Possbile Virus - Very Slow Internet - Security Cleanup

Author

All Replies

av8tor

@sbcglobal.net

Possbile Virus - Very Slow Internet

OTL.Txt 123,944 bytes

Hello everyone. First off, thanks for this great forum! It is a real lifesaver. Now, my computer has been completely fine and running well until a few days ago. We found that our 14 year old son was trying to download/look at pornography and we think he may have downloaded a virus. The internet has dropped to a terribly slow speed, just on this one computer. When doing a speed test, it's downloading right at 1mb when all our other computers on the home network download at around 6mb. I followed everything on the "Mandatory Steps" page and everything seemed to work as it should have. Most of the scans really didn't reveal much, though the day after running them the internet is slightly faster, (2.5-3mb) but not up to normal speed. We're hoping you can help! Thanks!

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.01.08

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Kurt :: KURT-PC [administrator]

2/1/2013 12:44:27 PM
mbam-log-2013-02-01 (12-44-27).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 463059
Time elapsed: 29 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

OTL Extras logfile created on: 2/3/2013 5:08:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kurt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.85 Gb Total Physical Memory | 6.38 Gb Available Physical Memory | 81.27% Memory free
15.70 Gb Paging File | 14.04 Gb Available in Paging File | 89.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1837.84 Gb Total Space | 1654.20 Gb Free Space | 90.01% Space Free | Partition Type: NTFS
Drive D: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 14.83 Gb Total Space | 2.61 Gb Free Space | 17.63% Space Free | Partition Type: FAT32

Computer Name: KURT-PC | User Name: Kurt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2CAF65C0-2D44-4780-B82D-B4D3EE765D02}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{98C24C12-7F18-4CFD-85A5-99375846373D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DF8E708-8B60-4A0A-B65B-AAA700135781}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{0F5EFF10-96EF-45A2-8484-DF1BFD696475}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{27C48E81-DD88-4C89-AF03-0ED67634BA08}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{36518FB2-7A90-433B-8A2D-C7BE65712613}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{38F12380-F1C0-468A-9450-2121C593D02C}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{4F80E9FB-8B8B-4885-A9E8-FC58CC89F516}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{68DAB0D1-4FF3-4A94-B6BF-F8E61D1645E5}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{8C7F06F9-2F28-47EB-8826-5916577AB401}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{902E1248-D305-41B8-9DA1-E1E2B712B780}" = dir=in | app=c:\users\kurt\appdata\local\microsoft\skydrive\skydrive.exe |
"{A1140869-6E31-4BB2-B5F2-221941C95107}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{ADF91832-C444-4A85-8E3F-44AE466AEE9C}" = dir=in | app=c:\users\kurt\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{B84E6EEB-D997-4221-B4E2-80EE5E30254C}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{BB91295C-E815-43A9-8F45-E77D12AAFE4D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C0D5ADDB-6C8B-40D7-9C6C-5A5F3DC9DA72}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{C36F0DCE-9FEB-4657-BA64-223B8D370BC5}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{CDA9D4E8-A890-4460-B28D-82DB63129FFC}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{CE12A3FF-0475-4F75-B8FE-4860640131C7}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{D2D4DA44-40D1-4A7E-B25A-168FD0BE6918}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D4C4E0D1-40FF-4DAD-BB94-DB19271D4E24}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D9060D7A-9E6F-48FC-BE7E-33A63065355C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DE447361-AE10-4157-A04F-0C1C8600ACA4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E1A3BD7C-F879-4228-B7E6-9B99335D8FE2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E66CB39B-48B8-4A5C-B396-20FC1EB68E03}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{EF52C3F8-A943-4D97-B280-3A314C24C431}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{07CA3782-2B80-4267-A88A-AF28B2598CCE}C:\program files (x86)\vrc\vrc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vrc\vrc.exe |
"TCP Query User{5DD2A4CF-BA39-45C1-8883-73AE15C98D14}C:\homemeeting\joinnet\joinnetu.exe" = protocol=6 | dir=in | app=c:\homemeeting\joinnet\joinnetu.exe |
"TCP Query User{5EBD20AE-B912-42CB-96E7-1DCF00DE7CAD}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe |
"UDP Query User{2C4BE58B-F423-4178-B98A-10A81E4835DE}C:\homemeeting\joinnet\joinnetu.exe" = protocol=17 | dir=in | app=c:\homemeeting\joinnet\joinnetu.exe |
"UDP Query User{76FBC09B-61C5-45AE-8BDE-B64F9300CBB4}C:\program files (x86)\vrc\vrc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vrc\vrc.exe |
"UDP Query User{E08F229B-3553-46C1-96BC-482D5C9A617E}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F4330A8B-3610-4483-975E-69789B70A764}" = HP Photosmart Plus B210 series Basic Device Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSet" = Intel(R) Network Connections Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{11B5A3EB-8B76-46A9-A4B7-1C1FF5A3AAFD}" = Watchtower Library 2012 - English
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus
"{2DC240EA-51B1-4CC4-A0E5-4E4399CD7302}" = Serif PagePlus X4
"{30D8FBE2-A983-4274-B267-EEFBFB0DB5F7}" = Watchtower Library 2012 - español
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Lenovo Power2Go
"{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}" = DIRECTV Player
"{45970CD1-D599-47D4-938F-3E9800D54ED1}" = Lenovo Driver and Application Installation
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5183D7AB-D09B-411F-A74E-BBAEA61C6505}" = Lenovo Eye Distance System
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73F45815-D7E6-B8D4-37F8-DBB540D8B367}" = Picaboo Desktop
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{913D0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard for Students and Teachers
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93EC091-461F-46EE-BAE1-327EB608AA60}" = Serif PagePlus X4 Resources
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B266E062-D6C5-485B-B426-51B152B041A6}" = Lenovo Blacksilk USB Keyboard Driver
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59E019B-0952-4B72-A382-68A72224F88F}" = GNS400W-500W Trainer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D3063097-EC84-4D21-84A4-9D852E974355}" = LVT
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D9ED6D06-6002-495E-A7BC-46E6AE386996}" = Lenovo Dynamic Brightness System
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"avast" = avast! Free Antivirus
"com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1" = Picaboo Desktop
"Desura" = Desura
"Dream Fleet DreamManager A36 Pack_is1" = Dream Fleet DreamManager A36 Pack 1.0.0
"DreamFleet A36 Bonanza R3" = DreamFleet A36 Bonanza R3
"DreamFleet DreamManager_is1" = DreamFleet DreamManager 1.1.0
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Google Chrome" = Google Chrome
"Heroes & Generals" = Heroes & Generals
"HomeMeeting JoinNet 4.4.0" = HomeMeeting JoinNet 4.4.0
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Lenovo Power2Go
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Opera 12.12.1707" = Opera 12.12
"SquawkBox" = SquawkBox
"VideoPad" = VideoPad Video Editor
"VRC" = VRC
"WinLiveSuite" = Windows Live Essentials

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"a0366b858a7feebe" = TutorABC_Helper
"SkyDriveSetup.exe" = Microsoft SkyDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 1/24/2013 9:00:33 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4992

Error - 1/24/2013 9:00:33 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992

Error - 1/24/2013 9:00:34 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/24/2013 9:00:34 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5991

Error - 1/24/2013 9:00:34 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5991

Error - 1/24/2013 9:00:35 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/24/2013 9:00:35 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6989

Error - 1/24/2013 9:00:35 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6989

Error - 1/24/2013 9:00:36 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/24/2013 9:00:36 PM | Computer Name = Kurt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8003

[ System Events ]
Error - 1/5/2013 1:56:33 PM | Computer Name = Kurt-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 1/10/2013 5:00:52 AM | Computer Name = Kurt-PC | Source = DCOM | ID = 10010
Description =

Error - 1/10/2013 5:19:49 AM | Computer Name = Kurt-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 1/11/2013 11:40:05 AM | Computer Name = Kurt-PC | Source = DCOM | ID = 10010
Description =

Error - 1/14/2013 5:33:20 PM | Computer Name = Kurt-PC | Source = Service Control Manager | ID = 7034
Description = The Google Update Service (gupdate) service terminated unexpectedly.
It has done this 1 time(s).

Error - 1/14/2013 5:33:50 PM | Computer Name = Kurt-PC | Source = DCOM | ID = 10010
Description =

Error - 1/16/2013 1:57:48 PM | Computer Name = Kurt-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 1/20/2013 3:16:41 PM | Computer Name = Kurt-PC | Source = Service Control Manager | ID = 7034
Description = The Google Update Service (gupdate) service terminated unexpectedly.
It has done this 2 time(s).

Error - 1/20/2013 3:17:11 PM | Computer Name = Kurt-PC | Source = DCOM | ID = 10010
Description =

Error - 1/29/2013 5:14:32 PM | Computer Name = Kurt-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x64 [color=red](UAC is disabled!)[/color]
Internet Explorer 9
[u]``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
avast! Antivirus
Lavasoft Ad-Aware
Antivirus up to date!
[u]`````````Anti-malware/Other Utilities Check:`````````[/u]
Ad-Aware
Malwarebytes Anti-Malware version 1.70.0.1100
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 [color=red]Adobe Reader out of Date![/color]
Mozilla Firefox (18.0.1)
Google Chrome 24.0.1312.57
[u]````````Process Check: objlist.exe by Laurent````````[/u]
[color=red]Ad-Aware AAWService.exe is disabled![/color]
[color=red]Ad-Aware AAWTray.exe is disabled![/color]
Ad-Aware Antivirus AdAwareService.exe
Ad-Aware Antivirus SBAMSvc.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
[u]`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 1%
[u]````````````````````End of Log``````````````````````[/u]

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=67cb0717139b334c8e5085bebebeed3d
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-04 12:44:16
# local_time=2013-02-03 06:44:16 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 100 91 0 135726928 0 0
# compatibility_mode=5893 16776574 100 94 363203 111482106 0 0
# scanned=253841
# found=0
# cleaned=0
# scan_time=4776

to forum · permalink · 2013-02-04 22:25:22 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

OTL logfile created on: 2/3/2013 5:08:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kurt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.85 Gb Total Physical Memory | 6.38 Gb Available Physical Memory | 81.27% Memory free
15.70 Gb Paging File | 14.04 Gb Available in Paging File | 89.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1837.84 Gb Total Space | 1654.20 Gb Free Space | 90.01% Space Free | Partition Type: NTFS
Drive D: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 14.83 Gb Total Space | 2.61 Gb Free Space | 17.63% Space Free | Partition Type: FAT32

Computer Name: KURT-PC | User Name: Kurt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/02/03 17:08:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kurt\Downloads\OTL(1).exe
PRC - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 20:38:46 | 001,236,968 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/12/11 17:20:50 | 000,542,104 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/10/30 17:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2012/01/18 00:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/08 10:41:42 | 000,118,784 | ---- | M] (Lenovo) -- C:\Windows\jmesoft\hotkey.exe
PRC - [2010/10/08 11:49:40 | 000,285,696 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
PRC - [2010/10/05 07:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 07:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/04 18:59:28 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/01/10 03:27:34 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b95e7795ea5951d09521cddfc03b5c4e\Microsoft.VisualBasic.ni.dll
MOD - [2013/01/10 03:27:24 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/10 03:25:11 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/10 03:25:00 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 03:24:53 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/10 03:24:44 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/10 03:24:39 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 03:24:37 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/10 03:24:31 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/10 03:24:27 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 03:24:25 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 03:24:25 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 03:24:21 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010/09/20 20:55:52 | 000,182,272 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Brightness System\ddcHelperWraper.dll
MOD - [2010/09/20 12:08:10 | 000,210,432 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll
MOD - [2009/12/04 19:04:32 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
MOD - [2009/12/04 18:59:54 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/07/11 12:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/18 23:38:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/09 13:57:27 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 20:38:46 | 001,236,968 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/10/01 10:42:26 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/01/18 00:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/03/16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/15 22:47:40 | 000,032,768 | ---- | M] () [Disabled | Stopped] -- C:\Windows\jmesoft\Service.exe -- (JME Keyboard)
SRV - [2010/10/05 07:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 07:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2013/01/31 19:05:14 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2012/12/17 06:43:13 | 000,038,096 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/10/30 17:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 17:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 17:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 17:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 17:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 10:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/12 20:19:38 | 000,082,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/10 12:01:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/02/10 12:01:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/01/18 00:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 00:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/01/18 00:44:14 | 000,025,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 22:53:18 | 012,252,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/10/14 10:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/21 00:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/09/20 19:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/20 03:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/06/23 19:23:52 | 000,947,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2009/07/21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 15:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/08 08:43:04 | 000,020,832 | ---- | M] (Nicomsoft Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2010/03/22 20:13:08 | 000,015,712 | ---- | M] (Nicomsoft Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = »www.bing.com/search?q={searchTer···earchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = »www.google.com/search?q={searchT···ceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = »www.bing.com/search?q={searchTer···earchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = »www.google.com/search?q={searchT···ceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = »www.google.com/ig/redirectdomain···mod=LEND
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »email.mc.vanderbilt.edu/owa/auth···2fowa%2f
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = »www.bing.com/search?q={searchTer···earchBox
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = »www.google.com/search?sourceid=i···500US500
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = »www.google.com/search?q={searchT···ceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@live.heroesandgenerals.com/npretox: C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Kurt\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Kurt\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kurt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Kurt\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/31 21:43:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/31 19:02:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/18 23:38:41 | 000,000,000 | ---D | M]

[2012/09/07 09:01:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kurt\AppData\Roaming\Mozilla\Extensions
[2013/01/31 19:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cuny2.default\extensions
[2013/01/31 19:01:58 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cuny2.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013/01/18 23:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/18 23:38:42 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/05 19:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 19:49:59 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: »www.google.com
CHR - homepage: »www.google.com
CHR - Extension: Docs = C:\Users\Kurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Kurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Kurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Kurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Kurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-06 10:19:32 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe (Lenovo)
O4 - HKLM..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} »appldnld.apple.com.edgesuite.net···ugin.cab (QuickTime Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36416BA8-004C-4054-B824-8E30703989DB}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/02/03 17:01:32 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/02/03 17:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/03 17:01:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/02/03 16:54:08 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Kurt\Desktop\TFC.exe
[2013/02/01 12:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/02/01 12:38:54 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Roaming\SUPERAntiSpyware.com
[2013/02/01 12:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/02/01 12:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/02/01 12:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/02/01 12:38:21 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Roaming\Malwarebytes
[2013/02/01 12:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/02/01 12:37:59 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\Programs
[2013/01/31 23:11:32 | 000,038,096 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfiark.sys
[2013/01/31 21:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/01/31 21:44:31 | 000,370,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/01/31 21:44:31 | 000,025,232 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/01/31 21:44:29 | 000,059,728 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/01/31 21:44:29 | 000,054,072 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/01/31 21:44:28 | 000,984,144 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/01/31 21:44:23 | 000,285,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/01/31 21:44:23 | 000,071,600 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/01/31 21:43:41 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2013/01/31 21:43:41 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/01/31 21:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/01/31 21:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/31 19:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/01/31 19:18:16 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Roaming\LavasoftStatistics
[2013/01/31 19:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/01/31 19:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/01/31 19:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013/01/31 19:05:14 | 000,047,496 | ---- | C] (GFI Software) -- C:\windows\SysNative\sbbd.exe
[2013/01/31 19:05:14 | 000,014,456 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2013/01/31 19:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/01/31 19:02:02 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\adawarebp
[2013/01/31 19:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/01/31 19:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/01/31 19:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2013/01/31 19:01:04 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Roaming\Ad-Aware Antivirus
[2013/01/31 18:55:48 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/01/31 18:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/01/31 18:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/29 15:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2013/01/29 15:25:12 | 000,000,000 | ---D | C] -- C:\GNS430
[2013/01/29 15:07:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealityXP
[2013/01/29 15:06:37 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamFleet
[2013/01/29 15:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamFleet
[2013/01/29 15:04:46 | 000,000,000 | ---D | C] -- C:\DreamFleet
[2013/01/29 15:02:02 | 000,100,464 | ---- | C] (devSoft Inc. - www.dev-soft.com) -- C:\windows\SysWow64\ICKHTTPS2.OCX
[2013/01/29 13:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2012
[2013/01/29 13:25:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Watchtower
[2013/01/28 16:20:40 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/01/28 16:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013/01/26 21:05:37 | 000,000,000 | ---D | C] -- C:\Users\Kurt\Documents\FSUIPC4
[2013/01/26 21:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SquawkBox
[2013/01/26 21:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SquawkBox
[2013/01/18 23:38:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/15 13:04:56 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\Microsoft Help
[2013/01/15 13:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/01/10 12:52:08 | 000,000,000 | ---D | C] -- C:\Users\Kurt\Documents\Dispatcher Course
[2013/01/09 13:46:51 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013/01/09 13:46:50 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013/01/09 13:46:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013/01/09 13:46:32 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013/01/09 13:46:32 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013/01/09 13:46:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013/01/09 13:46:32 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013/01/09 13:46:32 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013/01/09 13:46:32 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013/01/09 13:46:32 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013/01/09 13:46:32 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013/01/09 13:46:32 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013/01/09 13:46:32 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013/01/09 13:46:32 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013/01/09 13:46:32 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013/01/09 13:46:32 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013/01/09 13:46:32 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013/01/09 13:46:32 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013/01/09 13:46:32 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013/01/09 13:46:32 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013/01/09 13:46:32 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013/01/09 13:46:32 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013/01/09 13:46:32 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013/01/09 13:46:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013/01/09 13:46:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013/01/09 13:46:32 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013/01/09 13:46:32 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013/01/09 13:46:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013/01/09 13:46:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013/01/09 13:46:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013/01/09 13:46:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013/01/09 13:46:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013/01/09 13:46:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013/01/09 13:46:32 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013/01/09 13:46:32 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013/01/09 13:46:28 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013/01/09 13:46:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/01/09 13:46:23 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/01/09 13:46:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/01/09 13:46:23 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/01/09 13:46:23 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/01/09 13:46:23 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/01/09 13:46:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/01/09 13:46:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/01/09 13:46:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/01/09 13:46:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/01/09 13:46:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/01/09 13:46:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 13:46:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 13:46:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 13:46:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 13:46:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/01/09 13:46:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 13:46:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 13:46:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 13:46:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/01/09 13:46:18 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2012/02/10 12:42:51 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe
[1 C:\Users\Kurt\Documents\*.tmp files -> C:\Users\Kurt\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/02/03 17:06:11 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/02/03 17:06:03 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/03 17:05:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/03 17:05:53 | 2028,236,799 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/03 17:01:32 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/03 16:54:09 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Kurt\Desktop\TFC.exe
[2013/02/03 16:53:43 | 000,727,182 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/02/03 16:53:43 | 000,624,384 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/02/03 16:53:43 | 000,106,502 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/02/03 16:38:55 | 000,000,924 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-961928560-892121555-2397784583-1001UA.job
[2013/02/03 16:38:55 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SBRC.dat
[2013/02/03 16:38:54 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/03 16:38:54 | 000,000,902 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-961928560-892121555-2397784583-1001Core.job
[2013/02/03 16:38:54 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/01 17:17:05 | 000,020,688 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 17:17:05 | 000,020,688 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 13:57:59 | 000,002,279 | ---- | M] () -- C:\Users\Kurt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/01 13:26:34 | 000,000,240 | ---- | M] () -- C:\Users\Kurt\Documents\cc_20130201_132631.reg
[2013/02/01 12:41:42 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/01 12:38:50 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/02/01 08:32:01 | 000,000,036 | ---- | M] () -- C:\Users\Kurt\AppData\Local\housecall.guid.cache
[2013/01/31 21:44:32 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/01/31 21:44:23 | 000,002,577 | ---- | M] () -- C:\windows\SysWow64\CONFIG.NT
[2013/01/31 19:05:14 | 000,014,456 | ---- | M] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2013/01/31 18:57:03 | 000,000,178 | ---- | M] () -- C:\Users\Kurt\Documents\cc_20130131_185701.reg
[2013/01/31 18:50:31 | 000,006,488 | ---- | M] () -- C:\Users\Kurt\Documents\cc_20130131_185029.reg
[2013/01/31 18:50:18 | 000,048,908 | ---- | M] () -- C:\Users\Kurt\Documents\cc_20130131_185004.reg
[2013/01/31 18:49:03 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/29 18:16:43 | 001,570,187 | ---- | M] () -- C:\Users\Kurt\Documents\Scan0001.jpg
[2013/01/29 18:14:14 | 013,509,734 | ---- | M] () -- C:\Users\Kurt\Documents\Scan0001.tif
[2013/01/29 15:36:45 | 000,001,257 | ---- | M] () -- C:\windows\GARMINWT.INI
[2013/01/29 15:04:46 | 000,002,048 | ---- | M] () -- C:\windows\dfa36.lic
[2013/01/29 15:02:02 | 000,100,464 | ---- | M] (devSoft Inc. - www.dev-soft.com) -- C:\windows\SysWow64\ICKHTTPS2.OCX
[2013/01/29 13:33:22 | 000,001,336 | ---- | M] () -- C:\Users\Kurt\Desktop\Watchtower español.lnk
[2013/01/29 13:25:44 | 000,001,336 | ---- | M] () -- C:\Users\Kurt\Desktop\Watchtower English (2).lnk
[2013/01/28 16:20:28 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
[2013/01/26 21:08:30 | 000,000,061 | -HS- | M] () -- C:\windows\cnerolf.bin
[2013/01/26 21:08:09 | 000,001,843 | ---- | M] () -- C:\Users\Kurt\Desktop\fsx.lnk
[2013/01/10 03:20:57 | 000,493,312 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/09 13:57:27 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 13:57:27 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\Kurt\Documents\*.tmp files -> C:\Users\Kurt\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/02/03 17:01:32 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/03 16:38:55 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SBRC.dat
[2013/02/01 13:26:32 | 000,000,240 | ---- | C] () -- C:\Users\Kurt\Documents\cc_20130201_132631.reg
[2013/02/01 12:41:42 | 000,002,279 | ---- | C] () -- C:\Users\Kurt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/01 12:41:42 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/01 12:38:50 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/02/01 08:32:01 | 000,000,036 | ---- | C] () -- C:\Users\Kurt\AppData\Local\housecall.guid.cache
[2013/01/31 21:44:32 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/01/31 19:05:30 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/31 18:57:02 | 000,000,178 | ---- | C] () -- C:\Users\Kurt\Documents\cc_20130131_185701.reg
[2013/01/31 18:50:30 | 000,006,488 | ---- | C] () -- C:\Users\Kurt\Documents\cc_20130131_185029.reg
[2013/01/31 18:50:07 | 000,048,908 | ---- | C] () -- C:\Users\Kurt\Documents\cc_20130131_185004.reg
[2013/01/31 18:49:03 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/29 18:16:43 | 001,570,187 | ---- | C] () -- C:\Users\Kurt\Documents\Scan0001.jpg
[2013/01/29 18:14:14 | 013,509,734 | ---- | C] () -- C:\Users\Kurt\Documents\Scan0001.tif
[2013/01/29 15:04:46 | 000,002,048 | ---- | C] () -- C:\windows\dfa36.lic
[2013/01/29 13:33:22 | 000,001,336 | ---- | C] () -- C:\Users\Kurt\Desktop\Watchtower español.lnk
[2013/01/29 13:25:44 | 000,001,336 | ---- | C] () -- C:\Users\Kurt\Desktop\Watchtower English (2).lnk
[2013/01/28 16:20:28 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
[2013/01/26 21:08:30 | 000,000,061 | -HS- | C] () -- C:\windows\cnerolf.bin
[2013/01/26 21:07:37 | 000,001,843 | ---- | C] () -- C:\Users\Kurt\Desktop\fsx.lnk
[2012/12/28 21:08:34 | 000,003,584 | ---- | C] () -- C:\Users\Kurt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/13 12:12:17 | 000,743,066 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/09/05 10:08:56 | 000,000,082 | ---- | C] () -- C:\Users\Kurt\AppData\Local\X-Plane Installer.prf
[2012/09/05 08:55:58 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2012/02/10 12:17:12 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/02/10 12:15:52 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2012/02/10 12:10:29 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2012/02/10 12:10:29 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2012/01/18 00:44:00 | 010,920,984 | ---- | C] () -- C:\windows\SysWow64\LogiDPP.dll
[2012/01/18 00:44:00 | 000,336,408 | ---- | C] () -- C:\windows\SysWow64\DevManagerCore.dll
[2012/01/18 00:44:00 | 000,104,472 | ---- | C] () -- C:\windows\SysWow64\LogiDPPApp.exe
[2011/02/12 13:35:47 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/01/31 22:09:27 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Ad-Aware Antivirus
[2012/12/26 23:43:01 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Amazon
[2012/09/13 14:34:06 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1
[2012/11/21 09:34:21 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\GroundSchool FAA
[2012/10/11 21:40:35 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Leadertech
[2012/10/24 18:26:26 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Opera
[2012/09/07 15:55:10 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Serif
[2013/01/29 15:13:53 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\SoftGrid Client
[2012/09/13 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\TP
[2012/09/05 09:41:56 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Watchtower

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 448 bytes -> C:\Users\Kurt\Documents\Spanish lessons.ppp:SummaryInformation
@Alternate Data Stream - 436 bytes -> C:\Users\Kurt\Documents\LSAS Card.ppp:SummaryInformation
@Alternate Data Stream - 436 bytes -> C:\Users\Kurt\Documents\logo.ppp:SummaryInformation
@Alternate Data Stream - 432 bytes -> C:\Users\Kurt\Documents\flight.ppp:SummaryInformation
@Alternate Data Stream - 432 bytes -> C:\Users\Kurt\Documents\cruise.ppp:SummaryInformation

--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-06 10:19:58 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor
Download and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found.

You find link(s) and instructions here:
»Security Cleanup FAQ »Rootkit Detection Applications
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-06 10:26:12 ·

av8tor

@sbcglobal.net

Here are the logs from the quick scan and full scan. Thanks!

GMER 2.0.18454 - »www.gmer.net
Rootkit scan 2013-02-07 22:44:33
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS723020BLA642___________LENOVO rev.MN6OA5R0 1863.02GB
Running: hjnlwmgn.exe; Driver: C:\Users\Kurt\AppData\Local\Temp\kxldqpow.sys

---- Devices - GMER 2.0 ----

Device \FileSystem\fastfat \Fat fffff88003c4f718

---- EOF - GMER 2.0 ----

GMER 2.0.18454 - »www.gmer.net
Rootkit scan 2013-02-07 22:43:19
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS723020BLA642___________LENOVO rev.MN6OA5R0 1863.02GB
Running: hjnlwmgn.exe; Driver: C:\Users\Kurt\AppData\Local\Temp\kxldqpow.sys

---- Registry - GMER 2.0 ----

Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Kurt\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe 1

---- EOF - GMER 2.0 ----

to forum · permalink · 2013-02-08 00:34:41 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor
PLease be careful when following instructions. I asked for a Sohpos AntiRootkit scan, not GMER. No harm done this time and there is no need to run Sophos.

One last check since the OTL log indicates you mayh have a Zero Access trojan and I want to be sure.

Download and run TDSS Killer, posting the log in this thread. Please post the log, even if nothing is detected.

You'll find the link(s) and instruction(s) here:
»Security Cleanup FAQ »Rootkit Detection Applications
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-08 11:14:14 ·

av8tor

@sbcglobal.net

Sorry about running the wrong program. I realized after I posted it that I may have done the wrong thing. The internet is back to VERY slow again, running at 1Mbs or less. I don't it really found anything. Here is the log:

17:51:58.0669 5952 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:51:59.0046 5952 ============================================================
17:51:59.0046 5952 Current date / time: 2013/02/08 17:51:59.0046
17:51:59.0046 5952 SystemInfo:
17:51:59.0046 5952
17:51:59.0046 5952 OS Version: 6.1.7601 ServicePack: 1.0
17:51:59.0046 5952 Product type: Workstation
17:51:59.0046 5952 ComputerName: KURT-PC
17:51:59.0046 5952 UserName: Kurt
17:51:59.0046 5952 Windows directory: C:\windows
17:51:59.0046 5952 System windows directory: C:\windows
17:51:59.0046 5952 Running under WOW64
17:51:59.0046 5952 Processor architecture: Intel x64
17:51:59.0046 5952 Number of processors: 4
17:51:59.0046 5952 Page size: 0x1000
17:51:59.0046 5952 Boot type: Normal boot
17:51:59.0046 5952 ============================================================
17:51:59.0757 5952 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:51:59.0792 5952 Drive \Device\Harddisk1\DR1 - Size: 0x74200000 (1.81 Gb), SectorSize: 0x200, Cylinders: 0xEC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:51:59.0795 5952 ============================================================
17:51:59.0795 5952 \Device\Harddisk0\DR0:
17:51:59.0799 5952 MBR partitions:
17:51:59.0799 5952 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:51:59.0799 5952 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE5BB0800
17:51:59.0799 5952 \Device\Harddisk1\DR1:
17:51:59.0800 5952 MBR partitions:
17:51:59.0801 5952 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x8D, BlocksNum 0x3A0F73
17:51:59.0801 5952 ============================================================
17:51:59.0814 5952 C: \Device\Harddisk0\DR0\Partition2
17:51:59.0814 5952 ============================================================
17:51:59.0815 5952 Initialize success
17:51:59.0815 5952 ============================================================
17:53:06.0953 6052 ============================================================
17:53:06.0953 6052 Scan started
17:53:06.0953 6052 Mode: Manual;
17:53:06.0953 6052 ============================================================
17:53:07.0194 6052 ================ Scan system memory ========================
17:53:07.0194 6052 System memory - ok
17:53:07.0194 6052 ================ Scan services =============================
17:53:07.0261 6052 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:53:07.0603 6052 !SASCORE - ok
17:53:07.0692 6052 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:53:07.0698 6052 1394ohci - ok
17:53:07.0722 6052 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:53:07.0726 6052 ACPI - ok
17:53:07.0737 6052 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:53:07.0740 6052 AcpiPmi - ok
17:53:07.0796 6052 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
17:53:07.0808 6052 Ad-Aware Service - ok
17:53:07.0870 6052 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:53:07.0874 6052 AdobeARMservice - ok
17:53:07.0940 6052 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:53:07.0945 6052 AdobeFlashPlayerUpdateSvc - ok
17:53:07.0962 6052 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:53:07.0972 6052 adp94xx - ok
17:53:08.0001 6052 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:53:08.0008 6052 adpahci - ok
17:53:08.0024 6052 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:53:08.0029 6052 adpu320 - ok
17:53:08.0047 6052 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:53:08.0049 6052 AeLookupSvc - ok
17:53:08.0091 6052 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:53:08.0098 6052 AFD - ok
17:53:08.0124 6052 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:53:08.0128 6052 agp440 - ok
17:53:08.0147 6052 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:53:08.0150 6052 ALG - ok
17:53:08.0163 6052 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:53:08.0166 6052 aliide - ok
17:53:08.0179 6052 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:53:08.0183 6052 amdide - ok
17:53:08.0199 6052 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:53:08.0203 6052 AmdK8 - ok
17:53:08.0216 6052 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:53:08.0220 6052 AmdPPM - ok
17:53:08.0237 6052 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:53:08.0242 6052 amdsata - ok
17:53:08.0261 6052 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:53:08.0266 6052 amdsbs - ok
17:53:08.0279 6052 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:53:08.0282 6052 amdxata - ok
17:53:08.0299 6052 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:53:08.0302 6052 AppID - ok
17:53:08.0316 6052 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:53:08.0319 6052 AppIDSvc - ok
17:53:08.0323 6052 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:53:08.0326 6052 Appinfo - ok
17:53:08.0392 6052 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:53:08.0396 6052 Apple Mobile Device - ok
17:53:08.0423 6052 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:53:08.0435 6052 arc - ok
17:53:08.0489 6052 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:53:08.0510 6052 arcsas - ok
17:53:08.0554 6052 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
17:53:08.0563 6052 aswFsBlk - ok
17:53:08.0574 6052 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
17:53:08.0585 6052 aswMonFlt - ok
17:53:08.0591 6052 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
17:53:08.0601 6052 aswRdr - ok
17:53:08.0628 6052 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
17:53:08.0666 6052 aswSnx - ok
17:53:08.0677 6052 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
17:53:08.0688 6052 aswSP - ok
17:53:08.0718 6052 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
17:53:08.0724 6052 aswTdi - ok
17:53:08.0739 6052 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:53:08.0742 6052 AsyncMac - ok
17:53:08.0756 6052 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:53:08.0757 6052 atapi - ok
17:53:08.0842 6052 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
17:53:08.0904 6052 atikmdag - ok
17:53:08.0933 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:53:08.0941 6052 AudioEndpointBuilder - ok
17:53:08.0952 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:53:08.0958 6052 AudioSrv - ok
17:53:09.0019 6052 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:53:09.0023 6052 avast! Antivirus - ok
17:53:09.0032 6052 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:53:09.0036 6052 AxInstSV - ok
17:53:09.0063 6052 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:53:09.0073 6052 b06bdrv - ok
17:53:09.0098 6052 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:53:09.0104 6052 b57nd60a - ok
17:53:09.0123 6052 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:53:09.0127 6052 BDESVC - ok
17:53:09.0136 6052 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:53:09.0138 6052 Beep - ok
17:53:09.0165 6052 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:53:09.0176 6052 BFE - ok
17:53:09.0206 6052 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
17:53:09.0222 6052 BITS - ok
17:53:09.0239 6052 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:53:09.0242 6052 blbdrive - ok
17:53:09.0289 6052 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:53:09.0296 6052 Bonjour Service - ok
17:53:09.0318 6052 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:53:09.0321 6052 bowser - ok
17:53:09.0330 6052 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:53:09.0334 6052 BrFiltLo - ok
17:53:09.0342 6052 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:53:09.0345 6052 BrFiltUp - ok
17:53:09.0377 6052 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:53:09.0381 6052 Browser - ok
17:53:09.0402 6052 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:53:09.0409 6052 Brserid - ok
17:53:09.0420 6052 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:53:09.0424 6052 BrSerWdm - ok
17:53:09.0450 6052 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:53:09.0453 6052 BrUsbMdm - ok
17:53:09.0460 6052 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:53:09.0463 6052 BrUsbSer - ok
17:53:09.0471 6052 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:53:09.0475 6052 BTHMODEM - ok
17:53:09.0485 6052 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:53:09.0489 6052 bthserv - ok
17:53:09.0499 6052 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:53:09.0502 6052 cdfs - ok
17:53:09.0515 6052 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:53:09.0518 6052 cdrom - ok
17:53:09.0523 6052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:53:09.0526 6052 CertPropSvc - ok
17:53:09.0538 6052 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:53:09.0542 6052 circlass - ok
17:53:09.0561 6052 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:53:09.0568 6052 CLFS - ok
17:53:09.0611 6052 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:53:09.0615 6052 clr_optimization_v2.0.50727_32 - ok
17:53:09.0642 6052 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:53:09.0646 6052 clr_optimization_v2.0.50727_64 - ok
17:53:09.0705 6052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:53:09.0709 6052 clr_optimization_v4.0.30319_32 - ok
17:53:09.0720 6052 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:53:09.0724 6052 clr_optimization_v4.0.30319_64 - ok
17:53:09.0744 6052 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
17:53:09.0747 6052 CmBatt - ok
17:53:09.0753 6052 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:53:09.0756 6052 cmdide - ok
17:53:09.0800 6052 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:53:09.0807 6052 CNG - ok
17:53:09.0819 6052 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:53:09.0822 6052 Compbatt - ok
17:53:09.0848 6052 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\windows\system32\DRIVERS\lvbflt64.sys
17:53:09.0857 6052 CompFilter64 - ok
17:53:09.0873 6052 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:53:09.0876 6052 CompositeBus - ok
17:53:09.0880 6052 COMSysApp - ok
17:53:09.0896 6052 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:53:09.0899 6052 crcdisk - ok
17:53:09.0934 6052 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
17:53:09.0939 6052 CryptSvc - ok
17:53:10.0018 6052 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:53:10.0028 6052 cvhsvc - ok
17:53:10.0056 6052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:53:10.0066 6052 DcomLaunch - ok
17:53:10.0088 6052 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:53:10.0094 6052 defragsvc - ok
17:53:10.0129 6052 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
17:53:10.0142 6052 Desura Install Service - ok
17:53:10.0159 6052 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:53:10.0163 6052 DfsC - ok
17:53:10.0178 6052 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:53:10.0182 6052 Dhcp - ok
17:53:10.0201 6052 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:53:10.0202 6052 discache - ok
17:53:10.0225 6052 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:53:10.0227 6052 Disk - ok
17:53:10.0247 6052 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:53:10.0251 6052 Dnscache - ok
17:53:10.0259 6052 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:53:10.0265 6052 dot3svc - ok
17:53:10.0278 6052 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:53:10.0283 6052 DPS - ok
17:53:10.0295 6052 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:53:10.0298 6052 drmkaud - ok
17:53:10.0323 6052 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:53:10.0333 6052 DXGKrnl - ok
17:53:10.0355 6052 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
17:53:10.0360 6052 e1cexpress - ok
17:53:10.0375 6052 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:53:10.0379 6052 EapHost - ok
17:53:10.0434 6052 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:53:10.0469 6052 ebdrv - ok
17:53:10.0506 6052 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:53:10.0510 6052 EFS - ok
17:53:10.0552 6052 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:53:10.0563 6052 ehRecvr - ok
17:53:10.0574 6052 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:53:10.0577 6052 ehSched - ok
17:53:10.0619 6052 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:53:10.0629 6052 elxstor - ok
17:53:10.0642 6052 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:53:10.0645 6052 ErrDev - ok
17:53:10.0668 6052 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:53:10.0675 6052 EventSystem - ok
17:53:10.0689 6052 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:53:10.0693 6052 exfat - ok
17:53:10.0704 6052 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:53:10.0708 6052 fastfat - ok
17:53:10.0730 6052 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:53:10.0741 6052 Fax - ok
17:53:10.0753 6052 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:53:10.0757 6052 fdc - ok
17:53:10.0773 6052 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:53:10.0776 6052 fdPHost - ok
17:53:10.0784 6052 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:53:10.0787 6052 FDResPub - ok
17:53:10.0796 6052 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:53:10.0800 6052 FileInfo - ok
17:53:10.0816 6052 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:53:10.0819 6052 Filetrace - ok
17:53:10.0835 6052 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:53:10.0838 6052 flpydisk - ok
17:53:10.0857 6052 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:53:10.0861 6052 FltMgr - ok
17:53:10.0897 6052 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:53:10.0914 6052 FontCache - ok
17:53:10.0951 6052 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:53:10.0954 6052 FontCache3.0.0.0 - ok
17:53:10.0967 6052 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:53:10.0970 6052 FsDepends - ok
17:53:11.0004 6052 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
17:53:11.0021 6052 fssfltr - ok
17:53:11.0105 6052 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:53:11.0161 6052 fsssvc - ok
17:53:11.0185 6052 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:53:11.0186 6052 Fs_Rec - ok
17:53:11.0196 6052 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:53:11.0199 6052 fvevol - ok
17:53:11.0228 6052 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:53:11.0230 6052 gagp30kx - ok
17:53:11.0252 6052 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:53:11.0255 6052 GEARAspiWDM - ok
17:53:11.0303 6052 [ E80C14B9C6E5B57BB7710B356857A964 ] gfiark C:\windows\system32\drivers\gfiark.sys
17:53:11.0307 6052 gfiark - ok
17:53:11.0331 6052 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\windows\system32\drivers\gfibto.sys
17:53:11.0334 6052 gfibto - ok
17:53:11.0367 6052 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:53:11.0380 6052 gpsvc - ok
17:53:11.0417 6052 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:53:11.0422 6052 gupdate - ok
17:53:11.0426 6052 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:53:11.0428 6052 gupdatem - ok
17:53:11.0455 6052 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:53:11.0460 6052 gusvc - ok
17:53:11.0472 6052 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:53:11.0476 6052 hcw85cir - ok
17:53:11.0489 6052 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:53:11.0495 6052 HdAudAddService - ok
17:53:11.0509 6052 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:53:11.0513 6052 HDAudBus - ok
17:53:11.0528 6052 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:53:11.0531 6052 HidBatt - ok
17:53:11.0543 6052 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:53:11.0548 6052 HidBth - ok
17:53:11.0577 6052 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:53:11.0581 6052 HidIr - ok
17:53:11.0595 6052 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:53:11.0599 6052 hidserv - ok
17:53:11.0611 6052 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:53:11.0614 6052 HidUsb - ok
17:53:11.0632 6052 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:53:11.0637 6052 hkmsvc - ok
17:53:11.0648 6052 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:53:11.0655 6052 HomeGroupListener - ok
17:53:11.0669 6052 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:53:11.0677 6052 HomeGroupProvider - ok
17:53:11.0689 6052 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:53:11.0694 6052 HpSAMD - ok
17:53:11.0705 6052 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:53:11.0716 6052 HTTP - ok
17:53:11.0726 6052 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:53:11.0729 6052 hwpolicy - ok
17:53:11.0741 6052 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:53:11.0745 6052 i8042prt - ok
17:53:11.0780 6052 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:53:11.0789 6052 iaStorV - ok
17:53:11.0846 6052 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:53:11.0851 6052 IDriverT - ok
17:53:11.0892 6052 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:53:11.0917 6052 idsvc - ok
17:53:12.0079 6052 [ 5A3D48DE22390A270FE8786ECA07D7FF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:53:12.0209 6052 igfx - ok
17:53:12.0220 6052 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:53:12.0223 6052 iirsp - ok
17:53:12.0245 6052 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:53:12.0254 6052 IKEEXT - ok
17:53:12.0301 6052 [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
17:53:12.0344 6052 IntcAzAudAddService - ok
17:53:12.0373 6052 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:53:12.0378 6052 IntcDAud - ok
17:53:12.0390 6052 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:53:12.0394 6052 intelide - ok
17:53:12.0423 6052 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:53:12.0426 6052 intelppm - ok
17:53:12.0445 6052 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:53:12.0450 6052 IPBusEnum - ok
17:53:12.0476 6052 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:53:12.0480 6052 IpFilterDriver - ok
17:53:12.0528 6052 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:53:12.0539 6052 iphlpsvc - ok
17:53:12.0557 6052 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:53:12.0561 6052 IPMIDRV - ok
17:53:12.0577 6052 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:53:12.0579 6052 IPNAT - ok
17:53:12.0614 6052 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:53:12.0629 6052 iPod Service - ok
17:53:12.0639 6052 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:53:12.0640 6052 IRENUM - ok
17:53:12.0652 6052 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:53:12.0654 6052 isapnp - ok
17:53:12.0667 6052 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:53:12.0672 6052 iScsiPrt - ok
17:53:12.0705 6052 [ 1DED0D0AA513E2A5862B20A520D3A1E1 ] JME Keyboard C:\Windows\jmesoft\Service.exe
17:53:12.0859 6052 JME Keyboard - ok
17:53:12.0865 6052 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:53:12.0866 6052 kbdclass - ok
17:53:12.0878 6052 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:53:12.0879 6052 kbdhid - ok
17:53:12.0889 6052 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:53:12.0890 6052 KeyIso - ok
17:53:12.0916 6052 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:53:12.0918 6052 KSecDD - ok
17:53:12.0933 6052 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:53:12.0936 6052 KSecPkg - ok
17:53:12.0942 6052 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:53:12.0944 6052 ksthunk - ok
17:53:12.0968 6052 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:53:12.0977 6052 KtmRm - ok
17:53:13.0005 6052 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:53:13.0014 6052 LanmanServer - ok
17:53:13.0036 6052 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:53:13.0042 6052 LanmanWorkstation - ok
17:53:13.0066 6052 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:53:13.0069 6052 lltdio - ok
17:53:13.0091 6052 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:53:13.0099 6052 lltdsvc - ok
17:53:13.0119 6052 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:53:13.0123 6052 lmhosts - ok
17:53:13.0167 6052 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:53:13.0173 6052 LMS - ok
17:53:13.0193 6052 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:53:13.0198 6052 LSI_FC - ok
17:53:13.0228 6052 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:53:13.0232 6052 LSI_SAS - ok
17:53:13.0244 6052 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:53:13.0248 6052 LSI_SAS2 - ok
17:53:13.0260 6052 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:53:13.0265 6052 LSI_SCSI - ok
17:53:13.0278 6052 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:53:13.0281 6052 luafv - ok
17:53:13.0326 6052 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\windows\system32\DRIVERS\lvrs64.sys
17:53:13.0344 6052 LVRS64 - ok
17:53:13.0421 6052 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\windows\system32\DRIVERS\lvuvc64.sys
17:53:13.0518 6052 LVUVC64 - ok
17:53:13.0545 6052 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:53:13.0549 6052 Mcx2Svc - ok
17:53:13.0561 6052 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:53:13.0564 6052 megasas - ok
17:53:13.0579 6052 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:53:13.0584 6052 MegaSR - ok
17:53:13.0603 6052 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:53:13.0605 6052 MEIx64 - ok
17:53:13.0628 6052 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:53:13.0633 6052 MMCSS - ok
17:53:13.0648 6052 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:53:13.0651 6052 Modem - ok
17:53:13.0681 6052 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:53:13.0683 6052 monitor - ok
17:53:13.0700 6052 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:53:13.0702 6052 mouclass - ok
17:53:13.0722 6052 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:53:13.0725 6052 mouhid - ok
17:53:13.0735 6052 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:53:13.0739 6052 mountmgr - ok
17:53:13.0777 6052 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:53:13.0780 6052 MozillaMaintenance - ok
17:53:13.0786 6052 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:53:13.0792 6052 mpio - ok
17:53:13.0807 6052 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:53:13.0810 6052 mpsdrv - ok
17:53:13.0831 6052 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
17:53:13.0845 6052 MpsSvc - ok
17:53:13.0862 6052 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:53:13.0866 6052 MRxDAV - ok
17:53:13.0884 6052 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:53:13.0888 6052 mrxsmb - ok
17:53:13.0915 6052 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:53:13.0920 6052 mrxsmb10 - ok
17:53:13.0925 6052 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:53:13.0929 6052 mrxsmb20 - ok
17:53:13.0938 6052 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:53:13.0941 6052 msahci - ok
17:53:13.0955 6052 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:53:13.0960 6052 msdsm - ok
17:53:13.0972 6052 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:53:13.0979 6052 MSDTC - ok
17:53:13.0986 6052 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:53:13.0988 6052 Msfs - ok
17:53:13.0999 6052 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:53:14.0002 6052 mshidkmdf - ok
17:53:14.0011 6052 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:53:14.0014 6052 msisadrv - ok
17:53:14.0043 6052 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:53:14.0049 6052 MSiSCSI - ok
17:53:14.0052 6052 msiserver - ok
17:53:14.0074 6052 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:53:14.0076 6052 MSKSSRV - ok
17:53:14.0084 6052 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:53:14.0086 6052 MSPCLOCK - ok
17:53:14.0097 6052 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:53:14.0099 6052 MSPQM - ok
17:53:14.0110 6052 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:53:14.0114 6052 MsRPC - ok
17:53:14.0131 6052 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:53:14.0132 6052 mssmbios - ok
17:53:14.0134 6052 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:53:14.0136 6052 MSTEE - ok
17:53:14.0149 6052 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:53:14.0151 6052 MTConfig - ok
17:53:14.0164 6052 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:53:14.0166 6052 Mup - ok
17:53:14.0181 6052 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:53:14.0189 6052 napagent - ok
17:53:14.0212 6052 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:53:14.0217 6052 NativeWifiP - ok
17:53:14.0273 6052 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:53:14.0285 6052 NDIS - ok
17:53:14.0298 6052 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:53:14.0301 6052 NdisCap - ok
17:53:14.0317 6052 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:53:14.0319 6052 NdisTapi - ok
17:53:14.0322 6052 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:53:14.0325 6052 Ndisuio - ok
17:53:14.0329 6052 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:53:14.0333 6052 NdisWan - ok
17:53:14.0336 6052 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:53:14.0339 6052 NDProxy - ok
17:53:14.0346 6052 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:53:14.0348 6052 NetBIOS - ok
17:53:14.0353 6052 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:53:14.0357 6052 NetBT - ok
17:53:14.0363 6052 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:53:14.0366 6052 Netlogon - ok
17:53:14.0386 6052 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:53:14.0394 6052 Netman - ok
17:53:14.0401 6052 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:53:14.0410 6052 netprofm - ok
17:53:14.0427 6052 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:53:14.0430 6052 NetTcpPortSharing - ok
17:53:14.0455 6052 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:53:14.0458 6052 nfrd960 - ok
17:53:14.0480 6052 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
17:53:14.0487 6052 NlaSvc - ok
17:53:14.0494 6052 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:53:14.0496 6052 Npfs - ok
17:53:14.0507 6052 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:53:14.0511 6052 nsi - ok
17:53:14.0534 6052 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:53:14.0536 6052 nsiproxy - ok
17:53:14.0624 6052 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:53:14.0645 6052 Ntfs - ok
17:53:14.0651 6052 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:53:14.0653 6052 Null - ok
17:53:14.0676 6052 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:53:14.0682 6052 nvraid - ok
17:53:14.0708 6052 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:53:14.0716 6052 nvstor - ok
17:53:14.0744 6052 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:53:14.0749 6052 nv_agp - ok
17:53:14.0760 6052 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:53:14.0763 6052 ohci1394 - ok
17:53:14.0804 6052 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:53:14.0808 6052 ose - ok
17:53:14.0900 6052 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:53:14.0952 6052 osppsvc - ok
17:53:14.0986 6052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:53:14.0993 6052 p2pimsvc - ok
17:53:15.0019 6052 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:53:15.0026 6052 p2psvc - ok
17:53:15.0030 6052 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:53:15.0033 6052 Parport - ok
17:53:15.0059 6052 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:53:15.0062 6052 partmgr - ok
17:53:15.0070 6052 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:53:15.0077 6052 PcaSvc - ok
17:53:15.0088 6052 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:53:15.0092 6052 pci - ok
17:53:15.0108 6052 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:53:15.0111 6052 pciide - ok
17:53:15.0126 6052 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:53:15.0132 6052 pcmcia - ok
17:53:15.0143 6052 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:53:15.0145 6052 pcw - ok
17:53:15.0154 6052 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:53:15.0163 6052 PEAUTH - ok
17:53:15.0229 6052 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:53:15.0234 6052 PerfHost - ok
17:53:15.0289 6052 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:53:15.0309 6052 pla - ok
17:53:15.0332 6052 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:53:15.0342 6052 PlugPlay - ok
17:53:15.0348 6052 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:53:15.0353 6052 PNRPAutoReg - ok
17:53:15.0360 6052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:53:15.0365 6052 PNRPsvc - ok
17:53:15.0382 6052 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:53:15.0391 6052 PolicyAgent - ok
17:53:15.0412 6052 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:53:15.0419 6052 Power - ok
17:53:15.0434 6052 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:53:15.0438 6052 PptpMiniport - ok
17:53:15.0454 6052 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:53:15.0458 6052 Processor - ok
17:53:15.0492 6052 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:53:15.0499 6052 ProfSvc - ok
17:53:15.0502 6052 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:53:15.0505 6052 ProtectedStorage - ok
17:53:15.0519 6052 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:53:15.0522 6052 Psched - ok
17:53:15.0557 6052 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:53:15.0582 6052 ql2300 - ok
17:53:15.0592 6052 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:53:15.0597 6052 ql40xx - ok
17:53:15.0619 6052 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:53:15.0626 6052 QWAVE - ok
17:53:15.0641 6052 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:53:15.0644 6052 QWAVEdrv - ok
17:53:15.0647 6052 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:53:15.0650 6052 RasAcd - ok
17:53:15.0669 6052 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:53:15.0672 6052 RasAgileVpn - ok
17:53:15.0697 6052 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:53:15.0703 6052 RasAuto - ok
17:53:15.0715 6052 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:53:15.0719 6052 Rasl2tp - ok
17:53:15.0728 6052 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:53:15.0736 6052 RasMan - ok
17:53:15.0744 6052 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:53:15.0747 6052 RasPppoe - ok
17:53:15.0760 6052 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:53:15.0763 6052 RasSstp - ok
17:53:15.0776 6052 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:53:15.0781 6052 rdbss - ok
17:53:15.0784 6052 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:53:15.0788 6052 rdpbus - ok
17:53:15.0807 6052 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:53:15.0809 6052 RDPCDD - ok
17:53:15.0817 6052 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:53:15.0819 6052 RDPENCDD - ok
17:53:15.0831 6052 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:53:15.0833 6052 RDPREFMP - ok
17:53:15.0861 6052 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:53:15.0865 6052 RDPWD - ok
17:53:15.0871 6052 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:53:15.0875 6052 rdyboost - ok
17:53:15.0885 6052 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:53:15.0890 6052 RemoteAccess - ok
17:53:15.0911 6052 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:53:15.0917 6052 RemoteRegistry - ok
17:53:15.0928 6052 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:53:15.0934 6052 RpcEptMapper - ok
17:53:15.0950 6052 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:53:15.0955 6052 RpcLocator - ok
17:53:15.0972 6052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:53:15.0979 6052 RpcSs - ok
17:53:15.0985 6052 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:53:15.0987 6052 rspndr - ok
17:53:16.0010 6052 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:53:16.0014 6052 RSUSBSTOR - ok
17:53:16.0033 6052 [ 5AD2F62A8AC45F40E02992F8793A5A23 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
17:53:16.0063 6052 RTL8192Ce - ok
17:53:16.0072 6052 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:53:16.0074 6052 SamSs - ok
17:53:16.0137 6052 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:53:16.0144 6052 SASDIFSV - ok
17:53:16.0147 6052 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:53:16.0153 6052 SASKUTIL - ok
17:53:16.0238 6052 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
17:53:16.0268 6052 SBAMSvc - ok
17:53:16.0313 6052 [ 8F19D62B04081C0BFF1E8D6F26220A28 ] sbapifs C:\windows\system32\DRIVERS\sbapifs.sys
17:53:16.0315 6052 sbapifs - ok
17:53:16.0336 6052 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:53:16.0340 6052 sbp2port - ok
17:53:16.0363 6052 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:53:16.0370 6052 SCardSvr - ok
17:53:16.0389 6052 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:53:16.0391 6052 scfilter - ok
17:53:16.0418 6052 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:53:16.0437 6052 Schedule - ok
17:53:16.0451 6052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:53:16.0452 6052 SCPolicySvc - ok
17:53:16.0463 6052 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:53:16.0468 6052 SDRSVC - ok
17:53:16.0481 6052 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:53:16.0483 6052 secdrv - ok
17:53:16.0495 6052 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:53:16.0498 6052 seclogon - ok
17:53:16.0520 6052 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:53:16.0524 6052 SENS - ok
17:53:16.0531 6052 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:53:16.0535 6052 SensrSvc - ok
17:53:16.0540 6052 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:53:16.0543 6052 Serenum - ok
17:53:16.0554 6052 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:53:16.0557 6052 Serial - ok
17:53:16.0563 6052 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:53:16.0565 6052 sermouse - ok
17:53:16.0575 6052 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:53:16.0579 6052 SessionEnv - ok
17:53:16.0582 6052 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:53:16.0584 6052 sffdisk - ok
17:53:16.0586 6052 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:53:16.0589 6052 sffp_mmc - ok
17:53:16.0591 6052 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:53:16.0593 6052 sffp_sd - ok
17:53:16.0595 6052 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:53:16.0598 6052 sfloppy - ok
17:53:16.0642 6052 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:53:16.0648 6052 Sftfs - ok
17:53:16.0691 6052 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:53:16.0701 6052 sftlist - ok
17:53:16.0739 6052 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:53:16.0745 6052 Sftplay - ok
17:53:16.0757 6052 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:53:16.0760 6052 Sftredir - ok
17:53:16.0764 6052 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:53:16.0767 6052 Sftvol - ok
17:53:16.0776 6052 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:53:16.0781 6052 sftvsa - ok
17:53:16.0805 6052 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
17:53:16.0812 6052 SharedAccess - ok
17:53:16.0834 6052 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:53:16.0843 6052 ShellHWDetection - ok
17:53:16.0874 6052 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:53:16.0878 6052 SiSRaid2 - ok
17:53:16.0905 6052 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:53:16.0909 6052 SiSRaid4 - ok
17:53:16.0919 6052 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:53:16.0922 6052 Smb - ok
17:53:16.0943 6052 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:53:16.0948 6052 SNMPTRAP - ok
17:53:16.0954 6052 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:53:16.0956 6052 spldr - ok
17:53:16.0991 6052 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:53:17.0003 6052 Spooler - ok
17:53:17.0061 6052 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:53:17.0098 6052 sppsvc - ok
17:53:17.0108 6052 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:53:17.0112 6052 sppuinotify - ok
17:53:17.0127 6052 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:53:17.0133 6052 srv - ok
17:53:17.0145 6052 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:53:17.0150 6052 srv2 - ok
17:53:17.0160 6052 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:53:17.0162 6052 srvnet - ok
17:53:17.0181 6052 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:53:17.0186 6052 SSDPSRV - ok
17:53:17.0189 6052 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:53:17.0193 6052 SstpSvc - ok
17:53:17.0221 6052 Steam Client Service - ok
17:53:17.0224 6052 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:53:17.0227 6052 stexstor - ok
17:53:17.0264 6052 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
17:53:17.0267 6052 StillCam - ok
17:53:17.0296 6052 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:53:17.0309 6052 stisvc - ok
17:53:17.0327 6052 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:53:17.0329 6052 swenum - ok
17:53:17.0342 6052 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:53:17.0352 6052 swprv - ok
17:53:17.0371 6052 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:53:17.0393 6052 SysMain - ok
17:53:17.0405 6052 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:53:17.0409 6052 TabletInputService - ok
17:53:17.0421 6052 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:53:17.0427 6052 TapiSrv - ok
17:53:17.0439 6052 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:53:17.0443 6052 TBS - ok
17:53:17.0495 6052 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:53:17.0520 6052 Tcpip - ok
17:53:17.0540 6052 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:53:17.0549 6052 TCPIP6 - ok
17:53:17.0560 6052 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:53:17.0562 6052 tcpipreg - ok
17:53:17.0575 6052 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:53:17.0577 6052 TDPIPE - ok
17:53:17.0609 6052 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:53:17.0616 6052 TDTCP - ok
17:53:17.0632 6052 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:53:17.0636 6052 tdx - ok
17:53:17.0658 6052 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

to forum · permalink · 2013-02-08 19:42:13 ·

av8tor

@sbcglobal.net

reply to LoPhatPhuud
17:53:17.0660 6052 TermDD - ok
17:53:17.0693 6052 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:53:17.0703 6052 TermService - ok
17:53:17.0706 6052 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:53:17.0710 6052 Themes - ok
17:53:17.0719 6052 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:53:17.0720 6052 THREADORDER - ok
17:53:17.0727 6052 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:53:17.0731 6052 TrkWks - ok
17:53:17.0755 6052 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:53:17.0758 6052 TrustedInstaller - ok
17:53:17.0777 6052 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:53:17.0779 6052 tssecsrv - ok
17:53:17.0799 6052 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:53:17.0801 6052 TsUsbFlt - ok
17:53:17.0809 6052 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:53:17.0812 6052 TsUsbGD - ok
17:53:17.0827 6052 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:53:17.0829 6052 tunnel - ok
17:53:17.0838 6052 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:53:17.0841 6052 uagp35 - ok
17:53:17.0855 6052 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:53:17.0860 6052 udfs - ok
17:53:17.0870 6052 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:53:17.0874 6052 UI0Detect - ok
17:53:17.0892 6052 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:53:17.0895 6052 uliagpkx - ok
17:53:17.0910 6052 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:53:17.0913 6052 umbus - ok
17:53:17.0939 6052 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:53:17.0943 6052 UmPass - ok
17:53:18.0024 6052 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:53:18.0049 6052 UMVPFSrv - ok
17:53:18.0123 6052 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:53:18.0148 6052 UNS - ok
17:53:18.0169 6052 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:53:18.0177 6052 upnphost - ok
17:53:18.0210 6052 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:53:18.0214 6052 USBAAPL64 - ok
17:53:18.0246 6052 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
17:53:18.0250 6052 usbaudio - ok
17:53:18.0266 6052 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:53:18.0276 6052 usbccgp - ok
17:53:18.0294 6052 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:53:18.0299 6052 usbcir - ok
17:53:18.0311 6052 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
17:53:18.0314 6052 usbehci - ok
17:53:18.0330 6052 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:53:18.0337 6052 usbhub - ok
17:53:18.0352 6052 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:53:18.0355 6052 usbohci - ok
17:53:18.0359 6052 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
17:53:18.0362 6052 usbprint - ok
17:53:18.0370 6052 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:53:18.0373 6052 USBSTOR - ok
17:53:18.0386 6052 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:53:18.0389 6052 usbuhci - ok
17:53:18.0406 6052 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:53:18.0411 6052 usbvideo - ok
17:53:18.0424 6052 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:53:18.0430 6052 UxSms - ok
17:53:18.0438 6052 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:53:18.0440 6052 VaultSvc - ok
17:53:18.0456 6052 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:53:18.0459 6052 vdrvroot - ok
17:53:18.0476 6052 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:53:18.0487 6052 vds - ok
17:53:18.0496 6052 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:53:18.0499 6052 vga - ok
17:53:18.0513 6052 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:53:18.0533 6052 VgaSave - ok
17:53:18.0575 6052 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:53:18.0593 6052 vhdmp - ok
17:53:18.0615 6052 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:53:18.0632 6052 viaide - ok
17:53:18.0641 6052 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:53:18.0645 6052 volmgr - ok
17:53:18.0662 6052 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:53:18.0668 6052 volmgrx - ok
17:53:18.0691 6052 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:53:18.0697 6052 volsnap - ok
17:53:18.0710 6052 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:53:18.0715 6052 vsmraid - ok
17:53:18.0755 6052 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:53:18.0779 6052 VSS - ok
17:53:18.0781 6052 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:53:18.0783 6052 vwifibus - ok
17:53:18.0794 6052 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:53:18.0796 6052 vwififlt - ok
17:53:18.0822 6052 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:53:18.0829 6052 W32Time - ok
17:53:18.0833 6052 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:53:18.0835 6052 WacomPen - ok
17:53:18.0844 6052 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:53:18.0846 6052 WANARP - ok
17:53:18.0849 6052 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:53:18.0850 6052 Wanarpv6 - ok
17:53:18.0927 6052 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:53:18.0945 6052 WatAdminSvc - ok
17:53:18.0963 6052 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:53:18.0982 6052 wbengine - ok
17:53:18.0987 6052 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:53:18.0992 6052 WbioSrvc - ok
17:53:19.0009 6052 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:53:19.0016 6052 wcncsvc - ok
17:53:19.0025 6052 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:53:19.0028 6052 WcsPlugInService - ok
17:53:19.0055 6052 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:53:19.0059 6052 Wd - ok
17:53:19.0096 6052 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:53:19.0108 6052 Wdf01000 - ok
17:53:19.0119 6052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:53:19.0125 6052 WdiServiceHost - ok
17:53:19.0128 6052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:53:19.0132 6052 WdiSystemHost - ok
17:53:19.0155 6052 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:53:19.0163 6052 WebClient - ok
17:53:19.0172 6052 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:53:19.0180 6052 Wecsvc - ok
17:53:19.0184 6052 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:53:19.0189 6052 wercplsupport - ok
17:53:19.0204 6052 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:53:19.0209 6052 WerSvc - ok
17:53:19.0230 6052 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:53:19.0233 6052 WfpLwf - ok
17:53:19.0236 6052 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:53:19.0239 6052 WIMMount - ok
17:53:19.0244 6052 WinDefend - ok
17:53:19.0248 6052 WinHttpAutoProxySvc - ok
17:53:19.0270 6052 [ 66C365B542195C1F6E2FF4A7D8F3827C ] WinI2C-DDC C:\windows\system32\drivers\DDCDrv.sys
17:53:19.0272 6052 WinI2C-DDC - ok
17:53:19.0307 6052 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:53:19.0312 6052 Winmgmt - ok
17:53:19.0363 6052 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:53:19.0394 6052 WinRM - ok
17:53:19.0445 6052 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:53:19.0448 6052 WinUsb - ok
17:53:19.0469 6052 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:53:19.0484 6052 Wlansvc - ok
17:53:19.0565 6052 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:53:19.0618 6052 wlidsvc - ok
17:53:19.0638 6052 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:53:19.0641 6052 WmiAcpi - ok
17:53:19.0658 6052 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:53:19.0662 6052 wmiApSrv - ok
17:53:19.0679 6052 WMPNetworkSvc - ok
17:53:19.0689 6052 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:53:19.0695 6052 WPCSvc - ok
17:53:19.0700 6052 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:53:19.0708 6052 WPDBusEnum - ok
17:53:19.0714 6052 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:53:19.0716 6052 ws2ifsl - ok
17:53:19.0723 6052 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
17:53:19.0728 6052 wscsvc - ok
17:53:19.0731 6052 WSearch - ok
17:53:19.0756 6052 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
17:53:19.0764 6052 wsvd - ok
17:53:19.0825 6052 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:53:19.0858 6052 wuauserv - ok
17:53:19.0890 6052 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:53:19.0894 6052 WudfPf - ok
17:53:19.0915 6052 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:53:19.0920 6052 WUDFRd - ok
17:53:19.0932 6052 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:53:19.0940 6052 wudfsvc - ok
17:53:19.0965 6052 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:53:19.0974 6052 WwanSvc - ok
17:53:19.0995 6052 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
17:53:20.0004 6052 yukonw7 - ok
17:53:20.0009 6052 ================ Scan global ===============================
17:53:20.0022 6052 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:53:20.0053 6052 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
17:53:20.0065 6052 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
17:53:20.0091 6052 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:53:20.0111 6052 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:53:20.0119 6052 [Global] - ok
17:53:20.0120 6052 ================ Scan MBR ==================================
17:53:20.0127 6052 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:53:20.0252 6052 \Device\Harddisk0\DR0 - ok
17:53:20.0258 6052 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:53:20.0290 6052 \Device\Harddisk1\DR1 - ok
17:53:20.0291 6052 ================ Scan VBR ==================================
17:53:20.0292 6052 [ 38D698748674382F237196F171E756D2 ] \Device\Harddisk0\DR0\Partition1
17:53:20.0293 6052 \Device\Harddisk0\DR0\Partition1 - ok
17:53:20.0302 6052 [ 2448558D40CBD87F6D10773FAF599292 ] \Device\Harddisk0\DR0\Partition2
17:53:20.0303 6052 \Device\Harddisk0\DR0\Partition2 - ok
17:53:20.0307 6052 [ 04289941126098CBAE69645283921ED2 ] \Device\Harddisk1\DR1\Partition1
17:53:20.0308 6052 \Device\Harddisk1\DR1\Partition1 - ok
17:53:20.0309 6052 ============================================================
17:53:20.0309 6052 Scan finished
17:53:20.0309 6052 ============================================================
17:53:20.0314 6088 Detected object count: 0
17:53:20.0314 6088 Actual detected object count: 0
17:54:20.0518 3256 ============================================================
17:54:20.0518 3256 Scan started
17:54:20.0518 3256 Mode: Manual; SigCheck; TDLFS;
17:54:20.0518 3256 ============================================================
17:54:20.0779 3256 ================ Scan system memory ========================
17:54:20.0779 3256 System memory - ok
17:54:20.0780 3256 ================ Scan services =============================
17:54:20.0847 3256 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:54:20.0891 3256 !SASCORE - ok
17:54:20.0971 3256 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:54:21.0007 3256 1394ohci - ok
17:54:21.0026 3256 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:54:21.0042 3256 ACPI - ok
17:54:21.0057 3256 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:54:21.0082 3256 AcpiPmi - ok
17:54:21.0133 3256 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
17:54:21.0159 3256 Ad-Aware Service - ok
17:54:21.0190 3256 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:54:21.0197 3256 AdobeARMservice - ok
17:54:21.0268 3256 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:54:21.0284 3256 AdobeFlashPlayerUpdateSvc - ok
17:54:21.0306 3256 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:54:21.0320 3256 adp94xx - ok
17:54:21.0336 3256 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:54:21.0347 3256 adpahci - ok
17:54:21.0360 3256 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:54:21.0368 3256 adpu320 - ok
17:54:21.0384 3256 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:54:21.0410 3256 AeLookupSvc - ok
17:54:21.0442 3256 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:54:21.0456 3256 AFD - ok
17:54:21.0477 3256 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:54:21.0492 3256 agp440 - ok
17:54:21.0509 3256 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:54:21.0534 3256 ALG - ok
17:54:21.0549 3256 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:54:21.0560 3256 aliide - ok
17:54:21.0574 3256 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:54:21.0585 3256 amdide - ok
17:54:21.0602 3256 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:54:21.0624 3256 AmdK8 - ok
17:54:21.0636 3256 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:54:21.0648 3256 AmdPPM - ok
17:54:21.0666 3256 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:54:21.0676 3256 amdsata - ok
17:54:21.0688 3256 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:54:21.0700 3256 amdsbs - ok
17:54:21.0716 3256 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:54:21.0725 3256 amdxata - ok
17:54:21.0736 3256 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:54:21.0769 3256 AppID - ok
17:54:21.0786 3256 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:54:21.0811 3256 AppIDSvc - ok
17:54:21.0822 3256 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:54:21.0855 3256 Appinfo - ok
17:54:21.0911 3256 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:54:21.0924 3256 Apple Mobile Device - ok
17:54:21.0934 3256 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:54:21.0949 3256 arc - ok
17:54:21.0959 3256 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:54:21.0974 3256 arcsas - ok
17:54:22.0007 3256 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
17:54:22.0028 3256 aswFsBlk - ok
17:54:22.0036 3256 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
17:54:22.0049 3256 aswMonFlt - ok
17:54:22.0061 3256 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
17:54:22.0073 3256 aswRdr - ok
17:54:22.0096 3256 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
17:54:22.0122 3256 aswSnx - ok
17:54:22.0138 3256 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
17:54:22.0151 3256 aswSP - ok
17:54:22.0179 3256 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
17:54:22.0186 3256 aswTdi - ok
17:54:22.0200 3256 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:54:22.0237 3256 AsyncMac - ok
17:54:22.0243 3256 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:54:22.0250 3256 atapi - ok
17:54:22.0315 3256 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
17:54:22.0366 3256 atikmdag - ok
17:54:22.0394 3256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:54:22.0422 3256 AudioEndpointBuilder - ok
17:54:22.0429 3256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:54:22.0457 3256 AudioSrv - ok
17:54:22.0497 3256 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:54:22.0510 3256 avast! Antivirus - ok
17:54:22.0527 3256 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:54:22.0552 3256 AxInstSV - ok
17:54:22.0574 3256 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:54:22.0597 3256 b06bdrv - ok
17:54:22.0617 3256 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:54:22.0639 3256 b57nd60a - ok
17:54:22.0643 3256 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:54:22.0664 3256 BDESVC - ok
17:54:22.0672 3256 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:54:22.0697 3256 Beep - ok
17:54:22.0717 3256 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:54:22.0754 3256 BFE - ok
17:54:22.0782 3256 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
17:54:22.0813 3256 BITS - ok
17:54:22.0825 3256 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:54:22.0835 3256 blbdrive - ok
17:54:22.0874 3256 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:54:22.0885 3256 Bonjour Service - ok
17:54:22.0904 3256 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:54:22.0913 3256 bowser - ok
17:54:22.0925 3256 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:54:22.0936 3256 BrFiltLo - ok
17:54:22.0945 3256 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:54:22.0956 3256 BrFiltUp - ok
17:54:22.0988 3256 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:54:22.0998 3256 Browser - ok
17:54:23.0012 3256 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:54:23.0024 3256 Brserid - ok
17:54:23.0032 3256 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:54:23.0043 3256 BrSerWdm - ok
17:54:23.0053 3256 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:54:23.0064 3256 BrUsbMdm - ok
17:54:23.0071 3256 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:54:23.0080 3256 BrUsbSer - ok
17:54:23.0090 3256 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:54:23.0101 3256 BTHMODEM - ok
17:54:23.0118 3256 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:54:23.0147 3256 bthserv - ok
17:54:23.0160 3256 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:54:23.0186 3256 cdfs - ok
17:54:23.0201 3256 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:54:23.0211 3256 cdrom - ok
17:54:23.0214 3256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:54:23.0243 3256 CertPropSvc - ok
17:54:23.0258 3256 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:54:23.0269 3256 circlass - ok
17:54:23.0288 3256 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:54:23.0299 3256 CLFS - ok
17:54:23.0331 3256 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:54:23.0338 3256 clr_optimization_v2.0.50727_32 - ok
17:54:23.0370 3256 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:54:23.0384 3256 clr_optimization_v2.0.50727_64 - ok
17:54:23.0442 3256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:54:23.0457 3256 clr_optimization_v4.0.30319_32 - ok
17:54:23.0465 3256 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:54:23.0479 3256 clr_optimization_v4.0.30319_64 - ok
17:54:23.0489 3256 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
17:54:23.0515 3256 CmBatt - ok
17:54:23.0531 3256 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:54:23.0545 3256 cmdide - ok
17:54:23.0579 3256 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:54:23.0611 3256 CNG - ok
17:54:23.0622 3256 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:54:23.0629 3256 Compbatt - ok
17:54:23.0654 3256 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\windows\system32\DRIVERS\lvbflt64.sys
17:54:23.0661 3256 CompFilter64 - ok
17:54:23.0664 3256 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:54:23.0680 3256 CompositeBus - ok
17:54:23.0682 3256 COMSysApp - ok
17:54:23.0691 3256 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:54:23.0698 3256 crcdisk - ok
17:54:23.0720 3256 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
17:54:23.0735 3256 CryptSvc - ok
17:54:23.0804 3256 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:54:23.0828 3256 cvhsvc - ok
17:54:23.0858 3256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:54:23.0890 3256 DcomLaunch - ok
17:54:23.0907 3256 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:54:23.0955 3256 defragsvc - ok
17:54:23.0982 3256 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
17:54:23.0989 3256 Desura Install Service - ok
17:54:24.0004 3256 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:54:24.0029 3256 DfsC - ok
17:54:24.0039 3256 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:54:24.0062 3256 Dhcp - ok
17:54:24.0079 3256 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:54:24.0114 3256 discache - ok
17:54:24.0120 3256 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:54:24.0127 3256 Disk - ok
17:54:24.0142 3256 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:54:24.0153 3256 Dnscache - ok
17:54:24.0161 3256 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:54:24.0187 3256 dot3svc - ok
17:54:24.0191 3256 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:54:24.0216 3256 DPS - ok
17:54:24.0223 3256 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:54:24.0234 3256 drmkaud - ok
17:54:24.0245 3256 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:54:24.0263 3256 DXGKrnl - ok
17:54:24.0282 3256 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
17:54:24.0292 3256 e1cexpress - ok
17:54:24.0302 3256 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:54:24.0328 3256 EapHost - ok
17:54:24.0370 3256 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:54:24.0402 3256 ebdrv - ok
17:54:24.0425 3256 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:54:24.0436 3256 EFS - ok
17:54:24.0462 3256 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:54:24.0476 3256 ehRecvr - ok
17:54:24.0485 3256 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:54:24.0495 3256 ehSched - ok
17:54:24.0520 3256 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:54:24.0533 3256 elxstor - ok
17:54:24.0545 3256 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:54:24.0554 3256 ErrDev - ok
17:54:24.0582 3256 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:54:24.0609 3256 EventSystem - ok
17:54:24.0625 3256 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:54:24.0651 3256 exfat - ok
17:54:24.0665 3256 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:54:24.0702 3256 fastfat - ok
17:54:24.0715 3256 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:54:24.0741 3256 Fax - ok
17:54:24.0748 3256 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:54:24.0757 3256 fdc - ok
17:54:24.0768 3256 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:54:24.0793 3256 fdPHost - ok
17:54:24.0804 3256 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:54:24.0829 3256 FDResPub - ok
17:54:24.0833 3256 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:54:24.0840 3256 FileInfo - ok
17:54:24.0843 3256 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:54:24.0868 3256 Filetrace - ok
17:54:24.0880 3256 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:54:24.0889 3256 flpydisk - ok
17:54:24.0901 3256 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:54:24.0911 3256 FltMgr - ok
17:54:24.0938 3256 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:54:24.0956 3256 FontCache - ok
17:54:24.0996 3256 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:54:25.0008 3256 FontCache3.0.0.0 - ok
17:54:25.0028 3256 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:54:25.0043 3256 FsDepends - ok
17:54:25.0074 3256 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
17:54:25.0091 3256 fssfltr - ok
17:54:25.0167 3256 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:54:25.0205 3256 fsssvc - ok
17:54:25.0230 3256 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:54:25.0237 3256 Fs_Rec - ok
17:54:25.0241 3256 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:54:25.0252 3256 fvevol - ok
17:54:25.0264 3256 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:54:25.0272 3256 gagp30kx - ok
17:54:25.0297 3256 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:54:25.0303 3256 GEARAspiWDM - ok
17:54:25.0331 3256 [ E80C14B9C6E5B57BB7710B356857A964 ] gfiark C:\windows\system32\drivers\gfiark.sys
17:54:25.0338 3256 gfiark - ok
17:54:25.0351 3256 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\windows\system32\drivers\gfibto.sys
17:54:25.0358 3256 gfibto - ok
17:54:25.0385 3256 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:54:25.0416 3256 gpsvc - ok
17:54:25.0445 3256 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:54:25.0452 3256 gupdate - ok
17:54:25.0455 3256 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:54:25.0462 3256 gupdatem - ok
17:54:25.0474 3256 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:54:25.0482 3256 gusvc - ok
17:54:25.0500 3256 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:54:25.0519 3256 hcw85cir - ok
17:54:25.0532 3256 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:54:25.0556 3256 HdAudAddService - ok
17:54:25.0562 3256 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:54:25.0573 3256 HDAudBus - ok
17:54:25.0589 3256 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:54:25.0599 3256 HidBatt - ok
17:54:25.0613 3256 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:54:25.0635 3256 HidBth - ok
17:54:25.0646 3256 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:54:25.0658 3256 HidIr - ok
17:54:25.0673 3256 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:54:25.0700 3256 hidserv - ok
17:54:25.0706 3256 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:54:25.0716 3256 HidUsb - ok
17:54:25.0735 3256 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:54:25.0760 3256 hkmsvc - ok
17:54:25.0767 3256 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:54:25.0779 3256 HomeGroupListener - ok
17:54:25.0797 3256 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:54:25.0808 3256 HomeGroupProvider - ok
17:54:25.0817 3256 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:54:25.0825 3256 HpSAMD - ok
17:54:25.0833 3256 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:54:25.0862 3256 HTTP - ok
17:54:25.0871 3256 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:54:25.0878 3256 hwpolicy - ok
17:54:25.0894 3256 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:54:25.0903 3256 i8042prt - ok
17:54:25.0924 3256 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:54:25.0935 3256 iaStorV - ok
17:54:25.0974 3256 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:54:25.0978 3256 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:54:25.0978 3256 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:54:26.0012 3256 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:54:26.0039 3256 idsvc - ok
17:54:26.0197 3256 [ 5A3D48DE22390A270FE8786ECA07D7FF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:54:26.0304 3256 igfx - ok
17:54:26.0332 3256 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:54:26.0340 3256 iirsp - ok
17:54:26.0365 3256 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll

to forum · permalink · 2013-02-08 19:42:29 ·

av8tor

@sbcglobal.net

reply to LoPhatPhuud
17:54:26.0400 3256 IKEEXT - ok
17:54:26.0454 3256 [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
17:54:26.0497 3256 IntcAzAudAddService - ok
17:54:26.0510 3256 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:54:26.0520 3256 IntcDAud - ok
17:54:26.0535 3256 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:54:26.0543 3256 intelide - ok
17:54:26.0551 3256 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:54:26.0561 3256 intelppm - ok
17:54:26.0573 3256 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:54:26.0606 3256 IPBusEnum - ok
17:54:26.0621 3256 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:54:26.0645 3256 IpFilterDriver - ok
17:54:26.0680 3256 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:54:26.0702 3256 iphlpsvc - ok
17:54:26.0719 3256 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:54:26.0738 3256 IPMIDRV - ok
17:54:26.0755 3256 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:54:26.0782 3256 IPNAT - ok
17:54:26.0817 3256 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:54:26.0840 3256 iPod Service - ok
17:54:26.0850 3256 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:54:26.0863 3256 IRENUM - ok
17:54:26.0880 3256 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:54:26.0888 3256 isapnp - ok
17:54:26.0904 3256 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:54:26.0914 3256 iScsiPrt - ok
17:54:26.0933 3256 [ 1DED0D0AA513E2A5862B20A520D3A1E1 ] JME Keyboard C:\Windows\jmesoft\Service.exe
17:54:26.0937 3256 JME Keyboard ( UnsignedFile.Multi.Generic ) - warning
17:54:26.0937 3256 JME Keyboard - detected UnsignedFile.Multi.Generic (1)
17:54:26.0943 3256 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:54:26.0951 3256 kbdclass - ok
17:54:26.0956 3256 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:54:26.0974 3256 kbdhid - ok
17:54:26.0983 3256 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:54:26.0993 3256 KeyIso - ok
17:54:27.0019 3256 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:54:27.0027 3256 KSecDD - ok
17:54:27.0036 3256 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:54:27.0044 3256 KSecPkg - ok
17:54:27.0053 3256 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:54:27.0078 3256 ksthunk - ok
17:54:27.0103 3256 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:54:27.0132 3256 KtmRm - ok
17:54:27.0149 3256 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:54:27.0177 3256 LanmanServer - ok
17:54:27.0197 3256 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:54:27.0224 3256 LanmanWorkstation - ok
17:54:27.0236 3256 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:54:27.0260 3256 lltdio - ok
17:54:27.0277 3256 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:54:27.0316 3256 lltdsvc - ok
17:54:27.0322 3256 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:54:27.0347 3256 lmhosts - ok
17:54:27.0378 3256 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:54:27.0387 3256 LMS - ok
17:54:27.0405 3256 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:54:27.0413 3256 LSI_FC - ok
17:54:27.0439 3256 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:54:27.0448 3256 LSI_SAS - ok
17:54:27.0455 3256 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:54:27.0463 3256 LSI_SAS2 - ok
17:54:27.0472 3256 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:54:27.0480 3256 LSI_SCSI - ok
17:54:27.0490 3256 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:54:27.0515 3256 luafv - ok
17:54:27.0553 3256 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\windows\system32\DRIVERS\lvrs64.sys
17:54:27.0563 3256 LVRS64 - ok
17:54:27.0621 3256 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\windows\system32\DRIVERS\lvuvc64.sys
17:54:27.0679 3256 LVUVC64 - ok
17:54:27.0699 3256 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:54:27.0709 3256 Mcx2Svc - ok
17:54:27.0723 3256 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:54:27.0731 3256 megasas - ok
17:54:27.0740 3256 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:54:27.0751 3256 MegaSR - ok
17:54:27.0765 3256 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:54:27.0771 3256 MEIx64 - ok
17:54:27.0789 3256 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:54:27.0816 3256 MMCSS - ok
17:54:27.0826 3256 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:54:27.0851 3256 Modem - ok
17:54:27.0859 3256 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:54:27.0869 3256 monitor - ok
17:54:27.0878 3256 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:54:27.0885 3256 mouclass - ok
17:54:27.0900 3256 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:54:27.0913 3256 mouhid - ok
17:54:27.0922 3256 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:54:27.0930 3256 mountmgr - ok
17:54:27.0963 3256 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:54:27.0977 3256 MozillaMaintenance - ok
17:54:27.0983 3256 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:54:27.0994 3256 mpio - ok
17:54:28.0002 3256 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:54:28.0027 3256 mpsdrv - ok
17:54:28.0048 3256 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
17:54:28.0080 3256 MpsSvc - ok
17:54:28.0090 3256 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:54:28.0108 3256 MRxDAV - ok
17:54:28.0120 3256 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:54:28.0130 3256 mrxsmb - ok
17:54:28.0139 3256 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:54:28.0150 3256 mrxsmb10 - ok
17:54:28.0153 3256 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:54:28.0162 3256 mrxsmb20 - ok
17:54:28.0174 3256 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:54:28.0182 3256 msahci - ok
17:54:28.0191 3256 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:54:28.0199 3256 msdsm - ok
17:54:28.0209 3256 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:54:28.0220 3256 MSDTC - ok
17:54:28.0225 3256 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:54:28.0250 3256 Msfs - ok
17:54:28.0261 3256 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:54:28.0285 3256 mshidkmdf - ok
17:54:28.0289 3256 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:54:28.0297 3256 msisadrv - ok
17:54:28.0313 3256 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:54:28.0339 3256 MSiSCSI - ok
17:54:28.0341 3256 msiserver - ok
17:54:28.0353 3256 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:54:28.0378 3256 MSKSSRV - ok
17:54:28.0387 3256 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:54:28.0419 3256 MSPCLOCK - ok
17:54:28.0426 3256 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:54:28.0451 3256 MSPQM - ok
17:54:28.0463 3256 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:54:28.0474 3256 MsRPC - ok
17:54:28.0492 3256 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:54:28.0500 3256 mssmbios - ok
17:54:28.0502 3256 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:54:28.0527 3256 MSTEE - ok
17:54:28.0535 3256 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:54:28.0545 3256 MTConfig - ok
17:54:28.0559 3256 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:54:28.0567 3256 Mup - ok
17:54:28.0584 3256 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:54:28.0613 3256 napagent - ok
17:54:28.0617 3256 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:54:28.0632 3256 NativeWifiP - ok
17:54:28.0665 3256 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:54:28.0682 3256 NDIS - ok
17:54:28.0693 3256 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:54:28.0718 3256 NdisCap - ok
17:54:28.0728 3256 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:54:28.0753 3256 NdisTapi - ok
17:54:28.0762 3256 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:54:28.0786 3256 Ndisuio - ok
17:54:28.0789 3256 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:54:28.0814 3256 NdisWan - ok
17:54:28.0817 3256 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:54:28.0841 3256 NDProxy - ok
17:54:28.0857 3256 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:54:28.0893 3256 NetBIOS - ok
17:54:28.0897 3256 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:54:28.0922 3256 NetBT - ok
17:54:28.0933 3256 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:54:28.0943 3256 Netlogon - ok
17:54:28.0964 3256 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:54:28.0992 3256 Netman - ok
17:54:28.0998 3256 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:54:29.0027 3256 netprofm - ok
17:54:29.0046 3256 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:54:29.0053 3256 NetTcpPortSharing - ok
17:54:29.0083 3256 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:54:29.0091 3256 nfrd960 - ok
17:54:29.0107 3256 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
17:54:29.0119 3256 NlaSvc - ok
17:54:29.0130 3256 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:54:29.0155 3256 Npfs - ok
17:54:29.0160 3256 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:54:29.0190 3256 nsi - ok
17:54:29.0196 3256 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:54:29.0221 3256 nsiproxy - ok
17:54:29.0273 3256 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:54:29.0300 3256 Ntfs - ok
17:54:29.0304 3256 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:54:29.0328 3256 Null - ok
17:54:29.0337 3256 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:54:29.0345 3256 nvraid - ok
17:54:29.0361 3256 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:54:29.0370 3256 nvstor - ok
17:54:29.0381 3256 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:54:29.0390 3256 nv_agp - ok
17:54:29.0404 3256 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:54:29.0414 3256 ohci1394 - ok
17:54:29.0438 3256 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:54:29.0445 3256 ose - ok
17:54:29.0527 3256 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:54:29.0589 3256 osppsvc - ok
17:54:29.0606 3256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:54:29.0618 3256 p2pimsvc - ok
17:54:29.0630 3256 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:54:29.0643 3256 p2psvc - ok
17:54:29.0646 3256 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:54:29.0655 3256 Parport - ok
17:54:29.0687 3256 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:54:29.0696 3256 partmgr - ok
17:54:29.0706 3256 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:54:29.0721 3256 PcaSvc - ok
17:54:29.0733 3256 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:54:29.0742 3256 pci - ok
17:54:29.0752 3256 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:54:29.0760 3256 pciide - ok
17:54:29.0764 3256 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:54:29.0773 3256 pcmcia - ok
17:54:29.0787 3256 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:54:29.0795 3256 pcw - ok
17:54:29.0802 3256 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:54:29.0837 3256 PEAUTH - ok
17:54:29.0882 3256 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:54:29.0901 3256 PerfHost - ok
17:54:29.0932 3256 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:54:29.0970 3256 pla - ok
17:54:29.0985 3256 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:54:29.0998 3256 PlugPlay - ok
17:54:30.0018 3256 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:54:30.0028 3256 PNRPAutoReg - ok
17:54:30.0039 3256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:54:30.0051 3256 PNRPsvc - ok
17:54:30.0067 3256 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:54:30.0095 3256 PolicyAgent - ok
17:54:30.0115 3256 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:54:30.0144 3256 Power - ok
17:54:30.0162 3256 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:54:30.0211 3256 PptpMiniport - ok
17:54:30.0224 3256 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:54:30.0233 3256 Processor - ok
17:54:30.0261 3256 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:54:30.0272 3256 ProfSvc - ok
17:54:30.0283 3256 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:54:30.0293 3256 ProtectedStorage - ok
17:54:30.0296 3256 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:54:30.0320 3256 Psched - ok
17:54:30.0349 3256 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:54:30.0372 3256 ql2300 - ok
17:54:30.0378 3256 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:54:30.0387 3256 ql40xx - ok
17:54:30.0405 3256 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:54:30.0420 3256 QWAVE - ok
17:54:30.0428 3256 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:54:30.0440 3256 QWAVEdrv - ok
17:54:30.0443 3256 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:54:30.0467 3256 RasAcd - ok
17:54:30.0481 3256 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:54:30.0506 3256 RasAgileVpn - ok
17:54:30.0525 3256 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:54:30.0553 3256 RasAuto - ok
17:54:30.0556 3256 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:54:30.0581 3256 Rasl2tp - ok
17:54:30.0589 3256 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:54:30.0617 3256 RasMan - ok
17:54:30.0623 3256 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:54:30.0652 3256 RasPppoe - ok
17:54:30.0664 3256 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:54:30.0689 3256 RasSstp - ok
17:54:30.0704 3256 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:54:30.0729 3256 rdbss - ok
17:54:30.0736 3256 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:54:30.0747 3256 rdpbus - ok
17:54:30.0753 3256 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:54:30.0778 3256 RDPCDD - ok
17:54:30.0788 3256 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:54:30.0821 3256 RDPENCDD - ok
17:54:30.0826 3256 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:54:30.0851 3256 RDPREFMP - ok
17:54:30.0881 3256 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:54:30.0891 3256 RDPWD - ok
17:54:30.0895 3256 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:54:30.0904 3256 rdyboost - ok
17:54:30.0914 3256 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:54:30.0940 3256 RemoteAccess - ok
17:54:30.0948 3256 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:54:30.0975 3256 RemoteRegistry - ok
17:54:30.0982 3256 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:54:31.0018 3256 RpcEptMapper - ok
17:54:31.0029 3256 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:54:31.0039 3256 RpcLocator - ok
17:54:31.0050 3256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:54:31.0079 3256 RpcSs - ok
17:54:31.0088 3256 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:54:31.0114 3256 rspndr - ok
17:54:31.0138 3256 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:54:31.0147 3256 RSUSBSTOR - ok
17:54:31.0168 3256 [ 5AD2F62A8AC45F40E02992F8793A5A23 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
17:54:31.0185 3256 RTL8192Ce - ok
17:54:31.0192 3256 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:54:31.0202 3256 SamSs - ok
17:54:31.0258 3256 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:54:31.0269 3256 SASDIFSV - ok
17:54:31.0272 3256 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:54:31.0283 3256 SASKUTIL - ok
17:54:31.0359 3256 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
17:54:31.0416 3256 SBAMSvc - ok
17:54:31.0450 3256 [ 8F19D62B04081C0BFF1E8D6F26220A28 ] sbapifs C:\windows\system32\DRIVERS\sbapifs.sys
17:54:31.0457 3256 sbapifs - ok
17:54:31.0473 3256 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:54:31.0481 3256 sbp2port - ok
17:54:31.0499 3256 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:54:31.0527 3256 SCardSvr - ok
17:54:31.0543 3256 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:54:31.0577 3256 scfilter - ok
17:54:31.0594 3256 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:54:31.0632 3256 Schedule - ok
17:54:31.0647 3256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:54:31.0671 3256 SCPolicySvc - ok
17:54:31.0684 3256 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:54:31.0695 3256 SDRSVC - ok
17:54:31.0702 3256 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:54:31.0727 3256 secdrv - ok
17:54:31.0732 3256 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:54:31.0757 3256 seclogon - ok
17:54:31.0765 3256 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:54:31.0792 3256 SENS - ok
17:54:31.0795 3256 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:54:31.0806 3256 SensrSvc - ok
17:54:31.0808 3256 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:54:31.0818 3256 Serenum - ok
17:54:31.0820 3256 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:54:31.0830 3256 Serial - ok
17:54:31.0833 3256 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:54:31.0841 3256 sermouse - ok
17:54:31.0854 3256 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:54:31.0880 3256 SessionEnv - ok
17:54:31.0882 3256 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:54:31.0893 3256 sffdisk - ok
17:54:31.0895 3256 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:54:31.0906 3256 sffp_mmc - ok
17:54:31.0908 3256 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:54:31.0918 3256 sffp_sd - ok
17:54:31.0920 3256 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:54:31.0929 3256 sfloppy - ok
17:54:31.0971 3256 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:54:31.0985 3256 Sftfs - ok
17:54:32.0019 3256 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:54:32.0030 3256 sftlist - ok
17:54:32.0059 3256 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:54:32.0068 3256 Sftplay - ok
17:54:32.0077 3256 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:54:32.0084 3256 Sftredir - ok
17:54:32.0086 3256 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:54:32.0092 3256 Sftvol - ok
17:54:32.0121 3256 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:54:32.0129 3256 sftvsa - ok
17:54:32.0148 3256 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
17:54:32.0177 3256 SharedAccess - ok
17:54:32.0196 3256 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:54:32.0224 3256 ShellHWDetection - ok
17:54:32.0245 3256 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:54:32.0252 3256 SiSRaid2 - ok
17:54:32.0259 3256 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:54:32.0268 3256 SiSRaid4 - ok
17:54:32.0270 3256 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:54:32.0307 3256 Smb - ok
17:54:32.0322 3256 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:54:32.0334 3256 SNMPTRAP - ok
17:54:32.0341 3256 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:54:32.0349 3256 spldr - ok
17:54:32.0377 3256 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:54:32.0391 3256 Spooler - ok
17:54:32.0449 3256 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:54:32.0506 3256 sppsvc - ok
17:54:32.0512 3256 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:54:32.0538 3256 sppuinotify - ok
17:54:32.0556 3256 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:54:32.0568 3256 srv - ok
17:54:32.0582 3256 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:54:32.0600 3256 srv2 - ok
17:54:32.0614 3256 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:54:32.0623 3256 srvnet - ok
17:54:32.0644 3256 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:54:32.0673 3256 SSDPSRV - ok
17:54:32.0675 3256 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:54:32.0702 3256 SstpSvc - ok
17:54:32.0717 3256 Steam Client Service - ok
17:54:32.0749 3256 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:54:32.0756 3256 stexstor - ok
17:54:32.0785 3256 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
17:54:32.0803 3256 StillCam - ok
17:54:32.0824 3256 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:54:32.0846 3256 stisvc - ok
17:54:32.0856 3256 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:54:32.0863 3256 swenum - ok
17:54:32.0879 3256 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:54:32.0909 3256 swprv - ok
17:54:32.0926 3256 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:54:32.0953 3256 SysMain - ok
17:54:32.0959 3256 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:54:32.0973 3256 TabletInputService - ok
17:54:32.0983 3256 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:54:33.0011 3256 TapiSrv - ok
17:54:33.0018 3256 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:54:33.0044 3256 TBS - ok
17:54:33.0095 3256 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:54:33.0122 3256 Tcpip - ok
17:54:33.0140 3256 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:54:33.0167 3256 TCPIP6 - ok
17:54:33.0173 3256 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:54:33.0181 3256 tcpipreg - ok
17:54:33.0196 3256 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:54:33.0204 3256 TDPIPE - ok
17:54:33.0230 3256 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:54:33.0238 3256 TDTCP - ok
17:54:33.0253 3256 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:54:33.0278 3256 tdx - ok
17:54:33.0286 3256 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:54:33.0294 3256 TermDD - ok
17:54:33.0321 3256 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:54:33.0358 3256 TermService - ok
17:54:33.0360 3256 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:54:33.0374 3256 Themes - ok
17:54:33.0381 3256 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:54:33.0407 3256 THREADORDER - ok
17:54:33.0415 3256 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:54:33.0452 3256 TrkWks - ok
17:54:33.0476 3256 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:54:33.0520 3256 TrustedInstaller - ok
17:54:33.0531 3256 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:54:33.0568 3256 tssecsrv - ok
17:54:33.0578 3256 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:54:33.0587 3256 TsUsbFlt - ok
17:54:33.0596 3256 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:54:33.0605 3256 TsUsbGD - ok
17:54:33.0614 3256 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:54:33.0638 3256 tunnel - ok
17:54:33.0641 3256 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:54:33.0649 3256 uagp35 - ok
17:54:33.0659 3256 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:54:33.0699 3256 udfs - ok
17:54:33.0716 3256 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:54:33.0728 3256 UI0Detect - ok
17:54:33.0738 3256 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:54:33.0747 3256 uliagpkx - ok
17:54:33.0756 3256 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:54:33.0776 3256 umbus - ok
17:54:33.0785 3256 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:54:33.0794 3256 UmPass - ok
17:54:33.0853 3256 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:54:33.0873 3256 UMVPFSrv - ok
17:54:33.0945 3256 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:54:33.0985 3256 UNS - ok
17:54:34.0005 3256 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:54:34.0041 3256 upnphost - ok
17:54:34.0064 3256 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:54:34.0073 3256 USBAAPL64 - ok
17:54:34.0100 3256 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
17:54:34.0111 3256 usbaudio - ok
17:54:34.0119 3256 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:54:34.0129 3256 usbccgp - ok
17:54:34.0147 3256 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:54:34.0159 3256 usbcir - ok
17:54:34.0162 3256 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
17:54:34.0171 3256 usbehci - ok
17:54:34.0183 3256 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:54:34.0194 3256 usbhub - ok
17:54:34.0206 3256 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:54:34.0222 3256 usbohci - ok
17:54:34.0224 3256 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
17:54:34.0235 3256 usbprint - ok
17:54:34.0248 3256 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:54:34.0257 3256 USBSTOR - ok
17:54:34.0265 3256 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:54:34.0274 3256 usbuhci - ok
17:54:34.0293 3256 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:54:34.0304 3256 usbvideo - ok
17:54:34.0319 3256 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:54:34.0350 3256 UxSms - ok
17:54:34.0359 3256 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:54:34.0368 3256 VaultSvc - ok
17:54:34.0377 3256 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:54:34.0385 3256 vdrvroot - ok
17:54:34.0395 3256 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:54:34.0425 3256 vds - ok
17:54:34.0433 3256 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:54:34.0444 3256 vga - ok
17:54:34.0451 3256 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:54:34.0477 3256 VgaSave - ok
17:54:34.0481 3256 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:54:34.0490 3256 vhdmp - ok
17:54:34.0493 3256 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:54:34.0501 3256 viaide - ok
17:54:34.0512 3256 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:54:34.0520 3256 volmgr - ok
17:54:34.0532 3256 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:54:34.0543 3256 volmgrx - ok
17:54:34.0563 3256 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:54:34.0573 3256 volsnap - ok
17:54:34.0590 3256 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:54:34.0599 3256 vsmraid - ok
17:54:34.0630 3256 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:54:34.0668 3256 VSS - ok
17:54:34.0677 3256 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:54:34.0695 3256 vwifibus - ok
17:54:34.0697 3256 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:54:34.0710 3256 vwififlt - ok
17:54:34.0726 3256 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:54:34.0756 3256 W32Time - ok
17:54:34.0760 3256 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:54:34.0770 3256 WacomPen - ok
17:54:34.0781 3256 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:54:34.0806 3256 WANARP - ok
17:54:34.0808 3256 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:54:34.0832 3256 Wanarpv6 - ok
17:54:34.0878 3256 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:54:34.0898 3256 WatAdminSvc - ok
17:54:34.0913 3256 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:54:34.0946 3256 wbengine - ok
17:54:34.0957 3256 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:54:34.0973 3256 WbioSrvc - ok
17:54:34.0980 3256 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:54:35.0000 3256 wcncsvc - ok
17:54:35.0012 3256 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:54:35.0022 3256 WcsPlugInService - ok
17:54:35.0034 3256 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:54:35.0041 3256 Wd - ok
17:54:35.0073 3256 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:54:35.0089 3256 Wdf01000 - ok
17:54:35.0098 3256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:54:35.0134 3256 WdiServiceHost - ok
17:54:35.0136 3256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:54:35.0152 3256 WdiSystemHost - ok
17:54:35.0175 3256 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:54:35.0191 3256 WebClient - ok
17:54:35.0201 3256 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:54:35.0229 3256 Wecsvc - ok
17:54:35.0232 3256 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:54:35.0259 3256 wercplsupport - ok
17:54:35.0266 3256 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:54:35.0293 3256 WerSvc - ok
17:54:35.0309 3256 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:54:35.0334 3256 WfpLwf - ok
17:54:35.0336 3256 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:54:35.0343 3256 WIMMount - ok
17:54:35.0348 3256 WinDefend - ok
17:54:35.0350 3256 WinHttpAutoProxySvc - ok
17:54:35.0365 3256 [ 66C365B542195C1F6E2FF4A7D8F3827C ] WinI2C-DDC C:\windows\system32\drivers\DDCDrv.sys
17:54:35.0373 3256 WinI2C-DDC - ok
17:54:35.0410 3256 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:54:35.0436 3256 Winmgmt - ok
17:54:35.0477 3256 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:54:35.0518 3256 WinRM - ok
17:54:35.0549 3256 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:54:35.0569 3256 WinUsb - ok
17:54:35.0587 3256 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:54:35.0618 3256 Wlansvc - ok
17:54:35.0686 3256 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:54:35.0723 3256 wlidsvc - ok
17:54:35.0742 3256 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:54:35.0751 3256 WmiAcpi - ok
17:54:35.0771 3256 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:54:35.0782 3256 wmiApSrv - ok
17:54:35.0799 3256 WMPNetworkSvc - ok
17:54:35.0809 3256 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:54:35.0822 3256 WPCSvc - ok
17:54:35.0825 3256 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:54:35.0838 3256 WPDBusEnum - ok
17:54:35.0843 3256 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:54:35.0868 3256 ws2ifsl - ok
17:54:35.0877 3256 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
17:54:35.0891 3256 wscsvc - ok
17:54:35.0893 3256 WSearch - ok
17:54:35.0910 3256 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
17:54:35.0917 3256 wsvd - ok
17:54:35.0977 3256 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:54:36.0022 3256 wuauserv - ok
17:54:36.0052 3256 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:54:36.0061 3256 WudfPf - ok
17:54:36.0068 3256 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:54:36.0079 3256 WUDFRd - ok
17:54:36.0086 3256 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:54:36.0097 3256 wudfsvc - ok
17:54:36.0118 3256 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:54:36.0134 3256 WwanSvc - ok
17:54:36.0140 3256 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
17:54:36.0163 3256 yukonw7 - ok
17:54:36.0165 3256 ================ Scan global ===============================
17:54:36.0175 3256 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:54:36.0207 3256 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
17:54:36.0216 3256 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
17:54:36.0245 3256 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:54:36.0265 3256 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:54:36.0271 3256 [Global] - ok
17:54:36.0272 3256 ================ Scan MBR ==================================
17:54:36.0281 3256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:54:36.0478 3256 \Device\Harddisk0\DR0 - ok
17:54:36.0484 3256 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:54:36.0725 3256 \Device\Harddisk1\DR1 - ok
17:54:36.0725 3256 ================ Scan VBR ==================================
17:54:36.0728 3256 [ 38D698748674382F237196F171E756D2 ] \Device\Harddisk0\DR0\Partition1
17:54:36.0729 3256 \Device\Harddisk0\DR0\Partition1 - ok
17:54:36.0764 3256 [ 2448558D40CBD87F6D10773FAF599292 ] \Device\Harddisk0\DR0\Partition2
17:54:36.0766 3256 \Device\Harddisk0\DR0\Partition2 - ok
17:54:36.0771 3256 [ 04289941126098CBAE69645283921ED2 ] \Device\Harddisk1\DR1\Partition1
17:54:36.0773 3256 \Device\Harddisk1\DR1\Partition1 - ok
17:54:36.0773 3256 ============================================================
17:54:36.0773 3256 Scan finished
17:54:36.0773 3256 ============================================================
17:54:36.0780 5964 Detected object count: 2
17:54:36.0780 5964 Actual detected object count: 2
17:54:50.0007 5964 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:50.0007 5964 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:50.0007 5964 JME Keyboard ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:50.0007 5964 JME Keyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip

to forum · permalink · 2013-02-08 19:42:44 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

reply to av8tor
Thanks. The TDSS Killer logs were negative. I'm going to ask TheJoker to check the logs as a double check.

I'll get back to you as soon as I have a response.

to forum · permalink · 2013-02-09 10:28:18 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor

Download ComboFix from one of these locations:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.infospyware.net/antimalware/combofix/

* IMPORTANT !!! Save ComboFix.exe to your Desktop

[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

[*]Double click on ComboFix.exe & follow the prompts.

[*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it at least 20-30 minutes to finish if needed.

--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-09 16:40:36 ·

av8tor

@sbcglobal.net

Here's the log. Thanks again!

ComboFix 13-02-07.02 - Kurt 02/09/2013 16:35:03.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.6365 [GMT -6:00]
Running from: c:\users\Kurt\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kurt\Documents\~WRL0003.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-01-09 to 2013-02-09 )))))))))))))))))))))))))))))))
.
.
2013-02-09 22:39 . 2013-02-09 22:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-09 02:27 . 2013-02-09 02:30 -------- d-----w- c:\users\Kurt\AppData\Local\Microsoft Games
2013-02-03 23:20 . 2013-02-03 23:20 -------- d-----w- c:\program files (x86)\ESET
2013-02-03 23:01 . 2013-02-03 23:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-03 23:01 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-01 18:38 . 2013-02-01 18:38 -------- d-----w- c:\users\Kurt\AppData\Roaming\SUPERAntiSpyware.com
2013-02-01 18:38 . 2013-02-01 18:38 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-02-01 18:38 . 2013-02-01 18:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-02-01 18:38 . 2013-02-01 18:38 -------- d-----w- c:\users\Kurt\AppData\Roaming\Malwarebytes
2013-02-01 18:38 . 2013-02-01 18:38 -------- d-----w- c:\programdata\Malwarebytes
2013-02-01 18:37 . 2013-02-01 18:37 -------- d-----w- c:\users\Kurt\AppData\Local\Programs
2013-02-01 05:11 . 2012-12-17 12:43 38096 ----a-w- c:\windows\system32\drivers\gfiark.sys
2013-02-01 03:44 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-01 03:44 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-01 03:44 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-01 03:44 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-01 03:44 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-01 03:44 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-01 03:44 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-01 03:43 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-01 03:43 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-02-01 03:43 . 2013-02-01 03:43 -------- d-----w- c:\programdata\AVAST Software
2013-02-01 03:43 . 2013-02-01 03:43 -------- d-----w- c:\program files\AVAST Software
2013-02-01 01:19 . 2013-02-01 01:19 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2013-02-01 01:18 . 2013-02-01 01:18 -------- d-----w- c:\users\Kurt\AppData\Roaming\LavasoftStatistics
2013-02-01 01:05 . 2013-02-01 05:11 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2013-02-01 01:05 . 2013-02-01 01:05 -------- d-----w- c:\programdata\Lavasoft
2013-02-01 01:05 . 2013-02-01 01:05 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-02-01 01:05 . 2012-09-20 11:40 47496 ----a-w- c:\windows\system32\sbbd.exe
2013-02-01 01:02 . 2013-02-01 01:02 -------- d-----w- c:\programdata\blekko toolbars
2013-02-01 01:02 . 2013-02-01 01:02 -------- d-----w- c:\users\Kurt\AppData\Local\adawarebp
2013-02-01 01:02 . 2013-02-01 01:02 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2013-02-01 01:01 . 2013-02-01 01:02 -------- d-----w- c:\program files (x86)\adawaretb
2013-02-01 01:01 . 2013-02-01 01:01 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2013-02-01 01:01 . 2013-02-09 22:30 -------- d-----w- c:\users\Kurt\AppData\Roaming\Ad-Aware Antivirus
2013-02-01 00:49 . 2013-02-01 00:49 -------- d-----w- c:\program files\CCleaner
2013-01-29 21:25 . 2013-01-29 21:25 -------- d-----w- C:\GNS430
2013-01-29 21:24 . 2001-09-05 09:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll
2013-01-29 21:24 . 2001-09-05 09:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2013-01-29 21:24 . 2001-09-05 09:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2013-01-29 21:24 . 2001-09-05 09:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2013-01-29 21:24 . 2000-01-04 11:39 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2013-01-29 21:08 . 2013-01-29 21:12 671589 ----a-w- c:\program files (x86)\Microsoft Games\Flight Simulator 9\DreamFleet\DreamManager\Uninstall Information\unins001.exe
2013-01-29 21:08 . 2013-01-29 21:08 671589 ----a-w- c:\program files (x86)\Microsoft Games\Flight Simulator 9\DreamFleet\DreamManager\Uninstall Information\unins000.exe
2013-01-29 21:08 . 2005-09-22 02:53 1224704 ----a-w- c:\program files (x86)\Microsoft Games\Flight Simulator 9\DreamFleet\DreamManager\DreamManager.exe
2013-01-29 21:06 . 2013-01-29 21:16 94123 ----a-w- c:\program files (x86)\Microsoft Games\Flight Simulator 9\DFA36R3Uninstal.exe
2013-01-29 21:04 . 2013-01-29 21:05 -------- d-----w- C:\DreamFleet
2013-01-29 21:02 . 2013-01-29 21:02 100464 ----a-w- c:\windows\SysWow64\ICKHTTPS2.OCX
2013-01-29 19:34 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B8146D0-3B4C-460A-8B70-62E5B1F90132}\mpengine.dll
2013-01-29 19:25 . 2013-01-29 19:33 -------- d-----w- c:\program files (x86)\Watchtower
2013-01-27 03:08 . 2013-01-27 03:08 61 --sh--w- c:\windows\cnerolf.bin
2013-01-27 03:03 . 2013-01-27 03:03 -------- d-----w- c:\program files (x86)\SquawkBox
2013-01-15 19:04 . 2013-01-15 19:04 -------- d-----w- c:\programdata\Microsoft Help
2013-01-15 19:04 . 2013-01-15 19:04 -------- d-----w- c:\users\Kurt\AppData\Local\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 13:51 . 2012-09-07 21:04 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 13:51 . 2012-09-07 21:04 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-16 17:11 . 2012-12-21 09:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 09:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 09:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 09:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 19:46 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 19:46 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 19:46 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 19:46 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 19:46 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 19:46 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 19:46 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 19:46 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 19:46 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 19:46 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 19:46 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 19:46 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 19:46 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 19:46 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 19:46 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 19:46 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 19:46 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 19:46 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:46 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 19:46 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 19:46 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 19:46 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 19:46 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 19:46 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 19:46 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 19:46 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 19:46 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 19:46 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 19:46 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 19:46 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 19:46 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 19:46 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 19:46 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 19:46 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 19:46 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 19:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 19:46 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 19:46 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 19:46 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 19:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 19:46 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 19:46 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 19:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 02:14 220632 ----a-w- c:\users\Kurt\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 02:14 220632 ----a-w- c:\users\Kurt\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 02:14 220632 ----a-w- c:\users\Kurt\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-06-08 118784]
"Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
"CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-05 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-14 222504]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-12-11 542104]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 3677000]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-10-01 131912]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2012-12-17 38096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-06 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-16 32768]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-02-01 14456]
S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys [2008-04-08 20832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-12-15 1236968]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2012-09-13 82872]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-06-24 947304]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 14356588
*Deregistered* - 14356588
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 18:41 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 13:51]
.
2013-02-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961928560-892121555-2397784583-1001Core.job
- c:\users\Kurt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-15 16:19]
.
2013-02-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961928560-892121555-2397784583-1001UA.job
- c:\users\Kurt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-15 16:19]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-10 18:45]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-10 18:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 02:14 244696 ----a-w- c:\users\Kurt\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 02:14 244696 ----a-w- c:\users\Kurt\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 02:14 244696 ----a-w- c:\users\Kurt\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
.
------- Supplementary Scan -------
.
uStart Page = »email.mc.vanderbilt.edu/owa/auth···2fowa%2f
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cuny2.default\
FF - ExtSQL: 2013-01-31 19:01; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cuny2.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF - ExtSQL: 2013-01-31 22:24; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run- - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-02-09 16:42:07
ComboFix-quarantined-files.txt 2013-02-09 22:42
.
Pre-Run: 1,773,477,089,280 bytes free
Post-Run: 1,773,319,585,792 bytes free
.
- - End Of File - - 69EA247EA93F28AF41478D01CCBBFFF5

to forum · permalink · 2013-02-09 19:26:58 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor
Thanks. Combofix was negative also.

There is one file I want to check for possible corruption...

Please go to »www.virustotal.com/

Press the 'Browse' button to the right of the yellow box.

Navigate to the file(s) listed below, one at a time (if more than one file). Press the 'Open' button in the file dialog box or double click on the file name. The file name and path should appear in the yellow box.

c:\windows\system32\sbbd.exe

Click on the Send File button

Note: If you can't find the file, let me know in your next post.

Once the Scan is completed, a Web page will open with the scan results. Copy and paste the address of that webpage from the address bar of your browser into your next post in this thread. Note that you can also copy and paste the contents of the webpage if you find that easier.

If the file has been previously scanned, the results webpage will show:
"File has already been submitted:"

Press the "View Last Report" button then copy and paste the address of that webpage from the address bar of your browser into your next post in this thread.

If there is more than one file listed for scanning, press the Another File button at the bottom of the page. Repeat this procedure until all files listed have been scanned.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-10 10:26:14 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor
The logs indicate both Ad-Aware Anti Virus and Avast are installed; both with realtime protection turned on.

To avoid corrruption and system degradation, only run one AntiVirus product providing realtime protection. Please pick one and uninstakll the other.

Also, check your cojmputers Add/Remove Programs (Program Features) to see if any unknown/unwanted programs may have been installed without your knowledge.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-10 10:29:23 ·

av8tor

@sbcglobal.net

OK, here is the link to the scan results : »www.virustotal.com/file/eafd3539···nalysis/ When I clicked on that file's properties (I didn't open the exe itself, just right click and checked properties) it said that it's a "Boot Delete Utility".

I check the Add/Remove Program list and there was nothing strange or that I didn't recognize.

I also removed Avast and am only using Adaware now. We still have the slow internet. This is very frustrating! Thanks for all the help so far!

to forum · permalink · 2013-02-10 15:36:20 ·

LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26

Reviews:

·Comcast

reply to av8tor
This indeed is a puzzler. I want to check out some sources to see if I have overlooked anything.

This coming Tuesday is the monthly Microsoft and as part of the update process, you'll run the Malicious Software Removal Tool. I want to wait until that is done to see if any improvement is made.

MSRT will remove many of the items we have been checking for and since it will be run automatically with the update process, it does not make sense to take any additional steps at this time.

Post back after the monthly update and let me know if the performance improves.

Of course, if I find anything out, I'll post immediately
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

to forum · permalink · 2013-02-10 21:09:59 ·

Broadband Tech > Security > Security Cleanup > Possbile Virus - Very Slow Internet

Possbile Virus - Very Slow Internet