Search engine redirect virus

Inactive
By Humeon
Sep 13, 2012
  1. Hey guys, I'm having issues with being redirected to ads as I click on Google search results.

    Here's my MalwareBytes log:

    Malwarebytes Anti-Malware 1.65.0.1400
    www.malwarebytes.org
    Database version: v2012.09.11.09
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Overdrive :: OVERDRIVEGAMING [administrator]
    13/09/2012 2:22:55 PM
    mbam-log-2012-09-13 (14-22-55).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 203665
    Time elapsed: 5 minute(s), 47 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)

    GMER didn't return anything

    Here's my DDS logs - DDS.txt:

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Overdrive at 15:14:07 on 2012-09-13
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3894.1733 [GMT 10:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Users\Overdrive\AppData\Roaming\Mikogo 4\M4-Service.exe
    C:\Program Files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe
    C:\Users\Overdrive\AppData\Roaming\Mikogo 4\M4-Capture.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\PROGRA~2\xTuple\POSTGR~1\bin\pg_ctl.exe
    C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    C:\PROGRA~2\xTuple\POSTGR~1\bin\postgres.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\PROGRA~2\xTuple\POSTGR~1\bin\postgres.exe
    C:\PROGRA~2\xTuple\POSTGR~1\bin\postgres.exe
    C:\PROGRA~2\xTuple\POSTGR~1\bin\postgres.exe
    C:\PROGRA~2\xTuple\POSTGR~1\bin\postgres.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
    C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe
    C:\Program Files (x86)\Samsung\Kies\Kies.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Users\Overdrive\AppData\Roaming\Mikogo 4\mikogo-host.exe
    C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\winsim\ConnectionManager\Simply.SystemTrayIcon.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\splwow64.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\SysWOW64\RunDll32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\javaw.exe
    C:\Program Files (x86)\Wizards of the Coast\Event Reporter\Reporter.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.mail.yahoo.com/
    uURLSearchHooks: H - No File
    mURLSearchHooks: H - No File
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [Mikogo] "C:\Users\Overdrive\AppData\Roaming\Mikogo 4\mikogo-host.exe" -asp
    uRun: [Facebook Update] "C:\Users\Overdrive\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
    uRun: [DesktopReminder2ByPolenter] "C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe" -silent
    uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
    uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    uRun: [nvpedi] "C:\Windows\System32\rundll32.exe" "C:\Users\Overdrive\AppData\Roaming\nvpedi.dll",_Repeat
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [ConnectionManager] C:\Program Files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
    mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{BC562D85-C35F-4A0D-90D7-4351EFE5D6A3} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{BC562D85-C35F-4A0D-90D7-4351EFE5D6A3}\2656C6B696E6E2667336 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{BC562D85-C35F-4A0D-90D7-4351EFE5D6A3}\2656C6B696E6E283561633 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{BC562D85-C35F-4A0D-90D7-4351EFE5D6A3}\34963736F62373636353 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{BC562D85-C35F-4A0D-90D7-4351EFE5D6A3}\55C44594D4144554D213242363 : DhcpNameServer = 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO-X64: AVG Do Not Track - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun-x64: [ConnectionManager] C:\Program Files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
    mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    mRun-x64: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Overdrive\AppData\Roaming\Mozilla\Firefox\Profiles\raduhr3g.default\
    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7f9585cc-b51a-453a-ab70-db13c199fddc%7D&mid=4032d585ef0c47d18ae21d1be94d5b7d-6d5da9b00d55f9959a3d2a9fc633c9aa80b745db&ds=AVG&v=11.1.0.7&lang=en&pr=fr&d=2012-05-08%2012%3A20%3A46&sap=ku&q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
    FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\npsitesafety.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Overdrive\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Overdrive\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-22 103992]
    R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-6 681528]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-10 13592]
    R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-7-6 375176]
    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 15928]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
    R2 M4-Service;M4-Service;C:\Users\Overdrive\AppData\Roaming\Mikogo 4\M4-Service.exe [2012-8-13 1008032]
    R2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager;C:\Program Files (x86)\winsim\ConnectionManager\SimplyConnectionManager.exe [2011-8-1 21320]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-10 2320920]
    R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-7-11 935008]
    R2 xTuplePostgreSQL;xTuplePostgreSQL;C:/PROGRA~2/xTuple/POSTGR~1/bin/pg_ctl.exe runservice -N "xTuplePostgreSQL" -D "C:/PROGRA~2/xTuple/POSTGR~1/data" --> C:/PROGRA~2/xTuple/POSTGR~1/bin/pg_ctl.exe runservice -N xTuplePostgreSQL [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
    R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-20 2425960]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-7-28 167264]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
    S3 ExpressAccountsService;Express Accounts;C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe [2011-10-27 2964484]
    S3 ExpressInvoiceService;Express Invoice;C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2011-10-27 1931268]
    S3 InventoriaService;Inventoria Stock Manager;C:\Program Files (x86)\NCH Software\Inventoria\inventoria.exe [2011-10-27 1469956]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
    S3 Sage Simply Accounting Transaction Manager 2012 - CDN;Sage Simply Accounting Transaction Manager 2012 - CDN;C:\Program Files (x86)\winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe [2011-8-1 46408]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2012-09-09 08:05:06 -------- d-----w- C:\Users\Overdrive\AppData\Local\{1042F88B-FA55-11E1-8270-B8AC6F996F26}
    2012-09-09 08:04:59 403968 ----a-w- C:\Users\Overdrive\AppData\Roaming\nvpedi.dll
    2012-09-05 01:27:52 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
    2012-08-31 07:22:04 -------- d--h--w- C:\ProgramData\CanonIJEGV
    2012-08-27 01:29:13 -------- d-----w- C:\Users\Overdrive\AppData\Local\Samsung
    2012-08-27 01:29:11 -------- d-----w- C:\Users\Overdrive\AppData\Roaming\Samsung
    2012-08-27 01:21:23 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll
    2012-08-27 01:21:08 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll
    2012-08-27 01:21:08 -------- d-----w- C:\Program Files (x86)\MarkAny
    2012-08-27 01:20:30 -------- d-----w- C:\ProgramData\Samsung
    2012-08-27 01:20:30 -------- d-----w- C:\Program Files (x86)\Samsung
    2012-08-25 05:39:37 -------- d-----w- C:\Users\Overdrive\AppData\Local\Konami_Digital_Entertainm
    2012-08-25 05:37:38 -------- d-----w- C:\Program Files (x86)\Konami Digital Entertainment
    2012-08-25 02:01:13 -------- d--h--w- C:\ProgramData\CanonIJEPPEX2
    2012-08-25 02:01:13 -------- d--h--w- C:\ProgramData\CanonEPP
    2012-08-25 01:53:52 -------- d-----w- C:\ProgramData\CanonIJMSetup
    2012-08-25 01:53:02 -------- d-----w- C:\Program Files\Common Files\CANON
    2012-08-25 01:52:54 -------- d-----w- C:\ProgramData\CanonIJWSpt
    2012-08-25 01:51:16 -------- d-----w- C:\Program Files\Canon
    2012-08-25 01:50:26 87040 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPAA.DLL
    2012-08-25 01:50:26 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDAA.DLL
    2012-08-25 01:50:09 348672 ----a-w- C:\Windows\System32\CNC280L.dll
    2012-08-25 01:50:09 307200 ----a-w- C:\Windows\SysWow64\CNC280L.dll
    2012-08-25 01:50:09 1354240 ----a-w- C:\Windows\System32\CNC280C.dll
    2012-08-25 01:50:09 112128 ----a-w- C:\Windows\System32\CNC280I.dll
    2012-08-25 01:50:09 106496 ----a-w- C:\Windows\SysWow64\CNC280U.dll
    2012-08-25 01:49:45 361472 ----a-w- C:\Windows\System32\CNMLMAA.DLL
    2012-08-25 01:48:59 103424 ----a-w- C:\Windows\System32\CNC280O.dll
    2012-08-25 01:48:54 248320 ----a-w- C:\Windows\System32\CNMIUAA.DLL
    2012-08-25 01:47:29 -------- d-----w- C:\Program Files (x86)\Canon
    2012-08-24 05:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2012-08-20 05:46:00 -------- d-----w- C:\Users\Overdrive\AppData\Local\DayZCommander
    2012-08-20 05:45:22 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
    2012-08-20 03:33:52 -------- d-----w- C:\Users\Overdrive\AppData\Local\ArmA 2 OA
    2012-08-20 03:33:48 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive
    2012-08-20 03:29:07 -------- d-----w- C:\Users\Overdrive\AppData\Local\ArmA 2
    2012-08-18 17:06:07 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
    2012-08-16 12:12:15 503808 ----a-w- C:\Windows\System32\srcore.dll
    2012-08-16 12:12:15 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    2012-08-16 12:11:56 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2012-08-16 12:11:56 67072 ----a-w- C:\Windows\splwow64.exe
    2012-08-16 12:11:56 559104 ----a-w- C:\Windows\System32\spoolsv.exe
    2012-08-16 12:11:56 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2012-08-16 12:09:05 59392 ----a-w- C:\Windows\System32\browcli.dll
    2012-08-16 12:09:05 136704 ----a-w- C:\Windows\System32\browser.dll
    2012-08-16 12:09:02 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
    2012-08-16 12:08:59 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-08-16 12:08:56 956928 ----a-w- C:\Windows\System32\localspl.dll
    .
    ==================== Find3M ====================
    .
    2012-09-07 07:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-09-07 01:38:33 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-09-07 01:38:33 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-30 03:32:08 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
    2012-07-30 03:32:08 102240 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
    2012-07-25 17:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 15:14:40.46 ===============
    Attach.txt:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 28/07/2011 5:55:59 PM
    System Uptime: 12/09/2012 8:58:38 PM (19 hours ago)
    .
    Motherboard: Hewlett-Packard | | 1669
    Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz | CPU | 1306/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 451 GiB total, 325.61 GiB free.
    D: is FIXED (NTFS) - 15 GiB total, 1.859 GiB free.
    E: is CDROM (UDF)
    G: is CDROM ()
    H: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP142: 25/08/2012 3:37:07 PM - Installed Konami Tournament Software
    RP143: 27/08/2012 11:19:53 AM - Installed Samsung Kies
    RP144: 3/09/2012 6:35:44 PM - Scheduled Checkpoint
    RP145: 10/09/2012 10:03:13 PM - Scheduled Checkpoint
    .
    ==== Installed Programs ======================
    .
    .
    Update for Microsoft Office 2007 (KB2508958)
    7-Zip 9.20
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.5.1 MUI
    Adobe Shockwave Player 11.5
    Agatha Christie - Peril at End House
    ARMA 2
    ARMA 2: Operation Arrowhead
    µTorrent
    Awien Ambush
    BackgammonMasters Client
    BattlEye for OA Uninstall
    BattlEye Uninstall
    Bejeweled 2 Deluxe
    Bing Bar
    Blackhawk Striker 2
    Blasterball 3
    Bounce Symphony
    Cake Mania
    Canon Easy-PhotoPrint EX
    Canon MP Navigator EX 4.0
    Canon My Printer
    Canon Solution Menu EX
    Catalyst Control Center
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    Catalyst Control Center Profiles Mobile
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Chuzzle Deluxe
    Cisco Connect
    Copper
    CyberLink DVD Suite
    CyberLink YouCam
    D3DX10
    DAEMON Tools Lite
    DayZ Commander
    Desktop-Reminder 2
    Diablo III
    Dora's World Adventure
    Energy Star Digital Logo
    ESU for Microsoft Windows 7
    Express Accounts
    Express Invoice
    Facebook Video Calling 1.2.0.159
    Farm Frenzy
    FATE
    Final Drive Nitro
    FlameRobin 0.9.0
    Free Alarm Clock 2.5.0
    Frozen Synapse
    GnuCash 2.4.8
    Hewlett-Packard ACLM.NET v1.1.2.0
    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
    HP CloudDrive
    HP Customer Experience Enhancements
    HP Documentation
    HP Game Console
    HP Games
    HP On Screen Display
    HP Power Manager
    HP Quick Launch
    HP Setup
    HP Setup Manager
    HP Software Framework
    HP Support Assistant
    IDT Audio
    Intel(R) Control Center
    Intel(R) Display Audio Driver
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    Intel(R) Turbo Boost Technology Driver
    Invade Earth
    Inventoria Stock Manager
    Java Auto Updater
    Java(TM) 6 Update 30
    Junk Mail filter update
    Konami Tournament Software
    LabelPrint
    LightScribe System Software
    LogMeIn
    LogMeIn Hamachi
    Magic Online
    Malwarebytes Anti-Malware version 1.65.0.1400
    Mesh Runtime
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2010
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual Basic 6.0 Learning Edition
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Web Publishing Wizard 1.53
    Microsoft XNA Framework Redistributable 4.0
    Mikogo 4
    Mozilla Firefox 10.0.2 (x86 en-GB)
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MTG Studio 2.8
    MySQL Connector/ODBC 3.51
    Mystery P.I. - The London Caper
    OCTGN
    Openbravo POS
    Path of Exile
    PAYGEasy WinCashbook
    Penguins!
    PictureMover
    Plants vs. Zombies
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    PX Profile Update
    Realtek Ethernet Controller Driver
    Realtek PCIE Card Reader
    Recovery Manager
    RIFT
    Sage Simply Accounting 2012
    Samsung Kies
    Savage 2 - A Tortured Soul
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
    Shadowgrounds 1.05b
    Skype™ 5.10
    Spectromancer: Truth and Beauty
    Steam
    StencylWorks
    Task Coach 1.3.15
    Terraria
    TurboCASH4.3
    Unity Web Player
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Virtual Villagers 4 - The Tree of Life
    Visual Studio 2008 x64 Redistributables
    VLC media player 1.1.9
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Wizards Event Reporter
    World Cup Cricket 20-20
    xTuple ERP 3.7.0
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/09/2012 8:59:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hwinterface
    12/09/2012 8:58:46 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\hwinterface.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/09/2012 11:25:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Simply Accounting Database Connection Manager service to connect.
    .
    ==== End Of File ===========================
  2. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks in advance for your help :)
  3. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    Download AdwCleaner by Xplode onto your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Search.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

    Please download and run TDSSKiller to your desktop as outlined below:

    Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    For Windows XP, double-click to start.
    For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


    [​IMG]

    -------------------------

    Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    [​IMG]

    ------------------------

    Click the Start Scan button.

    [​IMG]

    -----------------------

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue


    [​IMG]

    ----------------------

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    [​IMG]


    --------------------

    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
    Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

    -------------------

    Here's a summary of what to do if you would like to print it out:

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  4. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks DMJ.

    ADWCleaner log:

    # AdwCleaner v2.001 - Logfile created 09/14/2012 at 13:59:34
    # Updated 09/09/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Overdrive - OVERDRIVEGAMING
    # Boot Mode : Normal
    # Running from : C:\Users\Overdrive\Desktop\adwcleaner.exe
    # Option [Search]

    ***** [Services] *****
    Found : vToolbarUpdater11.2.0
    ***** [Files / Folders] *****
    File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    Folder Found : C:\Program Files (x86)\AVG Secure Search
    Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Found : C:\ProgramData\AVG Secure Search
    Folder Found : C:\Users\OVERDR~1\AppData\Local\Temp\avg@toolbar
    Folder Found : C:\Users\Overdrive\AppData\Local\AVG Secure Search
    Folder Found : C:\Users\Overdrive\AppData\LocalLow\AVG Secure Search
    ***** [Registry] *****
    Key Found : HKCU\Software\AVG Secure Search
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\Software\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Key Found : HKLM\SOFTWARE\Classes\S
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKU\S-1-5-21-2660691712-78789692-3016591619-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKU\S-1-5-21-2660691712-78789692-3016591619-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    ***** [Internet Browsers] *****
    -\\ Internet Explorer v9.0.8112.16421
    [OK] Registry is clean.
    -\\ Mozilla Firefox v10.0.2 (en-GB)
    Profile name : default
    File : C:\Users\Overdrive\AppData\Roaming\Mozilla\Firefox\Profiles\raduhr3g.default\prefs.js
    Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.12");
    Found : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B7f9585cc-b51a-453a-ab70-db13c199fddc%[...]
    *************************
    AdwCleaner[R1].txt - [6576 octets] - [14/09/2012 13:59:34]
    ########## EOF - C:\AdwCleaner[R1].txt - [6636 octets] ##########
  5. Humeon

    Humeon Newcomer, in training Topic Starter

    TDSKiller log:

    14:00:36.0434 3472 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
    14:00:37.0162 3472 ============================================================
    14:00:37.0163 3472 Current date / time: 2012/09/14 14:00:37.0162
    14:00:37.0163 3472 SystemInfo:
    14:00:37.0163 3472
    14:00:37.0163 3472 OS Version: 6.1.7601 ServicePack: 1.0
    14:00:37.0163 3472 Product type: Workstation
    14:00:37.0163 3472 ComputerName: OVERDRIVEGAMING
    14:00:37.0163 3472 UserName: Overdrive
    14:00:37.0163 3472 Windows directory: C:\Windows
    14:00:37.0163 3472 System windows directory: C:\Windows
    14:00:37.0163 3472 Running under WOW64
    14:00:37.0163 3472 Processor architecture: Intel x64
    14:00:37.0163 3472 Number of processors: 4
    14:00:37.0163 3472 Page size: 0x1000
    14:00:37.0163 3472 Boot type: Normal boot
    14:00:37.0163 3472 ============================================================
    14:00:37.0639 3472 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    14:00:37.0645 3472 ============================================================
    14:00:37.0645 3472 \Device\Harddisk0\DR0:
    14:00:37.0645 3472 MBR partitions:
    14:00:37.0645 3472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
    14:00:37.0645 3472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3852E800
    14:00:37.0645 3472 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38592800, BlocksNum 0x1DBF800
    14:00:37.0645 3472 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
    14:00:37.0645 3472 ============================================================
    14:00:37.0684 3472 C: <-> \Device\Harddisk0\DR0\Partition2
    14:00:37.0740 3472 D: <-> \Device\Harddisk0\DR0\Partition3
    14:00:37.0757 3472 H: <-> \Device\Harddisk0\DR0\Partition4
    14:00:37.0757 3472 ============================================================
    14:00:37.0758 3472 Initialize success
    14:00:37.0758 3472 ============================================================
    14:00:49.0248 1756 ============================================================
    14:00:49.0248 1756 Scan started
    14:00:49.0248 1756 Mode: Manual; SigCheck; TDLFS;
    14:00:49.0248 1756 ============================================================
    14:00:51.0761 1756 ================ Scan system memory ========================
    14:00:51.0761 1756 System memory - ok
    14:00:51.0762 1756 ================ Scan services =============================
    14:00:51.0986 1756 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    14:00:52.0080 1756 1394ohci - ok
    14:00:52.0138 1756 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    14:00:52.0172 1756 ACPI - ok
    14:00:52.0212 1756 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    14:00:52.0259 1756 AcpiPmi - ok
    14:00:52.0338 1756 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    14:00:52.0373 1756 adp94xx - ok
    14:00:52.0420 1756 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    14:00:52.0439 1756 adpahci - ok
    14:00:52.0478 1756 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    14:00:52.0492 1756 adpu320 - ok
    14:00:52.0525 1756 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    14:00:52.0579 1756 AeLookupSvc - ok
    14:00:52.0671 1756 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    14:00:52.0756 1756 AFD - ok
    14:00:52.0830 1756 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    14:00:52.0850 1756 agp440 - ok
    14:00:52.0888 1756 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    14:00:52.0948 1756 ALG - ok
    14:00:52.0988 1756 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    14:00:53.0007 1756 aliide - ok
    14:00:53.0092 1756 [ 09CC3B0ACAF80A86E103B3A91CFEA376 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    14:00:53.0147 1756 AMD External Events Utility - ok
    14:00:53.0182 1756 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    14:00:53.0204 1756 amdide - ok
    14:00:53.0262 1756 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    14:00:53.0286 1756 AmdK8 - ok
    14:00:53.0468 1756 [ 4BD4284F979B8AD3AA332E625825D339 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    14:00:53.0707 1756 amdkmdag - ok
    14:00:53.0764 1756 [ FB2D66A4FADFB7818BC881C53C8328D6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    14:00:53.0785 1756 amdkmdap - ok
    14:00:53.0814 1756 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    14:00:53.0854 1756 AmdPPM - ok
    14:00:53.0908 1756 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    14:00:53.0934 1756 amdsata - ok
    14:00:53.0992 1756 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    14:00:54.0021 1756 amdsbs - ok
    14:00:54.0035 1756 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    14:00:54.0048 1756 amdxata - ok
    14:00:54.0098 1756 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    14:00:54.0180 1756 AppID - ok
    14:00:54.0217 1756 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    14:00:54.0300 1756 AppIDSvc - ok
    14:00:54.0343 1756 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    14:00:54.0416 1756 Appinfo - ok
    14:00:54.0465 1756 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
    14:00:54.0476 1756 arc - ok
    14:00:54.0501 1756 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    14:00:54.0529 1756 arcsas - ok
    14:00:54.0660 1756 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    14:00:54.0713 1756 aspnet_state - ok
    14:00:54.0745 1756 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    14:00:54.0825 1756 AsyncMac - ok
    14:00:54.0866 1756 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    14:00:54.0888 1756 atapi - ok
    14:00:54.0966 1756 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    14:00:55.0077 1756 AudioEndpointBuilder - ok
    14:00:55.0087 1756 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    14:00:55.0128 1756 AudioSrv - ok
    14:00:55.0249 1756 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
    14:00:55.0273 1756 AVG Security Toolbar Service - ok
    14:00:55.0453 1756 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    14:00:55.0603 1756 AVGIDSAgent - ok
    14:00:55.0651 1756 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    14:00:55.0676 1756 AVGIDSDriver - ok
    14:00:55.0722 1756 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
    14:00:55.0734 1756 AVGIDSFilter - ok
    14:00:55.0777 1756 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
    14:00:55.0796 1756 AVGIDSHA - ok
    14:00:55.0837 1756 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
    14:00:55.0863 1756 Avgldx64 - ok
    14:00:55.0877 1756 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
    14:00:55.0888 1756 Avgmfx64 - ok
    14:00:55.0939 1756 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
    14:00:55.0947 1756 Avgrkx64 - ok
    14:00:55.0965 1756 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
    14:00:55.0981 1756 Avgtdia - ok
    14:00:56.0021 1756 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    14:00:56.0034 1756 avgwd - ok
    14:00:56.0095 1756 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    14:00:56.0185 1756 AxInstSV - ok
    14:00:56.0233 1756 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    14:00:56.0278 1756 b06bdrv - ok
    14:00:56.0308 1756 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    14:00:56.0338 1756 b57nd60a - ok
    14:00:56.0483 1756 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
    14:00:56.0512 1756 BBSvc - ok
    14:00:56.0534 1756 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
    14:00:56.0549 1756 BBUpdate - ok
    14:00:56.0641 1756 [ 0E7A9264576B40638A3FBC804DE1FF76 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
    14:00:56.0757 1756 BCM43XX - ok
    14:00:56.0792 1756 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    14:00:56.0835 1756 BDESVC - ok
    14:00:56.0872 1756 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    14:00:56.0944 1756 Beep - ok
    14:00:57.0017 1756 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    14:00:57.0118 1756 BFE - ok
    14:00:57.0166 1756 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    14:00:57.0239 1756 BITS - ok
    14:00:57.0282 1756 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    14:00:57.0316 1756 blbdrive - ok
    14:00:57.0372 1756 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    14:00:57.0411 1756 bowser - ok
    14:00:57.0452 1756 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    14:00:57.0493 1756 BrFiltLo - ok
    14:00:57.0519 1756 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    14:00:57.0545 1756 BrFiltUp - ok
    14:00:57.0590 1756 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    14:00:57.0646 1756 Browser - ok
    14:00:57.0724 1756 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    14:00:57.0780 1756 Brserid - ok
    14:00:57.0806 1756 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    14:00:57.0843 1756 BrSerWdm - ok
    14:00:57.0874 1756 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    14:00:57.0938 1756 BrUsbMdm - ok
    14:00:57.0960 1756 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    14:00:57.0994 1756 BrUsbSer - ok
    14:00:58.0067 1756 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
    14:00:58.0100 1756 BthEnum - ok
    14:00:58.0128 1756 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    14:00:58.0167 1756 BTHMODEM - ok
    14:00:58.0203 1756 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    14:00:58.0244 1756 BthPan - ok
    14:00:58.0293 1756 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
    14:00:58.0389 1756 BTHPORT - ok
    14:00:58.0427 1756 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    14:00:58.0499 1756 bthserv - ok
    14:00:58.0530 1756 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
    14:00:58.0553 1756 BTHUSB - ok
    14:00:58.0616 1756 [ 0E78584D5FACA0509DFA97BD8B635075 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
    14:00:58.0650 1756 btwampfl - ok
    14:00:58.0673 1756 [ 409C4117E6027672EF41E68ACE1468AD ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
    14:00:58.0693 1756 btwaudio - ok
    14:00:58.0729 1756 [ 8CA7CABD13316ABACE386D9F380B4CF3 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
    14:00:58.0747 1756 btwavdt - ok
    14:00:58.0871 1756 [ 1249EDE2280F9A1564C946AFDDCD59D5 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    14:00:58.0940 1756 btwdins - ok
    14:00:59.0001 1756 [ B9354F9F111C64F2495B60F1E24CB453 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
    14:00:59.0018 1756 btwl2cap - ok
    14:00:59.0044 1756 [ 71A04F2D9DEB21B162561EB574D7D629 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
    14:00:59.0060 1756 btwrchid - ok
    14:00:59.0087 1756 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    14:00:59.0162 1756 cdfs - ok
    14:00:59.0221 1756 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    14:00:59.0264 1756 cdrom - ok
    14:00:59.0316 1756 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    14:00:59.0383 1756 CertPropSvc - ok
    14:00:59.0415 1756 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    14:00:59.0455 1756 circlass - ok
    14:00:59.0501 1756 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    14:00:59.0520 1756 CLFS - ok
    14:00:59.0582 1756 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    14:00:59.0592 1756 clr_optimization_v2.0.50727_32 - ok
    14:00:59.0630 1756 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    14:00:59.0641 1756 clr_optimization_v2.0.50727_64 - ok
    14:00:59.0746 1756 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    14:00:59.0849 1756 clr_optimization_v4.0.30319_32 - ok
    14:00:59.0873 1756 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    14:00:59.0913 1756 clr_optimization_v4.0.30319_64 - ok
    14:00:59.0960 1756 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
    14:00:59.0975 1756 clwvd - ok
    14:01:00.0010 1756 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    14:01:00.0062 1756 CmBatt - ok
    14:01:00.0092 1756 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    14:01:00.0111 1756 cmdide - ok
    14:01:00.0168 1756 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    14:01:00.0239 1756 CNG - ok
    14:01:00.0285 1756 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    14:01:00.0304 1756 Compbatt - ok
    14:01:00.0336 1756 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    14:01:00.0371 1756 CompositeBus - ok
    14:01:00.0384 1756 COMSysApp - ok
    14:01:00.0459 1756 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
    14:01:00.0471 1756 cpuz135 - ok
    14:01:00.0501 1756 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    14:01:00.0512 1756 crcdisk - ok
    14:01:00.0568 1756 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    14:01:00.0592 1756 CryptSvc - ok
    14:01:00.0639 1756 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    14:01:00.0695 1756 DcomLaunch - ok
    14:01:00.0732 1756 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    14:01:00.0772 1756 defragsvc - ok
    14:01:00.0823 1756 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    14:01:00.0890 1756 DfsC - ok
    14:01:00.0952 1756 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
    14:01:00.0964 1756 dg_ssudbus - ok
    14:01:01.0036 1756 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    14:01:01.0104 1756 Dhcp - ok
    14:01:01.0135 1756 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    14:01:01.0191 1756 discache - ok
    14:01:01.0246 1756 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    14:01:01.0258 1756 Disk - ok
    14:01:01.0295 1756 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    14:01:01.0337 1756 Dnscache - ok
    14:01:01.0385 1756 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    14:01:01.0441 1756 dot3svc - ok
    14:01:01.0488 1756 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    14:01:01.0538 1756 DPS - ok
    14:01:01.0567 1756 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    14:01:01.0597 1756 drmkaud - ok
    14:01:01.0634 1756 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
    14:01:01.0649 1756 dtsoftbus01 - ok
    14:01:01.0700 1756 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    14:01:01.0735 1756 DXGKrnl - ok
    14:01:01.0767 1756 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    14:01:01.0828 1756 EapHost - ok
    14:01:01.0943 1756 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    14:01:02.0085 1756 ebdrv - ok
    14:01:02.0126 1756 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    14:01:02.0182 1756 EFS - ok
    14:01:02.0262 1756 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    14:01:02.0328 1756 ehRecvr - ok
    14:01:02.0361 1756 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    14:01:02.0401 1756 ehSched - ok
    14:01:02.0440 1756 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    14:01:02.0460 1756 elxstor - ok
    14:01:02.0492 1756 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    14:01:02.0519 1756 ErrDev - ok
    14:01:02.0562 1756 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    14:01:02.0622 1756 EventSystem - ok
    14:01:02.0678 1756 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    14:01:02.0743 1756 exfat - ok
    14:01:02.0910 1756 [ F5C0F7325A70312B289665E29AF90DF4 ] ExpressAccountsService C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe
    14:01:03.0165 1756 ExpressAccountsService ( UnsignedFile.Multi.Generic ) - warning
    14:01:03.0165 1756 ExpressAccountsService - detected UnsignedFile.Multi.Generic (1)
    14:01:03.0278 1756 [ A5F3582E4BBCC1245F9DEA855E7F0729 ] ExpressInvoiceService C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe
    14:01:03.0472 1756 ExpressInvoiceService ( UnsignedFile.Multi.Generic ) - warning
    14:01:03.0472 1756 ExpressInvoiceService - detected UnsignedFile.Multi.Generic (1)
    14:01:03.0498 1756 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    14:01:03.0578 1756 fastfat - ok
    14:01:03.0635 1756 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    14:01:03.0699 1756 Fax - ok
    14:01:03.0719 1756 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    14:01:03.0752 1756 fdc - ok
    14:01:03.0772 1756 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    14:01:03.0816 1756 fdPHost - ok
    14:01:03.0839 1756 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    14:01:03.0885 1756 FDResPub - ok
    14:01:03.0935 1756 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    14:01:03.0958 1756 FileInfo - ok
    14:01:03.0994 1756 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    14:01:04.0079 1756 Filetrace - ok
    14:01:04.0101 1756 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    14:01:04.0114 1756 flpydisk - ok
    14:01:04.0156 1756 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    14:01:04.0173 1756 FltMgr - ok
    14:01:04.0223 1756 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    14:01:04.0296 1756 FontCache - ok
    14:01:04.0362 1756 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    14:01:04.0380 1756 FontCache3.0.0.0 - ok
    14:01:04.0398 1756 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    14:01:04.0420 1756 FsDepends - ok
    14:01:04.0461 1756 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    14:01:04.0484 1756 Fs_Rec - ok
    14:01:04.0538 1756 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    14:01:04.0557 1756 fvevol - ok
    14:01:04.0611 1756 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    14:01:04.0626 1756 gagp30kx - ok
    14:01:04.0684 1756 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    14:01:04.0707 1756 GameConsoleService - ok
    14:01:04.0757 1756 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    14:01:04.0833 1756 gpsvc - ok
    14:01:04.0864 1756 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
    14:01:04.0873 1756 hamachi - ok
    14:01:05.0014 1756 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    14:01:05.0094 1756 Hamachi2Svc - ok
    14:01:05.0118 1756 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    14:01:05.0164 1756 hcw85cir - ok
    14:01:05.0208 1756 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    14:01:05.0261 1756 HdAudAddService - ok
    14:01:05.0300 1756 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    14:01:05.0346 1756 HDAudBus - ok
    14:01:05.0374 1756 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    14:01:05.0391 1756 HECIx64 - ok
    14:01:05.0416 1756 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    14:01:05.0453 1756 HidBatt - ok
    14:01:05.0472 1756 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    14:01:05.0500 1756 HidBth - ok
    14:01:05.0539 1756 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    14:01:05.0572 1756 HidIr - ok
    14:01:05.0594 1756 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    14:01:05.0641 1756 hidserv - ok
    14:01:05.0691 1756 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    14:01:05.0705 1756 HidUsb - ok
    14:01:05.0743 1756 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    14:01:05.0817 1756 hkmsvc - ok
    14:01:05.0854 1756 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    14:01:05.0907 1756 HomeGroupListener - ok
    14:01:05.0942 1756 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    14:01:05.0972 1756 HomeGroupProvider - ok
    14:01:06.0091 1756 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    14:01:06.0108 1756 HP Support Assistant Service - ok
    14:01:06.0209 1756 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    14:01:06.0218 1756 HP Wireless Assistant Service - ok
    14:01:06.0270 1756 [ DA075126F867727810EE9B98B3041C4C ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    14:01:06.0292 1756 HPAuto - ok
    14:01:06.0326 1756 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    14:01:06.0339 1756 HPClientSvc - ok
    14:01:06.0433 1756 [ 5298E3B4844328A11C9EB6C001CF0529 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    14:01:06.0460 1756 hpqwmiex - ok
    14:01:06.0510 1756 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    14:01:06.0522 1756 HpSAMD - ok
    14:01:06.0601 1756 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    14:01:06.0611 1756 HPWMISVC - ok
    14:01:06.0662 1756 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    14:01:06.0748 1756 HTTP - ok
    14:01:06.0781 1756 hwinterface - ok
    14:01:06.0820 1756 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    14:01:06.0841 1756 hwpolicy - ok
    14:01:06.0897 1756 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    14:01:06.0913 1756 i8042prt - ok
    14:01:06.0971 1756 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
    14:01:07.0008 1756 iaStor - ok
    14:01:07.0100 1756 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    14:01:07.0116 1756 IAStorDataMgrSvc - ok
    14:01:07.0183 1756 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    14:01:07.0219 1756 iaStorV - ok
    14:01:07.0326 1756 [ D3090576412EC63E0C6271D8B0974D73 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    14:01:07.0429 1756 IconMan_R - ok
    14:01:07.0485 1756 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    14:01:07.0544 1756 idsvc - ok
    14:01:07.0802 1756 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    14:01:08.0142 1756 igfx - ok
    14:01:08.0185 1756 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    14:01:08.0209 1756 iirsp - ok
    14:01:08.0256 1756 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    14:01:08.0343 1756 IKEEXT - ok
    14:01:08.0374 1756 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
    14:01:08.0404 1756 Impcd - ok
    14:01:08.0453 1756 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    14:01:08.0495 1756 IntcDAud - ok
    14:01:08.0527 1756 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    14:01:08.0547 1756 intelide - ok
    14:01:08.0806 1756 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
    14:01:09.0112 1756 intelkmd - ok
    14:01:09.0164 1756 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    14:01:09.0197 1756 intelppm - ok
    14:01:09.0291 1756 [ 806412BB58564D6882ECA0CEFB2CB8A5 ] InventoriaService C:\Program Files (x86)\NCH Software\Inventoria\inventoria.exe
    14:01:09.0398 1756 InventoriaService ( UnsignedFile.Multi.Generic ) - warning
    14:01:09.0399 1756 InventoriaService - detected UnsignedFile.Multi.Generic (1)
    14:01:09.0439 1756 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    14:01:09.0489 1756 IPBusEnum - ok
    14:01:09.0526 1756 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    14:01:09.0584 1756 IpFilterDriver - ok
    14:01:09.0659 1756 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    14:01:09.0755 1756 iphlpsvc - ok
    14:01:09.0796 1756 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    14:01:09.0828 1756 IPMIDRV - ok
    14:01:09.0871 1756 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    14:01:09.0927 1756 IPNAT - ok
    14:01:09.0954 1756 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    14:01:09.0985 1756 IRENUM - ok
    14:01:10.0032 1756 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    14:01:10.0043 1756 isapnp - ok
    14:01:10.0085 1756 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    14:01:10.0101 1756 iScsiPrt - ok
    14:01:10.0134 1756 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    14:01:10.0146 1756 kbdclass - ok
    14:01:10.0181 1756 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    14:01:10.0195 1756 kbdhid - ok
    14:01:10.0209 1756 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    14:01:10.0220 1756 KeyIso - ok
    14:01:10.0260 1756 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    14:01:10.0284 1756 KSecDD - ok
    14:01:10.0328 1756 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    14:01:10.0346 1756 KSecPkg - ok
    14:01:10.0366 1756 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    14:01:10.0426 1756 ksthunk - ok
    14:01:10.0452 1756 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    14:01:10.0522 1756 KtmRm - ok
    14:01:10.0588 1756 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    14:01:10.0639 1756 LanmanServer - ok
    14:01:10.0683 1756 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    14:01:10.0751 1756 LanmanWorkstation - ok
    14:01:10.0818 1756 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    14:01:10.0858 1756 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
    14:01:10.0859 1756 LightScribeService - detected UnsignedFile.Multi.Generic (1)
    14:01:10.0884 1756 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    14:01:10.0931 1756 lltdio - ok
    14:01:10.0968 1756 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    14:01:11.0047 1756 lltdsvc - ok
    14:01:11.0072 1756 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    14:01:11.0109 1756 lmhosts - ok
    14:01:11.0191 1756 [ DCC0C4BD277E7EE0CD171D7499A55035 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
    14:01:11.0219 1756 LMIGuardianSvc - ok
    14:01:11.0232 1756 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
    14:01:11.0247 1756 LMIInfo - ok
    14:01:11.0266 1756 [ 31CC13EFA3568BFA60F9302E643E3F94 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
    14:01:11.0284 1756 LMIMaint - ok
    14:01:11.0313 1756 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
    14:01:11.0336 1756 lmimirr - ok
    14:01:11.0373 1756 LMIRfsClientNP - ok
    14:01:11.0408 1756 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
    14:01:11.0424 1756 LMIRfsDriver - ok
    14:01:11.0493 1756 [ 0405F4BCD1C7A7B309F620FE0B5DE5E6 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    14:01:11.0517 1756 LMS - ok
    14:01:11.0551 1756 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
    14:01:11.0572 1756 LogMeIn - ok
    14:01:11.0612 1756 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    14:01:11.0626 1756 LSI_FC - ok
    14:01:11.0655 1756 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    14:01:11.0668 1756 LSI_SAS - ok
    14:01:11.0690 1756 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    14:01:11.0703 1756 LSI_SAS2 - ok
    14:01:11.0713 1756 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    14:01:11.0727 1756 LSI_SCSI - ok
    14:01:11.0747 1756 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    14:01:11.0803 1756 luafv - ok
    14:01:11.0988 1756 [ 2D46DC95709F2967D401326CA67D4111 ] M4-Service C:\Users\Overdrive\AppData\Roaming\Mikogo 4\M4-Service.exe
    14:01:12.0053 1756 M4-Service - ok
    14:01:12.0083 1756 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    14:01:12.0117 1756 Mcx2Svc - ok
    14:01:12.0154 1756 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    14:01:12.0168 1756 megasas - ok
    14:01:12.0208 1756 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    14:01:12.0238 1756 MegaSR - ok
    14:01:12.0268 1756 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    14:01:12.0317 1756 MMCSS - ok
    14:01:12.0353 1756 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    14:01:12.0409 1756 Modem - ok
    14:01:12.0441 1756 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    14:01:12.0473 1756 monitor - ok
    14:01:12.0503 1756 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    14:01:12.0513 1756 mouclass - ok
    14:01:12.0546 1756 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    14:01:12.0588 1756 mouhid - ok
    14:01:12.0621 1756 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    14:01:12.0639 1756 mountmgr - ok
    14:01:12.0674 1756 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    14:01:12.0691 1756 mpio - ok
    14:01:12.0713 1756 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    14:01:12.0750 1756 mpsdrv - ok
    14:01:12.0808 1756 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    14:01:12.0884 1756 MpsSvc - ok
    14:01:12.0927 1756 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    14:01:12.0983 1756 MRxDAV - ok
    14:01:13.0039 1756 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    14:01:13.0074 1756 mrxsmb - ok
    14:01:13.0093 1756 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    14:01:13.0127 1756 mrxsmb10 - ok
    14:01:13.0158 1756 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    14:01:13.0182 1756 mrxsmb20 - ok
    14:01:13.0214 1756 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    14:01:13.0228 1756 msahci - ok
    14:01:13.0246 1756 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    14:01:13.0267 1756 msdsm - ok
    14:01:13.0295 1756 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    14:01:13.0331 1756 MSDTC - ok
    14:01:13.0364 1756 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    14:01:13.0399 1756 Msfs - ok
    14:01:13.0419 1756 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    14:01:13.0454 1756 mshidkmdf - ok
    14:01:13.0494 1756 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    14:01:13.0516 1756 msisadrv - ok
    14:01:13.0548 1756 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    14:01:13.0622 1756 MSiSCSI - ok
    14:01:13.0626 1756 msiserver - ok
    14:01:13.0659 1756 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    14:01:13.0726 1756 MSKSSRV - ok
    14:01:13.0760 1756 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    14:01:13.0807 1756 MSPCLOCK - ok
    14:01:13.0826 1756 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    14:01:13.0868 1756 MSPQM - ok
    14:01:13.0906 1756 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    14:01:13.0924 1756 MsRPC - ok
    14:01:13.0957 1756 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    14:01:13.0967 1756 mssmbios - ok
    14:01:13.0977 1756 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    14:01:14.0020 1756 MSTEE - ok
    14:01:14.0031 1756 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    14:01:14.0060 1756 MTConfig - ok
    14:01:14.0079 1756 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    14:01:14.0091 1756 Mup - ok
    14:01:14.0140 1756 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    14:01:14.0200 1756 napagent - ok
    14:01:14.0238 1756 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    14:01:14.0269 1756 NativeWifiP - ok
    14:01:14.0324 1756 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    14:01:14.0401 1756 NDIS - ok
    14:01:14.0426 1756 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    14:01:14.0461 1756 NdisCap - ok
    14:01:14.0495 1756 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    14:01:14.0565 1756 NdisTapi - ok
    14:01:14.0601 1756 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    14:01:14.0674 1756 Ndisuio - ok
    14:01:14.0721 1756 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    14:01:14.0798 1756 NdisWan - ok
    14:01:14.0833 1756 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    14:01:14.0877 1756 NDProxy - ok
    14:01:14.0910 1756 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    14:01:14.0966 1756 NetBIOS - ok
    14:01:15.0014 1756 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    14:01:15.0056 1756 NetBT - ok
    14:01:15.0069 1756 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    14:01:15.0080 1756 Netlogon - ok
    14:01:15.0122 1756 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    14:01:15.0211 1756 Netman - ok
    14:01:15.0261 1756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:01:15.0283 1756 NetMsmqActivator - ok
    14:01:15.0305 1756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:01:15.0323 1756 NetPipeActivator - ok
    14:01:15.0350 1756 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    14:01:15.0415 1756 netprofm - ok
    14:01:15.0432 1756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:01:15.0444 1756 NetTcpActivator - ok
    14:01:15.0450 1756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:01:15.0459 1756 NetTcpPortSharing - ok
    14:01:15.0593 1756 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
    14:01:15.0753 1756 netw5v64 - ok
    14:01:15.0788 1756 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    14:01:15.0802 1756 nfrd960 - ok
    14:01:15.0860 1756 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    14:01:15.0917 1756 NlaSvc - ok
    14:01:15.0940 1756 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    14:01:15.0975 1756 Npfs - ok
    14:01:15.0992 1756 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    14:01:16.0046 1756 nsi - ok
    14:01:16.0059 1756 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    14:01:16.0107 1756 nsiproxy - ok
    14:01:16.0181 1756 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    14:01:16.0249 1756 Ntfs - ok
    14:01:16.0265 1756 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    14:01:16.0308 1756 Null - ok
    14:01:16.0339 1756 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    14:01:16.0354 1756 nvraid - ok
    14:01:16.0393 1756 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    14:01:16.0409 1756 nvstor - ok
    14:01:16.0467 1756 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    14:01:16.0492 1756 nv_agp - ok
    14:01:16.0597 1756 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    14:01:16.0616 1756 odserv - ok
    14:01:16.0650 1756 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    14:01:16.0664 1756 ohci1394 - ok
    14:01:16.0684 1756 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    14:01:16.0698 1756 ose - ok
    14:01:16.0723 1756 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    14:01:16.0764 1756 p2pimsvc - ok
    14:01:16.0783 1756 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    14:01:16.0805 1756 p2psvc - ok
  6. Humeon

    Humeon Newcomer, in training Topic Starter

    14:01:16.0822 1756 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    14:01:16.0837 1756 Parport - ok
    14:01:16.0873 1756 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    14:01:16.0887 1756 partmgr - ok
    14:01:16.0900 1756 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    14:01:16.0936 1756 PcaSvc - ok
    14:01:16.0960 1756 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    14:01:16.0974 1756 pci - ok
    14:01:17.0011 1756 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    14:01:17.0023 1756 pciide - ok
    14:01:17.0052 1756 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    14:01:17.0069 1756 pcmcia - ok
    14:01:17.0089 1756 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    14:01:17.0103 1756 pcw - ok
    14:01:17.0138 1756 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    14:01:17.0206 1756 PEAUTH - ok
    14:01:17.0294 1756 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    14:01:17.0328 1756 PerfHost - ok
    14:01:17.0407 1756 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    14:01:17.0505 1756 pla - ok
    14:01:17.0566 1756 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    14:01:17.0629 1756 PlugPlay - ok
    14:01:17.0649 1756 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    14:01:17.0682 1756 PNRPAutoReg - ok
    14:01:17.0712 1756 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    14:01:17.0728 1756 PNRPsvc - ok
    14:01:17.0783 1756 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    14:01:17.0851 1756 PolicyAgent - ok
    14:01:17.0883 1756 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    14:01:17.0935 1756 Power - ok
    14:01:17.0980 1756 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    14:01:18.0063 1756 PptpMiniport - ok
    14:01:18.0091 1756 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    14:01:18.0119 1756 Processor - ok
    14:01:18.0183 1756 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    14:01:18.0237 1756 ProfSvc - ok
    14:01:18.0247 1756 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    14:01:18.0268 1756 ProtectedStorage - ok
    14:01:18.0318 1756 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    14:01:18.0373 1756 Psched - ok
    14:01:18.0431 1756 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    14:01:18.0513 1756 ql2300 - ok
    14:01:18.0537 1756 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    14:01:18.0551 1756 ql40xx - ok
    14:01:18.0574 1756 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    14:01:18.0609 1756 QWAVE - ok
    14:01:18.0642 1756 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    14:01:18.0684 1756 QWAVEdrv - ok
    14:01:18.0703 1756 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    14:01:18.0781 1756 RasAcd - ok
    14:01:18.0820 1756 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    14:01:18.0864 1756 RasAgileVpn - ok
    14:01:18.0893 1756 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    14:01:18.0943 1756 RasAuto - ok
    14:01:18.0976 1756 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    14:01:19.0025 1756 Rasl2tp - ok
    14:01:19.0074 1756 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    14:01:19.0129 1756 RasMan - ok
    14:01:19.0167 1756 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    14:01:19.0244 1756 RasPppoe - ok
    14:01:19.0275 1756 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    14:01:19.0342 1756 RasSstp - ok
    14:01:19.0389 1756 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    14:01:19.0469 1756 rdbss - ok
    14:01:19.0484 1756 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    14:01:19.0500 1756 rdpbus - ok
    14:01:19.0521 1756 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    14:01:19.0564 1756 RDPCDD - ok
    14:01:19.0585 1756 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    14:01:19.0641 1756 RDPENCDD - ok
    14:01:19.0659 1756 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    14:01:19.0691 1756 RDPREFMP - ok
    14:01:19.0732 1756 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    14:01:19.0786 1756 RDPWD - ok
    14:01:19.0833 1756 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    14:01:19.0858 1756 rdyboost - ok
    14:01:19.0883 1756 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    14:01:19.0962 1756 RemoteAccess - ok
    14:01:19.0994 1756 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    14:01:20.0058 1756 RemoteRegistry - ok
    14:01:20.0099 1756 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    14:01:20.0134 1756 RFCOMM - ok
    14:01:20.0148 1756 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    14:01:20.0200 1756 RpcEptMapper - ok
    14:01:20.0225 1756 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    14:01:20.0263 1756 RpcLocator - ok
    14:01:20.0307 1756 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    14:01:20.0368 1756 RpcSs - ok
    14:01:20.0422 1756 [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
    14:01:20.0443 1756 RSPCIESTOR - ok
    14:01:20.0487 1756 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    14:01:20.0536 1756 rspndr - ok
    14:01:20.0597 1756 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    14:01:20.0619 1756 RTL8167 - ok
    14:01:20.0724 1756 [ D372A27D66B9762867368021278E0D4D ] Sage Simply Accounting Transaction Manager 2012 - CDN C:\Program Files (x86)\Winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe
    14:01:20.0743 1756 Sage Simply Accounting Transaction Manager 2012 - CDN - ok
    14:01:20.0758 1756 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    14:01:20.0773 1756 SamSs - ok
    14:01:20.0803 1756 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    14:01:20.0860 1756 sbp2port - ok
    14:01:20.0888 1756 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    14:01:20.0938 1756 SCardSvr - ok
    14:01:20.0974 1756 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    14:01:21.0029 1756 scfilter - ok
    14:01:21.0099 1756 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    14:01:21.0238 1756 Schedule - ok
    14:01:21.0271 1756 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    14:01:21.0318 1756 SCPolicySvc - ok
    14:01:21.0358 1756 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
    14:01:21.0391 1756 sdbus - ok
    14:01:21.0429 1756 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    14:01:21.0474 1756 SDRSVC - ok
    14:01:21.0515 1756 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    14:01:21.0580 1756 secdrv - ok
    14:01:21.0625 1756 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    14:01:21.0696 1756 seclogon - ok
    14:01:21.0734 1756 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    14:01:21.0774 1756 SENS - ok
    14:01:21.0794 1756 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    14:01:21.0832 1756 SensrSvc - ok
    14:01:21.0860 1756 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    14:01:21.0888 1756 Serenum - ok
    14:01:21.0908 1756 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    14:01:21.0923 1756 Serial - ok
    14:01:21.0977 1756 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    14:01:22.0011 1756 sermouse - ok
    14:01:22.0055 1756 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    14:01:22.0118 1756 SessionEnv - ok
    14:01:22.0155 1756 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    14:01:22.0198 1756 sffdisk - ok
    14:01:22.0204 1756 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    14:01:22.0237 1756 sffp_mmc - ok
    14:01:22.0242 1756 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    14:01:22.0267 1756 sffp_sd - ok
    14:01:22.0293 1756 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    14:01:22.0334 1756 sfloppy - ok
    14:01:22.0383 1756 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    14:01:22.0453 1756 SharedAccess - ok
    14:01:22.0498 1756 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    14:01:22.0550 1756 ShellHWDetection - ok
    14:01:22.0598 1756 [ 9E30338A1FB4ADF36D7CD76700F40094 ] Simply Accounting Database Connection Manager C:\Program Files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe
    14:01:22.0607 1756 Simply Accounting Database Connection Manager - ok
    14:01:22.0646 1756 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    14:01:22.0669 1756 SiSRaid2 - ok
    14:01:22.0683 1756 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    14:01:22.0698 1756 SiSRaid4 - ok
    14:01:22.0768 1756 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    14:01:22.0789 1756 SkypeUpdate - ok
    14:01:22.0827 1756 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    14:01:22.0891 1756 Smb - ok
    14:01:22.0936 1756 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    14:01:22.0975 1756 SNMPTRAP - ok
    14:01:22.0996 1756 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    14:01:23.0010 1756 spldr - ok
    14:01:23.0068 1756 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    14:01:23.0108 1756 Spooler - ok
    14:01:23.0209 1756 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    14:01:23.0483 1756 sppsvc - ok
    14:01:23.0516 1756 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    14:01:23.0560 1756 sppuinotify - ok
    14:01:23.0600 1756 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    14:01:23.0628 1756 srv - ok
    14:01:23.0668 1756 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    14:01:23.0701 1756 srv2 - ok
    14:01:23.0735 1756 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    14:01:23.0751 1756 SrvHsfHDA - ok
    14:01:23.0795 1756 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    14:01:23.0877 1756 SrvHsfV92 - ok
    14:01:23.0910 1756 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    14:01:23.0934 1756 SrvHsfWinac - ok
    14:01:23.0970 1756 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    14:01:23.0995 1756 srvnet - ok
    14:01:24.0037 1756 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    14:01:24.0102 1756 SSDPSRV - ok
    14:01:24.0126 1756 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    14:01:24.0171 1756 SstpSvc - ok
    14:01:24.0222 1756 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
    14:01:24.0245 1756 ssudmdm - ok
    14:01:24.0369 1756 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
    14:01:24.0402 1756 STacSV - ok
    14:01:24.0442 1756 Steam Client Service - ok
    14:01:24.0478 1756 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    14:01:24.0499 1756 stexstor - ok
    14:01:24.0547 1756 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
    14:01:24.0587 1756 STHDA - ok
    14:01:24.0633 1756 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    14:01:24.0678 1756 stisvc - ok
    14:01:24.0720 1756 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    14:01:24.0741 1756 swenum - ok
    14:01:24.0774 1756 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    14:01:24.0870 1756 swprv - ok
    14:01:24.0923 1756 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
    14:01:24.0939 1756 SynTP - ok
    14:01:25.0014 1756 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    14:01:25.0082 1756 SysMain - ok
    14:01:25.0121 1756 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    14:01:25.0154 1756 TabletInputService - ok
    14:01:25.0197 1756 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    14:01:25.0269 1756 TapiSrv - ok
    14:01:25.0305 1756 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    14:01:25.0346 1756 TBS - ok
    14:01:25.0434 1756 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    14:01:25.0522 1756 Tcpip - ok
    14:01:25.0559 1756 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    14:01:25.0608 1756 TCPIP6 - ok
    14:01:25.0654 1756 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    14:01:25.0705 1756 tcpipreg - ok
    14:01:25.0737 1756 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    14:01:25.0774 1756 TDPIPE - ok
    14:01:25.0810 1756 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    14:01:25.0841 1756 TDTCP - ok
    14:01:25.0869 1756 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    14:01:25.0905 1756 tdx - ok
    14:01:25.0951 1756 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    14:01:25.0975 1756 TermDD - ok
    14:01:26.0042 1756 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    14:01:26.0126 1756 TermService - ok
    14:01:26.0161 1756 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    14:01:26.0202 1756 Themes - ok
    14:01:26.0223 1756 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    14:01:26.0263 1756 THREADORDER - ok
    14:01:26.0271 1756 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    14:01:26.0308 1756 TrkWks - ok
    14:01:26.0371 1756 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    14:01:26.0433 1756 TrustedInstaller - ok
    14:01:26.0472 1756 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    14:01:26.0526 1756 tssecsrv - ok
    14:01:26.0578 1756 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    14:01:26.0623 1756 TsUsbFlt - ok
    14:01:26.0671 1756 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    14:01:26.0733 1756 tunnel - ok
    14:01:26.0759 1756 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    14:01:26.0770 1756 uagp35 - ok
    14:01:26.0823 1756 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    14:01:26.0880 1756 udfs - ok
    14:01:26.0915 1756 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    14:01:26.0931 1756 UI0Detect - ok
    14:01:26.0958 1756 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    14:01:26.0973 1756 uliagpkx - ok
    14:01:27.0007 1756 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
    14:01:27.0035 1756 umbus - ok
    14:01:27.0060 1756 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    14:01:27.0084 1756 UmPass - ok
    14:01:27.0205 1756 [ 6F895CA96552069B3D3EF5B4F6E90D3E ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    14:01:27.0308 1756 UNS - ok
    14:01:27.0347 1756 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    14:01:27.0400 1756 upnphost - ok
    14:01:27.0447 1756 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    14:01:27.0473 1756 usbccgp - ok
    14:01:27.0520 1756 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    14:01:27.0540 1756 usbcir - ok
    14:01:27.0582 1756 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
    14:01:27.0607 1756 usbehci - ok
    14:01:27.0635 1756 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    14:01:27.0672 1756 usbhub - ok
    14:01:27.0711 1756 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    14:01:27.0750 1756 usbohci - ok
    14:01:27.0779 1756 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    14:01:27.0822 1756 usbprint - ok
    14:01:27.0859 1756 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    14:01:27.0887 1756 usbscan - ok
    14:01:27.0927 1756 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    14:01:28.0003 1756 USBSTOR - ok
    14:01:28.0041 1756 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    14:01:28.0078 1756 usbuhci - ok
    14:01:28.0121 1756 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    14:01:28.0146 1756 usbvideo - ok
    14:01:28.0169 1756 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    14:01:28.0225 1756 UxSms - ok
    14:01:28.0246 1756 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    14:01:28.0257 1756 VaultSvc - ok
    14:01:28.0307 1756 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    14:01:28.0330 1756 vdrvroot - ok
    14:01:28.0403 1756 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    14:01:28.0476 1756 vds - ok
    14:01:28.0506 1756 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    14:01:28.0521 1756 vga - ok
    14:01:28.0539 1756 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    14:01:28.0599 1756 VgaSave - ok
    14:01:28.0642 1756 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    14:01:28.0671 1756 vhdmp - ok
    14:01:28.0705 1756 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    14:01:28.0728 1756 viaide - ok
    14:01:28.0745 1756 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    14:01:28.0761 1756 volmgr - ok
    14:01:28.0812 1756 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    14:01:28.0830 1756 volmgrx - ok
    14:01:28.0859 1756 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    14:01:28.0876 1756 volsnap - ok
    14:01:28.0919 1756 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    14:01:28.0945 1756 vsmraid - ok
    14:01:29.0016 1756 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    14:01:29.0127 1756 VSS - ok
    14:01:29.0282 1756 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
    14:01:29.0312 1756 vToolbarUpdater11.2.0 - ok
    14:01:29.0338 1756 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    14:01:29.0372 1756 vwifibus - ok
    14:01:29.0409 1756 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    14:01:29.0465 1756 vwififlt - ok
    14:01:29.0490 1756 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    14:01:29.0536 1756 vwifimp - ok
    14:01:29.0574 1756 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    14:01:29.0635 1756 W32Time - ok
    14:01:29.0665 1756 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    14:01:29.0687 1756 WacomPen - ok
    14:01:29.0741 1756 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    14:01:29.0821 1756 WANARP - ok
    14:01:29.0834 1756 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    14:01:29.0884 1756 Wanarpv6 - ok
    14:01:29.0954 1756 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    14:01:30.0033 1756 WatAdminSvc - ok
    14:01:30.0102 1756 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    14:01:30.0190 1756 wbengine - ok
    14:01:30.0217 1756 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    14:01:30.0242 1756 WbioSrvc - ok
    14:01:30.0278 1756 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    14:01:30.0304 1756 wcncsvc - ok
    14:01:30.0317 1756 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    14:01:30.0351 1756 WcsPlugInService - ok
    14:01:30.0381 1756 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    14:01:30.0403 1756 Wd - ok
    14:01:30.0436 1756 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    14:01:30.0479 1756 Wdf01000 - ok
    14:01:30.0490 1756 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    14:01:30.0575 1756 WdiServiceHost - ok
    14:01:30.0578 1756 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    14:01:30.0595 1756 WdiSystemHost - ok
    14:01:30.0645 1756 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    14:01:30.0694 1756 WebClient - ok
    14:01:30.0716 1756 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    14:01:30.0785 1756 Wecsvc - ok
    14:01:30.0797 1756 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    14:01:30.0849 1756 wercplsupport - ok
    14:01:30.0879 1756 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    14:01:30.0934 1756 WerSvc - ok
    14:01:30.0959 1756 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    14:01:30.0995 1756 WfpLwf - ok
    14:01:31.0014 1756 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    14:01:31.0026 1756 WIMMount - ok
    14:01:31.0045 1756 WinDefend - ok
    14:01:31.0063 1756 WinHttpAutoProxySvc - ok
    14:01:31.0122 1756 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    14:01:31.0180 1756 Winmgmt - ok
    14:01:31.0261 1756 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    14:01:31.0374 1756 WinRM - ok
    14:01:31.0434 1756 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    14:01:31.0469 1756 WinUsb - ok
    14:01:31.0508 1756 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    14:01:31.0565 1756 Wlansvc - ok
    14:01:31.0616 1756 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    14:01:31.0690 1756 wlcrasvc - ok
    14:01:31.0884 1756 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    14:01:31.0959 1756 wlidsvc - ok
    14:01:31.0991 1756 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    14:01:32.0017 1756 WmiAcpi - ok
    14:01:32.0042 1756 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    14:01:32.0070 1756 wmiApSrv - ok
    14:01:32.0099 1756 WMPNetworkSvc - ok
    14:01:32.0132 1756 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    14:01:32.0154 1756 WPCSvc - ok
    14:01:32.0184 1756 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    14:01:32.0201 1756 WPDBusEnum - ok
    14:01:32.0232 1756 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    14:01:32.0286 1756 ws2ifsl - ok
    14:01:32.0302 1756 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    14:01:32.0338 1756 wscsvc - ok
    14:01:32.0342 1756 WSearch - ok
    14:01:32.0450 1756 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    14:01:32.0538 1756 wuauserv - ok
    14:01:32.0554 1756 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    14:01:32.0615 1756 WudfPf - ok
    14:01:32.0677 1756 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    14:01:32.0721 1756 WUDFRd - ok
    14:01:32.0761 1756 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    14:01:32.0798 1756 wudfsvc - ok
    14:01:32.0827 1756 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    14:01:32.0859 1756 WwanSvc - ok
    14:01:32.0976 1756 xTuplePostgreSQL - ok
    14:01:33.0028 1756 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
    14:01:33.0068 1756 yukonw7 - ok
    14:01:33.0112 1756 ================ Scan global ===============================
    14:01:33.0131 1756 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    14:01:33.0172 1756 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    14:01:33.0184 1756 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    14:01:33.0217 1756 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    14:01:33.0246 1756 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    14:01:33.0251 1756 [Global] - ok
    14:01:33.0252 1756 ================ Scan MBR ==================================
    14:01:33.0260 1756 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    14:01:33.0758 1756 \Device\Harddisk0\DR0 - ok
    14:01:33.0760 1756 ================ Scan VBR ==================================
    14:01:33.0763 1756 [ 3C9ECD721A86EA7BD17102A0152A7A33 ] \Device\Harddisk0\DR0\Partition1
    14:01:33.0765 1756 \Device\Harddisk0\DR0\Partition1 - ok
    14:01:33.0797 1756 [ 1A6407A0B14E68E8E6571E597CFBF13B ] \Device\Harddisk0\DR0\Partition2
    14:01:33.0800 1756 \Device\Harddisk0\DR0\Partition2 - ok
    14:01:33.0835 1756 [ E8ABA23D58821FBF6765378CB7F8C5E0 ] \Device\Harddisk0\DR0\Partition3
    14:01:33.0837 1756 \Device\Harddisk0\DR0\Partition3 - ok
    14:01:33.0856 1756 [ 0287F9062D0E2F1968081584556BE705 ] \Device\Harddisk0\DR0\Partition4
    14:01:33.0857 1756 \Device\Harddisk0\DR0\Partition4 - ok
    14:01:33.0857 1756 ============================================================
    14:01:33.0857 1756 Scan finished
    14:01:33.0857 1756 ============================================================
    14:01:33.0872 0752 Detected object count: 4
    14:01:33.0872 0752 Actual detected object count: 4
    14:01:39.0353 0752 ExpressAccountsService ( UnsignedFile.Multi.Generic ) - skipped by user
    14:01:39.0353 0752 ExpressAccountsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:01:39.0355 0752 ExpressInvoiceService ( UnsignedFile.Multi.Generic ) - skipped by user
    14:01:39.0355 0752 ExpressInvoiceService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:01:39.0357 0752 InventoriaService ( UnsignedFile.Multi.Generic ) - skipped by user
    14:01:39.0357 0752 InventoriaService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:01:39.0359 0752 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
    14:01:39.0360 0752 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
  7. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    You're welcome. Let's continue our systematic approach here...

    AdwCleaner Fix
    • Please close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with OK.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
    Please post the log.

    avast! aswMBR

    Please download aswMBR from here

    • Save aswMBR.exe to your Desktop
    • Double click aswMBR.exe to run it
    • Click the Scan button to start the scan as illustrated below

    [​IMG]

    Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

    • Once the scan finishes click Save log to save the log to your Desktop
      [​IMG]
    • Copy and paste the contents of aswMBR.txt back here for review
  8. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks again DMJ.

    Adwcleaner log:

    # AdwCleaner v2.001 - Logfile created 09/17/2012 at 15:35:55
    # Updated 09/09/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Overdrive - OVERDRIVEGAMING
    # Boot Mode : Normal
    # Running from : C:\Users\Overdrive\Desktop\adwcleaner.exe
    # Option [Delete]

    ***** [Services] *****
    Stopped & Deleted : vToolbarUpdater11.2.0
    ***** [Files / Folders] *****
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    Folder Deleted : C:\Program Files (x86)\AVG Secure Search
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\Users\OVERDR~1\AppData\Local\Temp\avg@toolbar
    Folder Deleted : C:\Users\Overdrive\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\Overdrive\AppData\LocalLow\AVG Secure Search
    ***** [Registry] *****
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    ***** [Internet Browsers] *****
    -\\ Internet Explorer v9.0.8112.16421
    Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    -\\ Mozilla Firefox v10.0.2 (en-GB)
    Profile name : default
    File : C:\Users\Overdrive\AppData\Roaming\Mozilla\Firefox\Profiles\raduhr3g.default\prefs.js
    Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.12");
    Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B7f9585cc-b51a-453a-ab70-db13c199fddc%[...]
    *************************
    AdwCleaner[R1].txt - [6689 octets] - [14/09/2012 13:59:34]
    AdwCleaner[S1].txt - [7093 octets] - [17/09/2012 15:35:55]
    ########## EOF - C:\AdwCleaner[S1].txt - [7153 octets] ##########
    ASWMBR log:

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-09-17 15:59:43
    -----------------------------
    15:59:43.636 OS Version: Windows x64 6.1.7601 Service Pack 1
    15:59:43.636 Number of processors: 4 586 0x2505
    15:59:43.637 ComputerName: OVERDRIVEGAMING UserName: Overdrive
    15:59:47.936 Initialize success
    16:00:02.912 AVAST engine defs: 12091400
    16:00:07.755 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    16:00:07.756 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
    16:00:07.783 Disk 0 MBR read successfully
    16:00:07.785 Disk 0 MBR scan
    16:00:07.818 Disk 0 Windows 7 default MBR code
    16:00:07.858 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
    16:00:07.887 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461405 MB offset 409600
    16:00:07.980 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15231 MB offset 945367040
    16:00:08.156 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
    16:00:08.205 Disk 0 scanning C:\Windows\system32\drivers
    16:00:43.857 Service scanning
    16:01:32.967 Modules scanning
    16:01:32.981 Disk 0 trace - called modules:
    16:01:32.991
    16:01:34.750 AVAST engine scan C:\Windows
    16:01:39.476 AVAST engine scan C:\Windows\system32
    16:06:43.031 AVAST engine scan C:\Windows\system32\drivers
    16:06:57.047 AVAST engine scan C:\Users\Overdrive
    16:10:01.636 Disk 0 MBR has been saved successfully to "C:\Users\Overdrive\Desktop\MBR.dat"
    16:10:01.641 The log file has been saved successfully to "C:\Users\Overdrive\Desktop\aswMBR.txt"
  9. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    ESET Online Scan

    Please run a free online scan with the ESET Online Scanner
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
    • Click Start or wait for the scanner to load.
    • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
    • Click Scan (This scan can take several hours, so please be patient)
    • Once the scan is completed, there are a couple of things to keep in mind:
    • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
    • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
    • Open the logfile from wherever you saved it
    • Copy and paste the contents in your next reply.


    Any more issues?

    We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

    Many of the things to note for us would be:

    • Slow computer
    • Error messages
    • Fake antivirus alerts or the icon in the system tray
    • svchost.exe running at 100%
    • System crashes or blue screen of death
  10. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks again DMJ,

    ESET Log:

    C:\Users\Overdrive\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2Q40MTC7\SoftonicDownloader_for_desktop-reminder.exe.tvx7hdh.partial Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{1042F88B-FA55-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{270b7604-88f0-7528-dd40-2b4eb9f05bce}\U\00000004.@ Win64/Conedex.C trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{270b7604-88f0-7528-dd40-2b4eb9f05bce}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{270b7604-88f0-7528-dd40-2b4eb9f05bce}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{270b7604-88f0-7528-dd40-2b4eb9f05bce}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{270b7604-88f0-7528-dd40-2b4eb9f05bce}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\Local\{270b7604-88f0-7528-dd40-2b4eb9f05bce}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\ea49e4c-1d003ca8 Java/Exploit.CVE-2012-0507.BR trojan cleaned by deleting - quarantined
    C:\Users\Overdrive\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\4c772605-3a29bb5c Java/Exploit.Agent.AG trojan cleaned by deleting - quarantined

    Yesterday I had two BSODs, the first time I've had any since I bought this laptop over a year ago. It's also been running pretty slow, for example it may lag when typing something into Google.
  11. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    ComboFix

    Please download ComboFix[​IMG] by sUBs
    From BleepingComputer.com

    Please save the file to your Desktop, but rename it first to svchost.exe

    Important information about ComboFix

    Before the download:
    • Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
    • It is important to rename ComboFix before the download.
    • Please do not rename ComboFix to other names, but only the one indicated.
    After the download:
    • Close any open browsers.
    • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
    • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
    Running ComboFix:
    • Double click on svchost.exe & follow the prompts.
    • It will attempt to install the Recovery Console:
    • When ComboFix finishes, it will produce a report for you.
    • Please post the "C:\Combo-Fix.txt" in your next reply.
    Troubleshooting ComboFix

    Safe Mode:

    If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

    (To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
    logo appears. A list of options will appear, select "Safe Mode.")

    Re-downloading:

    If this doesn't work either, try the same method (above method), but try to download it again, except name
    ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

    Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

    NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
  12. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks DMJ,

    ComboFix log:

    ComboFix 12-09-18.07 - Overdrive 20/09/2012 0:48.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3894.2171 [GMT 10:00]
    Running from: c:\users\Overdrive\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\users\Overdrive\Documents\pub9DF8.tmp
    c:\windows\SysWow64\drivers\hwinterface.sys
    c:\windows\SysWow64\FlashPlayerInstaller.exe
    c:\windows\SysWow64\muzapp.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-08-19 to 2012-09-19 )))))))))))))))))))))))))))))))
    .
    .
    2012-09-19 14:56 . 2012-09-19 14:56 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-09-17 14:53 . 2012-09-17 14:53 -------- d-----w- c:\program files (x86)\ESET
    2012-09-12 11:47 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
    2012-09-12 11:47 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
    2012-09-12 11:47 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
    2012-09-12 11:47 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
    2012-09-12 11:47 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-09-12 11:47 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
    2012-09-12 11:47 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2012-09-09 08:05 . 2012-09-09 08:05 -------- d-----w- c:\users\Overdrive\AppData\Local\{1042F88B-FA55-11E1-8270-B8AC6F996F26}
    2012-09-05 01:27 . 2012-09-05 01:27 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
    2012-08-31 07:22 . 2012-08-31 07:22 -------- d--h--w- c:\programdata\CanonIJEGV
    2012-08-27 01:29 . 2012-08-27 01:29 -------- d-----w- c:\users\Overdrive\AppData\Local\Samsung
    2012-08-27 01:29 . 2012-08-27 01:29 -------- d-----w- c:\users\Overdrive\AppData\Roaming\Samsung
    2012-08-27 01:21 . 2012-07-30 04:16 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
    2012-08-27 01:21 . 2012-08-27 01:21 -------- d-----w- c:\program files (x86)\MarkAny
    2012-08-27 01:21 . 2012-07-30 04:16 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
    2012-08-27 01:20 . 2012-08-27 01:22 -------- d-----w- c:\program files (x86)\Samsung
    2012-08-27 01:20 . 2012-08-27 01:21 -------- d-----w- c:\programdata\Samsung
    2012-08-25 05:39 . 2012-08-25 05:39 -------- d-----w- c:\users\Overdrive\AppData\Local\Konami_Digital_Entertainm
    2012-08-25 05:37 . 2012-08-25 05:37 -------- d-----w- c:\program files (x86)\Konami Digital Entertainment
    2012-08-25 02:01 . 2012-08-25 02:01 -------- d--h--w- c:\programdata\CanonIJEPPEX2
    2012-08-25 02:01 . 2012-08-25 02:01 -------- d--h--w- c:\programdata\CanonEPP
    2012-08-25 01:53 . 2012-08-25 01:53 -------- d-----w- c:\programdata\CanonIJMSetup
    2012-08-25 01:53 . 2012-08-25 01:53 -------- d-----w- c:\program files\Common Files\CANON
    2012-08-25 01:52 . 2012-08-25 01:52 -------- d-----w- c:\programdata\CanonIJWSpt
    2012-08-25 01:51 . 2012-08-25 01:51 -------- d-----w- c:\program files\Canon
    2012-08-25 01:50 . 2010-08-24 19:00 87040 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAA.DLL
    2012-08-25 01:50 . 2010-08-24 19:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAA.DLL
    2012-08-25 01:50 . 2010-03-18 09:26 348672 ----a-w- c:\windows\system32\CNC280L.dll
    2012-08-25 01:50 . 2010-03-18 09:25 307200 ----a-w- c:\windows\SysWow64\CNC280L.dll
    2012-08-25 01:50 . 2010-03-18 07:13 1354240 ----a-w- c:\windows\system32\CNC280C.dll
    2012-08-25 01:50 . 2010-03-18 07:13 112128 ----a-w- c:\windows\system32\CNC280I.dll
    2012-08-25 01:50 . 2010-03-18 07:11 106496 ----a-w- c:\windows\SysWow64\CNC280U.dll
    2012-08-25 01:49 . 2010-08-24 19:00 361472 ----a-w- c:\windows\system32\CNMLMAA.DLL
    2012-08-25 01:48 . 2010-01-13 13:04 103424 ----a-w- c:\windows\system32\CNC280O.dll
    2012-08-25 01:48 . 2010-03-11 07:57 248320 ----a-w- c:\windows\system32\CNMIUAA.DLL
    2012-08-25 01:47 . 2012-08-25 01:53 -------- d-----w- c:\program files (x86)\Canon
    2012-08-24 05:43 . 2012-08-24 05:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-09-13 10:14 . 2011-08-12 02:45 64462936 ----a-w- c:\windows\system32\MRT.exe
    2012-09-07 07:04 . 2011-07-28 09:16 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-07 01:38 . 2012-05-02 12:29 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-09-07 01:38 . 2011-08-04 23:38 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-30 04:16 . 2012-07-30 04:16 90112 ----a-w- c:\windows\MAMCityDownload.ocx
    2012-07-30 04:16 . 2012-07-30 04:16 330240 ----a-w- c:\windows\MASetupCaller.dll
    2012-07-30 04:16 . 2012-07-30 04:16 30568 ----a-w- c:\windows\MusiccityDownload.exe
    2012-07-30 04:16 . 2012-07-30 04:16 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
    2012-07-30 04:16 . 2012-07-30 04:16 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
    2012-07-30 04:16 . 2012-07-30 04:16 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
    2012-07-30 04:16 . 2012-07-30 04:16 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
    2012-07-30 04:16 . 2012-07-30 04:16 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
    2012-07-30 04:16 . 2012-07-30 04:16 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
    2012-07-30 04:16 . 2012-07-30 04:16 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
    2012-07-30 04:16 . 2012-07-30 04:16 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
    2012-07-30 04:16 . 2012-07-30 04:16 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
    2012-07-30 04:16 . 2012-07-30 04:16 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
    2012-07-30 04:16 . 2012-07-30 04:16 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
    2012-07-30 04:16 . 2012-07-30 04:16 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
    2012-07-30 04:16 . 2012-07-30 04:16 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
    2012-07-30 04:16 . 2012-07-30 04:16 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
    2012-07-30 04:16 . 2012-07-30 04:16 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
    2012-07-30 04:16 . 2012-07-30 04:16 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
    2012-07-30 04:16 . 2012-07-30 04:16 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
    2012-07-30 04:16 . 2012-07-30 04:16 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
    2012-07-30 04:16 . 2012-07-30 04:16 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
    2012-07-30 04:16 . 2012-07-30 04:16 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
    2012-07-30 04:16 . 2012-07-30 04:16 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
    2012-07-30 04:16 . 2012-07-30 04:16 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
    2012-07-30 04:16 . 2012-07-30 04:16 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
    2012-07-30 04:16 . 2012-07-30 04:16 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
    2012-07-30 04:16 . 2012-07-30 04:16 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
    2012-07-30 03:32 . 2012-07-30 03:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
    2012-07-30 03:32 . 2012-07-30 03:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
    2012-07-25 17:21 . 2012-07-25 17:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys
    2012-07-18 18:15 . 2012-08-16 12:08 3148800 ----a-w- c:\windows\system32\win32k.sys
    2012-07-06 20:07 . 2012-08-18 17:06 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
    2012-07-04 22:16 . 2012-08-16 12:09 73216 ----a-w- c:\windows\system32\netapi32.dll
    2012-07-04 22:13 . 2012-08-16 12:09 59392 ----a-w- c:\windows\system32\browcli.dll
    2012-07-04 22:13 . 2012-08-16 12:09 136704 ----a-w- c:\windows\system32\browser.dll
    2012-07-04 21:14 . 2012-08-16 12:09 41984 ----a-w- c:\windows\SysWow64\browcli.dll
    2012-06-29 04:55 . 2012-08-18 17:04 17809920 ----a-w- c:\windows\system32\mshtml.dll
    2012-06-29 04:09 . 2012-08-18 17:04 10925568 ----a-w- c:\windows\system32\ieframe.dll
    2012-06-29 03:56 . 2012-08-18 17:04 2312704 ----a-w- c:\windows\system32\jscript9.dll
    2012-06-29 03:49 . 2012-08-18 17:04 1346048 ----a-w- c:\windows\system32\urlmon.dll
    2012-06-29 03:49 . 2012-08-18 17:04 1392128 ----a-w- c:\windows\system32\wininet.dll
    2012-06-29 03:48 . 2012-08-18 17:04 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-06-29 03:47 . 2012-08-18 17:04 237056 ----a-w- c:\windows\system32\url.dll
    2012-06-29 03:45 . 2012-08-18 17:04 85504 ----a-w- c:\windows\system32\jsproxy.dll
    2012-06-29 03:44 . 2012-08-18 17:04 816640 ----a-w- c:\windows\system32\jscript.dll
    2012-06-29 03:43 . 2012-08-18 17:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-06-29 03:42 . 2012-08-18 17:04 2144768 ----a-w- c:\windows\system32\iertutil.dll
    2012-06-29 03:40 . 2012-08-18 17:04 96768 ----a-w- c:\windows\system32\mshtmled.dll
    2012-06-29 03:39 . 2012-08-18 17:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-06-29 03:35 . 2012-08-18 17:04 248320 ----a-w- c:\windows\system32\ieui.dll
    2012-06-29 00:16 . 2012-08-18 17:04 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
    2012-06-29 00:09 . 2012-08-18 17:04 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
    2012-06-29 00:08 . 2012-08-18 17:04 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2012-06-29 00:04 . 2012-08-18 17:04 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2012-06-29 00:00 . 2012-08-18 17:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-11-22 2736128]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
    "Mikogo"="c:\users\Overdrive\AppData\Roaming\Mikogo 4\mikogo-host.exe" [2012-08-13 5380512]
    "Facebook Update"="c:\users\Overdrive\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
    "FreeAC"="c:\program files (x86)\FreeAlarmClock\FreeAlarmClock.exe" [2011-11-22 1327440]
    "DesktopReminder2ByPolenter"="c:\program files (x86)\Desktop-Reminder 2\DesktopReminder2.exe" [2012-04-05 2949560]
    "KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-07 960440]
    "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-07 21432]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
    "IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-07-23 111640]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-30 2596984]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-07 336384]
    "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
    "ConnectionManager"="c:\program files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe" [2011-08-01 99656]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
    "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
    "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-07 3524536]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-9-20 1338144]
    Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-11-19 1040952]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-08-12 5167736]
    R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 M4-Service;M4-Service;c:\users\Overdrive\AppData\Roaming\Mikogo 4\M4-Service.exe [2012-08-13 1008032]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
    R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
    R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2011-12-06 620584]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-12-06 39976]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
    R3 ExpressAccountsService;Express Accounts;c:\program files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe [2011-10-27 2964484]
    R3 ExpressInvoiceService;Express Invoice;c:\program files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2011-10-27 1931268]
    R3 InventoriaService;Inventoria Stock Manager;c:\program files (x86)\NCH Software\Inventoria\inventoria.exe [2011-10-27 1469956]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-12-20 339048]
    R3 Sage Simply Accounting Transaction Manager 2012 - CDN;Sage Simply Accounting Transaction Manager 2012 - CDN;c:\program files (x86)\Winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe [2011-08-01 46408]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-12 1255736]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-18 28480]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-30 36944]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-25 291680]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-28 254528]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-25 203264]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-13 193288]
    S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
    S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
    S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
    S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
    S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-20 2425960]
    S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-07-06 375176]
    S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-01-11 15928]
    S2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager;c:\program files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe [2011-08-01 21320]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-23 2320920]
    S2 xTuplePostgreSQL;xTuplePostgreSQL;C:/PROGRA~2/xTuple/POSTGR~1/bin/pg_ctl.exe runservice -N xTuplePostgreSQL -D C:/PROGRA~2/xTuple/POSTGR~1/data [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-25 9260032]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-25 301568]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
    S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-11 31088]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
    S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-13 12228128]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-12-06 565352]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2010-11-22 22:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-09-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2660691712-78789692-3016591619-1000Core.job
    - c:\users\Overdrive\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-04 04:12]
    .
    2012-09-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2660691712-78789692-3016591619-1000UA.job
    - c:\users\Overdrive\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-04 04:12]
    .
    2012-09-11 c:\windows\Tasks\HPCeeScheduleForOverdrive.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
    .
    2012-09-19 c:\windows\Tasks\HPCeeScheduleForOVERDRIVEGAMING$.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
    @="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
    [HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
    2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
    @="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
    [HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
    2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
    @="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
    [HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
    2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
    @="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
    [HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
    2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
    @="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
    [HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
    2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
    "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-06 1424896]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-13 168216]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-13 392472]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-13 416024]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.mail.yahoo.com/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    FF - ProfilePath - c:\users\Overdrive\AppData\Roaming\Mozilla\Firefox\Profiles\raduhr3g.default\
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
    Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe
    Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe
    Wow6432Node-HKLM-Run-HF_G_Jul - c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-BattlEye for A2 - c:\program files (x86)\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
    AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xTuplePostgreSQL]
    "ImagePath"="C:/PROGRA~2/xTuple/POSTGR~1/bin/pg_ctl.exe runservice -N \"xTuplePostgreSQL\" -D \"C:/PROGRA~2/xTuple/POSTGR~1/data\""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xTuplePostgreSQL]
    "ImagePath"="C:/PROGRA~2/xTuple/POSTGR~1/bin/pg_ctl.exe runservice -N \"xTuplePostgreSQL\" -D \"C:/PROGRA~2/xTuple/POSTGR~1/data\""
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-09-20 00:59:36
    ComboFix-quarantined-files.txt 2012-09-19 14:59
    .
    Pre-Run: 347,931,557,888 bytes free
    Post-Run: 348,828,565,504 bytes free
    .
    - - End Of File - - E7897C6C3101285995F351AE9E351310
  13. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Upload Dump Files:

    Please go to C:\Windows\Minidump and zip up the contents of the folder. Then upload/attach the .zip file with your post.

    Here's how to do it:

    • Left click on the first minidump file.
    • Hold down the "Shift" key and left click on the last minidump file.
    • Right click on the blue highlighted area and select "Send to"
    • Select "Compressed (zipped) folder" and note where the folder is saved.
    • Upload that .zip file with your post.
    Note: If you have issues with "Access Denied" errors, try copying the files to your desktop and zipping them up from there. If it still won't let you zip them up, post in the thread about the error so we can give further advice.

    If you don't have anything in that folder, please check in C:\Windows for a file named MEMORY.DMP. If you find it, zip it up and upload it to a free file hosting service . I recommend www.mediafire.com or another free, file-hosting service. Then post the link to it in your topic so that we can download it.

    Then, follow the directions here to set your system for Minidumps (much smaller than the MEMORY.DMP file).
     
  14. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks DMJ, please find attached my zip file.

    Attached Files:

  15. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

  16. Humeon

    Humeon Newcomer, in training Topic Starter

    Thanks DMJ, AVGremover didn't work but Revo Uninstaller seemed to do the trick. Have installed Avast! :)
  17. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Good! Test for redirects please. Give it about a day or so, then let me know, please.
  18. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hi! Are you still with us?

    Update us on the status of your computer, we'd still like to help.

    Topic marked inactive.
  19. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hi! This is the last check-in for you. Please update us on your situation here. We'd love to help!


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.