Inactive Virus that flies under the radar...

[MO9999]

[FONT=Calibri]Hi there,[/FONT]
[FONT=Calibri]I have a really frustrating virus/malware that seriously drags on performance, affects data entry, and crashes video. I did some scans with Windows Security Essentials and ccleaner as well as a trial of Nortons, and it didn’t turn anything up.[/FONT]
[FONT=Calibri]I also did the recommended scans in the generic form instructions – I posted the logs below.[/FONT]
[FONT=Calibri]Please help! Thanks in advance![/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Malware log:[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Malwarebytes Anti-Malware (Trial) 1.65.0.1400[/FONT]
[FONT=Calibri]www.malwarebytes.org[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Database version: v2012.09.22.04[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Windows 7 Service Pack 1 x64 NTFS[/FONT]
[FONT=Calibri]Internet Explorer 9.0.8112.16421[/FONT]
[FONT=Calibri]Home :: HOME-PC [administrator][/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Protection: Enabled[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]22/09/2012 8:20:00 PM[/FONT]
[FONT=Calibri]mbam-log-2012-09-22 (20-20-00).txt[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Scan type: Full scan (C:\|)[/FONT]
[FONT=Calibri]Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM[/FONT]
[FONT=Calibri]Scan options disabled: P2P[/FONT]
[FONT=Calibri]Objects scanned: 429764[/FONT]
[FONT=Calibri]Time elapsed: 22 minute(s), 34 second(s)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Memory Processes Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Memory Modules Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Registry Keys Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Registry Values Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Registry Data Items Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Folders Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]Files Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri](end)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]********************[/FONT]
[FONT=Calibri]GMER scan – didn’t work. The following error popped up every time (tried it about ten times):[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]C:\Windows\system32\config\system: The system cannot find the file specified.[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri]**********************[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri] [/FONT]

 

[MO9999]

[FONT=Calibri]DDS (Ver_2011-08-26.01) - NTFSAMD64 [/FONT]
[FONT=Calibri]Internet Explorer: 9.0.8112.16421[/FONT]
[FONT=Calibri]Run by Home at 20:15:01 on 2012-09-22[/FONT]
[FONT=Calibri]Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.16364.13157 [GMT -4:00][/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}[/FONT]
[FONT=Calibri]SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}[/FONT]
[FONT=Calibri]SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]============== Running Processes ===============[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]C:\Windows\system32\wininit.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\lsm.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k DcomLaunch[/FONT]
[FONT=Calibri]C:\Windows\system32\nvvsvc.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k RPCSS[/FONT]
[FONT=Calibri]c:\Program Files\Microsoft Security Client\MsMpEng.exe[/FONT]
[FONT=Calibri]C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted[/FONT]
[FONT=Calibri]C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k netsvcs[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k LocalService[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k NetworkService[/FONT]
[FONT=Calibri]C:\Windows\System32\spoolsv.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Bluetooth Suite\adminservice.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[/FONT]
[FONT=Calibri]C:\Program Files\Bonjour\mDNSResponder.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k imgsvc[/FONT]
[FONT=Calibri]C:\Program Files\Web Assistant\ExtensionUpdaterService.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k bthsvcs[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted[/FONT]
[FONT=Calibri]C:\Windows\system32\Dwm.exe[/FONT]
[FONT=Calibri]C:\Windows\Explorer.EXE[/FONT]
[FONT=Calibri]C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[/FONT]
[FONT=Calibri]C:\Program Files\Microsoft Security Client\msseces.exe[/FONT]
[FONT=Calibri]C:\Program Files\Logitech\SetPointP\SetPoint.exe[/FONT]
[FONT=Calibri]C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\iTunes\iTunesHelper.exe[/FONT]
[FONT=Calibri]C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[/FONT]
[FONT=Calibri]C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\nvvsvc.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\taskhost.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\SearchIndexer.exe[/FONT]
[FONT=Calibri]C:\Program Files\iPod\bin\iPodService.exe[/FONT]
[FONT=Calibri]C:\Program Files\Logitech\SetPointP\LU\LULnchr.exe[/FONT]
[FONT=Calibri]C:\Program Files\Logitech\SetPointP\LU\LogitechUpdate.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation[/FONT]
[FONT=Calibri]C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[/FONT]
[FONT=Calibri]C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[/FONT]
[FONT=Calibri]C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[/FONT]
[FONT=Calibri]C:\Windows\splwow64.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[/FONT]
[FONT=Calibri]C:\Program Files (x86)\iTunes\iTunes.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\conhost.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\conhost.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Internet Explorer\iexplore.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Internet Explorer\iexplore.exe[/FONT]
[FONT=Calibri]C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Internet Explorer\iexplore.exe[/FONT]
[FONT=Calibri]C:\Program Files\Windows Media Player\wmpnetwk.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\taskeng.exe[/FONT]
[FONT=Calibri]C:\Program Files (x86)\Internet Explorer\iexplore.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\DllHost.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\DllHost.exe[/FONT]
[FONT=Calibri]C:\Windows\SysWOW64\cmd.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\conhost.exe[/FONT]
[FONT=Calibri]C:\Windows\SysWOW64\cscript.exe[/FONT]
[FONT=Calibri]C:\Windows\system32\wbem\wmiprvse.exe[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]============== Pseudo HJT Report ===============[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]uStart Page = hxxp://www.cbc.ca/news/[/FONT]
[FONT=Calibri]uInternet Settings,ProxyOverride = *.local[/FONT]
[FONT=Calibri]uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll[/FONT]
[FONT=Calibri]uURLSearchHooks: SmileBox EN Toolbar: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll[/FONT]
[FONT=Calibri]mURLSearchHooks: SmileBox EN Toolbar: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll[/FONT]
[FONT=Calibri]mWinlogon: Userinit=userinit.exe[/FONT]
[FONT=Calibri]BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll[/FONT]
[FONT=Calibri]BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll[/FONT]
[FONT=Calibri]BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - C:\Program Files\Web Assistant\Extension32.dll[/FONT]
[FONT=Calibri]BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll[/FONT]
[FONT=Calibri]BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll[/FONT]
[FONT=Calibri]BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL[/FONT]
[FONT=Calibri]BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll[/FONT]
[FONT=Calibri]BHO: SmileBox EN Toolbar: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll[/FONT]
[FONT=Calibri]TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll[/FONT]
[FONT=Calibri]TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll[/FONT]
[FONT=Calibri]TB: SmileBox EN Toolbar: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll[/FONT]
[FONT=Calibri]uRun: [SmileboxTray] "C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe"[/FONT]
[FONT=Calibri]mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"[/FONT]
[FONT=Calibri]mRun: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"[/FONT]
[FONT=Calibri]mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[/FONT]
[FONT=Calibri]mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin[/FONT]
[FONT=Calibri]mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"[/FONT]
[FONT=Calibri]mRun: [<NO NAME>] [/FONT]
[FONT=Calibri]mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"[/FONT]
[FONT=Calibri]mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"[/FONT]
[FONT=Calibri]mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"[/FONT]
[FONT=Calibri]mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"[/FONT]
[FONT=Calibri]mRun: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey[/FONT]
[FONT=Calibri]mPolicies-explorer: NoActiveDesktop = 1 (0x1)[/FONT]
[FONT=Calibri]mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)[/FONT]
[FONT=Calibri]mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)[/FONT]
[FONT=Calibri]mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)[/FONT]
[FONT=Calibri]mPolicies-system: EnableUIADesktopToggle = 0 (0x0)[/FONT]
[FONT=Calibri]IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000[/FONT]
[FONT=Calibri]IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105[/FONT]
[FONT=Calibri]IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll[/FONT]
[FONT=Calibri]IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll[/FONT]
[FONT=Calibri]IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll[/FONT]
[FONT=Calibri]DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab[/FONT]
[FONT=Calibri]DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/FONT]
[FONT=Calibri]TCP: DhcpNameServer = 192.168.0.1[/FONT]
[FONT=Calibri]TCP: Interfaces\{4D125F63-D5CE-4C9A-AEC0-47EAC63FADA2} : DhcpNameServer = 192.168.0.1[/FONT]
[FONT=Calibri]Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL[/FONT]
[FONT=Calibri]BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll[/FONT]
[FONT=Calibri]BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll[/FONT]
[FONT=Calibri]BHO-X64: AcroIEHelperStub - No File[/FONT]
[FONT=Calibri]BHO-X64: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll[/FONT]
[FONT=Calibri]BHO-X64: Web Assistant Helper - No File[/FONT]
[FONT=Calibri]BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll[/FONT]
[FONT=Calibri]BHO-X64: IESpeakDoc - No File[/FONT]
[FONT=Calibri]BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll[/FONT]
[FONT=Calibri]BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL[/FONT]
[FONT=Calibri]BHO-X64: URLRedirectionBHO - No File[/FONT]
[FONT=Calibri]BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll[/FONT]
[FONT=Calibri]BHO-X64: SmartSelect - No File[/FONT]
[FONT=Calibri]BHO-X64: SmileBox EN Toolbar: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll[/FONT]
[FONT=Calibri]BHO-X64: SmileBox EN - No File[/FONT]
[FONT=Calibri]TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll[/FONT]
[FONT=Calibri]TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll[/FONT]
[FONT=Calibri]TB-X64: SmileBox EN Toolbar: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll[/FONT]
[FONT=Calibri]mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"[/FONT]
[FONT=Calibri]mRun-x64: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"[/FONT]
[FONT=Calibri]mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[/FONT]
[FONT=Calibri]mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin[/FONT]
[FONT=Calibri]mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"[/FONT]
[FONT=Calibri]mRun-x64: [(Default)] [/FONT]
[FONT=Calibri]mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"[/FONT]
[FONT=Calibri]mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"[/FONT]
[FONT=Calibri]mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"[/FONT]
[FONT=Calibri]mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"[/FONT]
[FONT=Calibri]mRun-x64: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]============= SERVICES / DRIVERS ===============[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?][/FONT]
[FONT=Calibri]R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.sys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?][/FONT]
[FONT=Calibri]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?][/FONT]
[FONT=Calibri]R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960][/FONT]
[FONT=Calibri]R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896][/FONT]
[FONT=Calibri]R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464][/FONT]
[FONT=Calibri]R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-3-30 151656][/FONT]
[FONT=Calibri]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-17 399432][/FONT]
[FONT=Calibri]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-17 676936][/FONT]
[FONT=Calibri]R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-9-1 1258856][/FONT]
[FONT=Calibri]R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?][/FONT]
[FONT=Calibri]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312][/FONT]
[FONT=Calibri]R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-9-16 185856][/FONT]
[FONT=Calibri]R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?][/FONT]
[FONT=Calibri]R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?][/FONT]
[FONT=Calibri]R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?][/FONT]
[FONT=Calibri]R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?][/FONT]
[FONT=Calibri]R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?][/FONT]
[FONT=Calibri]R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?][/FONT]
[FONT=Calibri]R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?][/FONT]
[FONT=Calibri]R3 cmudaxp;ASUS Xonar DG Audio Interface;C:\Windows\system32\drivers\cmudaxp.sys --> C:\Windows\system32\drivers\cmudaxp.sys [?][/FONT]
[FONT=Calibri]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?][/FONT]
[FONT=Calibri]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?][/FONT]
[FONT=Calibri]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?][/FONT]
[FONT=Calibri]R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?][/FONT]
[FONT=Calibri]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?][/FONT]
[FONT=Calibri]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?][/FONT]
[FONT=Calibri]R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?][/FONT]
[FONT=Calibri]R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184][/FONT]
[FONT=Calibri]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?][/FONT]
[FONT=Calibri]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384][/FONT]
[FONT=Calibri]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576][/FONT]
[FONT=Calibri]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-31 250288][/FONT]
[FONT=Calibri]S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?][/FONT]
[FONT=Calibri]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?][/FONT]
[FONT=Calibri]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696][/FONT]
[FONT=Calibri]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096][/FONT]
[FONT=Calibri]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?][/FONT]
[FONT=Calibri]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?][/FONT]
[FONT=Calibri]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?][/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]=============== Created Last 30 ================[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]2012-09-22 17:09:23 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL[/FONT]
[FONT=Calibri]2012-09-22 17:09:11 -------- d-----w- C:\Program Files (x86)\SpywareBlaster[/FONT]
[FONT=Calibri]2012-09-22 14:48:07 -------- d-----w- C:\Program Files (x86)\ESET[/FONT]
[FONT=Calibri]2012-09-22 01:56:54 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B67984A5-EA6B-4E3D-B2DE-3AAD34105744}\mpengine.dll[/FONT]
[FONT=Calibri]2012-09-20 23:48:59 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll[/FONT]
[FONT=Calibri]2012-09-18 01:14:13 -------- d-----w- C:\Users\Home\AppData\Roaming\Malwarebytes[/FONT]
[FONT=Calibri]2012-09-18 01:14:00 -------- d-----w- C:\ProgramData\Malwarebytes[/FONT]
[FONT=Calibri]2012-09-18 01:13:59 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys[/FONT]
[FONT=Calibri]2012-09-18 01:13:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware[/FONT]
[FONT=Calibri]2012-09-18 01:05:44 53248 ----a-r- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe[/FONT]
[FONT=Calibri]2012-09-17 01:00:03 -------- d-----w- C:\Users\Home\AppData\Local\Smilebox[/FONT]
[FONT=Calibri]2012-09-17 00:58:41 -------- d-----w- C:\Program Files\Web Assistant[/FONT]
[FONT=Calibri]2012-09-17 00:58:33 -------- d-----w- C:\Program Files (x86)\Conduit[/FONT]
[FONT=Calibri]2012-09-17 00:58:31 -------- d-----w- C:\Users\Home\AppData\Local\Conduit[/FONT]
[FONT=Calibri]2012-09-17 00:58:31 -------- d-----w- C:\Program Files (x86)\SmileBox_EN[/FONT]
[FONT=Calibri]2012-09-17 00:58:21 -------- d-----w- C:\Users\Home\AppData\Roaming\Smilebox[/FONT]
[FONT=Calibri]2012-09-13 23:55:40 -------- d-----w- C:\temp[/FONT]
[FONT=Calibri]2012-09-04 01:27:45 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe[/FONT]
[FONT=Calibri]2012-09-02 14:21:10 -------- d-----w- C:\Users\Home\AppData\Local\Microsoft Games[/FONT]
[FONT=Calibri]2012-09-01 19:25:19 63336 ----a-w- C:\Windows\System32\nvshext.dll[/FONT]
[FONT=Calibri]2012-09-01 19:25:18 891240 ----a-w- C:\Windows\System32\nvvsvc.exe[/FONT]
[FONT=Calibri]2012-09-01 19:25:18 6198120 ----a-w- C:\Windows\System32\nvcpl.dll[/FONT]
[FONT=Calibri]2012-09-01 19:25:18 3487434 ----a-w- C:\Windows\System32\nvcoproc.bin[/FONT]
[FONT=Calibri]2012-09-01 19:25:18 3266920 ----a-w- C:\Windows\System32\nvsvc64.dll[/FONT]
[FONT=Calibri]2012-09-01 19:25:18 118120 ----a-w- C:\Windows\System32\nvmctray.dll[/FONT]
[FONT=Calibri]2012-09-01 19:25:07 68928 ----a-w- C:\Windows\System32\OpenCL.dll[/FONT]
[FONT=Calibri]2012-09-01 19:25:07 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll[/FONT]
[FONT=Calibri]2012-09-01 19:24:59 -------- d-----w- C:\ProgramData\NVIDIA Corporation[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 971624 ----a-w- C:\Windows\System32\nvumdshimx.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 364352 ----a-w- C:\Windows\System32\nvdecodemft.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 301376 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 15291752 ----a-w- C:\Windows\SysWow64\nvd3dum.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 14879080 ----a-w- C:\Windows\System32\nvwgf2umx.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:59 12465512 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:58 2725224 ----a-w- C:\Windows\System32\nvapi64.dll[/FONT]
[FONT=Calibri]2012-09-01 19:20:14 -------- d-----w- C:\NVIDIA[/FONT]
[FONT=Calibri]2012-08-31 23:41:21 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys[/FONT]
[FONT=Calibri]2012-08-31 23:40:41 -------- d-----w- C:\Program Files (x86)\Microsoft[/FONT]
[FONT=Calibri]2012-08-31 23:39:51 1139200 ----a-w- C:\Windows\System32\FntCache.dll[/FONT]
[FONT=Calibri]2012-08-31 23:39:50 902656 ----a-w- C:\Windows\System32\d2d1.dll[/FONT]
[FONT=Calibri]2012-08-31 23:39:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll[/FONT]
[FONT=Calibri]2012-08-31 23:32:22 -------- d-----w- C:\Users\Home\AppData\Local\Apple Computer[/FONT]
[FONT=Calibri]2012-08-31 23:32:17 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys[/FONT]
[FONT=Calibri]2012-08-31 23:32:17 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll[/FONT]
[FONT=Calibri]2012-08-31 23:32:17 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll[/FONT]
[FONT=Calibri]2012-08-31 23:31:56 -------- d-----w- C:\Program Files\iPod[/FONT]
[FONT=Calibri]2012-08-31 23:31:55 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}[/FONT]
[FONT=Calibri]2012-08-31 23:31:55 -------- d-----w- C:\Program Files\iTunes[/FONT]
[FONT=Calibri]2012-08-31 23:31:55 -------- d-----w- C:\Program Files (x86)\iTunes[/FONT]
[FONT=Calibri]2012-08-31 23:31:34 -------- d-----w- C:\Users\Home\AppData\Local\Apple[/FONT]
[FONT=Calibri]2012-08-31 23:31:20 -------- d-----w- C:\Program Files\Bonjour[/FONT]
[FONT=Calibri]2012-08-31 23:31:20 -------- d-----w- C:\Program Files (x86)\Bonjour[/FONT]
[FONT=Calibri]2012-08-31 22:22:20 -------- d-----w- C:\ProgramData\ALM[/FONT]
[FONT=Calibri]2012-08-31 22:14:53 -------- d-----w- C:\Users\Home\Adobe Flash Builder 4.5[/FONT]
[FONT=Calibri]2012-08-31 21:56:18 -------- d-----w- C:\Windows\Panther[/FONT]
[FONT=Calibri]2012-08-31 21:53:17 -------- d-----w- C:\Program Files (x86)\Adobe Story[/FONT]
[FONT=Calibri]2012-08-31 21:51:15 55280 ------w-C:\Windows\System32\drivers\PxHlpa64.sys[/FONT]
[FONT=Calibri]2012-08-31 21:51:15 10224 ------w-C:\Windows\System32\drivers\cdralw2k.sys[/FONT]
[FONT=Calibri]2012-08-31 21:51:15 10224 ------w-C:\Windows\System32\drivers\cdr4_xp.sys[/FONT]
[FONT=Calibri]2012-08-31 21:51:15 -------- d-----w- C:\Program Files (x86)\My Company Name[/FONT]
[FONT=Calibri]2012-08-31 21:51:15 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared[/FONT]
[FONT=Calibri]2012-08-31 21:51:15 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine[/FONT]
[FONT=Calibri]2012-08-31 21:41:08 -------- d-----w- C:\Users\Home\AppData\Local\Adobe[/FONT]
[FONT=Calibri]2012-08-31 21:05:23 -------- d-----w- C:\Program Files (x86)\Mass Effect 2[/FONT]
[FONT=Calibri]2012-08-31 21:01:34 -------- d-----w- C:\ProgramData\Media Center Programs[/FONT]
[FONT=Calibri]2012-08-31 21:01:33 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare[/FONT]
[FONT=Calibri]2012-08-31 20:50:28 -------- d-----w- C:\Program Files (x86)\Mass Effect[/FONT]
[FONT=Calibri]2012-08-31 20:45:48 -------- d-----w- C:\Windows\PCHEALTH[/FONT]
[FONT=Calibri]2012-08-31 20:43:28 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services[/FONT]
[FONT=Calibri]2012-08-31 20:42:55 -------- d-----w- C:\Users\Home\AppData\Local\Microsoft Help[/FONT]
[FONT=Calibri]2012-08-31 19:58:51 32768 ----a-w- C:\Windows\System32\cmudaxp.dll[/FONT]
[FONT=Calibri]2012-08-31 19:58:51 1261056 ----a-w- C:\Windows\System32\drivers\cmudaxp.sys[/FONT]
[FONT=Calibri]2012-08-31 19:58:50 315392 ----a-w- C:\Windows\SysWow64\CmiFltr.dll[/FONT]
[FONT=Calibri]2012-08-31 19:58:50 315392 ----a-w- C:\Windows\system\CmiFltr.dll[/FONT]
[FONT=Calibri]2012-08-31 19:58:46 359424 ------w-C:\Windows\System32\CmiInstallResAll64.dll[/FONT]
[FONT=Calibri]2012-08-31 19:58:38 524768 ----a-r- C:\Windows\difxapi.dll[/FONT]
[FONT=Calibri]2012-08-31 19:45:40 -------- d-----w- C:\Program Files (x86)\Readiris10[/FONT]
[FONT=Calibri]2012-08-31 19:45:29 -------- d-----w- C:\Program Files (x86)\SmarThru 4[/FONT]
[FONT=Calibri]2012-08-31 19:44:59 -------- d-----w- C:\Program Files (x86)\Scan Assistant[/FONT]
[FONT=Calibri]2012-08-31 19:44:21 -------- d-----w- C:\Users\Home\AppData\Local\S2PC[/FONT]
[FONT=Calibri]2012-08-31 19:43:29 -------- d-----w- C:\Program Files (x86)\SamsungPrinterLiveUpdate[/FONT]
[FONT=Calibri]2012-08-31 19:41:08 -------- d-----w- C:\Program Files (x86)\Samsung[/FONT]
[FONT=Calibri]2012-08-31 19:38:49 -------- d-----w- C:\Program Files (x86)\MagicTune Premium[/FONT]
[FONT=Calibri]2012-08-31 19:37:54 -------- d-----w- C:\Program Files (x86)\MonitorDriver[/FONT]
[FONT=Calibri]2012-08-31 19:30:48 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[/FONT]
[FONT=Calibri]2012-08-31 19:30:48 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe[/FONT]
[FONT=Calibri]2012-08-31 19:24:01 927800 ------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB083F9B-738B-4E39-8A61-E7387D91F166}\gapaengine.dll[/FONT]
[FONT=Calibri]2012-08-31 19:23:17 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client[/FONT]
[FONT=Calibri]2012-08-31 19:23:11 -------- d-----w- C:\Program Files\Microsoft Security Client[/FONT]
[FONT=Calibri]2012-08-31 19:13:20 -------- d-----w- C:\Windows\SysWow64\Wat[/FONT]
[FONT=Calibri]2012-08-31 19:13:20 -------- d-----w- C:\Windows\System32\Wat[/FONT]
[FONT=Calibri]2012-08-31 19:05:18 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys[/FONT]
[FONT=Calibri]2012-08-31 19:05:17 81408 ----a-w- C:\Windows\System32\imagehlp.dll[/FONT]
[FONT=Calibri]2012-08-31 19:05:17 5120 ----a-w- C:\Windows\SysWow64\wmi.dll[/FONT]
[FONT=Calibri]2012-08-31 19:05:17 5120 ----a-w- C:\Windows\System32\wmi.dll[/FONT]
[FONT=Calibri]2012-08-31 19:05:17 220672 ----a-w- C:\Windows\System32\wintrust.dll[/FONT]
[FONT=Calibri]2012-08-31 19:05:17 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll[/FONT]
[FONT=Calibri]2012-08-31 19:05:17 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll[/FONT]
[FONT=Calibri]2012-08-31 19:03:24 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll[/FONT]
[FONT=Calibri]2012-08-31 19:03:24 366592 ----a-w- C:\Windows\System32\qdvd.dll[/FONT]
[FONT=Calibri]2012-08-31 19:02:23 -------- d-----w- C:\Users\Home\AppData\Local\Logishrd[/FONT]
[FONT=Calibri]2012-08-31 18:58:24 -------- d-----w- C:\Users\Home\AppData\Local\CrashDumps[/FONT]
[FONT=Calibri]2012-08-31 18:54:49 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys[/FONT]
[FONT=Calibri]2012-08-31 18:53:27 -------- d-----w- C:\Users\Home\AppData\Roaming\Logishrd[/FONT]
[FONT=Calibri]2012-08-31 18:41:50 642944 ----a-w- C:\Windows\System32\winload.efi[/FONT]
[FONT=Calibri]2012-08-31 18:40:59 723456 ----a-w- C:\Windows\System32\EncDec.dll[/FONT]
[FONT=Calibri]2012-08-31 18:37:43 110592 ----a-w- C:\Windows\System32\rtvcvfw32.dll[/FONT]
[FONT=Calibri]2012-08-31 18:37:38 -------- d-----w- C:\Program Files (x86)\MSI Afterburner[/FONT]
[FONT=Calibri]2012-08-31 18:34:26 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll[/FONT]
[FONT=Calibri]2012-08-31 18:34:24 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BB1C691-527D-4B5A-B46F-A5EF467DDB80}\mpengine.dll[/FONT]
[FONT=Calibri]2012-08-31 18:34:21 77312 ----a-w- C:\Windows\System32\packager.dll[/FONT]
[FONT=Calibri]2012-08-31 18:34:21 67072 ----a-w- C:\Windows\SysWow64\packager.dll[/FONT]
[FONT=Calibri]2012-08-31 18:26:00 -------- d--h--w- C:\Program Files (x86)\DeviceVM[/FONT]
[FONT=Calibri]2012-08-31 18:25:31 -------- d-----w- C:\Users\Home\AppData\Local\BMExplorer[/FONT]
[FONT=Calibri]2012-08-31 18:23:34 -------- d-----w- C:\Program Files\NVIDIA Corporation[/FONT]
[FONT=Calibri]2012-08-31 18:23:34 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation[/FONT]
[FONT=Calibri]2012-08-31 18:22:50 36864 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\sst2cpc.dll[/FONT]
[FONT=Calibri]2012-08-31 18:21:12 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll[/FONT]
[FONT=Calibri]2012-08-31 18:21:12 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys[/FONT]
[FONT=Calibri]2012-08-31 18:21:12 1031680 ----a-w- C:\Windows\System32\rdpcore.dll[/FONT]
[FONT=Calibri]2012-08-31 18:19:13 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros[/FONT]
[FONT=Calibri]2012-08-31 18:18:17 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite[/FONT]
[FONT=Calibri]2012-08-31 18:17:47 2622464 ----a-w- C:\Windows\System32\wucltux.dll[/FONT]
[FONT=Calibri]2012-08-31 18:17:30 99840 ----a-w- C:\Windows\System32\wudriver.dll[/FONT]
[FONT=Calibri]2012-08-31 18:17:00 36864 ----a-w- C:\Windows\System32\wuapp.exe[/FONT]
[FONT=Calibri]2012-08-31 18:17:00 186752 ----a-w- C:\Windows\System32\wuwebv.dll[/FONT]
[FONT=Calibri]2012-08-31 18:16:26 -------- d-----w- C:\Program Files (x86)\Marvell[/FONT]
[FONT=Calibri]2012-08-31 18:16:03 -------- d-----w- C:\Program Files (x86)\Renesas Electronics[/FONT]
[FONT=Calibri]2012-08-31 18:15:42 -------- d-sh--w- C:\Windows\Installer[/FONT]
[FONT=Calibri]2012-08-31 18:14:52 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll[/FONT]
[FONT=Calibri]2012-08-31 18:11:39 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll[/FONT]
[FONT=Calibri]2012-08-31 18:11:25 -------- d-----w- C:\Intel[/FONT]
[FONT=Calibri]2012-08-31 18:07:33 -------- d-----w- C:\Users\Home\AppData\Local\Diagnostics[/FONT]
[FONT=Calibri]2012-08-31 18:02:53 -------- d-sh--w- C:\Recovery[/FONT]
[FONT=Calibri]2012-08-30 14:40:14 429416 ----a-w- C:\Windows\SysWow64\nvStreaming.exe[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==================== Find3M ====================[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]2012-08-30 19:14:00 9066344 ----a-w- C:\Windows\System32\nvcuda.dll[/FONT]
[FONT=Calibri]2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll[/FONT]
[FONT=Calibri]2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll[/FONT]
[FONT=Calibri]2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl[/FONT]
[FONT=Calibri]2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe[/FONT]
[FONT=Calibri]2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll[/FONT]
[FONT=Calibri]2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb[/FONT]
[FONT=Calibri]2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll[/FONT]
[FONT=Calibri]2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll[/FONT]
[FONT=Calibri]2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl[/FONT]
[FONT=Calibri]2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe[/FONT]
[FONT=Calibri]2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll[/FONT]
[FONT=Calibri]2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb[/FONT]
[FONT=Calibri]2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys[/FONT]
[FONT=Calibri]2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys[/FONT]
[FONT=Calibri]2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys[/FONT]
[FONT=Calibri]2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS[/FONT]
[FONT=Calibri]2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll[/FONT]
[FONT=Calibri]2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll[/FONT]
[FONT=Calibri]2012-07-27 20:51:42 24984 ----a-w- C:\Windows\System32\AdobePDFUI.dll[/FONT]
[FONT=Calibri]2012-07-27 20:51:38 53656 ----a-w- C:\Windows\System32\AdobePDF.dll[/FONT]
[FONT=Calibri]2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys[/FONT]
[FONT=Calibri]2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll[/FONT]
[FONT=Calibri]2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll[/FONT]
[FONT=Calibri]2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll[/FONT]
[FONT=Calibri]2012-07-04 20:26:03 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys[/FONT]
[FONT=Calibri]2012-07-03 15:25:21 31080 ----a-w- C:\Windows\System32\nvhdap64.dll[/FONT]
[FONT=Calibri]2012-07-03 15:25:16 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]============= FINISH: 20:15:24.05 ===============[/FONT]

 

[MO9999]

And the last one:

[FONT=Calibri]Attach (2nd file)[/FONT]
[FONT=Calibri] [/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.[/FONT]
[FONT=Calibri]IF REQUESTED, ZIP IT UP & ATTACH IT[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]DDS (Ver_2011-08-26.01)[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]Microsoft Windows 7 Home Premium [/FONT]
[FONT=Calibri]Boot Device: \Device\HarddiskVolume1[/FONT]
[FONT=Calibri]Install Date: 31/08/2012 2:02:58 PM[/FONT]
[FONT=Calibri]System Uptime: 22/09/2012 9:02:38 AM (11 hours ago)[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]Motherboard: ASUSTeK Computer INC. | | P8P67[/FONT]
[FONT=Calibri]Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | LGA1155 | 2074/100mhz[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==== Disk Partitions =========================[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]C: is FIXED (NTFS) - 931 GiB total, 792.044 GiB free.[/FONT]
[FONT=Calibri]D: is CDROM (CDFS)[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==== Disabled Device Manager Items =============[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==== System Restore Points ===================[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]RP30: 01/09/2012 3:21:16 PM - Removed NVIDIA 3D Vision Controller Driver[/FONT]
[FONT=Calibri]RP31: 02/09/2012 11:46:22 PM - Windows Update[/FONT]
[FONT=Calibri]RP32: 07/09/2012 6:42:54 AM - Windows Update[/FONT]
[FONT=Calibri]RP33: 10/09/2012 2:10:10 PM - Windows Update[/FONT]
[FONT=Calibri]RP34: 13/09/2012 8:02:46 PM - Windows Update[/FONT]
[FONT=Calibri]RP35: 13/09/2012 9:56:44 PM - Windows Update[/FONT]
[FONT=Calibri]RP36: 17/09/2012 9:01:43 PM - Windows Update[/FONT]
[FONT=Calibri]RP37: 21/09/2012 9:56:31 PM - Windows Update[/FONT]
[FONT=Calibri]RP38: 21/09/2012 10:00:39 PM - Windows Update[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==== Installed Programs ======================[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]Adobe Acrobat X Pro - English, Français, Deutsch[/FONT]
[FONT=Calibri]Adobe AIR[/FONT]
[FONT=Calibri]Adobe Community Help[/FONT]
[FONT=Calibri]Adobe Content Viewer[/FONT]
[FONT=Calibri]Adobe Creative Suite 5.5 Master Collection[/FONT]
[FONT=Calibri]Adobe Flash Player 11 ActiveX[/FONT]
[FONT=Calibri]Adobe Flash Player 11 Plugin[/FONT]
[FONT=Calibri]Adobe Story[/FONT]
[FONT=Calibri]Adobe Widget Browser[/FONT]
[FONT=Calibri]Apple Application Support[/FONT]
[FONT=Calibri]Apple Software Update[/FONT]
[FONT=Calibri]Bing Desktop[/FONT]
[FONT=Calibri]Browser Configuration Utility[/FONT]
[FONT=Calibri]Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition[/FONT]
[FONT=Calibri]eReg[/FONT]
[FONT=Calibri]ESET Online Scanner v3[/FONT]
[FONT=Calibri]Intel(R) Management Engine Components[/FONT]
[FONT=Calibri]Malwarebytes Anti-Malware version 1.65.0.1400[/FONT]
[FONT=Calibri]marvell 91xx console driver[/FONT]
[FONT=Calibri]Mass Effect[/FONT]
[FONT=Calibri]Mass Effect 2[/FONT]
[FONT=Calibri]Microsoft Office 2010 Service Pack 1 (SP1)[/FONT]
[FONT=Calibri]Microsoft Office Access MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Access Setup Metadata MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Excel MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Home and Student 2010[/FONT]
[FONT=Calibri]Microsoft Office OneNote MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Outlook MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office PowerPoint MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Proof (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Proof (French) 2010[/FONT]
[FONT=Calibri]Microsoft Office Proof (Spanish) 2010[/FONT]
[FONT=Calibri]Microsoft Office Proofing (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Publisher MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Shared MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Shared Setup Metadata MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Office Single Image 2010[/FONT]
[FONT=Calibri]Microsoft Office Word MUI (English) 2010[/FONT]
[FONT=Calibri]Microsoft Visual C++ 2005 Redistributable[/FONT]
[FONT=Calibri]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17[/FONT]
[FONT=Calibri]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161[/FONT]
[FONT=Calibri]Microsoft_VC80_ATL_x86[/FONT]
[FONT=Calibri]Microsoft_VC80_CRT_x86[/FONT]
[FONT=Calibri]Microsoft_VC80_MFC_x86[/FONT]
[FONT=Calibri]Microsoft_VC80_MFCLOC_x86[/FONT]
[FONT=Calibri]Microsoft_VC90_ATL_x86[/FONT]
[FONT=Calibri]Microsoft_VC90_CRT_x86[/FONT]
[FONT=Calibri]Microsoft_VC90_MFC_x86[/FONT]
[FONT=Calibri]Microsoft_VC90_MFCLOC_x86[/FONT]
[FONT=Calibri]MSI Afterburner 2.1.0[/FONT]
[FONT=Calibri]NVIDIA PhysX[/FONT]
[FONT=Calibri]NVIDIA Stereoscopic 3D Driver[/FONT]
[FONT=Calibri]PDF Settings CS5[/FONT]
[FONT=Calibri]PxMergeModule[/FONT]
[FONT=Calibri]Realtek Ethernet Controller Driver[/FONT]
[FONT=Calibri]Realtek High Definition Audio Driver[/FONT]
[FONT=Calibri]Renesas Electronics USB 3.0 Host Controller Driver[/FONT]
[FONT=Calibri]Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)[/FONT]
[FONT=Calibri]Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)[/FONT]
[FONT=Calibri]Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)[/FONT]
[FONT=Calibri]Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)[/FONT]
[FONT=Calibri]Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)[/FONT]
[FONT=Calibri]Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2553091)[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2553096)[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition[/FONT]
[FONT=Calibri]Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)[/FONT]
[FONT=Calibri]Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition[/FONT]
[FONT=Calibri]Smilebox[/FONT]
[FONT=Calibri]SmileBox EN Toolbar[/FONT]
[FONT=Calibri]SpywareBlaster 4.6[/FONT]
[FONT=Calibri]Update for Microsoft .NET Framework 4 Client Profile (KB2468871)[/FONT]
[FONT=Calibri]Update for Microsoft .NET Framework 4 Client Profile (KB2533523)[/FONT]
[FONT=Calibri]Update for Microsoft .NET Framework 4 Client Profile (KB2600217)[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2553065)[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2566458)[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition[/FONT]
[FONT=Calibri]Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==== Event Viewer Messages From Past Week ========[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]22/09/2012 9:57:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.[/FONT]
[FONT=Calibri]20/09/2012 9:57:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.[/FONT]
[FONT=Calibri]17/09/2012 9:02:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.1352.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. [/FONT]
[FONT=Calibri]15/09/2012 9:12:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.[/FONT]
[FONT=Calibri].[/FONT]
[FONT=Calibri]==== End Of File ===========================[/FONT]

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

==================================

• Download RogueKiller on the desktop
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

=================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

[MO9999]

Thanks! The TDSS Killer log is above, and below are the other (new) two:

RogueKiller V8.1.0 [09/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Home [Admin rights]
Mode : Scan -- Date : 09/29/2012 18:41:58
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] SmileboxTray.exe -- C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe -> KILLED [TermProc]
¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SmileboxTray ("C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-536375784-2232574902-3899767229-1000[...]\Run : SmileboxTray ("C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe") -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST31000524AS ATA Device +++++
--- User ---
[MBR] e70f6623464eb53886bffcb241dc3f67
[BSP] 3e4b6fce6d7ab9da087fe176948eb847 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt

*************************************************************

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-29 18:43:42
-----------------------------
18:43:42.501 OS Version: Windows x64 6.1.7601 Service Pack 1
18:43:42.501 Number of processors: 8 586 0x2A07
18:43:42.501 ComputerName: HOME-PC UserName: Home
18:43:42.520 Initialze error 1
18:44:06.507 AVAST engine defs: 12092901
18:44:13.784 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:44:13.786 Disk 0 Vendor: ST31000524AS JC4B Size: 953869MB BusType: 11
18:44:13.805 Disk 0 MBR read successfully
18:44:13.807 Disk 0 MBR scan
18:44:13.811 Disk 0 unknown MBR code
18:44:13.814 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
18:44:13.817 Disk 0 scanning C:\Windows\system32\drivers
18:44:13.821 Service scanning
18:44:14.452 Modules scanning
18:44:14.456 Disk 0 trace - called modules:
18:44:14.512 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:44:14.516 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800dcbf790]
18:44:14.520 3 CLASSPNP.SYS[fffff8800141743f] -> nt!IofCallDriver -> [0xfffffa800d5b7090]
18:44:14.525 5 ACPI.sys[fffff88000f6b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d5c3060]
18:44:14.530 AVAST engine scan C:\Windows
18:44:14.535 AVAST engine scan C:\Windows\system32
18:44:14.540 AVAST engine scan C:\Windows\system32\drivers
18:44:14.544 AVAST engine scan C:\Users\Home
18:44:14.549 AVAST engine scan C:\ProgramData
18:44:14.552 Scan finished successfully
18:44:28.148 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
18:44:28.150 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"

 

[Broni]

I don't see TDSSKiller log.

 

[MO9999]

It's in my very first posting - I split it into a post and two replies, since the character limit was exceeded. It shows in my first and second replies.

Thanks!

 

[Broni]

All I can see is MBAM, GMER and DDS logs.
There is no TDSSKiller log.

 

[MO9999]

Very possible I just made a mistake. Please find Part I below - thanks!


[FONT=Lucida Console]22:50:17.0348 6720 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24[/FONT]

[FONT=Lucida Console]22:50:17.0348 6720 UEFI system[/FONT]

[FONT=Lucida Console]22:50:17.0613 6720 ============================================================[/FONT]

[FONT=Lucida Console]22:50:17.0613 6720 Current date / time: 2012/09/29 22:50:17.0613[/FONT]

[FONT=Lucida Console]22:50:17.0613 6720 SystemInfo:[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 [/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 OS Version: 6.1.7601 ServicePack: 1.0[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Product type: Workstation[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 ComputerName: HOME-PC[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 UserName: Home[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Windows directory: C:\Windows[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 System windows directory: C:\Windows[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Running under WOW64[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Processor architecture: Intel x64[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Number of processors: 8[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Page size: 0x1000[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 Boot type: Normal boot[/FONT]

[FONT=Lucida Console]22:50:17.0614 6720 ============================================================[/FONT]

[FONT=Lucida Console]22:50:18.0576 6720 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040[/FONT]

[FONT=Lucida Console]22:50:18.0582 6720 ============================================================[/FONT]

[FONT=Lucida Console]22:50:18.0582 6720 \Device\Harddisk0\DR0:[/FONT]

[FONT=Lucida Console]22:50:18.0582 6720 GPT partitions:[/FONT]

[FONT=Lucida Console]22:50:18.0583 6720 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F7372559-A11B-4B6D-BCF0-011EBA51E858}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000[/FONT]

[FONT=Lucida Console]22:50:18.0583 6720 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A6F3D588-5B83-4678-BC79-F16798D27D72}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000[/FONT]

[FONT=Lucida Console]22:50:18.0583 6720 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5E4DCEFD-565C-451B-B297-1A190ECE4BCF}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x74694000[/FONT]

[FONT=Lucida Console]22:50:18.0583 6720 MBR partitions:[/FONT]

[FONT=Lucida Console]22:50:18.0583 6720 ============================================================[/FONT]

[FONT=Lucida Console]22:50:18.0603 6720 C: <-> \Device\Harddisk0\DR0\Partition3[/FONT]

[FONT=Lucida Console]22:50:18.0603 6720 ============================================================[/FONT]

[FONT=Lucida Console]22:50:18.0603 6720 Initialize success[/FONT]

[FONT=Lucida Console]22:50:18.0603 6720 ============================================================[/FONT]

[FONT=Lucida Console]22:50:19.0765 6476 ============================================================[/FONT]

[FONT=Lucida Console]22:50:19.0765 6476 Scan started[/FONT]

[FONT=Lucida Console]22:50:19.0765 6476 Mode: Manual; [/FONT]

[FONT=Lucida Console]22:50:19.0765 6476 ============================================================[/FONT]

[FONT=Lucida Console]22:50:21.0879 6476 ================ Scan system memory ========================[/FONT]

[FONT=Lucida Console]22:50:21.0879 6476 System memory - ok[/FONT]

[FONT=Lucida Console]22:50:21.0879 6476 ================ Scan services =============================[/FONT]

[FONT=Lucida Console]22:50:21.0958 6476 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys[/FONT]

[FONT=Lucida Console]22:50:21.0960 6476 1394ohci - ok[/FONT]

[FONT=Lucida Console]22:50:21.0970 6476 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys[/FONT]

[FONT=Lucida Console]22:50:21.0974 6476 ACPI - ok[/FONT]

[FONT=Lucida Console]22:50:21.0983 6476 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys[/FONT]

[FONT=Lucida Console]22:50:21.0983 6476 AcpiPmi - ok[/FONT]

[FONT=Lucida Console]22:50:22.0096 6476 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[/FONT]

[FONT=Lucida Console]22:50:22.0096 6476 AdobeARMservice - ok[/FONT]

[FONT=Lucida Console]22:50:22.0178 6476 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[/FONT]

[FONT=Lucida Console]22:50:22.0180 6476 AdobeFlashPlayerUpdateSvc - ok[/FONT]

[FONT=Lucida Console]22:50:22.0206 6476 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys[/FONT]

[FONT=Lucida Console]22:50:22.0214 6476 adp94xx - ok[/FONT]

[FONT=Lucida Console]22:50:22.0219 6476 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys[/FONT]

[FONT=Lucida Console]22:50:22.0220 6476 adpahci - ok[/FONT]

[FONT=Lucida Console]22:50:22.0224 6476 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys[/FONT]

[FONT=Lucida Console]22:50:22.0225 6476 adpu320 - ok[/FONT]

[FONT=Lucida Console]22:50:22.0240 6476 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll[/FONT]

[FONT=Lucida Console]22:50:22.0241 6476 AeLookupSvc - ok[/FONT]

[FONT=Lucida Console]22:50:22.0288 6476 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys[/FONT]

[FONT=Lucida Console]22:50:22.0293 6476 AFD - ok[/FONT]

[FONT=Lucida Console]22:50:22.0299 6476 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys[/FONT]

[FONT=Lucida Console]22:50:22.0300 6476 agp440 - ok[/FONT]

[FONT=Lucida Console]22:50:22.0315 6476 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe[/FONT]

[FONT=Lucida Console]22:50:22.0316 6476 ALG - ok[/FONT]

[FONT=Lucida Console]22:50:22.0326 6476 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys[/FONT]

[FONT=Lucida Console]22:50:22.0328 6476 aliide - ok[/FONT]

[FONT=Lucida Console]22:50:22.0338 6476 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys[/FONT]

[FONT=Lucida Console]22:50:22.0339 6476 amdide - ok[/FONT]

[FONT=Lucida Console]22:50:22.0350 6476 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys[/FONT]

[FONT=Lucida Console]22:50:22.0351 6476 AmdK8 - ok[/FONT]

[FONT=Lucida Console]22:50:22.0354 6476 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys[/FONT]

[FONT=Lucida Console]22:50:22.0354 6476 AmdPPM - ok[/FONT]

[FONT=Lucida Console]22:50:22.0391 6476 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys[/FONT]

[FONT=Lucida Console]22:50:22.0393 6476 amdsata - ok[/FONT]

[FONT=Lucida Console]22:50:22.0398 6476 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys[/FONT]

[FONT=Lucida Console]22:50:22.0400 6476 amdsbs - ok[/FONT]

[FONT=Lucida Console]22:50:22.0420 6476 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys[/FONT]

[FONT=Lucida Console]22:50:22.0421 6476 amdxata - ok[/FONT]

[FONT=Lucida Console]22:50:22.0433 6476 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys[/FONT]

[FONT=Lucida Console]22:50:22.0434 6476 AppID - ok[/FONT]

[FONT=Lucida Console]22:50:22.0458 6476 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll[/FONT]

[FONT=Lucida Console]22:50:22.0458 6476 AppIDSvc - ok[/FONT]

[FONT=Lucida Console]22:50:22.0468 6476 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll[/FONT]

[FONT=Lucida Console]22:50:22.0468 6476 Appinfo - ok[/FONT]

[FONT=Lucida Console]22:50:22.0518 6476 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[/FONT]

[FONT=Lucida Console]22:50:22.0518 6476 Apple Mobile Device - ok[/FONT]

[FONT=Lucida Console]22:50:22.0529 6476 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys[/FONT]

[FONT=Lucida Console]22:50:22.0530 6476 arc - ok[/FONT]

[FONT=Lucida Console]22:50:22.0534 6476 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys[/FONT]

[FONT=Lucida Console]22:50:22.0534 6476 arcsas - ok[/FONT]

[FONT=Lucida Console]22:50:22.0550 6476 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys[/FONT]

[FONT=Lucida Console]22:50:22.0550 6476 AsyncMac - ok[/FONT]

[FONT=Lucida Console]22:50:22.0558 6476 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys[/FONT]

[FONT=Lucida Console]22:50:22.0558 6476 atapi - ok[/FONT]

[FONT=Lucida Console]22:50:22.0580 6476 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys[/FONT]

[FONT=Lucida Console]22:50:22.0581 6476 AthBTPort - ok[/FONT]

[FONT=Lucida Console]22:50:22.0611 6476 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys[/FONT]

[FONT=Lucida Console]22:50:22.0611 6476 ATHDFU - ok[/FONT]

[FONT=Lucida Console]22:50:22.0640 6476 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe[/FONT]

[FONT=Lucida Console]22:50:22.0641 6476 AtherosSvc - ok[/FONT]

[FONT=Lucida Console]22:50:22.0664 6476 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll[/FONT]

[FONT=Lucida Console]22:50:22.0671 6476 AudioEndpointBuilder - ok[/FONT]

[FONT=Lucida Console]22:50:22.0680 6476 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll[/FONT]

[FONT=Lucida Console]22:50:22.0685 6476 AudioSrv - ok[/FONT]

[FONT=Lucida Console]22:50:22.0713 6476 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll[/FONT]

[FONT=Lucida Console]22:50:22.0715 6476 AxInstSV - ok[/FONT]

[FONT=Lucida Console]22:50:22.0736 6476 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys[/FONT]

[FONT=Lucida Console]22:50:22.0743 6476 b06bdrv - ok[/FONT]

[FONT=Lucida Console]22:50:22.0760 6476 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys[/FONT]

[FONT=Lucida Console]22:50:22.0764 6476 b57nd60a - ok[/FONT]

[FONT=Lucida Console]22:50:22.0795 6476 [ 7ED4E1D2E124AD4E6A287CF49DBC9BBA ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe[/FONT]

[FONT=Lucida Console]22:50:22.0798 6476 BCUService - ok[/FONT]

[FONT=Lucida Console]22:50:22.0811 6476 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll[/FONT]

[FONT=Lucida Console]22:50:22.0814 6476 BDESVC - ok[/FONT]

[FONT=Lucida Console]22:50:22.0821 6476 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys[/FONT]

[FONT=Lucida Console]22:50:22.0823 6476 Beep - ok[/FONT]

[FONT=Lucida Console]22:50:22.0860 6476 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll[/FONT]

[FONT=Lucida Console]22:50:22.0868 6476 BFE - ok[/FONT]

[FONT=Lucida Console]22:50:22.0909 6476 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[/FONT]

[FONT=Lucida Console]22:50:22.0910 6476 BingDesktopUpdate - ok[/FONT]

[FONT=Lucida Console]22:50:22.0941 6476 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll[/FONT]

[FONT=Lucida Console]22:50:22.0951 6476 BITS - ok[/FONT]

[FONT=Lucida Console]22:50:22.0971 6476 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys[/FONT]

[FONT=Lucida Console]22:50:22.0973 6476 blbdrive - ok[/FONT]

[FONT=Lucida Console]22:50:23.0031 6476 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe[/FONT]

[FONT=Lucida Console]22:50:23.0035 6476 Bonjour Service - ok[/FONT]

[FONT=Lucida Console]22:50:23.0053 6476 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys[/FONT]

[FONT=Lucida Console]22:50:23.0054 6476 bowser - ok[/FONT]

[FONT=Lucida Console]22:50:23.0056 6476 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys[/FONT]

[FONT=Lucida Console]22:50:23.0058 6476 BrFiltLo - ok[/FONT]

[FONT=Lucida Console]22:50:23.0061 6476 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys[/FONT]

[FONT=Lucida Console]22:50:23.0061 6476 BrFiltUp - ok[/FONT]

[FONT=Lucida Console]22:50:23.0084 6476 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll[/FONT]

[FONT=Lucida Console]22:50:23.0085 6476 Browser - ok[/FONT]

[FONT=Lucida Console]22:50:23.0100 6476 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys[/FONT]

[FONT=Lucida Console]22:50:23.0104 6476 Brserid - ok[/FONT]

[FONT=Lucida Console]22:50:23.0134 6476 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys[/FONT]

[FONT=Lucida Console]22:50:23.0135 6476 BrSerWdm - ok[/FONT]

[FONT=Lucida Console]22:50:23.0139 6476 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys[/FONT]

[FONT=Lucida Console]22:50:23.0139 6476 BrUsbMdm - ok[/FONT]

[FONT=Lucida Console]22:50:23.0143 6476 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys[/FONT]

[FONT=Lucida Console]22:50:23.0144 6476 BrUsbSer - ok[/FONT]

[FONT=Lucida Console]22:50:23.0173 6476 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys[/FONT]

[FONT=Lucida Console]22:50:23.0175 6476 BTATH_A2DP - ok[/FONT]

[FONT=Lucida Console]22:50:23.0200 6476 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys[/FONT]

[FONT=Lucida Console]22:50:23.0200 6476 BTATH_BUS - ok[/FONT]

[FONT=Lucida Console]22:50:23.0213 6476 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys[/FONT]

[FONT=Lucida Console]22:50:23.0215 6476 BTATH_HCRP - ok[/FONT]

[FONT=Lucida Console]22:50:23.0236 6476 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys[/FONT]

[FONT=Lucida Console]22:50:23.0238 6476 BTATH_LWFLT - ok[/FONT]

[FONT=Lucida Console]22:50:23.0250 6476 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys[/FONT]

[FONT=Lucida Console]22:50:23.0251 6476 BTATH_RCP - ok[/FONT]

[FONT=Lucida Console]22:50:23.0269 6476 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys[/FONT]

[FONT=Lucida Console]22:50:23.0271 6476 BtFilter - ok[/FONT]

[FONT=Lucida Console]22:50:23.0308 6476 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys[/FONT]

[FONT=Lucida Console]22:50:23.0308 6476 BthEnum - ok[/FONT]

[FONT=Lucida Console]22:50:23.0311 6476 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys[/FONT]

[FONT=Lucida Console]22:50:23.0313 6476 BTHMODEM - ok[/FONT]

[FONT=Lucida Console]22:50:23.0333 6476 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys[/FONT]

[FONT=Lucida Console]22:50:23.0334 6476 BthPan - ok[/FONT]

[FONT=Lucida Console]22:50:23.0355 6476 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys[/FONT]

[FONT=Lucida Console]22:50:23.0361 6476 BTHPORT - ok[/FONT]

[FONT=Lucida Console]22:50:23.0379 6476 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll[/FONT]

[FONT=Lucida Console]22:50:23.0380 6476 bthserv - ok[/FONT]

[FONT=Lucida Console]22:50:23.0384 6476 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys[/FONT]

[FONT=Lucida Console]22:50:23.0385 6476 BTHUSB - ok[/FONT]

[FONT=Lucida Console]22:50:23.0396 6476 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys[/FONT]

[FONT=Lucida Console]22:50:23.0398 6476 cdfs - ok[/FONT]

[FONT=Lucida Console]22:50:23.0415 6476 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys[/FONT]

[FONT=Lucida Console]22:50:23.0416 6476 cdrom - ok[/FONT]

[FONT=Lucida Console]22:50:23.0420 6476 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll[/FONT]

[FONT=Lucida Console]22:50:23.0423 6476 CertPropSvc - ok[/FONT]

[FONT=Lucida Console]22:50:23.0430 6476 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys[/FONT]

[FONT=Lucida Console]22:50:23.0431 6476 circlass - ok[/FONT]

[FONT=Lucida Console]22:50:23.0446 6476 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys[/FONT]

[FONT=Lucida Console]22:50:23.0450 6476 CLFS - ok[/FONT]

[FONT=Lucida Console]22:50:23.0491 6476 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe[/FONT]

[FONT=Lucida Console]22:50:23.0491 6476 clr_optimization_v2.0.50727_32 - ok[/FONT]

[FONT=Lucida Console]22:50:23.0529 6476 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe[/FONT]

[FONT=Lucida Console]22:50:23.0530 6476 clr_optimization_v2.0.50727_64 - ok[/FONT]

[FONT=Lucida Console]22:50:23.0594 6476 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[/FONT]

[FONT=Lucida Console]22:50:23.0595 6476 clr_optimization_v4.0.30319_32 - ok[/FONT]

[FONT=Lucida Console]22:50:23.0621 6476 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe[/FONT]

[FONT=Lucida Console]22:50:23.0623 6476 clr_optimization_v4.0.30319_64 - ok[/FONT]

[FONT=Lucida Console]22:50:23.0639 6476 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys[/FONT]

[FONT=Lucida Console]22:50:23.0640 6476 CmBatt - ok[/FONT]

[FONT=Lucida Console]22:50:23.0651 6476 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys[/FONT]

[FONT=Lucida Console]22:50:23.0653 6476 cmdide - ok[/FONT]

[FONT=Lucida Console]22:50:23.0696 6476 [ 2DECC0F887375AC45948B681EDCC8E3A ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys[/FONT]

[FONT=Lucida Console]22:50:23.0706 6476 cmudaxp - ok[/FONT]

[FONT=Lucida Console]22:50:23.0730 6476 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys[/FONT]

[FONT=Lucida Console]22:50:23.0735 6476 CNG - ok[/FONT]

[FONT=Lucida Console]22:50:23.0745 6476 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys[/FONT]

[FONT=Lucida Console]22:50:23.0745 6476 Compbatt - ok[/FONT]

[FONT=Lucida Console]22:50:23.0759 6476 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys[/FONT]

[FONT=Lucida Console]22:50:23.0759 6476 CompositeBus - ok[/FONT]

[FONT=Lucida Console]22:50:23.0763 6476 COMSysApp - ok[/FONT]

[FONT=Lucida Console]22:50:23.0774 6476 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys[/FONT]

[FONT=Lucida Console]22:50:23.0774 6476 crcdisk - ok[/FONT]

[FONT=Lucida Console]22:50:23.0798 6476 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll[/FONT]

[FONT=Lucida Console]22:50:23.0800 6476 CryptSvc - ok[/FONT]

[FONT=Lucida Console]22:50:23.0825 6476 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll[/FONT]

[FONT=Lucida Console]22:50:23.0831 6476 DcomLaunch - ok[/FONT]

[FONT=Lucida Console]22:50:23.0849 6476 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll[/FONT]

[FONT=Lucida Console]22:50:23.0851 6476 defragsvc - ok[/FONT]

[FONT=Lucida Console]22:50:23.0866 6476 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys[/FONT]

[FONT=Lucida Console]22:50:23.0868 6476 DfsC - ok[/FONT]

[FONT=Lucida Console]22:50:23.0886 6476 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll[/FONT]

[FONT=Lucida Console]22:50:23.0890 6476 Dhcp - ok[/FONT]

[FONT=Lucida Console]22:50:23.0900 6476 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys[/FONT]

[FONT=Lucida Console]22:50:23.0901 6476 discache - ok[/FONT]

[FONT=Lucida Console]22:50:23.0914 6476 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys[/FONT]

[FONT=Lucida Console]22:50:23.0915 6476 Disk - ok[/FONT]

[FONT=Lucida Console]22:50:23.0933 6476 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll[/FONT]

[FONT=Lucida Console]22:50:23.0935 6476 Dnscache - ok[/FONT]

[FONT=Lucida Console]22:50:23.0949 6476 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll[/FONT]

[FONT=Lucida Console]22:50:23.0953 6476 dot3svc - ok[/FONT]

[FONT=Lucida Console]22:50:23.0970 6476 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll[/FONT]

[FONT=Lucida Console]22:50:23.0973 6476 DPS - ok[/FONT]

[FONT=Lucida Console]22:50:23.0999 6476 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys[/FONT]

[FONT=Lucida Console]22:50:24.0000 6476 drmkaud - ok[/FONT]

[FONT=Lucida Console]22:50:24.0031 6476 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys[/FONT]

[FONT=Lucida Console]22:50:24.0039 6476 DXGKrnl - ok[/FONT]

[FONT=Lucida Console]22:50:24.0061 6476 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll[/FONT]

[FONT=Lucida Console]22:50:24.0063 6476 EapHost - ok[/FONT]

[FONT=Lucida Console]22:50:24.0126 6476 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys[/FONT]

[FONT=Lucida Console]22:50:24.0178 6476 ebdrv - ok[/FONT]

[FONT=Lucida Console]22:50:24.0205 6476 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe[/FONT]

[FONT=Lucida Console]22:50:24.0206 6476 EFS - ok[/FONT]

[FONT=Lucida Console]22:50:24.0239 6476 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe[/FONT]

[FONT=Lucida Console]22:50:24.0244 6476 ehRecvr - ok[/FONT]

[FONT=Lucida Console]22:50:24.0255 6476 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe[/FONT]

[FONT=Lucida Console]22:50:24.0256 6476 ehSched - ok[/FONT]

[FONT=Lucida Console]22:50:24.0275 6476 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys[/FONT]

[FONT=Lucida Console]22:50:24.0281 6476 elxstor - ok[/FONT]

[FONT=Lucida Console]22:50:24.0296 6476 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys[/FONT]

[FONT=Lucida Console]22:50:24.0298 6476 ErrDev - ok[/FONT]

[FONT=Lucida Console]22:50:24.0314 6476 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll[/FONT]

[FONT=Lucida Console]22:50:24.0318 6476 EventSystem - ok[/FONT]

[FONT=Lucida Console]22:50:24.0320 6476 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys[/FONT]

[FONT=Lucida Console]22:50:24.0321 6476 exfat - ok[/FONT]

[FONT=Lucida Console]22:50:24.0336 6476 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys[/FONT]

[FONT=Lucida Console]22:50:24.0339 6476 fastfat - ok[/FONT]

[FONT=Lucida Console]22:50:24.0373 6476 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe[/FONT]

[FONT=Lucida Console]22:50:24.0380 6476 Fax - ok[/FONT]

[FONT=Lucida Console]22:50:24.0384 6476 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys[/FONT]

[FONT=Lucida Console]22:50:24.0385 6476 fdc - ok[/FONT]

[FONT=Lucida Console]22:50:24.0409 6476 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll[/FONT]

[FONT=Lucida Console]22:50:24.0410 6476 fdPHost - ok[/FONT]

[FONT=Lucida Console]22:50:24.0424 6476 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll[/FONT]

[FONT=Lucida Console]22:50:24.0425 6476 FDResPub - ok[/FONT]

[FONT=Lucida Console]22:50:24.0429 6476 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys[/FONT]

[FONT=Lucida Console]22:50:24.0430 6476 FileInfo - ok[/FONT]

[FONT=Lucida Console]22:50:24.0438 6476 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys[/FONT]

[FONT=Lucida Console]22:50:24.0439 6476 Filetrace - ok[/FONT]

[FONT=Lucida Console]22:50:24.0443 6476 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys[/FONT]

[FONT=Lucida Console]22:50:24.0444 6476 flpydisk - ok[/FONT]

[FONT=Lucida Console]22:50:24.0459 6476 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys[/FONT]

[FONT=Lucida Console]22:50:24.0461 6476 FltMgr - ok[/FONT]

[FONT=Lucida Console]22:50:24.0488 6476 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll[/FONT]

[FONT=Lucida Console]22:50:24.0514 6476 FontCache - ok[/FONT]

[FONT=Lucida Console]22:50:24.0553 6476 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[/FONT]

[FONT=Lucida Console]22:50:24.0554 6476 FontCache3.0.0.0 - ok[/FONT]

[FONT=Lucida Console]22:50:24.0568 6476 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys[/FONT]

[FONT=Lucida Console]22:50:24.0569 6476 FsDepends - ok[/FONT]

[FONT=Lucida Console]22:50:24.0589 6476 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys[/FONT]

[FONT=Lucida Console]22:50:24.0590 6476 Fs_Rec - ok[/FONT]

[FONT=Lucida Console]22:50:24.0595 6476 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys[/FONT]

[FONT=Lucida Console]22:50:24.0598 6476 fvevol - ok[/FONT]

[FONT=Lucida Console]22:50:24.0616 6476 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys[/FONT]

[FONT=Lucida Console]22:50:24.0618 6476 gagp30kx - ok[/FONT]

[FONT=Lucida Console]22:50:24.0655 6476 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys[/FONT]

[FONT=Lucida Console]22:50:24.0656 6476 GEARAspiWDM - ok[/FONT]

[FONT=Lucida Console]22:50:24.0676 6476 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll[/FONT]

[FONT=Lucida Console]22:50:24.0685 6476 gpsvc - ok[/FONT]

[FONT=Lucida Console]22:50:24.0698 6476 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys[/FONT]

[FONT=Lucida Console]22:50:24.0699 6476 hcw85cir - ok[/FONT]

[FONT=Lucida Console]22:50:24.0729 6476 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys[/FONT]

[FONT=Lucida Console]22:50:24.0734 6476 HdAudAddService - ok[/FONT]

[FONT=Lucida Console]22:50:24.0738 6476 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys[/FONT]

[FONT=Lucida Console]22:50:24.0739 6476 HDAudBus - ok[/FONT]

[FONT=Lucida Console]22:50:24.0758 6476 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys[/FONT]

[FONT=Lucida Console]22:50:24.0759 6476 HidBatt - ok[/FONT]

[FONT=Lucida Console]22:50:24.0763 6476 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys[/FONT]

[FONT=Lucida Console]22:50:24.0764 6476 HidBth - ok[/FONT]

[FONT=Lucida Console]22:50:24.0769 6476 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys[/FONT]

[FONT=Lucida Console]22:50:24.0770 6476 HidIr - ok[/FONT]

[FONT=Lucida Console]22:50:24.0784 6476 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll[/FONT]

[FONT=Lucida Console]22:50:24.0785 6476 hidserv - ok[/FONT]

[FONT=Lucida Console]22:50:24.0803 6476 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys[/FONT]

[FONT=Lucida Console]22:50:24.0804 6476 HidUsb - ok[/FONT]

[FONT=Lucida Console]22:50:24.0814 6476 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll[/FONT]

[FONT=Lucida Console]22:50:24.0816 6476 hkmsvc - ok[/FONT]

[FONT=Lucida Console]22:50:24.0833 6476 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll[/FONT]

[FONT=Lucida Console]22:50:24.0835 6476 HomeGroupListener - ok[/FONT]

[FONT=Lucida Console]22:50:24.0853 6476 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll[/FONT]

[FONT=Lucida Console]22:50:24.0856 6476 HomeGroupProvider - ok[/FONT]

[FONT=Lucida Console]22:50:24.0869 6476 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys[/FONT]

[FONT=Lucida Console]22:50:24.0870 6476 HpSAMD - ok[/FONT]

[FONT=Lucida Console]22:50:24.0885 6476 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys[/FONT]

[FONT=Lucida Console]22:50:24.0890 6476 HTTP - ok[/FONT]

[FONT=Lucida Console]22:50:24.0895 6476 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys[/FONT]

[FONT=Lucida Console]22:50:24.0896 6476 hwpolicy - ok[/FONT]

[FONT=Lucida Console]22:50:24.0913 6476 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys[/FONT]

[FONT=Lucida Console]22:50:24.0914 6476 i8042prt - ok[/FONT]

[FONT=Lucida Console]22:50:24.0959 6476 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys[/FONT]

[FONT=Lucida Console]22:50:24.0964 6476 iaStorV - ok[/FONT]

[FONT=Lucida Console]22:50:24.0998 6476 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[/FONT]

[FONT=Lucida Console]22:50:25.0008 6476 idsvc - ok[/FONT]

[FONT=Lucida Console]22:50:25.0023 6476 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys[/FONT]

[FONT=Lucida Console]22:50:25.0024 6476 iirsp - ok[/FONT]

[FONT=Lucida Console]22:50:25.0048 6476 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll[/FONT]

[FONT=Lucida Console]22:50:25.0058 6476 IKEEXT - ok[/FONT]

[FONT=Lucida Console]22:50:25.0111 6476 [ DAB7318CCFA8081200D5B7B486793F74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys[/FONT]

[FONT=Lucida Console]22:50:25.0129 6476 IntcAzAudAddService - ok[/FONT]

[FONT=Lucida Console]22:50:25.0151 6476 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys[/FONT]

[FONT=Lucida Console]22:50:25.0151 6476 intelide - ok[/FONT]

[FONT=Lucida Console]22:50:25.0159 6476 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys[/FONT]

[FONT=Lucida Console]22:50:25.0159 6476 intelppm - ok[/FONT]

[FONT=Lucida Console]22:50:25.0168 6476 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll[/FONT]

[FONT=Lucida Console]22:50:25.0170 6476 IPBusEnum - ok[/FONT]

[FONT=Lucida Console]22:50:25.0180 6476 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys[/FONT]

[FONT=Lucida Console]22:50:25.0183 6476 IpFilterDriver - ok[/FONT]

[FONT=Lucida Console]22:50:25.0223 6476 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll[/FONT]

[FONT=Lucida Console]22:50:25.0240 6476 iphlpsvc - ok[/FONT]

[FONT=Lucida Console]22:50:25.0256 6476 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys[/FONT]

[FONT=Lucida Console]22:50:25.0265 6476 IPMIDRV - ok[/FONT]

[FONT=Lucida Console]22:50:25.0278 6476 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys[/FONT]

[FONT=Lucida Console]22:50:25.0279 6476 IPNAT - ok[/FONT]

[FONT=Lucida Console]22:50:25.0341 6476 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe[/FONT]

[FONT=Lucida Console]22:50:25.0349 6476 iPod Service - ok[/FONT]

[FONT=Lucida Console]22:50:25.0363 6476 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys[/FONT]

[FONT=Lucida Console]22:50:25.0363 6476 IRENUM - ok[/FONT]

[FONT=Lucida Console]22:50:25.0374 6476 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys[/FONT]

[FONT=Lucida Console]22:50:25.0375 6476 isapnp - ok[/FONT]

[FONT=Lucida Console]22:50:25.0399 6476 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys[/FONT]

[FONT=Lucida Console]22:50:25.0403 6476 iScsiPrt - ok[/FONT]

[FONT=Lucida Console]22:50:25.0416 6476 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys[/FONT]

[FONT=Lucida Console]22:50:25.0418 6476 kbdclass - ok[/FONT]

[FONT=Lucida Console]22:50:25.0424 6476 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys[/FONT]

[FONT=Lucida Console]22:50:25.0425 6476 kbdhid - ok[/FONT]

[FONT=Lucida Console]22:50:25.0438 6476 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe[/FONT]

[FONT=Lucida Console]22:50:25.0439 6476 KeyIso - ok[/FONT]

[FONT=Lucida Console]22:50:25.0456 6476 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys[/FONT]

[FONT=Lucida Console]22:50:25.0459 6476 KSecDD - ok[/FONT]

 

[MO9999]

Part II


[FONT=Lucida Console]22:50:25.0474 6476 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys[/FONT]

[FONT=Lucida Console]22:50:25.0475 6476 KSecPkg - ok[/FONT]

[FONT=Lucida Console]22:50:25.0485 6476 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys[/FONT]

[FONT=Lucida Console]22:50:25.0486 6476 ksthunk - ok[/FONT]

[FONT=Lucida Console]22:50:25.0500 6476 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll[/FONT]

[FONT=Lucida Console]22:50:25.0505 6476 KtmRm - ok[/FONT]

[FONT=Lucida Console]22:50:25.0539 6476 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll[/FONT]

[FONT=Lucida Console]22:50:25.0543 6476 LanmanServer - ok[/FONT]

[FONT=Lucida Console]22:50:25.0551 6476 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll[/FONT]

[FONT=Lucida Console]22:50:25.0556 6476 LanmanWorkstation - ok[/FONT]

[FONT=Lucida Console]22:50:25.0618 6476 [ 7447F069CE66633DAFA0B2DEEE7AF5BA ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe[/FONT]

[FONT=Lucida Console]22:50:25.0620 6476 LBTServ - ok[/FONT]

[FONT=Lucida Console]22:50:25.0663 6476 [ 8817ABA3A9180F6C4B8938842925B1E1 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys[/FONT]

[FONT=Lucida Console]22:50:25.0663 6476 LEqdUsb - ok[/FONT]

[FONT=Lucida Console]22:50:25.0671 6476 [ 8BCB069C2B6DA65B5F6F561293EE447C ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys[/FONT]

[FONT=Lucida Console]22:50:25.0671 6476 LHidEqd - ok[/FONT]

[FONT=Lucida Console]22:50:25.0681 6476 [ 0A7D6ED578D85F0C35353424EE3F5245 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys[/FONT]

[FONT=Lucida Console]22:50:25.0683 6476 LHidFilt - ok[/FONT]

[FONT=Lucida Console]22:50:25.0686 6476 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys[/FONT]

[FONT=Lucida Console]22:50:25.0686 6476 lltdio - ok[/FONT]

[FONT=Lucida Console]22:50:25.0700 6476 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll[/FONT]

[FONT=Lucida Console]22:50:25.0705 6476 lltdsvc - ok[/FONT]

[FONT=Lucida Console]22:50:25.0715 6476 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll[/FONT]

[FONT=Lucida Console]22:50:25.0716 6476 lmhosts - ok[/FONT]

[FONT=Lucida Console]22:50:25.0723 6476 [ 6542E2E6DB58118FBB1B82A68CE3AFF9 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys[/FONT]

[FONT=Lucida Console]22:50:25.0724 6476 LMouFilt - ok[/FONT]

[FONT=Lucida Console]22:50:25.0735 6476 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys[/FONT]

[FONT=Lucida Console]22:50:25.0738 6476 LSI_FC - ok[/FONT]

[FONT=Lucida Console]22:50:25.0741 6476 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys[/FONT]

[FONT=Lucida Console]22:50:25.0743 6476 LSI_SAS - ok[/FONT]

[FONT=Lucida Console]22:50:25.0754 6476 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys[/FONT]

[FONT=Lucida Console]22:50:25.0756 6476 LSI_SAS2 - ok[/FONT]

[FONT=Lucida Console]22:50:25.0765 6476 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys[/FONT]

[FONT=Lucida Console]22:50:25.0768 6476 LSI_SCSI - ok[/FONT]

[FONT=Lucida Console]22:50:25.0774 6476 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys[/FONT]

[FONT=Lucida Console]22:50:25.0775 6476 luafv - ok[/FONT]

[FONT=Lucida Console]22:50:25.0800 6476 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys[/FONT]

[FONT=Lucida Console]22:50:25.0800 6476 MBAMProtector - ok[/FONT]

[FONT=Lucida Console]22:50:25.0835 6476 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[/FONT]

[FONT=Lucida Console]22:50:25.0839 6476 MBAMScheduler - ok[/FONT]

[FONT=Lucida Console]22:50:25.0868 6476 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[/FONT]

[FONT=Lucida Console]22:50:25.0873 6476 MBAMService - ok[/FONT]

[FONT=Lucida Console]22:50:25.0893 6476 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll[/FONT]

[FONT=Lucida Console]22:50:25.0895 6476 Mcx2Svc - ok[/FONT]

[FONT=Lucida Console]22:50:25.0904 6476 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys[/FONT]

[FONT=Lucida Console]22:50:25.0905 6476 megasas - ok[/FONT]

[FONT=Lucida Console]22:50:25.0919 6476 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys[/FONT]

[FONT=Lucida Console]22:50:25.0923 6476 MegaSR - ok[/FONT]

[FONT=Lucida Console]22:50:25.0948 6476 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys[/FONT]

[FONT=Lucida Console]22:50:25.0949 6476 MEIx64 - ok[/FONT]

[FONT=Lucida Console]22:50:25.0960 6476 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll[/FONT]

[FONT=Lucida Console]22:50:25.0963 6476 MMCSS - ok[/FONT]

[FONT=Lucida Console]22:50:25.0975 6476 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys[/FONT]

[FONT=Lucida Console]22:50:25.0976 6476 Modem - ok[/FONT]

[FONT=Lucida Console]22:50:25.0998 6476 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys[/FONT]

[FONT=Lucida Console]22:50:25.0998 6476 monitor - ok[/FONT]

[FONT=Lucida Console]22:50:26.0001 6476 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys[/FONT]

[FONT=Lucida Console]22:50:26.0003 6476 mouclass - ok[/FONT]

[FONT=Lucida Console]22:50:26.0018 6476 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys[/FONT]

[FONT=Lucida Console]22:50:26.0019 6476 mouhid - ok[/FONT]

[FONT=Lucida Console]22:50:26.0023 6476 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys[/FONT]

[FONT=Lucida Console]22:50:26.0024 6476 mountmgr - ok[/FONT]

[FONT=Lucida Console]22:50:26.0049 6476 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys[/FONT]

[FONT=Lucida Console]22:50:26.0051 6476 MpFilter - ok[/FONT]

[FONT=Lucida Console]22:50:26.0056 6476 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys[/FONT]

[FONT=Lucida Console]22:50:26.0058 6476 mpio - ok[/FONT]

[FONT=Lucida Console]22:50:26.0061 6476 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys[/FONT]

[FONT=Lucida Console]22:50:26.0063 6476 mpsdrv - ok[/FONT]

[FONT=Lucida Console]22:50:26.0083 6476 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll[/FONT]

[FONT=Lucida Console]22:50:26.0093 6476 MpsSvc - ok[/FONT]

[FONT=Lucida Console]22:50:26.0110 6476 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys[/FONT]

[FONT=Lucida Console]22:50:26.0111 6476 MRxDAV - ok[/FONT]

[FONT=Lucida Console]22:50:26.0130 6476 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys[/FONT]

[FONT=Lucida Console]22:50:26.0131 6476 mrxsmb - ok[/FONT]

[FONT=Lucida Console]22:50:26.0144 6476 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys[/FONT]

[FONT=Lucida Console]22:50:26.0148 6476 mrxsmb10 - ok[/FONT]

[FONT=Lucida Console]22:50:26.0158 6476 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys[/FONT]

[FONT=Lucida Console]22:50:26.0159 6476 mrxsmb20 - ok[/FONT]

[FONT=Lucida Console]22:50:26.0165 6476 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys[/FONT]

[FONT=Lucida Console]22:50:26.0165 6476 msahci - ok[/FONT]

[FONT=Lucida Console]22:50:26.0170 6476 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys[/FONT]

[FONT=Lucida Console]22:50:26.0173 6476 msdsm - ok[/FONT]

[FONT=Lucida Console]22:50:26.0188 6476 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe[/FONT]

[FONT=Lucida Console]22:50:26.0190 6476 MSDTC - ok[/FONT]

[FONT=Lucida Console]22:50:26.0204 6476 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys[/FONT]

[FONT=Lucida Console]22:50:26.0205 6476 Msfs - ok[/FONT]

[FONT=Lucida Console]22:50:26.0218 6476 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys[/FONT]

[FONT=Lucida Console]22:50:26.0219 6476 mshidkmdf - ok[/FONT]

[FONT=Lucida Console]22:50:26.0236 6476 MSICDSetup - ok[/FONT]

[FONT=Lucida Console]22:50:26.0251 6476 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys[/FONT]

[FONT=Lucida Console]22:50:26.0253 6476 msisadrv - ok[/FONT]

[FONT=Lucida Console]22:50:26.0263 6476 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll[/FONT]

[FONT=Lucida Console]22:50:26.0265 6476 MSiSCSI - ok[/FONT]

[FONT=Lucida Console]22:50:26.0269 6476 msiserver - ok[/FONT]

[FONT=Lucida Console]22:50:26.0286 6476 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys[/FONT]

[FONT=Lucida Console]22:50:26.0288 6476 MSKSSRV - ok[/FONT]

[FONT=Lucida Console]22:50:26.0328 6476 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe[/FONT]

[FONT=Lucida Console]22:50:26.0328 6476 MsMpSvc - ok[/FONT]

[FONT=Lucida Console]22:50:26.0346 6476 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys[/FONT]

[FONT=Lucida Console]22:50:26.0348 6476 MSPCLOCK - ok[/FONT]

[FONT=Lucida Console]22:50:26.0358 6476 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys[/FONT]

[FONT=Lucida Console]22:50:26.0359 6476 MSPQM - ok[/FONT]

[FONT=Lucida Console]22:50:26.0365 6476 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys[/FONT]

[FONT=Lucida Console]22:50:26.0370 6476 MsRPC - ok[/FONT]

[FONT=Lucida Console]22:50:26.0389 6476 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys[/FONT]

[FONT=Lucida Console]22:50:26.0390 6476 mssmbios - ok[/FONT]

[FONT=Lucida Console]22:50:26.0400 6476 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys[/FONT]

[FONT=Lucida Console]22:50:26.0400 6476 MSTEE - ok[/FONT]

[FONT=Lucida Console]22:50:26.0413 6476 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys[/FONT]

[FONT=Lucida Console]22:50:26.0414 6476 MTConfig - ok[/FONT]

[FONT=Lucida Console]22:50:26.0426 6476 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys[/FONT]

[FONT=Lucida Console]22:50:26.0428 6476 Mup - ok[/FONT]

[FONT=Lucida Console]22:50:26.0450 6476 [ 34D08C9C64F657D194961E96C47E9C69 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys[/FONT]

[FONT=Lucida Console]22:50:26.0454 6476 mv91xx - ok[/FONT]

[FONT=Lucida Console]22:50:26.0479 6476 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll[/FONT]

[FONT=Lucida Console]22:50:26.0486 6476 napagent - ok[/FONT]

[FONT=Lucida Console]22:50:26.0510 6476 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys[/FONT]

[FONT=Lucida Console]22:50:26.0514 6476 NativeWifiP - ok[/FONT]

[FONT=Lucida Console]22:50:26.0544 6476 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys[/FONT]

[FONT=Lucida Console]22:50:26.0554 6476 NDIS - ok[/FONT]

[FONT=Lucida Console]22:50:26.0576 6476 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys[/FONT]

[FONT=Lucida Console]22:50:26.0578 6476 NdisCap - ok[/FONT]

[FONT=Lucida Console]22:50:26.0596 6476 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys[/FONT]

[FONT=Lucida Console]22:50:26.0596 6476 NdisTapi - ok[/FONT]

[FONT=Lucida Console]22:50:26.0605 6476 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys[/FONT]

[FONT=Lucida Console]22:50:26.0608 6476 Ndisuio - ok[/FONT]

[FONT=Lucida Console]22:50:26.0620 6476 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys[/FONT]

[FONT=Lucida Console]22:50:26.0621 6476 NdisWan - ok[/FONT]

[FONT=Lucida Console]22:50:26.0625 6476 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys[/FONT]

[FONT=Lucida Console]22:50:26.0626 6476 NDProxy - ok[/FONT]

[FONT=Lucida Console]22:50:26.0633 6476 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys[/FONT]

[FONT=Lucida Console]22:50:26.0633 6476 NetBIOS - ok[/FONT]

[FONT=Lucida Console]22:50:26.0639 6476 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys[/FONT]

[FONT=Lucida Console]22:50:26.0641 6476 NetBT - ok[/FONT]

[FONT=Lucida Console]22:50:26.0653 6476 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe[/FONT]

[FONT=Lucida Console]22:50:26.0654 6476 Netlogon - ok[/FONT]

[FONT=Lucida Console]22:50:26.0678 6476 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll[/FONT]

[FONT=Lucida Console]22:50:26.0683 6476 Netman - ok[/FONT]

[FONT=Lucida Console]22:50:26.0690 6476 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll[/FONT]

[FONT=Lucida Console]22:50:26.0696 6476 netprofm - ok[/FONT]

[FONT=Lucida Console]22:50:26.0725 6476 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe[/FONT]

[FONT=Lucida Console]22:50:26.0728 6476 NetTcpPortSharing - ok[/FONT]

[FONT=Lucida Console]22:50:26.0733 6476 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys[/FONT]

[FONT=Lucida Console]22:50:26.0734 6476 nfrd960 - ok[/FONT]

[FONT=Lucida Console]22:50:26.0761 6476 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys[/FONT]

[FONT=Lucida Console]22:50:26.0763 6476 NisDrv - ok[/FONT]

[FONT=Lucida Console]22:50:26.0791 6476 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe[/FONT]

[FONT=Lucida Console]22:50:26.0794 6476 NisSrv - ok[/FONT]

[FONT=Lucida Console]22:50:26.0816 6476 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll[/FONT]

[FONT=Lucida Console]22:50:26.0821 6476 NlaSvc - ok[/FONT]

[FONT=Lucida Console]22:50:26.0831 6476 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys[/FONT]

[FONT=Lucida Console]22:50:26.0833 6476 Npfs - ok[/FONT]

[FONT=Lucida Console]22:50:26.0840 6476 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll[/FONT]

[FONT=Lucida Console]22:50:26.0841 6476 nsi - ok[/FONT]

[FONT=Lucida Console]22:50:26.0854 6476 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys[/FONT]

[FONT=Lucida Console]22:50:26.0854 6476 nsiproxy - ok[/FONT]

[FONT=Lucida Console]22:50:26.0906 6476 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys[/FONT]

[FONT=Lucida Console]22:50:26.0940 6476 Ntfs - ok[/FONT]

[FONT=Lucida Console]22:50:26.0953 6476 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys[/FONT]

[FONT=Lucida Console]22:50:26.0954 6476 Null - ok[/FONT]

[FONT=Lucida Console]22:50:26.0973 6476 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys[/FONT]

[FONT=Lucida Console]22:50:26.0975 6476 nusb3hub - ok[/FONT]

[FONT=Lucida Console]22:50:27.0003 6476 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys[/FONT]

[FONT=Lucida Console]22:50:27.0005 6476 nusb3xhc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0034 6476 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys[/FONT]

[FONT=Lucida Console]22:50:27.0035 6476 NVHDA - ok[/FONT]

[FONT=Lucida Console]22:50:27.0238 6476 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys[/FONT]

[FONT=Lucida Console]22:50:27.0280 6476 nvlddmkm - ok[/FONT]

[FONT=Lucida Console]22:50:27.0295 6476 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys[/FONT]

[FONT=Lucida Console]22:50:27.0296 6476 nvraid - ok[/FONT]

[FONT=Lucida Console]22:50:27.0326 6476 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys[/FONT]

[FONT=Lucida Console]22:50:27.0328 6476 nvstor - ok[/FONT]

[FONT=Lucida Console]22:50:27.0359 6476 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe[/FONT]

[FONT=Lucida Console]22:50:27.0369 6476 nvsvc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0426 6476 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[/FONT]

[FONT=Lucida Console]22:50:27.0436 6476 nvUpdatusService - ok[/FONT]

[FONT=Lucida Console]22:50:27.0448 6476 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys[/FONT]

[FONT=Lucida Console]22:50:27.0450 6476 nv_agp - ok[/FONT]

[FONT=Lucida Console]22:50:27.0459 6476 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys[/FONT]

[FONT=Lucida Console]22:50:27.0459 6476 ohci1394 - ok[/FONT]

[FONT=Lucida Console]22:50:27.0495 6476 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE[/FONT]

[FONT=Lucida Console]22:50:27.0496 6476 ose - ok[/FONT]

[FONT=Lucida Console]22:50:27.0599 6476 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[/FONT]

[FONT=Lucida Console]22:50:27.0616 6476 osppsvc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0635 6476 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll[/FONT]

[FONT=Lucida Console]22:50:27.0638 6476 p2pimsvc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0659 6476 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll[/FONT]

[FONT=Lucida Console]22:50:27.0661 6476 p2psvc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0680 6476 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys[/FONT]

[FONT=Lucida Console]22:50:27.0681 6476 Parport - ok[/FONT]

[FONT=Lucida Console]22:50:27.0693 6476 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys[/FONT]

[FONT=Lucida Console]22:50:27.0694 6476 partmgr - ok[/FONT]

[FONT=Lucida Console]22:50:27.0708 6476 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll[/FONT]

[FONT=Lucida Console]22:50:27.0711 6476 PcaSvc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0720 6476 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys[/FONT]

[FONT=Lucida Console]22:50:27.0723 6476 pci - ok[/FONT]

[FONT=Lucida Console]22:50:27.0734 6476 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys[/FONT]

[FONT=Lucida Console]22:50:27.0735 6476 pciide - ok[/FONT]

[FONT=Lucida Console]22:50:27.0748 6476 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys[/FONT]

[FONT=Lucida Console]22:50:27.0751 6476 pcmcia - ok[/FONT]

[FONT=Lucida Console]22:50:27.0754 6476 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys[/FONT]

[FONT=Lucida Console]22:50:27.0754 6476 pcw - ok[/FONT]

[FONT=Lucida Console]22:50:27.0759 6476 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys[/FONT]

[FONT=Lucida Console]22:50:27.0764 6476 PEAUTH - ok[/FONT]

[FONT=Lucida Console]22:50:27.0805 6476 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe[/FONT]

[FONT=Lucida Console]22:50:27.0806 6476 PerfHost - ok[/FONT]

[FONT=Lucida Console]22:50:27.0841 6476 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll[/FONT]

[FONT=Lucida Console]22:50:27.0863 6476 pla - ok[/FONT]

[FONT=Lucida Console]22:50:27.0900 6476 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll[/FONT]

[FONT=Lucida Console]22:50:27.0906 6476 PlugPlay - ok[/FONT]

[FONT=Lucida Console]22:50:27.0915 6476 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll[/FONT]

[FONT=Lucida Console]22:50:27.0918 6476 PNRPAutoReg - ok[/FONT]

[FONT=Lucida Console]22:50:27.0924 6476 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll[/FONT]

[FONT=Lucida Console]22:50:27.0928 6476 PNRPsvc - ok[/FONT]

[FONT=Lucida Console]22:50:27.0950 6476 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll[/FONT]

[FONT=Lucida Console]22:50:27.0956 6476 PolicyAgent - ok[/FONT]

[FONT=Lucida Console]22:50:27.0981 6476 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll[/FONT]

[FONT=Lucida Console]22:50:27.0984 6476 Power - ok[/FONT]

[FONT=Lucida Console]22:50:27.0999 6476 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys[/FONT]

[FONT=Lucida Console]22:50:28.0001 6476 PptpMiniport - ok[/FONT]

[FONT=Lucida Console]22:50:28.0004 6476 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys[/FONT]

[FONT=Lucida Console]22:50:28.0005 6476 Processor - ok[/FONT]

[FONT=Lucida Console]22:50:28.0029 6476 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll[/FONT]

[FONT=Lucida Console]22:50:28.0031 6476 ProfSvc - ok[/FONT]

[FONT=Lucida Console]22:50:28.0043 6476 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe[/FONT]

[FONT=Lucida Console]22:50:28.0044 6476 ProtectedStorage - ok[/FONT]

[FONT=Lucida Console]22:50:28.0068 6476 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys[/FONT]

[FONT=Lucida Console]22:50:28.0070 6476 Psched - ok[/FONT]

[FONT=Lucida Console]22:50:28.0090 6476 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys[/FONT]

[FONT=Lucida Console]22:50:28.0093 6476 PxHlpa64 - ok[/FONT]

[FONT=Lucida Console]22:50:28.0120 6476 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys[/FONT]

[FONT=Lucida Console]22:50:28.0146 6476 ql2300 - ok[/FONT]

[FONT=Lucida Console]22:50:28.0164 6476 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys[/FONT]

[FONT=Lucida Console]22:50:28.0179 6476 ql40xx - ok[/FONT]

[FONT=Lucida Console]22:50:28.0239 6476 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll[/FONT]

[FONT=Lucida Console]22:50:28.0271 6476 QWAVE - ok[/FONT]

[FONT=Lucida Console]22:50:28.0289 6476 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys[/FONT]

[FONT=Lucida Console]22:50:28.0290 6476 QWAVEdrv - ok[/FONT]

[FONT=Lucida Console]22:50:28.0293 6476 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys[/FONT]

[FONT=Lucida Console]22:50:28.0294 6476 RasAcd - ok[/FONT]

[FONT=Lucida Console]22:50:28.0306 6476 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys[/FONT]

[FONT=Lucida Console]22:50:28.0308 6476 RasAgileVpn - ok[/FONT]

[FONT=Lucida Console]22:50:28.0325 6476 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll[/FONT]

[FONT=Lucida Console]22:50:28.0328 6476 RasAuto - ok[/FONT]

[FONT=Lucida Console]22:50:28.0343 6476 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys[/FONT]

[FONT=Lucida Console]22:50:28.0345 6476 Rasl2tp - ok[/FONT]

[FONT=Lucida Console]22:50:28.0359 6476 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll[/FONT]

[FONT=Lucida Console]22:50:28.0364 6476 RasMan - ok[/FONT]

[FONT=Lucida Console]22:50:28.0369 6476 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys[/FONT]

[FONT=Lucida Console]22:50:28.0370 6476 RasPppoe - ok[/FONT]

[FONT=Lucida Console]22:50:28.0374 6476 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys[/FONT]

[FONT=Lucida Console]22:50:28.0375 6476 RasSstp - ok[/FONT]

[FONT=Lucida Console]22:50:28.0381 6476 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys[/FONT]

[FONT=Lucida Console]22:50:28.0385 6476 rdbss - ok[/FONT]

[FONT=Lucida Console]22:50:28.0391 6476 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys[/FONT]

[FONT=Lucida Console]22:50:28.0393 6476 rdpbus - ok[/FONT]

[FONT=Lucida Console]22:50:28.0406 6476 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys[/FONT]

[FONT=Lucida Console]22:50:28.0406 6476 RDPCDD - ok[/FONT]

[FONT=Lucida Console]22:50:28.0419 6476 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys[/FONT]

[FONT=Lucida Console]22:50:28.0420 6476 RDPENCDD - ok[/FONT]

[FONT=Lucida Console]22:50:28.0438 6476 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys[/FONT]

[FONT=Lucida Console]22:50:28.0439 6476 RDPREFMP - ok[/FONT]

[FONT=Lucida Console]22:50:28.0463 6476 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys[/FONT]

[FONT=Lucida Console]22:50:28.0466 6476 RDPWD - ok[/FONT]

[FONT=Lucida Console]22:50:28.0471 6476 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys[/FONT]

[FONT=Lucida Console]22:50:28.0474 6476 rdyboost - ok[/FONT]

[FONT=Lucida Console]22:50:28.0491 6476 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll[/FONT]

[FONT=Lucida Console]22:50:28.0494 6476 RemoteAccess - ok[/FONT]

[FONT=Lucida Console]22:50:28.0508 6476 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll[/FONT]

[FONT=Lucida Console]22:50:28.0511 6476 RemoteRegistry - ok[/FONT]

[FONT=Lucida Console]22:50:28.0541 6476 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys[/FONT]

[FONT=Lucida Console]22:50:28.0543 6476 RFCOMM - ok[/FONT]

[FONT=Lucida Console]22:50:28.0555 6476 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll[/FONT]

[FONT=Lucida Console]22:50:28.0558 6476 RpcEptMapper - ok[/FONT]

[FONT=Lucida Console]22:50:28.0574 6476 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe[/FONT]

[FONT=Lucida Console]22:50:28.0575 6476 RpcLocator - ok[/FONT]

[FONT=Lucida Console]22:50:28.0595 6476 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll[/FONT]

[FONT=Lucida Console]22:50:28.0600 6476 RpcSs - ok[/FONT]

[FONT=Lucida Console]22:50:28.0604 6476 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys[/FONT]

[FONT=Lucida Console]22:50:28.0605 6476 rspndr - ok[/FONT]

[FONT=Lucida Console]22:50:28.0633 6476 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys[/FONT]

[FONT=Lucida Console]22:50:28.0636 6476 RTL8167 - ok[/FONT]

[FONT=Lucida Console]22:50:28.0643 6476 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe[/FONT]

[FONT=Lucida Console]22:50:28.0644 6476 SamSs - ok[/FONT]

[FONT=Lucida Console]22:50:28.0648 6476 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys[/FONT]

[FONT=Lucida Console]22:50:28.0649 6476 sbp2port - ok[/FONT]

[FONT=Lucida Console]22:50:28.0664 6476 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll[/FONT]

[FONT=Lucida Console]22:50:28.0668 6476 SCardSvr - ok[/FONT]

[FONT=Lucida Console]22:50:28.0676 6476 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys[/FONT]

[FONT=Lucida Console]22:50:28.0676 6476 scfilter - ok[/FONT]

 

[MO9999]

And Part III. Thanks very much!!


[FONT=Lucida Console]22:50:28.0704 6476 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll[/FONT]

[FONT=Lucida Console]22:50:28.0730 6476 Schedule - ok[/FONT]

[FONT=Lucida Console]22:50:28.0746 6476 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll[/FONT]

[FONT=Lucida Console]22:50:28.0748 6476 SCPolicySvc - ok[/FONT]

[FONT=Lucida Console]22:50:28.0763 6476 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll[/FONT]

[FONT=Lucida Console]22:50:28.0766 6476 SDRSVC - ok[/FONT]

[FONT=Lucida Console]22:50:28.0769 6476 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys[/FONT]

[FONT=Lucida Console]22:50:28.0770 6476 secdrv - ok[/FONT]

[FONT=Lucida Console]22:50:28.0780 6476 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll[/FONT]

[FONT=Lucida Console]22:50:28.0783 6476 seclogon - ok[/FONT]

[FONT=Lucida Console]22:50:28.0789 6476 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll[/FONT]

[FONT=Lucida Console]22:50:28.0791 6476 SENS - ok[/FONT]

[FONT=Lucida Console]22:50:28.0805 6476 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll[/FONT]

[FONT=Lucida Console]22:50:28.0808 6476 SensrSvc - ok[/FONT]

[FONT=Lucida Console]22:50:28.0825 6476 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys[/FONT]

[FONT=Lucida Console]22:50:28.0826 6476 Serenum - ok[/FONT]

[FONT=Lucida Console]22:50:28.0830 6476 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys[/FONT]

[FONT=Lucida Console]22:50:28.0831 6476 Serial - ok[/FONT]

[FONT=Lucida Console]22:50:28.0840 6476 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys[/FONT]

[FONT=Lucida Console]22:50:28.0841 6476 sermouse - ok[/FONT]

[FONT=Lucida Console]22:50:28.0856 6476 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll[/FONT]

[FONT=Lucida Console]22:50:28.0859 6476 SessionEnv - ok[/FONT]

[FONT=Lucida Console]22:50:28.0863 6476 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys[/FONT]

[FONT=Lucida Console]22:50:28.0864 6476 sffdisk - ok[/FONT]

[FONT=Lucida Console]22:50:28.0866 6476 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys[/FONT]

[FONT=Lucida Console]22:50:28.0868 6476 sffp_mmc - ok[/FONT]

[FONT=Lucida Console]22:50:28.0870 6476 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys[/FONT]

[FONT=Lucida Console]22:50:28.0871 6476 sffp_sd - ok[/FONT]

[FONT=Lucida Console]22:50:28.0883 6476 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys[/FONT]

[FONT=Lucida Console]22:50:28.0884 6476 sfloppy - ok[/FONT]

[FONT=Lucida Console]22:50:28.0896 6476 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll[/FONT]

[FONT=Lucida Console]22:50:28.0901 6476 SharedAccess - ok[/FONT]

[FONT=Lucida Console]22:50:28.0918 6476 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll[/FONT]

[FONT=Lucida Console]22:50:28.0924 6476 ShellHWDetection - ok[/FONT]

[FONT=Lucida Console]22:50:28.0929 6476 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys[/FONT]

[FONT=Lucida Console]22:50:28.0930 6476 SiSRaid2 - ok[/FONT]

[FONT=Lucida Console]22:50:28.0935 6476 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys[/FONT]

[FONT=Lucida Console]22:50:28.0936 6476 SiSRaid4 - ok[/FONT]

[FONT=Lucida Console]22:50:28.0953 6476 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys[/FONT]

[FONT=Lucida Console]22:50:28.0955 6476 Smb - ok[/FONT]

[FONT=Lucida Console]22:50:28.0969 6476 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe[/FONT]

[FONT=Lucida Console]22:50:28.0971 6476 SNMPTRAP - ok[/FONT]

[FONT=Lucida Console]22:50:28.0978 6476 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys[/FONT]

[FONT=Lucida Console]22:50:28.0979 6476 spldr - ok[/FONT]

[FONT=Lucida Console]22:50:29.0000 6476 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe[/FONT]

[FONT=Lucida Console]22:50:29.0008 6476 Spooler - ok[/FONT]

[FONT=Lucida Console]22:50:29.0071 6476 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe[/FONT]

[FONT=Lucida Console]22:50:29.0131 6476 sppsvc - ok[/FONT]

[FONT=Lucida Console]22:50:29.0139 6476 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll[/FONT]

[FONT=Lucida Console]22:50:29.0141 6476 sppuinotify - ok[/FONT]

[FONT=Lucida Console]22:50:29.0158 6476 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys[/FONT]

[FONT=Lucida Console]22:50:29.0160 6476 srv - ok[/FONT]

[FONT=Lucida Console]22:50:29.0165 6476 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys[/FONT]

[FONT=Lucida Console]22:50:29.0168 6476 srv2 - ok[/FONT]

[FONT=Lucida Console]22:50:29.0178 6476 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys[/FONT]

[FONT=Lucida Console]22:50:29.0179 6476 srvnet - ok[/FONT]

[FONT=Lucida Console]22:50:29.0194 6476 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll[/FONT]

[FONT=Lucida Console]22:50:29.0198 6476 SSDPSRV - ok[/FONT]

[FONT=Lucida Console]22:50:29.0221 6476 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys[/FONT]

[FONT=Lucida Console]22:50:29.0221 6476 SSPORT - ok[/FONT]

[FONT=Lucida Console]22:50:29.0231 6476 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll[/FONT]

[FONT=Lucida Console]22:50:29.0234 6476 SstpSvc - ok[/FONT]

[FONT=Lucida Console]22:50:29.0286 6476 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[/FONT]

[FONT=Lucida Console]22:50:29.0289 6476 Stereo Service - ok[/FONT]

[FONT=Lucida Console]22:50:29.0303 6476 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys[/FONT]

[FONT=Lucida Console]22:50:29.0304 6476 stexstor - ok[/FONT]

[FONT=Lucida Console]22:50:29.0336 6476 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll[/FONT]

[FONT=Lucida Console]22:50:29.0344 6476 stisvc - ok[/FONT]

[FONT=Lucida Console]22:50:29.0351 6476 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys[/FONT]

[FONT=Lucida Console]22:50:29.0351 6476 swenum - ok[/FONT]

[FONT=Lucida Console]22:50:29.0408 6476 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[/FONT]

[FONT=Lucida Console]22:50:29.0411 6476 SwitchBoard - ok[/FONT]

[FONT=Lucida Console]22:50:29.0430 6476 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll[/FONT]

[FONT=Lucida Console]22:50:29.0438 6476 swprv - ok[/FONT]

[FONT=Lucida Console]22:50:29.0473 6476 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll[/FONT]

[FONT=Lucida Console]22:50:29.0508 6476 SysMain - ok[/FONT]

[FONT=Lucida Console]22:50:29.0518 6476 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll[/FONT]

[FONT=Lucida Console]22:50:29.0520 6476 TabletInputService - ok[/FONT]

[FONT=Lucida Console]22:50:29.0533 6476 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll[/FONT]

[FONT=Lucida Console]22:50:29.0535 6476 TapiSrv - ok[/FONT]

[FONT=Lucida Console]22:50:29.0549 6476 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll[/FONT]

[FONT=Lucida Console]22:50:29.0550 6476 TBS - ok[/FONT]

[FONT=Lucida Console]22:50:29.0595 6476 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys[/FONT]

[FONT=Lucida Console]22:50:29.0630 6476 Tcpip - ok[/FONT]

[FONT=Lucida Console]22:50:29.0670 6476 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys[/FONT]

[FONT=Lucida Console]22:50:29.0678 6476 TCPIP6 - ok[/FONT]

[FONT=Lucida Console]22:50:29.0685 6476 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys[/FONT]

[FONT=Lucida Console]22:50:29.0685 6476 tcpipreg - ok[/FONT]

[FONT=Lucida Console]22:50:29.0694 6476 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys[/FONT]

[FONT=Lucida Console]22:50:29.0695 6476 TDPIPE - ok[/FONT]

[FONT=Lucida Console]22:50:29.0719 6476 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys[/FONT]

[FONT=Lucida Console]22:50:29.0720 6476 TDTCP - ok[/FONT]

[FONT=Lucida Console]22:50:29.0754 6476 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys[/FONT]

[FONT=Lucida Console]22:50:29.0756 6476 tdx - ok[/FONT]

[FONT=Lucida Console]22:50:29.0764 6476 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys[/FONT]

[FONT=Lucida Console]22:50:29.0765 6476 TermDD - ok[/FONT]

[FONT=Lucida Console]22:50:29.0784 6476 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll[/FONT]

[FONT=Lucida Console]22:50:29.0793 6476 TermService - ok[/FONT]

[FONT=Lucida Console]22:50:29.0806 6476 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll[/FONT]

[FONT=Lucida Console]22:50:29.0810 6476 Themes - ok[/FONT]

[FONT=Lucida Console]22:50:29.0823 6476 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll[/FONT]

[FONT=Lucida Console]22:50:29.0825 6476 THREADORDER - ok[/FONT]

[FONT=Lucida Console]22:50:29.0839 6476 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll[/FONT]

[FONT=Lucida Console]22:50:29.0841 6476 TrkWks - ok[/FONT]

[FONT=Lucida Console]22:50:29.0880 6476 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe[/FONT]

[FONT=Lucida Console]22:50:29.0881 6476 TrustedInstaller - ok[/FONT]

[FONT=Lucida Console]22:50:29.0899 6476 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys[/FONT]

[FONT=Lucida Console]22:50:29.0900 6476 tssecsrv - ok[/FONT]

[FONT=Lucida Console]22:50:29.0911 6476 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys[/FONT]

[FONT=Lucida Console]22:50:29.0913 6476 TsUsbFlt - ok[/FONT]

[FONT=Lucida Console]22:50:29.0916 6476 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys[/FONT]

[FONT=Lucida Console]22:50:29.0916 6476 TsUsbGD - ok[/FONT]

[FONT=Lucida Console]22:50:29.0938 6476 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys[/FONT]

[FONT=Lucida Console]22:50:29.0940 6476 tunnel - ok[/FONT]

[FONT=Lucida Console]22:50:29.0953 6476 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys[/FONT]

[FONT=Lucida Console]22:50:29.0954 6476 uagp35 - ok[/FONT]

[FONT=Lucida Console]22:50:29.0960 6476 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys[/FONT]

[FONT=Lucida Console]22:50:29.0964 6476 udfs - ok[/FONT]

[FONT=Lucida Console]22:50:29.0976 6476 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe[/FONT]

[FONT=Lucida Console]22:50:29.0979 6476 UI0Detect - ok[/FONT]

[FONT=Lucida Console]22:50:29.0993 6476 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys[/FONT]

[FONT=Lucida Console]22:50:29.0994 6476 uliagpkx - ok[/FONT]

[FONT=Lucida Console]22:50:29.0998 6476 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys[/FONT]

[FONT=Lucida Console]22:50:29.0999 6476 umbus - ok[/FONT]

[FONT=Lucida Console]22:50:30.0003 6476 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys[/FONT]

[FONT=Lucida Console]22:50:30.0003 6476 UmPass - ok[/FONT]

[FONT=Lucida Console]22:50:30.0014 6476 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll[/FONT]

[FONT=Lucida Console]22:50:30.0020 6476 upnphost - ok[/FONT]

[FONT=Lucida Console]22:50:30.0048 6476 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys[/FONT]

[FONT=Lucida Console]22:50:30.0049 6476 usbaudio - ok[/FONT]

[FONT=Lucida Console]22:50:30.0090 6476 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys[/FONT]

[FONT=Lucida Console]22:50:30.0091 6476 usbccgp - ok[/FONT]

[FONT=Lucida Console]22:50:30.0095 6476 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys[/FONT]

[FONT=Lucida Console]22:50:30.0098 6476 usbcir - ok[/FONT]

[FONT=Lucida Console]22:50:30.0106 6476 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys[/FONT]

[FONT=Lucida Console]22:50:30.0108 6476 usbehci - ok[/FONT]

[FONT=Lucida Console]22:50:30.0125 6476 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys[/FONT]

[FONT=Lucida Console]22:50:30.0129 6476 usbhub - ok[/FONT]

[FONT=Lucida Console]22:50:30.0159 6476 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys[/FONT]

[FONT=Lucida Console]22:50:30.0160 6476 usbohci - ok[/FONT]

[FONT=Lucida Console]22:50:30.0180 6476 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys[/FONT]

[FONT=Lucida Console]22:50:30.0181 6476 usbprint - ok[/FONT]

[FONT=Lucida Console]22:50:30.0202 6476 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys[/FONT]

[FONT=Lucida Console]22:50:30.0204 6476 usbscan - ok[/FONT]

[FONT=Lucida Console]22:50:30.0214 6476 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS[/FONT]

[FONT=Lucida Console]22:50:30.0215 6476 USBSTOR - ok[/FONT]

[FONT=Lucida Console]22:50:30.0229 6476 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys[/FONT]

[FONT=Lucida Console]22:50:30.0230 6476 usbuhci - ok[/FONT]

[FONT=Lucida Console]22:50:30.0247 6476 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll[/FONT]

[FONT=Lucida Console]22:50:30.0250 6476 UxSms - ok[/FONT]

[FONT=Lucida Console]22:50:30.0257 6476 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe[/FONT]

[FONT=Lucida Console]22:50:30.0259 6476 VaultSvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0262 6476 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys[/FONT]

[FONT=Lucida Console]22:50:30.0264 6476 vdrvroot - ok[/FONT]

[FONT=Lucida Console]22:50:30.0290 6476 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe[/FONT]

[FONT=Lucida Console]22:50:30.0297 6476 vds - ok[/FONT]

[FONT=Lucida Console]22:50:30.0316 6476 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys[/FONT]

[FONT=Lucida Console]22:50:30.0317 6476 vga - ok[/FONT]

[FONT=Lucida Console]22:50:30.0326 6476 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys[/FONT]

[FONT=Lucida Console]22:50:30.0327 6476 VgaSave - ok[/FONT]

[FONT=Lucida Console]22:50:30.0346 6476 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys[/FONT]

[FONT=Lucida Console]22:50:30.0350 6476 vhdmp - ok[/FONT]

[FONT=Lucida Console]22:50:30.0362 6476 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys[/FONT]

[FONT=Lucida Console]22:50:30.0362 6476 viaide - ok[/FONT]

[FONT=Lucida Console]22:50:30.0371 6476 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys[/FONT]

[FONT=Lucida Console]22:50:30.0372 6476 volmgr - ok[/FONT]

[FONT=Lucida Console]22:50:30.0391 6476 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys[/FONT]

[FONT=Lucida Console]22:50:30.0396 6476 volmgrx - ok[/FONT]

[FONT=Lucida Console]22:50:30.0402 6476 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys[/FONT]

[FONT=Lucida Console]22:50:30.0406 6476 volsnap - ok[/FONT]

[FONT=Lucida Console]22:50:30.0410 6476 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys[/FONT]

[FONT=Lucida Console]22:50:30.0412 6476 vsmraid - ok[/FONT]

[FONT=Lucida Console]22:50:30.0450 6476 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe[/FONT]

[FONT=Lucida Console]22:50:30.0484 6476 VSS - ok[/FONT]

[FONT=Lucida Console]22:50:30.0495 6476 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys[/FONT]

[FONT=Lucida Console]22:50:30.0496 6476 vwifibus - ok[/FONT]

[FONT=Lucida Console]22:50:30.0511 6476 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll[/FONT]

[FONT=Lucida Console]22:50:30.0516 6476 W32Time - ok[/FONT]

[FONT=Lucida Console]22:50:30.0529 6476 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys[/FONT]

[FONT=Lucida Console]22:50:30.0530 6476 WacomPen - ok[/FONT]

[FONT=Lucida Console]22:50:30.0535 6476 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys[/FONT]

[FONT=Lucida Console]22:50:30.0536 6476 WANARP - ok[/FONT]

[FONT=Lucida Console]22:50:30.0539 6476 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys[/FONT]

[FONT=Lucida Console]22:50:30.0540 6476 Wanarpv6 - ok[/FONT]

[FONT=Lucida Console]22:50:30.0587 6476 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe[/FONT]

[FONT=Lucida Console]22:50:30.0612 6476 WatAdminSvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0650 6476 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe[/FONT]

[FONT=Lucida Console]22:50:30.0684 6476 wbengine - ok[/FONT]

[FONT=Lucida Console]22:50:30.0701 6476 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll[/FONT]

[FONT=Lucida Console]22:50:30.0706 6476 WbioSrvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0712 6476 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll[/FONT]

[FONT=Lucida Console]22:50:30.0719 6476 wcncsvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0724 6476 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll[/FONT]

[FONT=Lucida Console]22:50:30.0726 6476 WcsPlugInService - ok[/FONT]

[FONT=Lucida Console]22:50:30.0735 6476 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys[/FONT]

[FONT=Lucida Console]22:50:30.0736 6476 Wd - ok[/FONT]

[FONT=Lucida Console]22:50:30.0745 6476 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys[/FONT]

[FONT=Lucida Console]22:50:30.0752 6476 Wdf01000 - ok[/FONT]

[FONT=Lucida Console]22:50:30.0760 6476 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll[/FONT]

[FONT=Lucida Console]22:50:30.0762 6476 WdiServiceHost - ok[/FONT]

[FONT=Lucida Console]22:50:30.0764 6476 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll[/FONT]

[FONT=Lucida Console]22:50:30.0765 6476 WdiSystemHost - ok[/FONT]

[FONT=Lucida Console]22:50:30.0796 6476 [ DFE18C278C75525AA00AB0314955F6EF ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe[/FONT]

[FONT=Lucida Console]22:50:30.0797 6476 Web Assistant Updater - ok[/FONT]

[FONT=Lucida Console]22:50:30.0815 6476 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll[/FONT]

[FONT=Lucida Console]22:50:30.0820 6476 WebClient - ok[/FONT]

[FONT=Lucida Console]22:50:30.0831 6476 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll[/FONT]

[FONT=Lucida Console]22:50:30.0836 6476 Wecsvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0850 6476 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll[/FONT]

[FONT=Lucida Console]22:50:30.0851 6476 wercplsupport - ok[/FONT]

[FONT=Lucida Console]22:50:30.0872 6476 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll[/FONT]

[FONT=Lucida Console]22:50:30.0875 6476 WerSvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0881 6476 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys[/FONT]

[FONT=Lucida Console]22:50:30.0882 6476 WfpLwf - ok[/FONT]

[FONT=Lucida Console]22:50:30.0895 6476 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys[/FONT]

[FONT=Lucida Console]22:50:30.0896 6476 WIMMount - ok[/FONT]

[FONT=Lucida Console]22:50:30.0904 6476 WinDefend - ok[/FONT]

[FONT=Lucida Console]22:50:30.0905 6476 WinHttpAutoProxySvc - ok[/FONT]

[FONT=Lucida Console]22:50:30.0937 6476 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll[/FONT]

[FONT=Lucida Console]22:50:30.0941 6476 Winmgmt - ok[/FONT]

[FONT=Lucida Console]22:50:30.0977 6476 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll[/FONT]

[FONT=Lucida Console]22:50:31.0004 6476 WinRM - ok[/FONT]

[FONT=Lucida Console]22:50:31.0022 6476 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll[/FONT]

[FONT=Lucida Console]22:50:31.0029 6476 Wlansvc - ok[/FONT]

[FONT=Lucida Console]22:50:31.0035 6476 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys[/FONT]

[FONT=Lucida Console]22:50:31.0036 6476 WmiAcpi - ok[/FONT]

[FONT=Lucida Console]22:50:31.0050 6476 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe[/FONT]

[FONT=Lucida Console]22:50:31.0051 6476 wmiApSrv - ok[/FONT]

[FONT=Lucida Console]22:50:31.0065 6476 WMPNetworkSvc - ok[/FONT]

[FONT=Lucida Console]22:50:31.0075 6476 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll[/FONT]

[FONT=Lucida Console]22:50:31.0077 6476 WPCSvc - ok[/FONT]

[FONT=Lucida Console]22:50:31.0100 6476 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll[/FONT]

[FONT=Lucida Console]22:50:31.0104 6476 WPDBusEnum - ok[/FONT]

[FONT=Lucida Console]22:50:31.0112 6476 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys[/FONT]

[FONT=Lucida Console]22:50:31.0115 6476 ws2ifsl - ok[/FONT]

[FONT=Lucida Console]22:50:31.0131 6476 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll[/FONT]

[FONT=Lucida Console]22:50:31.0134 6476 wscsvc - ok[/FONT]

[FONT=Lucida Console]22:50:31.0137 6476 WSearch - ok[/FONT]

[FONT=Lucida Console]22:50:31.0189 6476 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll[/FONT]

[FONT=Lucida Console]22:50:31.0222 6476 wuauserv - ok[/FONT]

[FONT=Lucida Console]22:50:31.0232 6476 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys[/FONT]

[FONT=Lucida Console]22:50:31.0234 6476 WudfPf - ok[/FONT]

[FONT=Lucida Console]22:50:31.0245 6476 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll[/FONT]

[FONT=Lucida Console]22:50:31.0247 6476 wudfsvc - ok[/FONT]

[FONT=Lucida Console]22:50:31.0259 6476 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll[/FONT]

[FONT=Lucida Console]22:50:31.0261 6476 WwanSvc - ok[/FONT]

[FONT=Lucida Console]22:50:31.0270 6476 ================ Scan global ===============================[/FONT]

[FONT=Lucida Console]22:50:31.0284 6476 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll[/FONT]

[FONT=Lucida Console]22:50:31.0312 6476 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll[/FONT]

[FONT=Lucida Console]22:50:31.0320 6476 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll[/FONT]

[FONT=Lucida Console]22:50:31.0336 6476 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll[/FONT]

[FONT=Lucida Console]22:50:31.0351 6476 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe[/FONT]

[FONT=Lucida Console]22:50:31.0355 6476 [Global] - ok[/FONT]

[FONT=Lucida Console]22:50:31.0355 6476 ================ Scan MBR ==================================[/FONT]

[FONT=Lucida Console]22:50:31.0362 6476 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0[/FONT]

[FONT=Lucida Console]22:50:31.0369 6476 \Device\Harddisk0\DR0 - ok[/FONT]

[FONT=Lucida Console]22:50:31.0370 6476 ================ Scan VBR ==================================[/FONT]

[FONT=Lucida Console]22:50:31.0379 6476 [ EC351C24AE43ED23F125116DA32B305F ] \Device\Harddisk0\DR0\Partition1[/FONT]

[FONT=Lucida Console]22:50:31.0380 6476 \Device\Harddisk0\DR0\Partition1 - ok[/FONT]

[FONT=Lucida Console]22:50:31.0389 6476 [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2[/FONT]

[FONT=Lucida Console]22:50:31.0389 6476 \Device\Harddisk0\DR0\Partition2 - ok[/FONT]

[FONT=Lucida Console]22:50:31.0397 6476 [ 6372DA23414C4654CF03FD0E88F76FB0 ] \Device\Harddisk0\DR0\Partition3[/FONT]

[FONT=Lucida Console]22:50:31.0399 6476 \Device\Harddisk0\DR0\Partition3 - ok[/FONT]

[FONT=Lucida Console]22:50:31.0399 6476 ============================================================[/FONT]

[FONT=Lucida Console]22:50:31.0399 6476 Scan finished[/FONT]

[FONT=Lucida Console]22:50:31.0399 6476 ============================================================[/FONT]

[FONT=Lucida Console]22:50:31.0402 5840 Detected object count: 0[/FONT]

[FONT=Lucida Console]22:50:31.0402 5840 Actual detected object count: 0[/FONT]

[FONT=Lucida Console] [/FONT]

[FONT=Calibri] [/FONT]

 

[Broni]

Create new restore point before proceeding with the next step....
How to:
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

============================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If restarting doesn't help use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[MO9999]

Attached is the ComboFix file. Thanks again!

 

[Broni]

Please observe forum rules.
All logs have to be pasted not attached.

 

[MO9999]

Okay, here it is:

ComboFix 12-09-29.01 - Home 30/09/2012 8:59.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.16364.14391 [GMT -4:00]
Running from: c:\users\Home\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Web Assistant\ExTEnsion32.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-08-28 to 2012-09-30 )))))))))))))))))))))))))))))))
.
.
2012-09-30 13:03 . 2012-09-30 13:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-30 12:28 . 2012-09-30 12:28 -------- d-----w- c:\windows\LastGood
2012-09-30 12:27 . 2012-09-30 12:27 -------- d-----w- c:\program files\Logitech
2012-09-29 13:37 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5026FD93-413F-41A3-B7ED-8EDC4EF45EA0}\mpengine.dll
2012-09-28 00:37 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-25 21:18 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-22 17:09 . 2010-01-10 22:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2012-09-22 17:09 . 2012-09-22 17:09 -------- d-----w- c:\program files (x86)\SpywareBlaster
2012-09-22 14:48 . 2012-09-22 14:48 -------- d-----w- c:\program files (x86)\ESET
2012-09-18 01:14 . 2012-09-18 01:14 -------- d-----w- c:\programdata\Malwarebytes
2012-09-18 01:13 . 2012-09-18 01:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-18 01:13 . 2012-09-07 21:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-18 00:49 . 2012-09-30 12:28 -------- d-----w- c:\program files\Common Files\LogiShrd
2012-09-17 00:58 . 2012-09-30 13:03 -------- d-----w- c:\program files\Web Assistant
2012-09-17 00:58 . 2012-09-17 00:58 -------- d-----w- c:\program files (x86)\Conduit
2012-09-17 00:58 . 2012-09-17 00:58 -------- d-----w- c:\program files (x86)\SmileBox_EN
2012-09-13 23:55 . 2012-09-13 23:55 -------- d-----w- C:\temp
2012-09-04 01:27 . 2012-09-15 00:10 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-09-01 19:26 . 2012-09-30 12:25 -------- d-----w- c:\programdata\NVIDIA
2012-09-01 19:26 . 2012-09-18 01:05 -------- d-----w- c:\users\UpdatusUser
2012-09-01 19:25 . 2012-08-30 16:18 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-09-01 19:25 . 2012-08-30 16:18 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-09-01 19:25 . 2012-08-30 16:18 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-09-01 19:25 . 2012-08-30 16:18 3487434 ----a-w- c:\windows\system32\nvcoproc.bin
2012-09-01 19:25 . 2012-08-30 16:18 3266920 ----a-w- c:\windows\system32\nvsvc64.dll
2012-09-01 19:25 . 2012-08-30 16:17 6198120 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-01 19:25 . 2012-05-15 10:48 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-01 19:25 . 2012-05-15 10:48 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-01 19:24 . 2012-09-01 19:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-09-01 19:20 . 2012-08-30 19:14 971624 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-09-01 19:20 . 2012-08-30 19:14 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-09-01 19:20 . 2012-08-30 19:14 14879080 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-09-01 19:20 . 2012-08-30 19:14 12465512 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-09-01 19:20 . 2012-07-03 07:37 1472360 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-09-01 19:20 . 2012-05-15 10:48 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2012-09-01 19:20 . 2012-05-15 10:48 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2012-09-01 19:20 . 2012-08-30 19:14 2725224 ----a-w- c:\windows\system32\nvapi64.dll
2012-09-01 19:20 . 2012-09-01 19:20 -------- d-----w- C:\NVIDIA
2012-09-01 15:02 . 2012-09-01 15:02 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-08-31 23:41 . 2012-08-31 23:41 -------- d-----w- c:\program files\Microsoft Silverlight
2012-08-31 23:41 . 2012-08-31 23:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-08-31 23:41 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-31 23:40 . 2012-08-31 23:40 -------- d-----w- c:\program files (x86)\Microsoft
2012-08-31 23:39 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-08-31 23:39 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-08-31 23:39 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-08-31 23:32 . 2012-08-31 23:32 -------- dc----w- c:\windows\system32\DRVSTORE
2012-08-31 23:32 . 2009-05-18 17:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-31 23:32 . 2008-04-17 16:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-31 23:32 . 2008-04-17 16:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\program files\iPod
2012-08-31 23:31 . 2012-08-31 23:32 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-31 23:31 . 2012-08-31 23:32 -------- d-----w- c:\program files\iTunes
2012-08-31 23:31 . 2012-08-31 23:32 -------- d-----w- c:\program files (x86)\iTunes
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\programdata\Apple Computer
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\program files\Common Files\Apple
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\program files\Bonjour
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\program files (x86)\Bonjour
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-08-31 23:31 . 2012-08-31 23:31 -------- d-----w- c:\programdata\Apple
2012-08-31 22:22 . 2012-08-31 22:22 -------- d-----w- c:\programdata\ALM
2012-08-31 21:56 . 2012-08-31 18:02 -------- d-----w- c:\windows\Panther
2012-08-31 21:53 . 2012-08-31 21:53 -------- d-----w- c:\program files (x86)\Adobe Story
2012-08-31 21:51 . 2012-08-31 21:51 -------- d-----w- c:\program files (x86)\My Company Name
2012-08-31 21:51 . 2012-08-31 21:51 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2012-08-31 21:51 . 2012-08-31 21:51 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-08-31 21:51 . 2009-07-09 07:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2012-08-31 21:51 . 2009-06-23 07:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2012-08-31 21:51 . 2009-06-23 07:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2012-08-31 21:48 . 2012-08-31 22:25 -------- d-----w- c:\program files\Common Files\Adobe
2012-08-31 21:48 . 2012-08-31 22:25 -------- d-----w- c:\program files\Adobe
2012-08-31 21:47 . 2012-08-31 21:47 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-08-31 21:44 . 2012-09-05 00:06 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-08-31 21:05 . 2012-08-31 21:21 -------- d-----w- c:\program files (x86)\Mass Effect 2
2012-08-31 21:01 . 2012-08-31 21:01 -------- d-----w- c:\programdata\Media Center Programs
2012-08-31 21:01 . 2012-08-31 21:29 -------- d-----w- c:\program files (x86)\Common Files\BioWare
2012-08-31 20:50 . 2012-08-31 21:02 -------- d-----w- c:\program files (x86)\Mass Effect
2012-08-31 20:45 . 2012-08-31 20:45 -------- d-----w- c:\windows\PCHEALTH
2012-08-31 20:43 . 2012-08-31 20:43 -------- d-----w- c:\program files\Microsoft Office
2012-08-31 20:43 . 2012-08-31 20:43 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-08-31 20:42 . 2012-09-14 01:57 -------- d-----w- c:\programdata\Microsoft Help
2012-08-31 20:42 . 2012-08-31 20:42 -------- d-----r- C:\MSOCache
2012-08-31 19:58 . 2010-07-23 09:55 1261056 ----a-w- c:\windows\system32\drivers\cmudaxp.sys
2012-08-31 19:58 . 2007-04-19 07:12 32768 ----a-w- c:\windows\system32\cmudaxp.dll
2012-08-31 19:58 . 2004-04-14 03:28 315392 ----a-w- c:\windows\SysWow64\CmiFltr.dll
2012-08-31 19:58 . 2004-04-14 03:28 315392 ----a-w- c:\windows\system\CmiFltr.dll
2012-08-31 19:58 . 2009-08-19 08:00 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2012-08-31 19:58 . 2006-10-05 21:45 524768 ----a-r- c:\windows\difxapi.dll
2012-08-31 19:45 . 2012-08-31 19:49 -------- d-----w- c:\program files (x86)\Readiris10
2012-08-31 19:45 . 2012-08-31 19:49 -------- d-----w- c:\program files (x86)\SmarThru 4
2012-08-31 19:44 . 2012-08-31 19:49 -------- d-----w- c:\program files (x86)\Scan Assistant
2012-08-31 19:41 . 2012-08-31 19:41 -------- d-----w- c:\program files (x86)\Samsung
2012-08-31 19:38 . 2012-08-31 19:49 -------- d-----w- c:\program files (x86)\MagicTune Premium
2012-08-31 19:37 . 2012-08-31 19:37 -------- d-----w- c:\program files (x86)\MonitorDriver
2012-08-31 19:37 . 2012-08-31 19:49 -------- d-----w- c:\programdata\InstallShield
2012-08-31 19:30 . 2012-09-21 00:12 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-31 19:30 . 2012-09-21 00:12 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-31 19:30 . 2012-08-31 19:30 -------- d-----w- c:\windows\SysWow64\Macromed
2012-08-31 19:30 . 2012-08-31 19:30 -------- d-----w- c:\windows\system32\Macromed
2012-08-31 19:24 . 2012-08-31 19:23 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB083F9B-738B-4E39-8A61-E7387D91F166}\gapaengine.dll
2012-08-31 19:23 . 2012-08-31 19:23 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-31 19:23 . 2012-08-31 19:23 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-31 19:13 . 2012-08-31 19:13 -------- d-----w- c:\windows\SysWow64\Wat
2012-08-31 19:13 . 2012-08-31 19:13 -------- d-----w- c:\windows\system32\Wat
2012-08-31 19:05 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-31 19:05 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-08-31 19:05 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-31 19:05 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-31 19:05 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-31 19:05 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-08-31 19:05 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-08-31 19:03 . 2012-09-14 01:57 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-31 19:03 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-08-31 19:03 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-08-31 18:54 . 2012-08-31 18:54 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2012-08-31 18:54 . 2012-09-30 12:28 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-08-31 18:54 . 2012-09-30 12:27 -------- d-----w- c:\programdata\Logishrd
2012-08-31 18:41 . 2011-02-05 17:10 642944 ----a-w- c:\windows\system32\winload.efi
2012-08-31 18:40 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-08-31 18:37 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll
2012-08-31 18:37 . 2012-08-31 18:39 -------- d-----w- c:\program files (x86)\MSI Afterburner
2012-08-31 18:34 . 2012-08-28 05:49 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BB1C691-527D-4B5A-B46F-A5EF467DDB80}\mpengine.dll
2012-08-31 18:34 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-08-31 18:34 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 19:14 . 2012-02-10 02:43 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-08-30 14:40 . 2012-08-30 14:40 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-07-27 20:51 . 2012-07-27 20:51 24984 ----a-w- c:\windows\system32\AdobePDFUI.dll
2012-07-27 20:51 . 2012-07-27 20:51 53656 ----a-w- c:\windows\system32\AdobePDF.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f897eb0e-a3a4-46c3-80eb-2729699d8892}"= "c:\program files (x86)\SmileBox_EN\prxtbSmil.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{f897eb0e-a3a4-46c3-80eb-2729699d8892}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{f897eb0e-a3a4-46c3-80eb-2729699d8892}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\SmileBox_EN\prxtbSmil.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{f897eb0e-a3a4-46c3-80eb-2729699d8892}"= "c:\program files (x86)\SmileBox_EN\prxtbSmil.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{f897eb0e-a3a4-46c3-80eb-2729699d8892}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2012-03-30 1858152]
.
c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-07-12 185856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 55336]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-31 1255736]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 297000]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-03-30 151656]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-07-11 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 cmudaxp;ASUS Xonar DG Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2010-07-23 1261056]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-31 00:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.cbc.ca/news/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension32.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{F897EB0E-A3A4-46C3-80EB-2729699D8892} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-30 09:04:31
ComboFix-quarantined-files.txt 2012-09-30 13:04
.
Pre-Run: 851,072,323,584 bytes free
Post-Run: 851,045,163,008 bytes free
.
- - End Of File - - 768D1D6812C860C10F2C10FE7F6C463B

 

[Broni]

I don't see much there...

What are the current issues?

 

[MO9999]

[FONT=Arial]A bunch. The one that's the most in my face is messed up keyboard entry - I click on a field in IE or start to type in Word and it starts blinking like crazy until I finally hit escape. (In fact, right when I tried to type in this field, the cursor immediately jumped up to the address bar and took me to a different page.)[/FONT]

[FONT=Arial]Internet browsing is significantly slowed down. Trying to post the logs into this forum takes forEVER because a script keeps freezing my browser (and sometimes crashing it) after literally one character entry. It seems to have affected the loading of any semi-complicated page, such as Yahoo Mail.
I've tried to restart in Safe Mode, but it won’t let me – it goes to the prompt for a split-second and then the option disappears and it boots in normal mode.[/FONT]

[FONT=Arial]Video crashes regularly, even just YouTube.[/FONT]

[FONT=Arial]And performance has slowed down significantly. I’m using a quadcore 3.7 CPU, with 1gb of video memory and 16gb of RAM, and about a year after I bought it (in August) it was like someone hit the brakes.[/FONT]

[FONT=Arial]Scans don’t seem to show anything, but my PC changed only all of a sudden one day. After a bunch of scans I re-formatted, but the virus/malware must be attached to one or some of my personal files, because it came back as soon as I had re-loaded all of my documents.[/FONT]

[FONT=Arial]Any ideas?[/FONT]

 

[Broni]

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

Good luck!

 

[MO9999]

So you're pretty sure there's no virus or malware?

 

[Broni]

Yes.

 

[MO9999]

Okay, well thanks so much for all of your help. It's really appreciated.

 

[Broni]

You're very welcome