Jump to content

All downloads show as infected


Recommended Posts

Experiencing the same thing here. Also, note, that normally running MS Security Essentials, and it is not starting (is being denied a start). When trying to start the service manually, it errors, and when attempting to uninstall/reinstall, am denied and being told I don't have rights, despite being the machine administrator.. Nothing else seems terribly off, or bogged down..

First DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.17.2

Run by Mills at 18:09:19 on 2013-05-21

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12286.10309 [GMT -5:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\atieclxx.exe

C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe

C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe

C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe

C:\Program Files (x86)\ASUS\AASP\1.01.02\aaCenter.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

C:\ASUS.SYS\config\DVMExportService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe

C:\Program Files (x86)\ASUS\T Probe\TProbe.exe

C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Users\Mills\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: {BC0E8AD7-13AA-4694-8EDD-0246BC47A35F} - <orphaned>

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Mills\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [44225B1786A2EBF23F237EC921537BA85BF6512C._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart

mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"

mRun: [T Probe] "C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" -b

mRun: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b

mRun: [Launch PC Probe II] <no file>

StartupFolder: C:\Users\Mills\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Launch Jawbone Updater.lnk - C:\Program Files (x86)\Jawbone\LaunchJU.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {22CF8705-058B-4C21-9F44-09FEC1175BEB} - hxxp://192.168.0.7/camclictrl.cab

DPF: {3528A58B-595D-4AFD-A5F6-B914BD306DC3} - hxxp://dishconnectivity.sling.com/dpit/downloads/pc/SlingHealth.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab

DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://216.176.64.98:8444/CACHE/stc/1/binaries/vpnweb.cab

DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} - hxxp://192.168.0.7/camclictrl.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {89A32C64-6176-4D10-BCA3-10B0079818FA} - hxxps://exchange2010.chidomain.local:3443/webconsole/RIMWebComponents.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549} - hxxp://plugin.slingbox.com/downloads/pc/1.4.0.102/WebSlingPlayer.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.2.0.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab

TCP: NameServer = 97.64.168.12 97.64.183.165

TCP: Interfaces\{D74E2728-5585-4876-966D-79A66B088B6E} : DHCPNameServer = 97.64.168.12 97.64.183.165

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mills\AppData\Roaming\Mozilla\Firefox\Profiles\nh1h2bwk.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Users\Mills\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: !HIDDEN! 2011-12-29 21:21; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 FSProFilter;FSPro File Filter;C:\Windows\System32\drivers\FSPFltd.sys [2012-11-15 54848]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-25 204288]

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2011-9-29 109056]

R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-3-12 219360]

R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]

R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-7-17 319488]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-11 13592]

R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]

R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-7-11 65657]

R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-2-11 603896]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-6-6 231440]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2009-6-4 202776]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2009-6-4 1417240]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2009-6-4 94744]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-21 452200]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 TeamViewer8;TeamViewer 8;"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" --> C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [?]

S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-3-12 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-3-12 79360]

S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2009-6-4 202776]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2009-6-4 1417240]

S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2009-6-4 94744]

S3 libusb0;Jawbone LibUsb-Win32 - Kernel Driver 09/22/2011,1.2.5.0;C:\Windows\System32\drivers\libusb0.sys [2012-11-29 52320]

S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]

S3 NisSrv;NisSrv;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]

S3 slsusb;Edge CS/CTS Device Driver;C:\Windows\System32\drivers\slsusb.sys [2012-9-26 31328]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\System32\drivers\gtkdrv.sys [2012-1-4 16640]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-27 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-5 1255736]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\real temp\WinRing0x64.sys [2008-7-26 14544]

.

=============== Created Last 30 ================

.

2013-05-20 21:10:07 -------- d-----w- C:\Program Files\Enigma Software Group

2013-05-20 21:08:58 -------- d-----w- C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP

2013-05-15 22:35:27 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 22:35:27 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-15 22:35:26 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-05-15 22:35:11 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-15 22:35:10 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 22:35:10 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-15 22:35:10 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 22:35:04 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-15 22:35:04 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-15 22:34:53 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-05-14 22:53:45 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A76BC3BA-FDCF-46E0-8318-EFDFF0FFB743}\offreg.dll

2013-05-14 22:52:01 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A76BC3BA-FDCF-46E0-8318-EFDFF0FFB743}\mpengine.dll

2013-05-13 07:05:23 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-04-30 03:04:26 -------- d-----w- C:\Users\Mills\AppData\Roaming\DlinkViewCam

2013-04-30 02:59:32 -------- d-----w- C:\Program Files (x86)\Activation

2013-04-30 02:52:49 -------- d-----w- C:\Program Files (x86)\D-Link

2013-04-23 20:39:27 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2185C2A3-8C4F-44DC-903B-CAC8FCDD7788}\gapaengine.dll

2013-04-23 20:39:12 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-22 20:05:20 -------- d-----w- C:\Program Files (x86)\NetworkSurveillanceAX

.

==================== Find3M ====================

.

2013-05-16 22:27:31 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-05-16 22:27:31 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-05-16 22:27:22 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-05-14 22:54:00 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-14 22:53:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-03-13 20:51:46 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-13 20:51:42 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-13 20:51:42 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 18:09:48.33 ===============

Second dds.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.17.2

Run by Mills at 18:09:19 on 2013-05-21

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12286.10309 [GMT -5:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\atieclxx.exe

C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe

C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe

C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe

C:\Program Files (x86)\ASUS\AASP\1.01.02\aaCenter.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

C:\ASUS.SYS\config\DVMExportService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe

C:\Program Files (x86)\ASUS\T Probe\TProbe.exe

C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Users\Mills\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: {BC0E8AD7-13AA-4694-8EDD-0246BC47A35F} - <orphaned>

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Mills\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [44225B1786A2EBF23F237EC921537BA85BF6512C._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart

mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"

mRun: [T Probe] "C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" -b

mRun: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b

mRun: [Launch PC Probe II] <no file>

StartupFolder: C:\Users\Mills\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Launch Jawbone Updater.lnk - C:\Program Files (x86)\Jawbone\LaunchJU.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {22CF8705-058B-4C21-9F44-09FEC1175BEB} - hxxp://192.168.0.7/camclictrl.cab

DPF: {3528A58B-595D-4AFD-A5F6-B914BD306DC3} - hxxp://dishconnectivity.sling.com/dpit/downloads/pc/SlingHealth.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab

DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://216.176.64.98:8444/CACHE/stc/1/binaries/vpnweb.cab

DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} - hxxp://192.168.0.7/camclictrl.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {89A32C64-6176-4D10-BCA3-10B0079818FA} - hxxps://exchange2010.chidomain.local:3443/webconsole/RIMWebComponents.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549} - hxxp://plugin.slingbox.com/downloads/pc/1.4.0.102/WebSlingPlayer.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.2.0.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab

TCP: NameServer = 97.64.168.12 97.64.183.165

TCP: Interfaces\{D74E2728-5585-4876-966D-79A66B088B6E} : DHCPNameServer = 97.64.168.12 97.64.183.165

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mills\AppData\Roaming\Mozilla\Firefox\Profiles\nh1h2bwk.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Users\Mills\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: !HIDDEN! 2011-12-29 21:21; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 FSProFilter;FSPro File Filter;C:\Windows\System32\drivers\FSPFltd.sys [2012-11-15 54848]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-25 204288]

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2011-9-29 109056]

R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-3-12 219360]

R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]

R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-7-17 319488]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-11 13592]

R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]

R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-7-11 65657]

R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-2-11 603896]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-6-6 231440]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2009-6-4 202776]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2009-6-4 1417240]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2009-6-4 94744]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-21 452200]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 TeamViewer8;TeamViewer 8;"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" --> C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [?]

S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-3-12 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-3-12 79360]

S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2009-6-4 202776]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2009-6-4 1417240]

S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2009-6-4 94744]

S3 libusb0;Jawbone LibUsb-Win32 - Kernel Driver 09/22/2011,1.2.5.0;C:\Windows\System32\drivers\libusb0.sys [2012-11-29 52320]

S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]

S3 NisSrv;NisSrv;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]

S3 slsusb;Edge CS/CTS Device Driver;C:\Windows\System32\drivers\slsusb.sys [2012-9-26 31328]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\System32\drivers\gtkdrv.sys [2012-1-4 16640]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-27 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-5 1255736]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\real temp\WinRing0x64.sys [2008-7-26 14544]

.

=============== Created Last 30 ================

.

2013-05-20 21:10:07 -------- d-----w- C:\Program Files\Enigma Software Group

2013-05-20 21:08:58 -------- d-----w- C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP

2013-05-15 22:35:27 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 22:35:27 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-15 22:35:26 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-05-15 22:35:11 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-15 22:35:10 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 22:35:10 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-15 22:35:10 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 22:35:04 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-15 22:35:04 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-15 22:34:53 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-05-14 22:53:45 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A76BC3BA-FDCF-46E0-8318-EFDFF0FFB743}\offreg.dll

2013-05-14 22:52:01 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A76BC3BA-FDCF-46E0-8318-EFDFF0FFB743}\mpengine.dll

2013-05-13 07:05:23 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-04-30 03:04:26 -------- d-----w- C:\Users\Mills\AppData\Roaming\DlinkViewCam

2013-04-30 02:59:32 -------- d-----w- C:\Program Files (x86)\Activation

2013-04-30 02:52:49 -------- d-----w- C:\Program Files (x86)\D-Link

2013-04-23 20:39:27 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2185C2A3-8C4F-44DC-903B-CAC8FCDD7788}\gapaengine.dll

2013-04-23 20:39:12 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-22 20:05:20 -------- d-----w- C:\Program Files (x86)\NetworkSurveillanceAX

.

==================== Find3M ====================

.

2013-05-16 22:27:31 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-05-16 22:27:31 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-05-16 22:27:22 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-05-14 22:54:00 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-14 22:53:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-03-13 20:51:46 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-13 20:51:42 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-13 20:51:42 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 18:09:48.33 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 3/12/2010 3:55:30 PM

System Uptime: 5/21/2013 10:07:02 AM (8 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P7P55D

Processor: Intel® Core i5 CPU 750 @ 2.67GHz | LGA1156 | 2668/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 711.588 GiB free.

D: is CDROM ()

F: is FIXED (NTFS) - 466 GiB total, 123.296 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

PNP Device ID: ROOT\NET\0000

Service: vpnva

.

==== System Restore Points ===================

.

RP486: 4/25/2013 3:00:24 AM - Windows Update

RP487: 4/29/2013 2:00:12 AM - Windows Backup

RP488: 4/29/2013 2:03:58 AM - Windows Update

RP489: 4/29/2013 9:52:31 PM - Installed D-Link D-ViewCam

RP490: 4/30/2013 3:00:27 AM - Windows Update

RP491: 5/6/2013 2:00:32 AM - Windows Backup

RP492: 5/6/2013 2:03:44 AM - Windows Update

RP493: 5/9/2013 3:05:07 PM - Windows Update

RP494: 5/13/2013 2:00:04 AM - Windows Backup

RP495: 5/13/2013 2:03:53 AM - Windows Update

RP496: 5/14/2013 5:46:55 PM - Removed Device Pack

RP497: 5/14/2013 5:48:27 PM - Removed D-Link D-ViewCam

RP498: 5/16/2013 3:00:26 AM - Windows Update

RP499: 5/20/2013 2:00:18 AM - Windows Backup

RP500: 5/20/2013 4:09:07 PM - Installed SpyHunter

RP501: 5/20/2013 4:59:13 PM - Removed SpyHunter

RP502: 5/20/2013 5:04:46 PM - Removed Napster Download Manager

RP503: 5/20/2013 5:05:37 PM - Removed SlimDX Runtime .NET 4.0 x86 (January 2012)

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

3DMark Vantage

64 Bit HP CIO Components Installer

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.2

Adobe Shockwave Player 11.6

Advanced IP Scanner v1.5

AI Suite

Amazon MP3 Uploader

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASUSUpdate

AVS Update Manager 1.0

AVS Video Converter 8

AVS4YOU Software Navigator 1.4

Battlefield 1942™

Battlefield 3™

Battlefield 3™ Open Beta

Battlefield Heroes

Battlefield: Bad Company™ 2

Battlelog Web Plugins

BC2CC

BF3CC

BlackBerry Device Communication Components

Bonjour

Browser Configuration Utility

BufferChm

Cabela's Trophy Bucks

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

ccc-utility64

CCC Help English

Cisco AnyConnect VPN Client

Copy

Creative ALchemy

Creative Audio Control Panel

Creative Console Launcher

Creative MediaSource 5

Creative Software AutoUpdate

Creative Sound Blaster Properties x64 Edition

Creative WaveStudio 7

CyberPower PowerPanel Personal Edition 1.3.3

Data Viewer 3.3.0.8

Destinations

DeviceDiscovery

DHTML Editing Component

DJ_AIO_05_F4400_Software_Min

DSDownloader 2.2.2.6

EPU-6 Engine

ESN Sonar

Express Gate

ExtraPutty 0.22

F4400

File Type Assistant

Final Media Player 2011

Free M4a to MP3 Converter 6.1

Fusion

Futuremark SystemInfo

Google Chrome

Google Earth

Google Talk (remove only)

Google Update Helper

GPBaseService2

HP Customer Participation Program 14.0

HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5

HP Imaging Device Functions 14.0

HP Photo Creations

HP Print Projects 1.0

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPPhotoGadget

hpPrintProjects

HPProductAssistant

HPSSupply

hpWLPGInstaller

Intel® Control Center

Intel® Rapid Storage Technology

iTunes

Java 7 Update 17

Java Auto Updater

Java 6 Update 20

Java 6 Update 20 (64-bit)

Jawbone Updater

JMicron JMB36X Driver

LaCie Backup Software v1.5.2378

LG USB Modem driver

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Medal of Honor

Medal of Honor™ MP Open Beta

Medal of Honor™ Warfighter

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office Word Viewer 2003

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MotoCast

MotoHelper MergeModules

Motorola Device Manager

Motorola Device Software Update

MOTOROLA MEDIA LINK

Motorola Mobile Drivers Installation 5.9.0

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

Mumble 1.2.3

Music Manager

My Lockbox 2.9

MyStyle

NVIDIA PhysX

Origin

Paint Shop Pro 7 Try And Buy

PC Probe II

PL-2303 USB-to-Serial

PrimoPDF -- brought to you by Nitro PDF Software

PunkBuster Services

QuickTime

Realtek 8136 8168 8169 Ethernet Driver

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Shop for HP Supplies

SlingHealth ActiveX

SmartWebPrinting

SolutionCenter

Status

swMSM

System Requirements Lab

System Requirements Lab for Intel

T.Probe

TeamSpeak 3 Client

TeamViewer 7

Toolbox

TrayApp

Trinity USB Drivers 1.1.1.1

Trojan Killer

Trojan Killer 2.1

Turbo Lister 2

TurboV EVO

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2008 x64 Redistributables

VLC media player 1.0.5

VoiceOver Kit

WebReg

WebSlingPlayer ActiveX

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

5/21/2013 6:03:17 PM, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.

5/21/2013 6:00:07 PM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

5/21/2013 10:09:31 AM, Error: Service Control Manager [7023] - The WinDefend service terminated with the following error: Access is denied.

5/21/2013 10:09:14 AM, Error: Service Control Manager [7000] - The TeamViewer 8 service failed to start due to the following error: The system cannot find the file specified.

5/20/2013 4:08:14 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

5/20/2013 4:08:14 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

5/20/2013 3:56:53 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:56:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

5/20/2013 3:56:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

5/20/2013 3:55:11 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

5/20/2013 3:53:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

5/20/2013 3:53:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

5/20/2013 3:53:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

5/20/2013 3:53:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/20/2013 3:53:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

5/20/2013 3:53:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO AsUpIO CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf

5/20/2013 3:53:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The PST Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.

5/20/2013 3:53:10 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 3:29:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NisSrv service.

5/16/2013 3:29:05 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.

.

==== End Of File ===========================

post-140216-0-35251600-1369178008.jpg

post-140216-0-65086800-1369178020.jpg

post-140216-0-39430400-1369178049.jpg

Link to post
Share on other sites

Hello TFD.

Please stop doing any web-browsing or any websurfing or any online web activity.

Flush all temporary internet files in each one of your browsers = >> SHIFT+CTRL+DEL keys then delete temp files.

Then close your browsers.

Only go to this forum and the websites I guide you to for tools.

Do as much as you can of the following.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Press Windows-key +R key on your keyboard to get RUN option.
  • Type in
    explorer.exe

    and press Enter to start Windows Explorer.

  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 4

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

AdwCleaner.txt

# AdwCleaner v2.301 - Logfile created 05/22/2013 at 17:42:57

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Mills - MILLS7

# Boot Mode : Normal

# Running from : C:\Users\Mills\Desktop\fixers\adwcleaner.exe

# Option [search]

***** [services] *****

Found : BCUService

Found : DvmMDES

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\DeviceVM

***** [Registry] *****

Key Found : HKCU\Software\DeviceVM

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}

Key Found : HKLM\Software\DeviceVM

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [bCU]

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Mills\AppData\Roaming\Mozilla\Firefox\Profiles\nh1h2bwk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Mills\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2020 octets] - [22/05/2013 17:42:57]

########## EOF - C:\AdwCleaner[R1].txt - [2080 octets] ##########

TDSSKILLER log

17:44:55.0576 6512 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

17:44:55.0979 6512 ============================================================

17:44:55.0979 6512 Current date / time: 2013/05/22 17:44:55.0979

17:44:55.0979 6512 SystemInfo:

17:44:55.0979 6512

17:44:55.0979 6512 OS Version: 6.1.7601 ServicePack: 1.0

17:44:55.0979 6512 Product type: Workstation

17:44:55.0979 6512 ComputerName: MILLS7

17:44:55.0979 6512 UserName: Mills

17:44:55.0979 6512 Windows directory: C:\Windows

17:44:55.0979 6512 System windows directory: C:\Windows

17:44:55.0979 6512 Running under WOW64

17:44:55.0979 6512 Processor architecture: Intel x64

17:44:55.0979 6512 Number of processors: 4

17:44:55.0979 6512 Page size: 0x1000

17:44:55.0979 6512 Boot type: Normal boot

17:44:55.0979 6512 ============================================================

17:44:56.0802 6512 Drive \Device\Harddisk0\DR0 - Size: 0xE8E1300000 (931.52 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:44:56.0848 6512 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

17:44:56.0867 6512 ============================================================

17:44:56.0867 6512 \Device\Harddisk0\DR0:

17:44:56.0867 6512 MBR partitions:

17:44:56.0867 6512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

17:44:56.0867 6512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D6000

17:44:56.0867 6512 \Device\Harddisk1\DR1:

17:44:56.0867 6512 MBR partitions:

17:44:56.0867 6512 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02

17:44:56.0867 6512 ============================================================

17:44:56.0900 6512 C: <-> \Device\Harddisk0\DR0\Partition2

17:44:56.0909 6512 F: <-> \Device\Harddisk1\DR1\Partition1

17:44:56.0909 6512 ============================================================

17:44:56.0909 6512 Initialize success

17:44:56.0909 6512 ============================================================

17:45:03.0072 4644 ============================================================

17:45:03.0072 4644 Scan started

17:45:03.0072 4644 Mode: Manual;

17:45:03.0072 4644 ============================================================

17:45:04.0293 4644 ================ Scan system memory ========================

17:45:04.0293 4644 System memory - ok

17:45:04.0293 4644 ================ Scan services =============================

17:45:04.0481 4644 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

17:45:04.0491 4644 1394ohci - ok

17:45:04.0557 4644 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

17:45:04.0561 4644 ACPI - ok

17:45:04.0599 4644 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

17:45:04.0610 4644 AcpiPmi - ok

17:45:04.0766 4644 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:45:04.0769 4644 AdobeFlashPlayerUpdateSvc - ok

17:45:04.0835 4644 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

17:45:04.0852 4644 adp94xx - ok

17:45:04.0883 4644 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

17:45:04.0887 4644 adpahci - ok

17:45:04.0921 4644 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

17:45:04.0933 4644 adpu320 - ok

17:45:04.0960 4644 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

17:45:04.0962 4644 AeLookupSvc - ok

17:45:05.0044 4644 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

17:45:05.0052 4644 AFD - ok

17:45:05.0092 4644 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

17:45:05.0094 4644 agp440 - ok

17:45:05.0111 4644 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

17:45:05.0112 4644 ALG - ok

17:45:05.0128 4644 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

17:45:05.0129 4644 aliide - ok

17:45:05.0216 4644 [ 812349D328EB406815183A5D17B49E7C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

17:45:05.0231 4644 AMD External Events Utility - ok

17:45:05.0242 4644 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

17:45:05.0243 4644 amdide - ok

17:45:05.0264 4644 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

17:45:05.0266 4644 AmdK8 - ok

17:45:05.0429 4644 [ 0415FFE1B6A6EA141FEAFCA57567F57F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

17:45:05.0589 4644 amdkmdag - ok

17:45:05.0670 4644 [ DC24D6F38F17C0D643D9AA8A6852F8D0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

17:45:05.0673 4644 amdkmdap - ok

17:45:05.0711 4644 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

17:45:05.0713 4644 AmdPPM - ok

17:45:05.0754 4644 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

17:45:05.0757 4644 amdsata - ok

17:45:05.0792 4644 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

17:45:05.0795 4644 amdsbs - ok

17:45:05.0834 4644 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

17:45:05.0835 4644 amdxata - ok

17:45:05.0882 4644 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

17:45:05.0893 4644 AppID - ok

17:45:05.0929 4644 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

17:45:05.0931 4644 AppIDSvc - ok

17:45:05.0978 4644 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

17:45:05.0981 4644 Appinfo - ok

17:45:06.0090 4644 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:45:06.0164 4644 Apple Mobile Device - ok

17:45:06.0241 4644 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

17:45:06.0276 4644 AppMgmt - ok

17:45:06.0296 4644 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

17:45:06.0298 4644 arc - ok

17:45:06.0318 4644 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

17:45:06.0323 4644 arcsas - ok

17:45:06.0382 4644 [ F6BDA026E4157DC4E321CA391E9D9BC6 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys

17:45:06.0383 4644 AsIO - ok

17:45:06.0544 4644 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

17:45:06.0546 4644 aspnet_state - ok

17:45:06.0605 4644 [ 8C1FD73CC27EDD8D3344C632571C224C ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe

17:45:06.0607 4644 AsSysCtrlService - ok

17:45:06.0652 4644 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys

17:45:06.0653 4644 AsUpIO - ok

17:45:06.0681 4644 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

17:45:06.0683 4644 AsyncMac - ok

17:45:06.0709 4644 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

17:45:06.0710 4644 atapi - ok

17:45:06.0744 4644 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

17:45:06.0747 4644 AtiHDAudioService - ok

17:45:06.0809 4644 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

17:45:06.0820 4644 AtiHdmiService - ok

17:45:06.0882 4644 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

17:45:06.0904 4644 AudioEndpointBuilder - ok

17:45:06.0914 4644 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

17:45:06.0921 4644 AudioSrv - ok

17:45:07.0009 4644 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

17:45:07.0013 4644 AxInstSV - ok

17:45:07.0074 4644 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

17:45:07.0079 4644 b06bdrv - ok

17:45:07.0118 4644 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

17:45:07.0132 4644 b57nd60a - ok

17:45:07.0201 4644 [ FD217CCD94D414A2687150EDFDAFA4C0 ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

17:45:07.0203 4644 BCUService - ok

17:45:07.0225 4644 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

17:45:07.0229 4644 BDESVC - ok

17:45:07.0249 4644 bdhrogwa - ok

17:45:07.0281 4644 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

17:45:07.0282 4644 Beep - ok

17:45:07.0370 4644 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

17:45:07.0389 4644 BFE - ok

17:45:07.0437 4644 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

17:45:07.0475 4644 BITS - ok

17:45:07.0501 4644 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

17:45:07.0506 4644 blbdrive - ok

17:45:07.0603 4644 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

17:45:07.0609 4644 Bonjour Service - ok

17:45:07.0658 4644 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

17:45:07.0660 4644 bowser - ok

17:45:07.0675 4644 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

17:45:07.0677 4644 BrFiltLo - ok

17:45:07.0692 4644 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

17:45:07.0704 4644 BrFiltUp - ok

17:45:07.0748 4644 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

17:45:07.0752 4644 Browser - ok

17:45:07.0781 4644 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

17:45:07.0786 4644 Brserid - ok

17:45:07.0798 4644 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

17:45:07.0800 4644 BrSerWdm - ok

17:45:07.0812 4644 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

17:45:07.0813 4644 BrUsbMdm - ok

17:45:07.0855 4644 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

17:45:07.0867 4644 BrUsbSer - ok

17:45:07.0874 4644 bryudyxv - ok

17:45:07.0931 4644 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

17:45:07.0933 4644 BTHMODEM - ok

17:45:07.0974 4644 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

17:45:07.0977 4644 bthserv - ok

17:45:07.0989 4644 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

17:45:07.0991 4644 cdfs - ok

17:45:08.0029 4644 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

17:45:08.0032 4644 cdrom - ok

17:45:08.0097 4644 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

17:45:08.0100 4644 CertPropSvc - ok

17:45:08.0116 4644 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

17:45:08.0117 4644 circlass - ok

17:45:08.0157 4644 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

17:45:08.0161 4644 CLFS - ok

17:45:08.0222 4644 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:45:08.0225 4644 clr_optimization_v2.0.50727_32 - ok

17:45:08.0280 4644 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:45:08.0283 4644 clr_optimization_v2.0.50727_64 - ok

17:45:08.0394 4644 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:45:08.0398 4644 clr_optimization_v4.0.30319_32 - ok

17:45:08.0419 4644 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:45:08.0422 4644 clr_optimization_v4.0.30319_64 - ok

17:45:08.0438 4644 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

17:45:08.0440 4644 CmBatt - ok

17:45:08.0453 4644 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

17:45:08.0454 4644 cmdide - ok

17:45:08.0523 4644 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

17:45:08.0533 4644 CNG - ok

17:45:08.0561 4644 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

17:45:08.0562 4644 Compbatt - ok

17:45:08.0600 4644 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

17:45:08.0602 4644 CompositeBus - ok

17:45:08.0607 4644 COMSysApp - ok

17:45:08.0725 4644 [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys

17:45:08.0726 4644 cpudrv64 - ok

17:45:08.0850 4644 cpuz130 - ok

17:45:08.0886 4644 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

17:45:08.0888 4644 crcdisk - ok

17:45:08.0934 4644 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

17:45:08.0936 4644 Creative ALchemy AL6 Licensing Service - ok

17:45:08.0964 4644 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

17:45:08.0965 4644 Creative Audio Engine Licensing Service - ok

17:45:09.0035 4644 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

17:45:09.0040 4644 CryptSvc - ok

17:45:09.0087 4644 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

17:45:09.0093 4644 CSC - ok

17:45:09.0149 4644 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

17:45:09.0155 4644 CscService - ok

17:45:09.0177 4644 [ B3B541B3B25ADB02D793C51953B22491 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS

17:45:09.0179 4644 CT20XUT - ok

17:45:09.0183 4644 [ B3B541B3B25ADB02D793C51953B22491 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS

17:45:09.0185 4644 CT20XUT.SYS - ok

17:45:09.0205 4644 [ F2E098F140B769AE62803E89230F11A9 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys

17:45:09.0208 4644 ctac32k - ok

17:45:09.0249 4644 [ 5C315E9DABF63D9D12973585A6113066 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys

17:45:09.0253 4644 ctaud2k - ok

17:45:09.0320 4644 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

17:45:09.0323 4644 CTAudSvcService - ok

17:45:09.0363 4644 [ 59D681564C6D5CD72890082925501BE9 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS

17:45:09.0374 4644 CTEXFIFX - ok

17:45:09.0418 4644 [ 59D681564C6D5CD72890082925501BE9 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS

17:45:09.0431 4644 CTEXFIFX.SYS - ok

17:45:09.0442 4644 [ D0EBCFF35FE9A4F9D3CA2FD6A38BEE56 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS

17:45:09.0443 4644 CTHWIUT - ok

17:45:09.0446 4644 [ D0EBCFF35FE9A4F9D3CA2FD6A38BEE56 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS

17:45:09.0446 4644 CTHWIUT.SYS - ok

17:45:09.0458 4644 [ EF305CAB6295B8A250A77A7FD5F9F113 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys

17:45:09.0458 4644 ctprxy2k - ok

17:45:09.0474 4644 [ 01323C189318B92BB7781B911DE9D62B ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys

17:45:09.0475 4644 ctsfm2k - ok

17:45:09.0496 4644 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

17:45:09.0516 4644 DcomLaunch - ok

17:45:09.0579 4644 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

17:45:09.0589 4644 defragsvc - ok

17:45:09.0684 4644 [ 59D90B6A7FBC4CC712DD7C5868618480 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

17:45:09.0686 4644 DeviceMonitorService - ok

17:45:09.0747 4644 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

17:45:09.0750 4644 DfsC - ok

17:45:09.0840 4644 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

17:45:09.0848 4644 Dhcp - ok

17:45:09.0864 4644 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

17:45:09.0865 4644 discache - ok

17:45:09.0894 4644 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

17:45:09.0896 4644 Disk - ok

17:45:09.0925 4644 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

17:45:09.0932 4644 Dnscache - ok

17:45:09.0976 4644 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

17:45:09.0990 4644 dot3svc - ok

17:45:10.0033 4644 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys

17:45:10.0036 4644 dot4 - ok

17:45:10.0051 4644 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys

17:45:10.0053 4644 Dot4Print - ok

17:45:10.0076 4644 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

17:45:10.0132 4644 dot4usb - ok

17:45:10.0167 4644 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

17:45:10.0174 4644 DPS - ok

17:45:10.0222 4644 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

17:45:10.0233 4644 drmkaud - ok

17:45:10.0380 4644 [ E5B95C75557120881076C45CD146D72C ] DvmMDES C:\ASUS.SYS\config\DVMExportService.exe

17:45:10.0384 4644 DvmMDES - ok

17:45:10.0441 4644 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

17:45:10.0450 4644 DXGKrnl - ok

17:45:10.0474 4644 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

17:45:10.0489 4644 EapHost - ok

17:45:10.0574 4644 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

17:45:10.0631 4644 ebdrv - ok

17:45:10.0672 4644 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

17:45:10.0692 4644 EFS - ok

17:45:10.0739 4644 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

17:45:10.0761 4644 ehRecvr - ok

17:45:10.0795 4644 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

17:45:10.0807 4644 ehSched - ok

17:45:10.0813 4644 EIO64 - ok

17:45:10.0864 4644 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

17:45:10.0880 4644 elxstor - ok

17:45:10.0910 4644 [ 1B68C7DDD39811DF63FC04AF937BE91A ] emupia C:\Windows\system32\drivers\emupia2k.sys

17:45:10.0912 4644 emupia - ok

17:45:10.0935 4644 ENTECH - ok

17:45:10.0963 4644 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

17:45:10.0965 4644 ErrDev - ok

17:45:11.0028 4644 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

17:45:11.0048 4644 EventSystem - ok

17:45:11.0082 4644 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

17:45:11.0094 4644 exfat - ok

17:45:11.0128 4644 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

17:45:11.0131 4644 fastfat - ok

17:45:11.0197 4644 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

17:45:11.0216 4644 Fax - ok

17:45:11.0236 4644 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

17:45:11.0238 4644 fdc - ok

17:45:11.0276 4644 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

17:45:11.0290 4644 fdPHost - ok

17:45:11.0324 4644 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

17:45:11.0330 4644 FDResPub - ok

17:45:11.0345 4644 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

17:45:11.0347 4644 FileInfo - ok

17:45:11.0360 4644 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

17:45:11.0362 4644 Filetrace - ok

17:45:11.0373 4644 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

17:45:11.0375 4644 flpydisk - ok

17:45:11.0418 4644 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

17:45:11.0422 4644 FltMgr - ok

17:45:11.0500 4644 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

17:45:11.0536 4644 FontCache - ok

17:45:11.0601 4644 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:45:11.0602 4644 FontCache3.0.0.0 - ok

17:45:11.0609 4644 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

17:45:11.0611 4644 FsDepends - ok

17:45:11.0667 4644 [ 8197C85348A33BCCFE80DD6E2DB53903 ] FSProFilter C:\Windows\system32\Drivers\FSPFltd.sys

17:45:11.0668 4644 FSProFilter - ok

17:45:11.0697 4644 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

17:45:11.0698 4644 Fs_Rec - ok

17:45:11.0739 4644 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

17:45:11.0752 4644 fvevol - ok

17:45:11.0780 4644 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

17:45:11.0784 4644 gagp30kx - ok

17:45:11.0803 4644 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

17:45:11.0803 4644 GEARAspiWDM - ok

17:45:11.0930 4644 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

17:45:11.0955 4644 gpsvc - ok

17:45:12.0060 4644 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:45:12.0063 4644 gupdate - ok

17:45:12.0086 4644 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:45:12.0087 4644 gupdatem - ok

17:45:12.0140 4644 [ C1C61E83F44B105A4A131CB0C583174C ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys

17:45:12.0154 4644 ha20x2k - ok

17:45:12.0171 4644 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

17:45:12.0172 4644 hcw85cir - ok

17:45:12.0241 4644 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

17:45:12.0259 4644 HdAudAddService - ok

17:45:12.0308 4644 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

17:45:12.0311 4644 HDAudBus - ok

17:45:12.0328 4644 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

17:45:12.0330 4644 HidBatt - ok

17:45:12.0347 4644 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

17:45:12.0349 4644 HidBth - ok

17:45:12.0365 4644 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

17:45:12.0367 4644 HidIr - ok

17:45:12.0386 4644 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

17:45:12.0391 4644 hidserv - ok

17:45:12.0432 4644 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

17:45:12.0434 4644 HidUsb - ok

17:45:12.0474 4644 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

17:45:12.0485 4644 hkmsvc - ok

17:45:12.0516 4644 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

17:45:12.0540 4644 HomeGroupListener - ok

17:45:12.0582 4644 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

17:45:12.0602 4644 HomeGroupProvider - ok

17:45:12.0757 4644 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

17:45:12.0761 4644 hpqcxs08 - ok

17:45:12.0799 4644 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

17:45:12.0810 4644 hpqddsvc - ok

17:45:12.0840 4644 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

17:45:12.0844 4644 HpSAMD - ok

17:45:12.0924 4644 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

17:45:12.0941 4644 HTTP - ok

17:45:12.0970 4644 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

17:45:12.0972 4644 hwpolicy - ok

17:45:13.0031 4644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

17:45:13.0034 4644 i8042prt - ok

17:45:13.0077 4644 [ 8180A2392E732E8871589B54FAB6991F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

17:45:13.0083 4644 iaStor - ok

17:45:13.0135 4644 [ 17125B7D2F56B4B35441561C780C2CCB ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

17:45:13.0137 4644 IAStorDataMgrSvc - ok

17:45:13.0187 4644 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

17:45:13.0193 4644 iaStorV - ok

17:45:13.0251 4644 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

17:45:13.0253 4644 IDriverT - ok

17:45:13.0323 4644 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:45:13.0346 4644 idsvc - ok

17:45:13.0369 4644 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

17:45:13.0370 4644 iirsp - ok

17:45:13.0433 4644 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

17:45:13.0450 4644 IKEEXT - ok

17:45:13.0464 4644 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

17:45:13.0475 4644 intelide - ok

17:45:13.0509 4644 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

17:45:13.0512 4644 intelppm - ok

17:45:13.0561 4644 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

17:45:13.0570 4644 IPBusEnum - ok

17:45:13.0611 4644 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:45:13.0618 4644 IpFilterDriver - ok

17:45:13.0671 4644 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll

17:45:13.0694 4644 IpHlpSvc - ok

17:45:13.0738 4644 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

17:45:13.0741 4644 IPMIDRV - ok

17:45:13.0763 4644 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

17:45:13.0775 4644 IPNAT - ok

17:45:13.0869 4644 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

17:45:13.0877 4644 iPod Service - ok

17:45:13.0893 4644 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

17:45:13.0895 4644 IRENUM - ok

17:45:13.0935 4644 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

17:45:13.0947 4644 isapnp - ok

17:45:14.0002 4644 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

17:45:14.0016 4644 iScsiPrt - ok

17:45:14.0083 4644 [ 2224ABC439D115A44EDB5630A92C1D7E ] JRAID C:\Windows\system32\DRIVERS\jraid.sys

17:45:14.0092 4644 JRAID - ok

17:45:14.0141 4644 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

17:45:14.0143 4644 kbdclass - ok

17:45:14.0206 4644 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

17:45:14.0207 4644 kbdhid - ok

17:45:14.0210 4644 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

17:45:14.0216 4644 KeyIso - ok

17:45:14.0278 4644 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

17:45:14.0281 4644 KSecDD - ok

17:45:14.0314 4644 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

17:45:14.0317 4644 KSecPkg - ok

17:45:14.0352 4644 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

17:45:14.0360 4644 ksthunk - ok

17:45:14.0405 4644 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

17:45:14.0429 4644 KtmRm - ok

17:45:14.0496 4644 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

17:45:14.0524 4644 LanmanServer - ok

17:45:14.0561 4644 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

17:45:14.0582 4644 LanmanWorkstation - ok

17:45:14.0651 4644 [ C7D21310EA0A644AA6394DE1E46E3D31 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys

17:45:14.0654 4644 libusb0 - ok

17:45:14.0688 4644 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

17:45:14.0697 4644 lltdio - ok

17:45:14.0748 4644 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

17:45:14.0760 4644 lltdsvc - ok

17:45:14.0782 4644 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

17:45:14.0795 4644 lmhosts - ok

17:45:14.0827 4644 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

17:45:14.0842 4644 LSI_FC - ok

17:45:14.0874 4644 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

17:45:14.0878 4644 LSI_SAS - ok

17:45:14.0896 4644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

17:45:14.0899 4644 LSI_SAS2 - ok

17:45:14.0918 4644 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

17:45:14.0925 4644 LSI_SCSI - ok

17:45:14.0961 4644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

17:45:14.0965 4644 luafv - ok

17:45:14.0991 4644 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

17:45:15.0002 4644 Mcx2Svc - ok

17:45:15.0020 4644 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

17:45:15.0022 4644 megasas - ok

17:45:15.0052 4644 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

17:45:15.0065 4644 MegaSR - ok

17:45:15.0095 4644 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

17:45:15.0119 4644 MMCSS - ok

17:45:15.0138 4644 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

17:45:15.0149 4644 Modem - ok

17:45:15.0174 4644 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

17:45:15.0176 4644 monitor - ok

17:45:15.0230 4644 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys

17:45:15.0233 4644 motandroidusb - ok

17:45:15.0349 4644 [ AC9D6E3629E4388A9EA9B4172493AAEE ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

17:45:15.0351 4644 Motorola Device Manager - ok

17:45:15.0383 4644 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

17:45:15.0385 4644 mouclass - ok

17:45:15.0432 4644 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

17:45:15.0434 4644 mouhid - ok

17:45:15.0467 4644 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

17:45:15.0469 4644 mountmgr - ok

17:45:15.0560 4644 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:45:15.0562 4644 MozillaMaintenance - ok

17:45:15.0623 4644 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

17:45:15.0627 4644 MpFilter - ok

17:45:15.0651 4644 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

17:45:15.0655 4644 mpio - ok

17:45:15.0688 4644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

17:45:15.0693 4644 mpsdrv - ok

17:45:15.0775 4644 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

17:45:15.0794 4644 MpsSvc - ok

17:45:15.0836 4644 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

17:45:15.0847 4644 MRxDAV - ok

17:45:15.0901 4644 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

17:45:15.0904 4644 mrxsmb - ok

17:45:15.0957 4644 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:45:15.0972 4644 mrxsmb10 - ok

17:45:16.0004 4644 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:45:16.0007 4644 mrxsmb20 - ok

17:45:16.0043 4644 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

17:45:16.0054 4644 msahci - ok

17:45:16.0099 4644 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

17:45:16.0139 4644 msdsm - ok

17:45:16.0201 4644 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

17:45:16.0240 4644 MSDTC - ok

17:45:16.0277 4644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

17:45:16.0279 4644 Msfs - ok

17:45:16.0291 4644 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

17:45:16.0293 4644 mshidkmdf - ok

17:45:16.0317 4644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

17:45:16.0318 4644 msisadrv - ok

17:45:16.0366 4644 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

17:45:16.0382 4644 MSiSCSI - ok

17:45:16.0386 4644 msiserver - ok

17:45:16.0411 4644 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

17:45:16.0413 4644 MSKSSRV - ok

17:45:16.0465 4644 MsMpSvc - ok

17:45:16.0498 4644 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

17:45:16.0506 4644 MSPCLOCK - ok

17:45:16.0522 4644 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

17:45:16.0524 4644 MSPQM - ok

17:45:16.0576 4644 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

17:45:16.0582 4644 MsRPC - ok

17:45:16.0620 4644 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

17:45:16.0622 4644 mssmbios - ok

17:45:16.0639 4644 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

17:45:16.0650 4644 MSTEE - ok

17:45:16.0664 4644 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

17:45:16.0667 4644 MTConfig - ok

17:45:16.0708 4644 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys

17:45:16.0709 4644 MTsensor - ok

17:45:16.0731 4644 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

17:45:16.0734 4644 Mup - ok

17:45:16.0780 4644 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

17:45:16.0828 4644 napagent - ok

17:45:16.0888 4644 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

17:45:16.0894 4644 NativeWifiP - ok

17:45:16.0980 4644 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

17:45:16.0990 4644 NDIS - ok

17:45:17.0000 4644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

17:45:17.0009 4644 NdisCap - ok

17:45:17.0053 4644 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

17:45:17.0056 4644 NdisTapi - ok

17:45:17.0092 4644 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

17:45:17.0095 4644 Ndisuio - ok

17:45:17.0147 4644 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

17:45:17.0156 4644 NdisWan - ok

17:45:17.0204 4644 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

17:45:17.0216 4644 NDProxy - ok

17:45:17.0261 4644 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

17:45:17.0268 4644 Net Driver HPZ12 - ok

17:45:17.0303 4644 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

17:45:17.0305 4644 NetBIOS - ok

17:45:17.0343 4644 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

17:45:17.0348 4644 NetBT - ok

17:45:17.0353 4644 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

17:45:17.0362 4644 Netlogon - ok

17:45:17.0422 4644 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

17:45:17.0436 4644 Netman - ok

17:45:17.0545 4644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:45:17.0549 4644 NetMsmqActivator - ok

17:45:17.0555 4644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:45:17.0558 4644 NetPipeActivator - ok

17:45:17.0589 4644 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

17:45:17.0617 4644 netprofm - ok

17:45:17.0622 4644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:45:17.0625 4644 NetTcpActivator - ok

17:45:17.0629 4644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:45:17.0632 4644 NetTcpPortSharing - ok

17:45:17.0657 4644 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

17:45:17.0661 4644 nfrd960 - ok

17:45:17.0741 4644 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

17:45:17.0744 4644 NisDrv - ok

17:45:17.0772 4644 NisSrv - ok

17:45:17.0813 4644 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

17:45:17.0835 4644 NlaSvc - ok

17:45:17.0845 4644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

17:45:17.0848 4644 Npfs - ok

17:45:17.0882 4644 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

17:45:17.0896 4644 nsi - ok

17:45:17.0913 4644 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

17:45:17.0915 4644 nsiproxy - ok

17:45:17.0996 4644 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

17:45:18.0017 4644 Ntfs - ok

17:45:18.0034 4644 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

17:45:18.0036 4644 Null - ok

17:45:18.0114 4644 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

17:45:18.0117 4644 nvraid - ok

17:45:18.0152 4644 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

17:45:18.0165 4644 nvstor - ok

17:45:18.0183 4644 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

17:45:18.0187 4644 nv_agp - ok

17:45:18.0266 4644 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

17:45:18.0278 4644 odserv - ok

17:45:18.0304 4644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

17:45:18.0306 4644 ohci1394 - ok

17:45:18.0382 4644 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:45:18.0384 4644 ose - ok

17:45:18.0413 4644 [ EB8724534CEE0977EAC4878812682F6B ] ossrv C:\Windows\system32\drivers\ctoss2k.sys

17:45:18.0415 4644 ossrv - ok

17:45:18.0439 4644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

17:45:18.0457 4644 p2pimsvc - ok

17:45:18.0495 4644 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

17:45:18.0514 4644 p2psvc - ok

17:45:18.0540 4644 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

17:45:18.0542 4644 Parport - ok

17:45:18.0580 4644 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

17:45:18.0583 4644 partmgr - ok

17:45:18.0621 4644 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

17:45:18.0636 4644 PcaSvc - ok

17:45:18.0679 4644 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

17:45:18.0683 4644 pci - ok

17:45:18.0698 4644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

17:45:18.0701 4644 pciide - ok

17:45:18.0734 4644 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

17:45:18.0746 4644 pcmcia - ok

17:45:18.0769 4644 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

17:45:18.0772 4644 pcw - ok

17:45:18.0820 4644 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

17:45:18.0837 4644 PEAUTH - ok

17:45:18.0896 4644 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

17:45:18.0924 4644 PeerDistSvc - ok

17:45:18.0991 4644 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

17:45:19.0003 4644 PerfHost - ok

17:45:19.0107 4644 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

17:45:19.0147 4644 pla - ok

17:45:19.0183 4644 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

17:45:19.0214 4644 PlugPlay - ok

17:45:19.0280 4644 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

17:45:19.0290 4644 Pml Driver HPZ12 - ok

17:45:19.0310 4644 PnkBstrA - ok

17:45:19.0321 4644 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

17:45:19.0330 4644 PNRPAutoReg - ok

17:45:19.0350 4644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

17:45:19.0360 4644 PNRPsvc - ok

17:45:19.0413 4644 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

17:45:19.0425 4644 PolicyAgent - ok

17:45:19.0456 4644 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

17:45:19.0467 4644 Power - ok

17:45:19.0581 4644 [ 859D1D0EEF2E0DD293FB3E1BBA3DCAEC ] ppped C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe

17:45:19.0615 4644 ppped - ok

17:45:19.0650 4644 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

17:45:19.0658 4644 PptpMiniport - ok

17:45:19.0690 4644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

17:45:19.0693 4644 Processor - ok

17:45:19.0747 4644 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

17:45:19.0774 4644 ProfSvc - ok

17:45:19.0778 4644 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

17:45:19.0787 4644 ProtectedStorage - ok

17:45:19.0845 4644 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

17:45:19.0849 4644 Psched - ok

17:45:19.0925 4644 [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

17:45:19.0926 4644 PST Service - ok

17:45:19.0979 4644 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

17:45:20.0021 4644 ql2300 - ok

17:45:20.0101 4644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

17:45:20.0105 4644 ql40xx - ok

17:45:20.0148 4644 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

17:45:20.0169 4644 QWAVE - ok

17:45:20.0178 4644 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

17:45:20.0179 4644 QWAVEdrv - ok

17:45:20.0193 4644 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

17:45:20.0201 4644 RasAcd - ok

17:45:20.0227 4644 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

17:45:20.0228 4644 RasAgileVpn - ok

17:45:20.0253 4644 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

17:45:20.0267 4644 RasAuto - ok

17:45:20.0303 4644 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

17:45:20.0308 4644 Rasl2tp - ok

17:45:20.0374 4644 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

17:45:20.0398 4644 RasMan - ok

17:45:20.0431 4644 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

17:45:20.0434 4644 RasPppoe - ok

17:45:20.0460 4644 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

17:45:20.0462 4644 RasSstp - ok

17:45:20.0491 4644 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

17:45:20.0496 4644 rdbss - ok

17:45:20.0523 4644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

17:45:20.0526 4644 rdpbus - ok

17:45:20.0546 4644 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

17:45:20.0549 4644 RDPCDD - ok

17:45:20.0589 4644 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

17:45:20.0593 4644 RDPDR - ok

17:45:20.0628 4644 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

17:45:20.0630 4644 RDPENCDD - ok

17:45:20.0640 4644 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

17:45:20.0642 4644 RDPREFMP - ok

17:45:20.0722 4644 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

17:45:20.0724 4644 RdpVideoMiniport - ok

17:45:20.0774 4644 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

17:45:20.0789 4644 RDPWD - ok

17:45:20.0852 4644 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

17:45:20.0865 4644 rdyboost - ok

17:45:20.0912 4644 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

17:45:20.0923 4644 RemoteAccess - ok

17:45:20.0966 4644 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

17:45:20.0983 4644 RemoteRegistry - ok

17:45:20.0991 4644 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

17:45:21.0007 4644 RpcEptMapper - ok

17:45:21.0027 4644 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

17:45:21.0033 4644 RpcLocator - ok

17:45:21.0089 4644 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

17:45:21.0107 4644 RpcSs - ok

17:45:21.0125 4644 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

17:45:21.0128 4644 rspndr - ok

17:45:21.0203 4644 [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

17:45:21.0209 4644 RTL8167 - ok

17:45:21.0238 4644 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

17:45:21.0247 4644 s3cap - ok

17:45:21.0251 4644 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

17:45:21.0259 4644 SamSs - ok

17:45:21.0314 4644 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

17:45:21.0330 4644 sbp2port - ok

17:45:21.0375 4644 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

17:45:21.0402 4644 SCardSvr - ok

17:45:21.0424 4644 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

17:45:21.0426 4644 scfilter - ok

17:45:21.0463 4644 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

17:45:21.0479 4644 Schedule - ok

17:45:21.0491 4644 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

17:45:21.0493 4644 SCPolicySvc - ok

17:45:21.0520 4644 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

17:45:21.0535 4644 SDRSVC - ok

17:45:21.0559 4644 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

17:45:21.0562 4644 secdrv - ok

17:45:21.0601 4644 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

17:45:21.0617 4644 seclogon - ok

17:45:21.0634 4644 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

17:45:21.0649 4644 SENS - ok

17:45:21.0665 4644 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

17:45:21.0680 4644 SensrSvc - ok

17:45:21.0706 4644 [ C284622531B1238E41DF70E84B7524CE ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys

17:45:21.0710 4644 Ser2pl - ok

17:45:21.0734 4644 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

17:45:21.0737 4644 Serenum - ok

17:45:21.0756 4644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

17:45:21.0759 4644 Serial - ok

17:45:21.0775 4644 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

17:45:21.0778 4644 sermouse - ok

17:45:21.0811 4644 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

17:45:21.0831 4644 SessionEnv - ok

17:45:21.0865 4644 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

17:45:21.0877 4644 sffdisk - ok

17:45:21.0902 4644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

17:45:21.0905 4644 sffp_mmc - ok

17:45:21.0913 4644 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

17:45:21.0916 4644 sffp_sd - ok

17:45:21.0930 4644 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

17:45:21.0939 4644 sfloppy - ok

17:45:22.0004 4644 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

17:45:22.0028 4644 SharedAccess - ok

17:45:22.0154 4644 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

17:45:22.0179 4644 ShellHWDetection - ok

17:45:22.0201 4644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

17:45:22.0203 4644 SiSRaid2 - ok

17:45:22.0223 4644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

17:45:22.0237 4644 SiSRaid4 - ok

17:45:22.0311 4644 [ 2DDE5BC0631EC4FC3706757D65BB60B9 ] slsusb C:\Windows\system32\Drivers\slsusb.sys

17:45:22.0322 4644 slsusb - ok

17:45:22.0360 4644 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

17:45:22.0371 4644 Smb - ok

17:45:22.0410 4644 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

17:45:22.0432 4644 SNMPTRAP - ok

17:45:22.0448 4644 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

17:45:22.0450 4644 spldr - ok

17:45:22.0502 4644 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

17:45:22.0525 4644 Spooler - ok

17:45:22.0650 4644 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

17:45:22.0701 4644 sppsvc - ok

17:45:22.0712 4644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

17:45:22.0720 4644 sppuinotify - ok

17:45:22.0772 4644 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

17:45:22.0784 4644 srv - ok

17:45:22.0847 4644 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

17:45:22.0856 4644 srv2 - ok

17:45:22.0875 4644 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

17:45:22.0879 4644 srvnet - ok

17:45:22.0930 4644 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

17:45:22.0960 4644 SSDPSRV - ok

17:45:22.0978 4644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

17:45:22.0996 4644 SstpSvc - ok

17:45:23.0010 4644 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

17:45:23.0021 4644 stexstor - ok

17:45:23.0079 4644 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

17:45:23.0114 4644 stisvc - ok

17:45:23.0130 4644 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

17:45:23.0132 4644 storflt - ok

17:45:23.0156 4644 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

17:45:23.0167 4644 StorSvc - ok

17:45:23.0208 4644 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

17:45:23.0211 4644 storvsc - ok

17:45:23.0243 4644 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

17:45:23.0244 4644 swenum - ok

17:45:23.0287 4644 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

17:45:23.0300 4644 swprv - ok

17:45:23.0383 4644 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

17:45:23.0418 4644 SysMain - ok

17:45:23.0469 4644 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

17:45:23.0481 4644 TabletInputService - ok

17:45:23.0525 4644 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

17:45:23.0535 4644 TapiSrv - ok

17:45:23.0545 4644 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

17:45:23.0554 4644 TBS - ok

17:45:23.0654 4644 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

17:45:23.0679 4644 Tcpip - ok

17:45:23.0714 4644 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

17:45:23.0729 4644 TCPIP6 - ok

17:45:23.0751 4644 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

17:45:23.0752 4644 tcpipreg - ok

17:45:23.0771 4644 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

17:45:23.0777 4644 TDPIPE - ok

17:45:23.0807 4644 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

17:45:23.0810 4644 TDTCP - ok

17:45:23.0823 4644 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

17:45:23.0826 4644 tdx - ok

17:45:23.0883 4644 TeamViewer8 - ok

17:45:23.0900 4644 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

17:45:23.0903 4644 TermDD - ok

17:45:23.0935 4644 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

17:45:23.0965 4644 TermService - ok

17:45:23.0994 4644 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

17:45:24.0012 4644 Themes - ok

17:45:24.0036 4644 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

17:45:24.0041 4644 THREADORDER - ok

17:45:24.0057 4644 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

17:45:24.0067 4644 TrkWks - ok

17:45:24.0133 4644 [ 9BF9E809FBB2D5D0403B32B15ABE5F30 ] TrojanKillerDriver C:\Windows\system32\DRIVERS\gtkdrv.sys

17:45:24.0135 4644 TrojanKillerDriver - ok

17:45:24.0203 4644 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

17:45:24.0206 4644 TrustedInstaller - ok

17:45:24.0229 4644 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

17:45:24.0231 4644 tssecsrv - ok

17:45:24.0312 4644 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

17:45:24.0316 4644 TsUsbFlt - ok

17:45:24.0389 4644 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

17:45:24.0393 4644 tunnel - ok

17:45:24.0419 4644 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

17:45:24.0423 4644 uagp35 - ok

17:45:24.0476 4644 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

17:45:24.0485 4644 udfs - ok

17:45:24.0512 4644 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

17:45:24.0527 4644 UI0Detect - ok

17:45:24.0536 4644 uibamops - ok

17:45:24.0553 4644 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

17:45:24.0565 4644 uliagpkx - ok

17:45:24.0577 4644 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

17:45:24.0578 4644 umbus - ok

17:45:24.0603 4644 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

17:45:24.0606 4644 UmPass - ok

17:45:24.0655 4644 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

17:45:24.0678 4644 UmRdpService - ok

17:45:24.0700 4644 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

17:45:24.0716 4644 upnphost - ok

17:45:24.0746 4644 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

17:45:24.0755 4644 USBAAPL64 - ok

17:45:24.0824 4644 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

17:45:24.0828 4644 usbaudio - ok

17:45:24.0856 4644 [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys

17:45:24.0868 4644 usbbus - ok

17:45:24.0905 4644 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

17:45:24.0909 4644 usbccgp - ok

17:45:24.0947 4644 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

17:45:24.0951 4644 usbcir - ok

17:45:25.0014 4644 [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys

17:45:25.0016 4644 UsbDiag - ok

17:45:25.0047 4644 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

17:45:25.0052 4644 usbehci - ok

17:45:25.0083 4644 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

17:45:25.0101 4644 usbhub - ok

17:45:25.0130 4644 [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys

17:45:25.0132 4644 USBModem - ok

17:45:25.0142 4644 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

17:45:25.0144 4644 usbohci - ok

17:45:25.0168 4644 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

17:45:25.0170 4644 usbprint - ok

17:45:25.0183 4644 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

17:45:25.0185 4644 usbscan - ok

17:45:25.0211 4644 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:45:25.0213 4644 USBSTOR - ok

17:45:25.0223 4644 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

17:45:25.0225 4644 usbuhci - ok

17:45:25.0230 4644 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

17:45:25.0239 4644 UxSms - ok

17:45:25.0250 4644 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

17:45:25.0254 4644 VaultSvc - ok

17:45:25.0284 4644 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

17:45:25.0287 4644 vdrvroot - ok

17:45:25.0335 4644 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

17:45:25.0357 4644 vds - ok

17:45:25.0368 4644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

17:45:25.0370 4644 vga - ok

17:45:25.0385 4644 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

17:45:25.0388 4644 VgaSave - ok

17:45:25.0424 4644 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

17:45:25.0440 4644 vhdmp - ok

17:45:25.0481 4644 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

17:45:25.0492 4644 viaide - ok

17:45:25.0535 4644 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

17:45:25.0547 4644 vmbus - ok

17:45:25.0562 4644 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

17:45:25.0565 4644 VMBusHID - ok

17:45:25.0574 4644 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

17:45:25.0577 4644 volmgr - ok

17:45:25.0627 4644 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

17:45:25.0641 4644 volmgrx - ok

17:45:25.0667 4644 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

17:45:25.0672 4644 volsnap - ok

17:45:25.0813 4644 [ 34756733F0480D68E519E80E22E05D12 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

17:45:25.0821 4644 vpnagent - ok

17:45:25.0853 4644 [ E526A69D932538AE8BC96B3F4A5A90B1 ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys

17:45:25.0856 4644 vpnva - ok

17:45:25.0909 4644 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

17:45:25.0915 4644 vsmraid - ok

17:45:25.0986 4644 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

17:45:26.0043 4644 VSS - ok

17:45:26.0052 4644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

17:45:26.0055 4644 vwifibus - ok

17:45:26.0099 4644 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

17:45:26.0142 4644 W32Time - ok

17:45:26.0169 4644 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

17:45:26.0173 4644 WacomPen - ok

17:45:26.0243 4644 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

17:45:26.0247 4644 WANARP - ok

17:45:26.0251 4644 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

17:45:26.0255 4644 Wanarpv6 - ok

17:45:26.0340 4644 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

17:45:26.0354 4644 WatAdminSvc - ok

17:45:26.0433 4644 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

17:45:26.0486 4644 wbengine - ok

17:45:26.0526 4644 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

17:45:26.0546 4644 WbioSrvc - ok

17:45:26.0588 4644 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

17:45:26.0608 4644 wcncsvc - ok

17:45:26.0622 4644 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

17:45:26.0633 4644 WcsPlugInService - ok

17:45:26.0654 4644 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

17:45:26.0656 4644 Wd - ok

17:45:26.0699 4644 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

17:45:26.0722 4644 Wdf01000 - ok

17:45:26.0736 4644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

17:45:26.0754 4644 WdiServiceHost - ok

17:45:26.0757 4644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

17:45:26.0773 4644 WdiSystemHost - ok

17:45:26.0821 4644 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

17:45:26.0841 4644 WebClient - ok

17:45:26.0862 4644 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

17:45:26.0884 4644 Wecsvc - ok

17:45:26.0897 4644 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

17:45:26.0909 4644 wercplsupport - ok

17:45:26.0938 4644 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

17:45:26.0948 4644 WerSvc - ok

17:45:26.0971 4644 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

17:45:26.0973 4644 WfpLwf - ok

17:45:26.0982 4644 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

17:45:26.0986 4644 WIMMount - ok

17:45:27.0010 4644 WinDefend - ok

17:45:27.0029 4644 WinHttpAutoProxySvc - ok

17:45:27.0085 4644 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

17:45:27.0090 4644 Winmgmt - ok

17:45:27.0134 4644 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\real temp\WinRing0x64.sys

17:45:27.0135 4644 WinRing0_1_2_0 - ok

17:45:27.0242 4644 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

17:45:27.0277 4644 WinRM - ok

17:45:27.0327 4644 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

17:45:27.0331 4644 WinUsb - ok

17:45:27.0376 4644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

17:45:27.0408 4644 Wlansvc - ok

17:45:27.0435 4644 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

17:45:27.0446 4644 WmiAcpi - ok

17:45:27.0495 4644 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

17:45:27.0500 4644 wmiApSrv - ok

17:45:27.0513 4644 WMPNetworkSvc - ok

17:45:27.0534 4644 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

17:45:27.0545 4644 WPCSvc - ok

17:45:27.0571 4644 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

17:45:27.0584 4644 WPDBusEnum - ok

17:45:27.0595 4644 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

17:45:27.0597 4644 ws2ifsl - ok

17:45:27.0614 4644 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

17:45:27.0626 4644 wscsvc - ok

17:45:27.0629 4644 WSearch - ok

17:45:27.0709 4644 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

17:45:27.0787 4644 wuauserv - ok

17:45:27.0822 4644 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

17:45:27.0825 4644 WudfPf - ok

17:45:27.0906 4644 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

17:45:27.0911 4644 WUDFRd - ok

17:45:27.0958 4644 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

17:45:27.0979 4644 wudfsvc - ok

17:45:28.0016 4644 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

17:45:28.0037 4644 WwanSvc - ok

17:45:28.0067 4644 ================ Scan global ===============================

17:45:28.0109 4644 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

17:45:28.0161 4644 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

17:45:28.0191 4644 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

17:45:28.0233 4644 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

17:45:28.0280 4644 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

17:45:28.0313 4644 [Global] - ok

17:45:28.0314 4644 ================ Scan MBR ==================================

17:45:28.0330 4644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

17:45:28.0496 4644 \Device\Harddisk0\DR0 - ok

17:45:28.0502 4644 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

17:45:28.0507 4644 \Device\Harddisk1\DR1 - ok

17:45:28.0507 4644 ================ Scan VBR ==================================

17:45:28.0510 4644 [ E31E7215DF15577A4FB49A8919B4EE9A ] \Device\Harddisk0\DR0\Partition1

17:45:28.0512 4644 \Device\Harddisk0\DR0\Partition1 - ok

17:45:28.0523 4644 [ AE94948DFA6E7D1481D508A1AED1AD6D ] \Device\Harddisk0\DR0\Partition2

17:45:28.0525 4644 \Device\Harddisk0\DR0\Partition2 - ok

17:45:28.0529 4644 [ C86FCA98F83FF100385B6C439B763B66 ] \Device\Harddisk1\DR1\Partition1

17:45:28.0532 4644 \Device\Harddisk1\DR1\Partition1 - ok

17:45:28.0533 4644 ============================================================

17:45:28.0533 4644 Scan finished

17:45:28.0533 4644 ============================================================

17:45:28.0544 4136 Detected object count: 0

17:45:28.0544 4136 Actual detected object count: 0

RKReport log

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Mills [Admin rights]

Mode : Scan -- Date : 05/22/2013 17:49:54

| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] adwcleaner.exe -- C:\Users\Mills\Desktop\fixers\adwcleaner.exe [-] -> KILLED [TermProc]

[sUSP PATH] tdsskiller.exe -- C:\Users\Mills\Desktop\fixers\tdsskiller.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Main +++++

--- User ---

[MBR] 9cb464823d4be33f31288d79ae879694

[bSP] c7b0685e1627b42664208cacfecf0904 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953772 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

+++++ PhysicalDrive1: SAMSUNG HD501LJ USB Device +++++

--- User ---

[MBR] d9ec3f655da79fdb5bcd4439e57b1066

[bSP] 5e199c479504aaac2663a10a7afa6115 : Empty MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[4]_S_05222013_02d1749.txt >>

RKreport[1]_S_05162013_02d2223.txt ; RKreport[2]_D_05162013_02d2225.txt ; RKreport[3]_S_05162013_02d2231.txt ; RKreport[4]_S_05222013_02d1749.txt

Link to post
Share on other sites

The Tdsskiller & the Roguekiller results are good. Nothing malicious found by those 2.

There are some adwares to remove:

  • Close any open documents/programs & all internet browsers you have running.
  • Please start AdwCleaner
  • Click on Delete button.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
  • Note: You can find the logfile at C:\AdwCleaner[s1]

NEXT:

Using Internet Explorer browser (only!) go to http://support.microsoft.com/kb/923737

[ignore any DOES NOT APPLY warning as well as the APPLIES TO section],

run the Fix It and then reboot.

Tip: For optimal results, enable the Delete personal settings option.

While in IE, press Shift+CTRL+Delete keys and delete temporary internet cache files.

NEXT:

You will want to print out or copy these instructions to Notepad for offline reference!

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://go.eset.com/us/online-scanner/faq

    • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
      (And the prompt re-enabling when finished.)
    • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    • Do not use the system while the scan is running. Once the full scan is underway, go take a long break popcorn.gifpepsi.gif

Re-enable the antivirus program.

Reply with copy of the Eset scan log

Download Security Check by screen317 from >>here<<.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

# AdwCleaner v2.301 - Logfile created 05/22/2013 at 20:16:05

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Mills - MILLS7

# Boot Mode : Normal

# Running from : C:\Users\Mills\Desktop\fixers\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : BCUService

Stopped & Deleted : DvmMDES

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\DeviceVM

***** [Registry] *****

Key Deleted : HKCU\Software\DeviceVM

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}

Key Deleted : HKLM\Software\DeviceVM

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [bCU]

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Mills\AppData\Roaming\Mozilla\Firefox\Profiles\nh1h2bwk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Mills\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2149 octets] - [22/05/2013 17:42:57]

AdwCleaner[s1].txt - [2132 octets] - [22/05/2013 20:16:05]

########## EOF - C:\AdwCleaner[s1].txt - [2192 octets] ##########

Link to post
Share on other sites

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=8

# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=3e9d5a364e824a42b63b32517383d10a

# engine=13891

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-05-23 03:09:21

# local_time=2013-05-22 10:09:21 (-0600, Central Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 29 52482027 60498746 0 0

# scanned=254101

# found=0

# cleaned=0

# scan_time=5487

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.64

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 10

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.75.0.1300

Java 6 Update 20

Java 7 Update 17

Java version out of Date!

Adobe Flash Player 11.7.700.202

Adobe Reader 9

Mozilla Firefox 20.0.1 Firefox out of Date!

Google Chrome 26.0.1410.43

Google Chrome 26.0.1410.64

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member TFD2001 only. If you are a casual viewer, do NOT try this on your system!

If you are not TFD2001 and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop cf-icon.jpg and select "Run as Administrator".

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log

and tell me, How is the system now icon_question.gif

Re-enable your antivirus program.

Link to post
Share on other sites

Downloaded, and ran combofix tonight. Problems still exist/persist after the run, and reboot.. Please see the attached Combofix.txt

ComboFix 13-05-27.02 - Mills 05/27/2013 19:41:39.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12286.10058 [GMT -5:00]

Running from: c:\users\Mills\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Mills\Desktop\Setup.exe

c:\windows\SysWow64\local.txt

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-28 )))))))))))))))))))))))))))))))

.

.

2013-05-28 00:54 . 2013-05-28 00:54 -------- d-----w- c:\users\Mcx1-MILLS7\AppData\Local\temp

2013-05-28 00:54 . 2013-05-28 00:54 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-23 01:32 . 2013-05-23 01:32 -------- d-----w- c:\program files (x86)\ESET

2013-05-22 22:39 . 2013-05-22 22:39 -------- d-----w- c:\program files (x86)\ERUNT

2013-05-20 21:10 . 2013-05-20 21:10 -------- d-----w- c:\program files\Enigma Software Group

2013-05-20 21:08 . 2013-05-20 22:03 -------- d-----w- c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP

2013-05-15 22:35 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-05-15 22:35 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 22:35 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll

2013-05-15 22:35 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll

2013-05-15 22:35 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll

2013-05-15 22:35 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll

2013-05-15 22:35 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe

2013-05-15 22:35 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll

2013-05-15 22:35 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll

2013-05-15 22:35 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-05-15 22:35 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll

2013-05-15 22:34 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys

2013-05-14 22:53 . 2013-05-14 22:53 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A76BC3BA-FDCF-46E0-8318-EFDFF0FFB743}\offreg.dll

2013-05-14 22:52 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A76BC3BA-FDCF-46E0-8318-EFDFF0FFB743}\mpengine.dll

2013-05-13 07:05 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-04-30 03:04 . 2013-04-30 03:04 -------- d-----w- c:\users\Mills\AppData\Roaming\DlinkViewCam

2013-04-30 02:59 . 2013-04-30 02:59 -------- d-----w- c:\program files (x86)\Activation

2013-04-30 02:52 . 2013-04-30 02:52 -------- d-----w- c:\program files (x86)\D-Link

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-16 22:27 . 2010-03-12 23:34 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2013-05-16 22:27 . 2010-03-12 23:29 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2013-05-16 22:27 . 2010-03-12 23:29 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2013-05-16 08:08 . 2010-03-12 23:03 75016696 ----a-w- c:\windows\system32\MRT.exe

2013-05-14 22:54 . 2012-05-10 21:38 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-14 22:53 . 2011-06-20 21:09 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-02 15:29 . 2010-03-12 23:02 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-04-23 20:38 . 2013-04-23 20:39 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2185C2A3-8C4F-44DC-903B-CAC8FCDD7788}\gapaengine.dll

2013-04-13 05:49 . 2013-05-15 22:35 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49 . 2013-05-15 22:35 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49 . 2013-05-15 22:35 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49 . 2013-05-15 22:35 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45 . 2013-05-15 22:35 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45 . 2013-05-15 22:35 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 14:45 . 2013-04-23 20:39 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-04 19:50 . 2011-04-27 03:08 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-19 06:04 . 2013-04-10 21:13 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-10 21:13 43520 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-10 21:13 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 21:13 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-10 21:13 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-10 21:13 112640 ----a-w- c:\windows\system32\smss.exe

2013-03-13 20:51 . 2013-03-13 20:51 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-13 20:51 . 2013-02-18 23:14 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-03-13 20:51 . 2010-04-24 22:01 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"44225B1786A2EBF23F237EC921537BA85BF6512C._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-04-09 1312720]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]

"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-04 25600]

"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

"QFan Help"="c:\program files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [2010-03-25 611968]

"T Probe"="c:\program files (x86)\ASUS\T Probe\TProbe.exe" [2009-10-20 4010496]

"TurboV EVO"="c:\program files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" [2010-07-07 9936000]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-26 343168]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"PowerPanel Personal Edition User Interaction"="c:\program files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe" [2012-03-27 350144]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Mills\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Launch Jawbone Updater.lnk - c:\program files (x86)\Jawbone\LaunchJU.exe [2013-3-14 64120]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R1 bdhrogwa;bdhrogwa;c:\windows\system32\drivers\bdhrogwa.sys [x]

R1 bryudyxv;bryudyxv;c:\windows\system32\drivers\bryudyxv.sys [x]

R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]

R1 uibamops;uibamops;c:\windows\system32\drivers\uibamops.sys [x]

R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2010-06-24 109056]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]

R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]

R3 cpuz130;cpuz130;c:\users\Mills\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-03-12 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-03-12 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-06-04 202776]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-06-04 1417240]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-06-04 94744]

R3 libusb0;Jawbone LibUsb-Win32 - Kernel Driver 09/22/2011,1.2.5.0;c:\windows\system32\DRIVERS\libusb0.sys [2012-11-29 52320]

R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 31744]

R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 slsusb;Edge CS/CTS Device Driver;c:\windows\system32\Drivers\slsusb.sys [2012-09-26 31328]

R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\DRIVERS\gtkdrv.sys [2012-01-04 16640]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-06 1255736]

R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\real temp\WinRing0x64.sys [2010-04-14 14544]

S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]

S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 204288]

S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-09-08 87992]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]

S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]

S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]

S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]

S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-02-11 603896]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-06-04 202776]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-06-04 1417240]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-06-04 94744]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-15 07:04 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 22:54]

.

2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 20:37]

.

2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 20:37]

.

2013-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2250279306-3369638872-2566183304-1001Core.job

- c:\users\Mills\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-28 21:12]

.

2013-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2250279306-3369638872-2566183304-1001UA.job

- c:\users\Mills\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-28 21:12]

.

.

--------- X64 Entries -----------

.

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;192.168.*.*

TCP: DhcpNameServer = 97.64.168.12 97.64.183.165

DPF: {22CF8705-058B-4C21-9F44-09FEC1175BEB} - hxxp://192.168.0.7/camclictrl.cab

DPF: {3528A58B-595D-4AFD-A5F6-B914BD306DC3} - hxxp://dishconnectivity.sling.com/dpit/downloads/pc/SlingHealth.cab

DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} - hxxp://192.168.0.7/camclictrl.cab

DPF: {89A32C64-6176-4D10-BCA3-10B0079818FA} - hxxps://exchange2010.chidomain.local:3443/webconsole/RIMWebComponents.cab

FF - ProfilePath - c:\users\Mills\AppData\Roaming\Mozilla\Firefox\Profiles\nh1h2bwk.default\

FF - ExtSQL: !HIDDEN! 2011-12-29 21:21; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-Launch PC Probe II - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1 - c:\program files (x86)\GridinSoft Trojan Killer\unins000.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2250279306-3369638872-2566183304-1001\Software\SecuROM\License information*]

"datasecu"=hex:4f,f5,7d,9d,da,f1,27,d9,bc,33,70,70,c8,61,20,fc,0d,01,2b,2e,ad,

ec,56,1f,f7,43,fc,6a,47,18,23,bb,cf,40,8d,7d,38,a8,03,11,61,b8,ff,5d,10,9b,\

"rkeysecu"=hex:5a,09,44,6d,52,b1,d9,43,51,73,9c,25,6f,15,07,32

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-05-27 20:04:14

ComboFix-quarantined-files.txt 2013-05-28 01:04

.

Pre-Run: 768,810,409,984 bytes free

Post-Run: 773,311,602,688 bytes free

.

- - End Of File - - 61EDE153630FFEA25241F37AF111D439

Link to post
Share on other sites

If you have any prior copy of mbar.exe then delete it.

1. Download Malwarebytes Anti-Rootkit from http://www.malwarebytes.org/products/mbar/

2. Unzip the contents to a folder in a convenient location.

3. Open the folder where the contents were unzipped and run mbar.exe

IF your Windows is Windows 8 or 7 or Vista, do a RIGHT-Click on mbar.exe and select Run As Administrator and allow to run.

If your Windows is XP, double-click to start.

4. Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

5. Click on the Cleanup button to remove any threats and reboot if prompted to do so.

6. Wait while the system shuts down and the cleanup process is performed.

7. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

Link to post
Share on other sites

Came up clean... Here's the log:

Malwarebytes Anti-Rootkit BETA 1.06.0.1003

www.malwarebytes.org

Database version: v2013.05.28.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16576

Mills :: MILLS7 [administrator]

5/27/2013 9:18:22 PM

mbar-log-2013-05-27 (21-18-22).txt

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P

Scan options disabled: Deep Anti-Rootkit Scan | PUP

Objects scanned: 275929

Time elapsed: 9 minute(s), 38 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Outdated & insecure Java

This has several outdated and insecure Java runtimes:

Java Auto Updater

Java 7 Update 17

Java 6 Update 20

Java 6 Update 20 (64-bit)

Java vulnerabilities are a never ending occurence. Bottom line is, if your system does not have an installed 3rd-party application that needs it, then unistall it.

If you do have that dependency, then turn off Java in your browsers.

If somehow, you have a often-used website that needs Java to display all information, then just use a specific browser and only allow Java in that one.

  • A: If you decide to keep Java:
    The Java runtime components are typically located at
    C:\Program Files (x86)\Java\jre7\bin
    Locate javacpl.exe the Java control panel.
    Right click and select Open
    Click on the Update tab
    Put a checkmark at "Check for updates automatically"
    On the General tab, under Temporary Internet Files, click the Settings button.
    Next, click on the Delete Files button
    Checkmark (select) all boxes you can & Click OK on Delete Temporary Files Window.
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    Click OK to leave the Temporary Files Window
    Click on the Advanced tab
    Expand Miscellaneous:
    Un-check "place Java icon in system tray"
    Un-check "Java quick starter"
    Exit/close
    You need to remove older versions of Java runtime. Do this:
    Download & Save to your Desktop or a new folder Javara.zip
    Extract the contents of the zip file. Then double click Javara.exe to run it.
    JavaRa is a simple tool that does a simple job: it removes old and redundant versions of the Java Runtime Environment (JRE).
  • B: If you want to disable Java in your browser:
    How to disable Java in various browsers : http://blog.eset.com/2012/08/29/disabling-java-a-safer-way-to-browse
    Also see No, Seriously, Just Disable Java in Your Browser Right Now

As noted by Brian Krebs,

Most consumers can get by without Java installed, or least not plugged into the browser. Because of the prevalence of threats targeting Java installations, I’d urge these users to remove Java or unplug it from the browser. If this is too much trouble, consider adopting a dual-browser approach, keeping Java unplugged from your main browser, and plugged in to a secondary browser that you only use to visit sites that require the plugin.

Also see How to protect your computer against dangerous Java Applets

Firefox out of date

Your Firefox is out of date & needs the latest released version.

Start Firefox. Select Help >> About Firefox. Then click on Check for Updates button.

Let it download and Apply and allow it to restart Firefox to complete the update.

MS Security Essentials

Can you start MS Security Essentials? Can you do an Update run ? Can you run a scan with it?

Can you turn ON the real-time protection?

Please advise.

Link to post
Share on other sites

Java has been removed, at least for now.. Firefox has been updated, and does not seem to display the same issue, so Chrome and Firefox, are thus far, uneffected by this specific issue. Security Essentials will NOT start, and it cannot not be removed to be reinstalled. The service errors out with a "no permissions" message if trying to start it manually, and the uninstaller won't work either because it says I don't have permission to run it (even though I'm the administrator of the machine, and thus far, can run any other installer/uninstaller... Reference my first post for images attached for reference of what I see..

Link to post
Share on other sites

Try using Internet Explorer to do downloads that we need here. IE should be ok in that respect.

Let's give MSE uninstall the one-two punch (to remove it), then download the latest version & save & new MSE setup.

Reminder that since you are on WIN7 that you need to do a Right-click on each tool, select Run as Administrator and Allow to run.

See this Microsoft article http://support.microsoft.com/kb/2483120

To remove MS Security Essentials, click on the Fix it button for Fix it # 50692

You will see it just under the title "Fix It for me".

When all completed, logoff and restart the system fresh.

[color-darkblue] 2

Please download and install Revo Uninstaller Free

Double click Revo Uninstaller to run it.

From the list of programs double click on Micrsoft Security Essentials ....if found & if listed

When prompted if you want to uninstall click Yes.

Be sure the Moderate option is selected then click Next.

The program will run, If prompted again click Yes

when the built-in uninstaller is finished click on Next.

Once the program has searched for leftovers click Next.

Check/tick the bolded items only on the list then click Delete

when prompted click on Yes and then on next.

put a check on any folders that are found and select delete

when prompted select yes then on next

Once done click Finish.

Now, Restart Windows fresh.

[color-darkblue] 3

Use Internet Explorer

Get and SAVE the latest MSE .....saving it to a unique folder

Microsoft Security Essentials

[color-darkblue] 4

Now Right-click the MSE-Setup exe and follow all directions.

When setup is complete, do a new Run and do an Update run.

And check to see that the Real-time protection is ON

Let me know the results, with detail ....if something burps.

I would suspect that REVO may not find remainders of Security Essentials, so do not let that stop you.

Link to post
Share on other sites

Things have seemed to improve somewhere.. I WAS able to download save/install the files listed above with IE, however, after doing the instructions for removal of the MS Security Essentials, rebooting, and running as administrator the MS Security Essentials installer, it still failed to install, with the attached message.

post-140216-0-90303400-1369780557.jpg

Link to post
Share on other sites

Wonder if a windows service is mia. Do the following and let me know the results. I'll check back on you later this evening.

Windows services

This will be a batch-fix .

  • Press the Windows-key on keyboard.
  • In the 10-16-2011%204-33-46%20PM.png box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo off
    sc stop wuauserv
    sc stop bits
    sc config dcomlaunch start= auto
    sc config nsi start= auto
    sc config dhcp start= auto
    sc config rpcss start= auto
    sc config winmgmt start= auto
    sc config wscsvc start= delayed-auto
    sc config bits start= delayed-auto
    sc config wuauserv start= delayed-auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    sc config eventlog start= auto
    sc config bfe start= auto
    sc config eventsystem start= auto
    sc start sdrsvc
    sc start vss
    sc start rpcss
    sc start eventsystem
    sc start bfe
    sc start bits
    sc start wuauserv
    shutdown -r -t 1
    del %0


  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the 10-16-2011%204-37-58%20PM.png box, type in Fix.bat.
  • Press 10-16-2011%204-36-39%20PM.png.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose 10-16-2011%204-40-48%20PM.png.
  • Press Yes if prompted by User Account Control.

This procedure will do its tasks and then it will Restart Windows.

Step 2

Check for missing or disabled Windows services, by doing the following, and post detailed results when done !!

From Start button, (or Win-key +R) and in the search-text-box type in MSCONFIG and press OK or Enter.

On Vista or Windows 7, press Windows-key on keybooard, and type in MSCONFIG

You should see the General tab. Click the General tab. It should have Normal startup selected (in the radio-box=selection)

IF it does not, then you click on Normal startup.

Click on Services tab. To get it's display of services.

Keep a written list of any changes from my list of services below. That way you and I have a reference document.

Look at the bottom line Hide all Microsoft services

IF and only IF its is checkmarked, then un-check it.

the list of servies may be shown in non-alphabetical order, so ....

Look at the heading titled "Service". Click on it as needed so the list is sorted and top of list starts with the "A" services.

You can toggle as needed to get the desired order.

IF any of below services are NOT shown, don't panic & do not stop, just write down the info for me and proceed with the others !

Then using the scroll-bar scroll down the list

Look for Background Intelligent Transfer Service. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Base Filtering Engine. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Cryptographic Services. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

When done, press the Apply button, and the OK button.

You're likely to be prompted to Restart Windows, do so.

If not prompted, you do a Logoff and Restart of Windows.

Then report back here with details.

If any of the services are not shown, just let me know which.

Link to post
Share on other sites

Look for Background Intelligent Transfer Service. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for Base Filtering Engine. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Checked but not running

Look for Cryptographic Services. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Check and not running

Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Checked and not running

Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Checked and running

Link to post
Share on other sites

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or 8 or Vista, Right-Click on fss.exe and select Run As Administrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other services

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

Link to post
Share on other sites

Farbar Service Scanner Version: 25-05-2013

Ran by Mills (administrator) on 28-05-2013 at 19:08:51

Running from "C:\Users\Mills\Desktop\fixers"

Windows 7 Professional Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll

[2009-07-13 18:54] - [2009-07-13 20:41] - 1011712 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\ipnathlp.dll => MD5 is legit

C:\Windows\System32\iphlpsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.