:27.0723 3008 exfat - ok

08:39:27.0738 3008 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

08:39:27.0738 3008 fastfat - ok

08:39:27.0785 3008 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

08:39:27.0801 3008 Fax - ok

08:39:27.0816 3008 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

08:39:27.0816 3008 fdc - ok

08:39:27.0832 3008 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

08:39:27.0832 3008 fdPHost - ok

08:39:27.0832 3008 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

08:39:27.0832 3008 FDResPub - ok

08:39:27.0863 3008 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

08:39:27.0863 3008 FileInfo - ok

08:39:27.0879 3008 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

08:39:27.0879 3008 Filetrace - ok

08:39:27.0925 3008 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

08:39:27.0925 3008 flpydisk - ok

08:39:27.0988 3008 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

08:39:27.0988 3008 FltMgr - ok

08:39:28.0066 3008 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

08:39:28.0081 3008 FontCache - ok

08:39:28.0144 3008 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

08:39:28.0144 3008 FontCache3.0.0.0 - ok

08:39:28.0159 3008 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

08:39:28.0159 3008 FsDepends - ok

08:39:28.0206 3008 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

08:39:28.0206 3008 Fs_Rec - ok

08:39:28.0253 3008 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

08:39:28.0253 3008 fvevol - ok

08:39:28.0284 3008 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

08:39:28.0284 3008 gagp30kx - ok

08:39:28.0331 3008 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

08:39:28.0331 3008 GEARAspiWDM - ok

08:39:28.0378 3008 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

08:39:28.0378 3008 gpsvc - ok

08:39:28.0487 3008 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:39:28.0487 3008 gupdate - ok

08:39:28.0487 3008 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:39:28.0487 3008 gupdatem - ok

08:39:28.0503 3008 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

08:39:28.0503 3008 hcw85cir - ok

08:39:28.0549 3008 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:39:28.0549 3008 HdAudAddService - ok

08:39:28.0612 3008 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

08:39:28.0612 3008 HDAudBus - ok

08:39:28.0627 3008 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

08:39:28.0627 3008 HidBatt - ok

08:39:28.0643 3008 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

08:39:28.0643 3008 HidBth - ok

08:39:28.0659 3008 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

08:39:28.0659 3008 HidIr - ok

08:39:28.0674 3008 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

08:39:28.0674 3008 hidserv - ok

08:39:28.0737 3008 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

08:39:28.0737 3008 HidUsb - ok

08:39:28.0768 3008 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

08:39:28.0768 3008 hkmsvc - ok

08:39:28.0830 3008 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

08:39:28.0830 3008 HomeGroupListener - ok

08:39:28.0893 3008 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

08:39:28.0893 3008 HomeGroupProvider - ok

08:39:28.0986 3008 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

08:39:28.0986 3008 HP Support Assistant Service - ok

08:39:29.0049 3008 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

08:39:29.0064 3008 hpqwmiex - ok

08:39:29.0111 3008 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

08:39:29.0111 3008 HpSAMD - ok

08:39:29.0173 3008 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

08:39:29.0173 3008 HTTP - ok

08:39:29.0205 3008 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

08:39:29.0205 3008 hwpolicy - ok

08:39:29.0283 3008 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

08:39:29.0283 3008 i8042prt - ok

08:39:29.0329 3008 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

08:39:29.0345 3008 iaStorV - ok

08:39:29.0392 3008 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

08:39:29.0407 3008 idsvc - ok

08:39:29.0423 3008 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

08:39:29.0439 3008 iirsp - ok

08:39:29.0501 3008 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

08:39:29.0501 3008 IKEEXT - ok

08:39:29.0657 3008 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

08:39:29.0673 3008 IntcAzAudAddService - ok

08:39:29.0688 3008 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

08:39:29.0688 3008 intelide - ok

08:39:29.0704 3008 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

08:39:29.0704 3008 intelppm - ok

08:39:29.0735 3008 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

08:39:29.0735 3008 IPBusEnum - ok

08:39:29.0766 3008 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:39:29.0766 3008 IpFilterDriver - ok

08:39:29.0860 3008 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

08:39:29.0875 3008 iphlpsvc - ok

08:39:29.0922 3008 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

08:39:29.0922 3008 IPMIDRV - ok

08:39:29.0953 3008 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

08:39:29.0953 3008 IPNAT - ok

08:39:29.0985 3008 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

08:39:29.0985 3008 iPod Service - ok

08:39:30.0016 3008 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

08:39:30.0016 3008 IRENUM - ok

08:39:30.0047 3008 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

08:39:30.0047 3008 isapnp - ok

08:39:30.0078 3008 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

08:39:30.0094 3008 iScsiPrt - ok

08:39:30.0109 3008 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

08:39:30.0109 3008 kbdclass - ok

08:39:30.0156 3008 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

08:39:30.0156 3008 kbdhid - ok

08:39:30.0172 3008 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

08:39:30.0172 3008 KeyIso - ok

08:39:30.0203 3008 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

08:39:30.0203 3008 KSecDD - ok

08:39:30.0219 3008 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

08:39:30.0219 3008 KSecPkg - ok

08:39:30.0234 3008 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

08:39:30.0234 3008 ksthunk - ok

08:39:30.0265 3008 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

08:39:30.0265 3008 KtmRm - ok

08:39:30.0312 3008 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

08:39:30.0328 3008 LanmanServer - ok

08:39:30.0359 3008 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:39:30.0359 3008 LanmanWorkstation - ok

08:39:30.0562 3008 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

08:39:30.0624 3008 LeapFrog Connect Device Service - ok

08:39:30.0671 3008 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys

08:39:30.0671 3008 LeapFrog-USBLAN - ok

08:39:30.0687 3008 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys

08:39:30.0687 3008 libusb0 - ok

08:39:30.0733 3008 [ 3503F257B3203F824B1567238EBE17E2 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

08:39:30.0733 3008 LightScribeService - ok

08:39:30.0765 3008 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

08:39:30.0765 3008 lltdio - ok

08:39:30.0780 3008 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

08:39:30.0780 3008 lltdsvc - ok

08:39:30.0796 3008 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

08:39:30.0796 3008 lmhosts - ok

08:39:30.0843 3008 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

08:39:30.0843 3008 LSI_FC - ok

08:39:30.0858 3008 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

08:39:30.0858 3008 LSI_SAS - ok

08:39:30.0874 3008 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

08:39:30.0874 3008 LSI_SAS2 - ok

08:39:30.0905 3008 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

08:39:30.0905 3008 LSI_SCSI - ok

08:39:30.0936 3008 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

08:39:30.0936 3008 luafv - ok

08:39:30.0983 3008 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys

08:39:30.0983 3008 LVPr2M64 - ok

08:39:30.0999 3008 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys

08:39:30.0999 3008 LVPr2Mon - ok

08:39:31.0045 3008 [ 803085F59EC92B3827CC4D90FCBFD335 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys

08:39:31.0061 3008 LVRS64 - ok

08:39:31.0155 3008 [ A8D7C97016E6B76EF472A4C7AB357EE3 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys

08:39:31.0186 3008 LVUVC64 - ok

08:39:31.0217 3008 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

08:39:31.0217 3008 Mcx2Svc - ok

08:39:31.0248 3008 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

08:39:31.0248 3008 megasas - ok

08:39:31.0264 3008 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

08:39:31.0264 3008 MegaSR - ok

08:39:31.0279 3008 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

08:39:31.0279 3008 MMCSS - ok

08:39:31.0295 3008 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

08:39:31.0295 3008 Modem - ok

08:39:31.0311 3008 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

08:39:31.0326 3008 monitor - ok

08:39:31.0326 3008 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

08:39:31.0326 3008 mouclass - ok

08:39:31.0357 3008 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

08:39:31.0357 3008 mouhid - ok

08:39:31.0389 3008 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

08:39:31.0389 3008 mountmgr - ok

08:39:31.0420 3008 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

08:39:31.0420 3008 mpio - ok

08:39:31.0435 3008 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

08:39:31.0435 3008 mpsdrv - ok

08:39:31.0513 3008 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

08:39:31.0529 3008 MpsSvc - ok

08:39:31.0576 3008 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

08:39:31.0576 3008 MRxDAV - ok

08:39:31.0623 3008 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

08:39:31.0623 3008 mrxsmb - ok

08:39:31.0669 3008 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:39:31.0669 3008 mrxsmb10 - ok

08:39:31.0669 3008 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:39:31.0685 3008 mrxsmb20 - ok

08:39:31.0685 3008 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

08:39:31.0685 3008 msahci - ok

08:39:31.0716 3008 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

08:39:31.0716 3008 msdsm - ok

08:39:31.0732 3008 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

08:39:31.0732 3008 MSDTC - ok

08:39:31.0763 3008 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

08:39:31.0763 3008 Msfs - ok

08:39:31.0779 3008 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

08:39:31.0779 3008 mshidkmdf - ok

08:39:31.0810 3008 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

08:39:31.0810 3008 msisadrv - ok

08:39:31.0841 3008 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

08:39:31.0841 3008 MSiSCSI - ok

08:39:31.0857 3008 msiserver - ok

08:39:31.0888 3008 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

08:39:31.0888 3008 MSKSSRV - ok

08:39:31.0888 3008 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

08:39:31.0903 3008 MSPCLOCK - ok

08:39:31.0903 3008 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

08:39:31.0903 3008 MSPQM - ok

08:39:31.0950 3008 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

08:39:31.0966 3008 MsRPC - ok

08:39:31.0981 3008 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

08:39:31.0981 3008 mssmbios - ok

08:39:31.0981 3008 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

08:39:31.0981 3008 MSTEE - ok

08:39:31.0997 3008 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

08:39:31.0997 3008 MTConfig - ok

08:39:32.0013 3008 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

08:39:32.0013 3008 Mup - ok

08:39:32.0059 3008 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

08:39:32.0059 3008 napagent - ok

08:39:32.0091 3008 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

08:39:32.0091 3008 NativeWifiP - ok

08:39:32.0106 3008 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

08:39:32.0122 3008 NDIS - ok

08:39:32.0122 3008 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

08:39:32.0122 3008 NdisCap - ok

08:39:32.0153 3008 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

08:39:32.0153 3008 NdisTapi - ok

08:39:32.0184 3008 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

08:39:32.0184 3008 Ndisuio - ok

08:39:32.0215 3008 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

08:39:32.0215 3008 NdisWan - ok

08:39:32.0262 3008 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

08:39:32.0262 3008 NDProxy - ok

08:39:32.0262 3008 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

08:39:32.0262 3008 NetBIOS - ok

08:39:32.0278 3008 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

08:39:32.0278 3008 NetBT - ok

08:39:32.0293 3008 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

08:39:32.0293 3008 Netlogon - ok

08:39:32.0309 3008 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

08:39:32.0325 3008 Netman - ok

08:39:32.0325 3008 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

08:39:32.0340 3008 netprofm - ok

08:39:32.0387 3008 [ 2EED549279D7FBD10B846B5397573967 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys

08:39:32.0403 3008 netr28x - ok

08:39:32.0434 3008 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:39:32.0434 3008 NetTcpPortSharing - ok

08:39:32.0449 3008 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

08:39:32.0449 3008 nfrd960 - ok

08:39:32.0496 3008 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

08:39:32.0496 3008 NlaSvc - ok

08:39:32.0512 3008 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

08:39:32.0512 3008 Npfs - ok

08:39:32.0543 3008 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

08:39:32.0543 3008 nsi - ok

08:39:32.0543 3008 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

08:39:32.0543 3008 nsiproxy - ok

08:39:32.0605 3008 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

08:39:32.0621 3008 Ntfs - ok

08:39:32.0621 3008 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

08:39:32.0637 3008 Null - ok

08:39:32.0683 3008 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys

08:39:32.0683 3008 nvraid - ok

08:39:32.0699 3008 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys

08:39:32.0699 3008 nvstor - ok

08:39:32.0730 3008 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

08:39:32.0730 3008 nv_agp - ok

08:39:32.0746 3008 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

08:39:32.0746 3008 ohci1394 - ok

08:39:32.0793 3008 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:39:32.0808 3008 ose - ok

08:39:32.0855 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

08:39:32.0855 3008 p2pimsvc - ok

08:39:32.0886 3008 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

08:39:32.0886 3008 p2psvc - ok

08:39:32.0917 3008 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

08:39:32.0917 3008 Parport - ok

08:39:32.0949 3008 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

08:39:32.0949 3008 partmgr - ok

08:39:32.0964 3008 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

08:39:32.0964 3008 PcaSvc - ok

08:39:33.0011 3008 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

08:39:33.0011 3008 pci - ok

08:39:33.0027 3008 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

08:39:33.0027 3008 pciide - ok

08:39:33.0042 3008 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

08:39:33.0042 3008 pcmcia - ok

08:39:33.0058 3008 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

08:39:33.0058 3008 pcw - ok

08:39:33.0073 3008 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

08:39:33.0089 3008 PEAUTH - ok

08:39:33.0151 3008 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

08:39:33.0151 3008 PerfHost - ok

08:39:33.0214 3008 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

08:39:33.0229 3008 pla - ok

08:39:33.0261 3008 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

08:39:33.0261 3008 PlugPlay - ok

08:39:33.0292 3008 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

08:39:33.0292 3008 PNRPAutoReg - ok

08:39:33.0307 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

08:39:33.0307 3008 PNRPsvc - ok

08:39:33.0354 3008 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

08:39:33.0354 3008 PolicyAgent - ok

08:39:33.0370 3008 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

08:39:33.0385 3008 Power - ok

08:39:33.0401 3008 [ B0E7D5D2CFAA6ED5F20EB8B84A35E593 ] pppop C:\Windows\system32\DRIVERS\pppop64.sys

08:39:33.0401 3008 pppop - ok

08:39:33.0417 3008 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

08:39:33.0417 3008 PptpMiniport - ok

08:39:33.0432 3008 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

08:39:33.0432 3008 Processor - ok

08:39:33.0463 3008 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll

08:39:33.0463 3008 ProfSvc - ok

08:39:33.0479 3008 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

08:39:33.0479 3008 ProtectedStorage - ok

08:39:33.0526 3008 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

08:39:33.0526 3008 Psched - ok

08:39:33.0573 3008 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

08:39:33.0573 3008 ql2300 - ok

08:39:33.0604 3008 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

08:39:33.0604 3008 ql40xx - ok

08:39:33.0635 3008 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

08:39:33.0635 3008 QWAVE - ok

08:39:33.0651 3008 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

08:39:33.0651 3008 QWAVEdrv - ok

08:39:33.0666 3008 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

08:39:33.0666 3008 RasAcd - ok

08:39:33.0682 3008 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

08:39:33.0682 3008 RasAgileVpn - ok

08:39:33.0682 3008 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

08:39:33.0682 3008 RasAuto - ok

08:39:33.0697 3008 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

08:39:33.0697 3008 Rasl2tp - ok

08:39:33.0760 3008 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

08:39:33.0760 3008 RasMan - ok

08:39:33.0775 3008 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

08:39:33.0775 3008 RasPppoe - ok

08:39:33.0807 3008 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

08:39:33.0807 3008 RasSstp - ok

08:39:33.0853 3008 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

08:39:33.0853 3008 rdbss - ok

08:39:33.0869 3008 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

08:39:33.0869 3008 rdpbus - ok

08:39:33.0885 3008 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

08:39:33.0885 3008 RDPCDD - ok

08:39:33.0900 3008 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

08:39:33.0900 3008 RDPENCDD - ok

08:39:33.0900 3008 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

08:39:33.0900 3008 RDPREFMP - ok

08:39:33.0947 3008 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

08:39:33.0947 3008 RDPWD - ok

08:39:33.0994 3008 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

08:39:33.0994 3008 rdyboost - ok

08:39:34.0025 3008 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

08:39:34.0025 3008 RemoteAccess - ok

08:39:34.0041 3008 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

08:39:34.0041 3008 RemoteRegistry - ok

08:39:34.0056 3008 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

08:39:34.0056 3008 RpcEptMapper - ok

08:39:34.0056 3008 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

08:39:34.0056 3008 RpcLocator - ok

08:39:34.0103 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

08:39:34.0119 3008 RpcSs - ok

08:39:34.0150 3008 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

08:39:34.0150 3008 rspndr - ok

08:39:34.0181 3008 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

08:39:34.0181 3008 RTL8167 - ok

08:39:34.0197 3008 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

08:39:34.0197 3008 SamSs - ok

08:39:34.0243 3008 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

08:39:34.0259 3008 sbp2port - ok

08:39:34.0384 3008 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

08:39:34.0399 3008 SBSDWSCService - ok

08:39:34.0446 3008 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

08:39:34.0446 3008 SCardSvr - ok

08:39:34.0524 3008 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

08:39:34.0571 3008 scfilter - ok

08:39:34.0727 3008 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

08:39:34.0727 3008 Schedule - ok

08:39:34.0743 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

08:39:34.0743 3008 SCPolicySvc - ok

08:39:34.0743 3008 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

08:39:34.0758 3008 SDRSVC - ok

08:39:34.0774 3008 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

08:39:34.0774 3008 secdrv - ok

08:39:34.0821 3008 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

08:39:34.0821 3008 seclogon - ok

08:39:34.0852 3008 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

08:39:34.0852 3008 SENS - ok

08:39:34.0852 3008 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

08:39:34.0852 3008 SensrSvc - ok

08:39:34.0883 3008 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

08:39:34.0883 3008 Serenum - ok

08:39:34.0899 3008 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

08:39:34.0899 3008 Serial - ok

08:39:34.0930 3008 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

08:39:34.0945 3008 sermouse - ok

08:39:34.0977 3008 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

08:39:34.0992 3008 SessionEnv - ok

08:39:35.0008 3008 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

08:39:35.0008 3008 sffdisk - ok

08:39:35.0023 3008 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

08:39:35.0023 3008 sffp_mmc - ok

08:39:35.0023 3008 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

08:39:35.0023 3008 sffp_sd - ok

08:39:35.0039 3008 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

08:39:35.0039 3008 sfloppy - ok

08:39:35.0070 3008 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

08:39:35.0070 3008 SharedAccess - ok

08:39:35.0117 3008 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:39:35.0133 3008 ShellHWDetection - ok

08:39:35.0133 3008 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

08:39:35.0133 3008 SiSRaid2 - ok

08:39:35.0148 3008 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

08:39:35.0148 3008 SiSRaid4 - ok

08:39:35.0211 3008 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

08:39:35.0211 3008 SkypeUpdate - ok

08:39:35.0257 3008 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

08:39:35.0257 3008 Smb - ok

08:39:35.0304 3008 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

08:39:35.0304 3008 SNMPTRAP - ok

08:39:35.0320 3008 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

08:39:35.0320 3008 spldr - ok

08:39:35.0351 3008 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe

08:39:35.0367 3008 Spooler - ok

08:39:35.0507 3008 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

08:39:35.0538 3008 sppsvc - ok

08:39:35.0554 3008 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

08:39:35.0554 3008 sppuinotify - ok

08:39:35.0601 3008 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

08:39:35.0601 3008 srv - ok

08:39:35.0632 3008 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

08:39:35.0647 3008 srv2 - ok

08:39:35.0647 3008 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

08:39:35.0647 3008 srvnet - ok

08:39:35.0679 3008 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

08:39:35.0679 3008 SSDPSRV - ok

08:39:35.0710 3008 [ 1100066057FBF612B573EFD3B21383F1 ] ssmirrdr C:\Windows\system32\DRIVERS\ssmirrdr.sys

08:39:35.0710 3008 ssmirrdr - ok

08:39:35.0725 3008 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

08:39:35.0725 3008 SstpSvc - ok

08:39:35.0741 3008 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

08:39:35.0741 3008 stexstor - ok

08:39:35.0803 3008 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

08:39:35.0803 3008 stisvc - ok

08:39:35.0835 3008 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

08:39:35.0835 3008 swenum - ok

08:39:35.0850 3008 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

08:39:35.0866 3008 swprv - ok

08:39:35.0928 3008 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

08:39:35.0944 3008 SysMain - ok

08:39:35.0991 3008 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:39:35.0991 3008 TabletInputService - ok

08:39:36.0006 3008 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

08:39:36.0006 3008 TapiSrv - ok

08:39:36.0022 3008 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

08:39:36.0022 3008 TBS - ok

08:39:36.0084 3008 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

08:39:36.0100 3008 Tcpip - ok

08:39:36.0115 3008 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

08:39:36.0131 3008 TCPIP6 - ok

08:39:36.0162 3008 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

08:39:36.0162 3008 tcpipreg - ok

08:39:36.0193 3008 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

08:39:36.0193 3008 TDPIPE - ok

08:39:36.0225 3008 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

08:39:36.0225 3008 TDTCP - ok

08:39:36.0271 3008 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

08:39:36.0271 3008 tdx - ok

08:39:36.0287 3008 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

08:39:36.0287 3008 TermDD - ok

08:39:36.0318 3008 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

08:39:36.0318 3008 TermService - ok

08:39:36.0334 3008 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

08:39:36.0334 3008 Themes - ok

08:39:36.0334 3008 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

08:39:36.0349 3008 THREADORDER - ok

08:39:36.0365 3008 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

08:39:36.0365 3008 TrkWks - ok

08:39:36.0427 3008 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:39:36.0427 3008 TrustedInstaller - ok

08:39:36.0459 3008 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

08:39:36.0459 3008 tssecsrv - ok

08:39:36.0521 3008 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

08:39:36.0521 3008 TsUsbFlt - ok

08:39:36.0568 3008 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

08:39:36.0583 3008 tunnel - ok

08:39:36.0599 3008 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

08:39:36.0599 3008 uagp35 - ok

08:39:36.0630 3008 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

08:39:36.0630 3008 udfs - ok

08:39:36.0661 3008 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

08:39:36.0661 3008 UI0Detect - ok

08:39:36.0677 3008 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

08:39:36.0677 3008 uliagpkx - ok

08:39:36.0708 3008 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

08:39:36.0724 3008 umbus - ok

08:39:36.0755 3008 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

08:39:36.0755 3008 UmPass - ok

08:39:36.0786 3008 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

08:39:36.0786 3008 upnphost - ok

08:39:36.0849 3008 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

08:39:36.0849 3008 USBAAPL64 - ok

08:39:36.0895 3008 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

08:39:36.0895 3008 usbaudio - ok

08:39:36.0927 3008 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

08:39:36.0927 3008 usbccgp - ok

08:39:36.0958 3008 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

08:39:36.0958 3008 usbcir - ok

08:39:36.0958 3008 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys

08:39:36.0958 3008 usbehci - ok

08:39:36.0989 3008 [ 858BE9C0E498C8E505E198E17EECE0D9 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

08:39:36.0989 3008 usbfilter - ok

08:39:37.0020 3008 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys

08:39:37.0020 3008 usbhub - ok

08:39:37.0020 3008 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys

08:39:37.0020 3008 usbohci - ok

08:39:37.0051 3008 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

08:39:37.0051 3008 usbprint - ok

08:39:37.0067 3008 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

08:39:37.0067 3008 usbscan - ok

08:39:37.0098 3008 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:39:37.0098 3008 USBSTOR - ok

08:39:37.0129 3008 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

08:39:37.0129 3008 usbuhci - ok

08:39:37.0161 3008 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

08:39:37.0161 3008 UxSms - ok

08:39:37.0161 3008 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

08:39:37.0161 3008 VaultSvc - ok

08:39:37.0192 3008 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

08:39:37.0192 3008 vdrvroot - ok

08:39:37.0239 3008 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

08:39:37.0254 3008 vds - ok

08:39:37.0270 3008 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

08:39:37.0270 3008 vga - ok

08:39:37.0285 3008 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

08:39:37.0285 3008 VgaSave - ok

08:39:37.0285 3008 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

08:39:37.0301 3008 vhdmp - ok

08:39:37.0317 3008 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

08:39:37.0317 3008 viaide - ok

08:39:37.0348 3008 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

08:39:37.0348 3008 volmgr - ok

08:39:37.0379 3008 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

08:39:37.0395 3008 volmgrx - ok

08:39:37.0426 3008 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

08:39:37.0426 3008 volsnap - ok

08:39:37.0457 3008 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

08:39:37.0473 3008 vsmraid - ok

08:39:37.0535 3008 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

08:39:37.0551 3008 VSS - ok

08:39:37.0660 3008 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

08:39:37.0675 3008 vToolbarUpdater14.2.0 - ok

08:39:37.0691 3008 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

08:39:37.0691 3008 vwifibus - ok

08:39:37.0722 3008 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

08:39:37.0722 3008 vwififlt - ok

08:39:37.0738 3008 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

08:39:37.0738 3008 W32Time - ok

08:39:37.0769 3008 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

08:39:37.0769 3008 WacomPen - ok

08:39:37.0816 3008 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

08:39:37.0816 3008 WANARP - ok

08:39:37.0816 3008 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

08:39:37.0816 3008 Wanarpv6 - ok

08:39:37.0863 3008 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

08:39:37.0878 3008 WatAdminSvc - ok

08:39:37.0925 3008 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

08:39:37.0941 3008 wbengine - ok

08:39:37.0956 3008 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

08:39:37.0956 3008 WbioSrvc - ok

08:39:38.0003 3008 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

08:39:38.0003 3008 wcncsvc - ok

08:39:38.0034 3008 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:39:38.0034 3008 WcsPlugInService - ok

08:39:38.0050 3008 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

08:39:38.0050 3008 Wd - ok

08:39:38.0081 3008 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

08:39:38.0081 3008 Wdf01000 - ok

08:39:38.0097 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

08:39:38.0097 3008 WdiServiceHost - ok

08:39:38.0097 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

08:39:38.0112 3008 WdiSystemHost - ok

08:39:38.0112 3008 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

08:39:38.0128 3008 WebClient - ok

08:39:38.0128 3008 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

08:39:38.0143 3008 Wecsvc - ok

08:39:38.0143 3008 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

08:39:38.0143 3008 wercplsupport - ok

08:39:38.0175 3008 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

08:39:38.0175 3008 WerSvc - ok

08:39:38.0190 3008 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

08:39:38.0190 3008 WfpLwf - ok

08:39:38.0190 3008 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

08:39:38.0190 3008 WIMMount - ok

08:39:38.0237 3008 WinDefend - ok

08:39:38.0237 3008 WinHttpAutoProxySvc - ok

08:39:38.0284 3008 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

08:39:38.0284 3008 Winmgmt - ok

08:39:38.0346 3008 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

08:39:38.0362 3008 WinRM - ok

08:39:38.0409 3008 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

08:39:38.0409 3008 WinUsb - ok

08:39:38.0440 3008 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

08:39:38.0455 3008 Wlansvc - ok

08:39:38.0533 3008 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

08:39:38.0565 3008 wlidsvc - ok

08:39:38.0611 3008 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

08:39:38.0611 3008 WmiAcpi - ok

08:39:38.0627 3008 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

08:39:38.0627 3008 wmiApSrv - ok

08:39:38.0658 3008 WMPNetworkSvc - ok

08:39:38.0689 3008 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

08:39:38.0689 3008 WPCSvc - ok

08:39:38.0721 3008 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

08:39:38.0721 3008 WPDBusEnum - ok

08:39:38.0752 3008 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

08:39:38.0752 3008 ws2ifsl - ok

08:39:38.0783 3008 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

08:39:38.0799 3008 wscsvc - ok

08:39:38.0799 3008 WSearch - ok

08:39:38.0892 3008 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

08:39:38.0908 3008 wuauserv - ok

08:39:38.0955 3008 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

08:39:38.0955 3008 WudfPf - ok

08:39:38.0970 3008 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

08:39:38.0970 3008 WUDFRd - ok

08:39:38.0970 3008 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

08:39:38.0970 3008 wudfsvc - ok

08:39:39.0001 3008 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

08:39:39.0001 3008 WwanSvc - ok

08:39:39.0001 3008 ================ Scan global ===============================

08:39:39.0017 3008 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

08:39:39.0064 3008 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

08:39:39.0079 3008 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

08:39:39.0111 3008 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

08:39:39.0126 3008 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

08:39:39.0126 3008 [Global] - ok

08:39:39.0126 3008 ================ Scan MBR ==================================

08:39:39.0142 3008 [ 05A9B2E4056A863B0AC16384E91F5AAC ] \Device\Harddisk0\DR0

08:39:39.0345 3008 \Device\Harddisk0\DR0 - ok

08:39:39.0345 3008 [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk2\DR2

08:39:39.0345 3008 \Device\Harddisk2\DR2 - ok

08:39:39.0345 3008 ================ Scan VBR ==================================

08:39:39.0345 3008 [ C55ECB9BC5E30DBAB50F3679FF1DC9FA ] \Device\Harddisk0\DR0\Partition1

08:39:39.0345 3008 \Device\Harddisk0\DR0\Partition1 - ok

08:39:39.0360 3008 [ B74FD73FB27773B2E9BF8B57C39C8B8B ] \Device\Harddisk0\DR0\Partition2

08:39:39.0360 3008 \Device\Harddisk0\DR0\Partition2 - ok

08:39:39.0391 3008 [ D4464B11D5788470E4134A586B9283E2 ] \Device\Harddisk0\DR0\Partition3

08:39:39.0391 3008 \Device\Harddisk0\DR0\Partition3 - ok

08:39:39.0391 3008 [ 3FE42A17CF908A0A0425D37BF9C9415C ] \Device\Harddisk2\DR2\Partition1

08:39:39.0391 3008 \Device\Harddisk2\DR2\Partition1 - ok

08:39:39.0391 3008 ============================================================

08:39:39.0391 3008 Scan finished

08:39:39.0391 3008 ============================================================

08:39:39.0407 5784 Detected object count: 0

08:39:39.0407 5784 Actual detected object count: 0ComboFix 13-05-16.02 - Jeff Vansickle 05/16/2013 8:42.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.5969 [GMT -5:00]

Running from: c:\users\Jeff Vansickle\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Jeff Vansickle\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk

c:\users\Jeff Vansickle\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk

.

((((((((((((((((((((((((( Files Created from 2013-04-16 to 2013-05-16 )))))))))))))))))))))))))))))))

.

2013-05-16 13:47 . 2013-05-16 13:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-16 04:20 . 2013-05-16 04:20 -------- d-----w- c:\program files\Enigma Software Group

2013-05-16 04:19 . 2013-05-16 13:20 -------- d-----w- c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP

2013-05-16 04:19 . 2013-05-16 04:19 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard

2013-05-16 03:13 . 2013-05-16 03:19 -------- d-----w- c:\program files (x86)\MBs' Anti-Malware

2013-05-16 02:56 . 2013-05-16 02:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-05-16 02:56 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-16 02:49 . 2013-05-16 02:49 -------- d-s---w- c:\windows\SysWow64\Microsoft

2013-05-16 00:49 . 2013-05-16 00:49 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-05-16 00:35 . 2013-05-16 01:43 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2013-05-16 00:35 . 2013-05-16 01:24 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2013-05-16 00:25 . 2013-05-16 02:20 -------- d-----w- c:\users\Jeff Vansickle\AppData\Roaming\Glarysoft

2013-05-16 00:25 . 2013-05-16 00:25 -------- d-----w- c:\program files (x86)\Glary Utilities

2013-05-15 16:40 . 2013-05-15 16:40 -------- d-----w- c:\users\Jeff Vansickle\AppData\Local\Citrix

2013-05-15 14:55 . 2013-05-15 14:55 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-15 10:57 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-05-15 10:57 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 10:57 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll

2013-05-15 10:57 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe

2013-05-15 10:57 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll

2013-05-15 10:57 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll

2013-05-15 10:57 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll

2013-05-15 10:57 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll

2013-05-15 10:57 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll

2013-05-15 10:57 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys

2013-05-14 15:21 . 2013-05-14 15:21 -------- d-----w- c:\users\Jeff Vansickle\AppData\Local\Sonos,_Inc

2013-05-09 12:54 . 2013-05-09 12:54 -------- d-----w- c:\program files (x86)\Sonos

2013-05-09 12:53 . 2013-05-16 02:25 -------- d-----w- c:\programdata\Sonos,_Inc

2013-05-09 12:53 . 2013-05-09 12:53 -------- d-----w- c:\users\Jeff Vansickle\AppData\Local\Downloaded Installations

2013-04-24 09:27 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-15 01:11 . 2012-05-09 12:06 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-15 01:11 . 2011-07-01 02:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-03 21:15 . 2010-09-23 15:38 75016696 ----a-w- c:\windows\system32\MRT.exe

2013-03-29 07:53 . 2013-03-29 07:53 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2013-03-23 21:40 . 2013-03-23 21:40 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2013-03-23 21:40 . 2013-03-23 21:40 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2013-03-23 21:39 . 2013-03-23 21:39 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2013-03-23 21:39 . 2013-03-23 21:39 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-03-21 08:08 . 2013-03-21 08:08 240952 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2013-03-19 06:04 . 2013-04-10 09:55 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-10 09:55 43520 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-10 09:55 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 09:55 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-10 09:55 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-10 09:55 112640 ----a-w- c:\windows\system32\smss.exe

2013-02-18 23:28 . 2012-08-11 03:49 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2013-02-18 23:28 1929392 ----a-w- c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

2011-09-19 09:14 88976 ----a-w- c:\progra~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{99079a25-328f-4bd4-be04-00955acaa0a7}"= "c:\progra~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll" [2011-09-19 88976]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]

.

[HKEY_CLASSES_ROOT\clsid\{99079a25-328f-4bd4-be04-00955acaa0a7}]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]

@="{95A27763-F62A-4114-9072-E81D87DE3B68}"

[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]

2011-12-06 02:41 1005712 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]

@="{E300CD91-100F-4E67-9AF3-1384A6124015}"

[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]

2011-12-06 02:41 1005712 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]

@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"

[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]

2011-12-06 02:41 1005712 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]

"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-12-17 59872]

"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-12-17 59872]

"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2013-02-15 14731776]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-03 98304]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-02 190808]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-12-06 1059472]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-18 1151152]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]

.

c:\users\Jeff Vansickle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0 /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]

"DATAMNGR"=c:\progra~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

R3 LeapFrog-USBLAN;LeapFrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2009-10-10 40320]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-08 30304]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2010-11-10 341856]

R3 LVUVC64;Logitech Webcam 600(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2010-11-10 4162784]

R3 pppop;PPPoP WAN Adapter;c:\windows\system32\DRIVERS\pppop64.sys [2009-07-21 42528]

R3 ssmirrdr;ssmirrdr;c:\windows\system32\DRIVERS\ssmirrdr.sys [2010-08-26 10112]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-23 1255736]

S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2009-05-19 231224]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-30 204288]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-04-25 4936752]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]

S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]

S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]

S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-05-14 44480]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-29 412776]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-10-19 39480]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 01075578

*Deregistered* - 01075578

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-11 18:00 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 01:11]

.

2013-05-16 c:\windows\Tasks\GlaryInitialize.job

- c:\program files (x86)\Glary Utilities\initialize.exe [2013-05-16 20:39]

.

2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-06 16:34]

.

2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-06 16:34]

.

2013-05-10 c:\windows\Tasks\HPCeeScheduleForJeff Vansickle.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 04:15]

.

2013-05-01 c:\windows\Tasks\PCDRScheduledMaintenance.job

- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]

.

2012-08-11 c:\windows\Tasks\SidebarExecute.job

- c:\program files\Windows Sidebar\sidebar.exe [2011-06-19 13:25]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]

@="{95A27763-F62A-4114-9072-E81D87DE3B68}"

[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]

2011-12-06 02:34 1271440 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]

@="{E300CD91-100F-4E67-9AF3-1384A6124015}"

[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]

2011-12-06 02:34 1271440 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]

@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"

[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]

2011-12-06 02:34 1271440 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Jeff Vansickle\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\x64\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB

FF - ProfilePath - c:\users\Jeff Vansickle\AppData\Roaming\Mozilla\Firefox\Profiles\hqdnotk0.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7B83e82bd2-eb43-4162-a3ec-a041c7d58d60%7D&mid=aad8641ed57d47d0bebea9ae9720b284-cd27fb62d25487cafda8ef441e0e7a256bff8731&ds=AVG&v=12.2.5.32〈=en&pr=fr&d=2012-08-10%2022%3A49%3A10&sap=ku&q=

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-10 - (no file)

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-05-16 08:51:18

ComboFix-quarantined-files.txt 2013-05-16 13:51

ComboFix2.txt 2013-05-16 13:17

.

Pre-Run: 645,325,287,424 bytes free

Post-Run: 644,893,900,800 bytes free

.

- - End Of File - - AA691717D9493B9E8AD8B7873753BA5C Results of screen317's Security Check version 0.99.63

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

AVG AntiVirus Free Edition 2013

Antivirus up to date! (On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

Spybot - Search & Destroy

Malwarebytes Anti-Malware version 1.75.0.1300

Java 7 Update 6

Java version out of Date!

Adobe Flash Player 11.7.700.202

Adobe Reader XI

Mozilla Firefox (5.0.1)

Google Chrome 26.0.1410.43

Google Chrome 26.0.1410.64

````````Process Check: objlist.exe by Laurent````````

AVG avgwdsvc.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

D-FRED-BROWN · May 16, 2013

Please do the following:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KILLALL::
File::
c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP
C:\Windows\System32\drivers\01075578.sys
Driver::
01075578
Firefox::
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
Reboot::

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now.

Are you able to run Malwarebytes successfully now?

jvansic12 · May 17, 2013

Still no luck running Malwarebytes... I tried the steps outlined above and after completing I tried running Malwarebytes and I received a message that said an "Illegal operation attempted on a registry key that has been marked for deletion." In fact I was able to open Explorer either as I received the same message. I restarted my computer and tried running Malwarebytes again and didn't have any luck. It wouldn't start and I received an identical message as I did in reply #3 above that said "Malwarebytes Anti-malware has stopped working." As requested, I have attached the ComboFix log below: ComboFix 13-05-16.02 - Jeff Vansickle 05/16/2013 22:08:09.4.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.5768 [GMT -5:00]

Running from: c:\users\Jeff Vansickle\Desktop\ComboFix.exe

Command switches used :: c:\users\Jeff Vansickle\Desktop\CFScript.txt

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP"

"c:\windows\System32\drivers\01075578.sys"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Jeff Vansickle\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk

c:\users\Jeff Vansickle\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk

.

((((((((((((((((((((((((( Files Created from 2013-04-17 to 2013-05-17 )))))))))))))))))))))))))))))))

.

2013-05-17 03:17 . 2013-05-17 03:17 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-17 03:03 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-16 04:20 . 2013-05-16 04:20 -------- d-----w- c:\program files\Enigma Software Group

2013-05-16 04:19 . 2013-05-16 13:20 -------- d-----w- c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP

2013-05-16 04:19 . 2013-05-16 04:19 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard

2013-05-16 02:56 . 2013-05-17 03:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware