Windows has encountered a critical error will restart in one minute

Solved
By Gobbler
Nov 16, 2012
  1. Hi there!
    I found this site while researching a problem that has just occurred on my desktop. As you have probably already guessed, I fell for the fake Adobe update and downloaded myself a heap of trouble instead. I'm not sure of the correct name for the virus is but the message in my post title comes up as soon as I log on and then everything shuts down before I can do anything. I think this is a common virus at the moment and hopefully the above is enough for you to identify it. I have Microsoft Security Essentials as my security and obviously it got around that as I ok'd the download. My Desktop is running Windows 7 32bit system. Please let me know if you need any further info. Many thanks!

    I have followed the steps provided on this link up to the point where my logs need to be reviewed.

    http://www.techspot.com/community/t...ical-error-will-restart-in-one-minute.184335/

    Below are my logs.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2012
    Ran by SYSTEM at 15-11-2012 21:57:40
    Running from G:\
    Windows 7 Ultimate (X86) OS Language: English(US)
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [1808784 2011-04-13] (Microsoft Corporation)
    HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
    HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
    HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
    HKU\Josh\...\Run: [PlayOn] C:\Program Files\MediaMall\PlayOn.exe [x]
    HKU\Josh\...\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59240 2012-02-23] (Apple Inc.)
    HKU\Josh\...\Run: [Plex Media Server] "C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe" [2495056 2011-07-26] (Plex, Inc.)
    HKU\Josh\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
    HKU\Josh\...\RunOnce: [Application Restart #2] C:\Program Files\Google\Chrome Frame\Application\chrome.exe --automation-channel=ChromeTestingInterface:4292.1 --chrome-frame --no-first-run --disable-background-mode --disable-popup-blocking --disable-print-preview --chrome-frame-shutdown-delay=30 --user-data-dir="C:\Users\Josh\AppData\Local\Google\Chrome Frame\User Data\iexplore" --chrome-version=19.0.1084.56 --lang=en-US --flag-switches-begin --flag-switches-end --restore-last-session [1242136 2012-10-31] (Google Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Startup: C:\Users\Josh\Start Menu\Programs\Startup\EvernoteClipper.lnk
    ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

    ==================== Services (Whitelisted) ===================

    2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
    2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
    2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-03-26] (Microsoft Corporation)
    3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-03-26] (Microsoft Corporation)
    2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-21] (NVIDIA Corporation)
    2 3combootp; C:\Windows\System32\HSFHWALI.dll [x]
    2 3comtftp; C:\Windows\System32\mediaviewer.dll [x]
    2 abnetmon; C:\Windows\System32\aeclienthostservice.dll [x]
    2 ACDaemon; C:\Windows\System32\emAudio.dll [x]
    2 admjoy; C:\Windows\System32\WD_FireWire_HID.dll [x]
    2 adsservice; C:\Windows\System32\vwlogger.dll [x]
    2 aexnsclient; C:\Windows\System32\bgs_sdservice.dll [x]
    2 ami0nt; C:\Windows\System32\nuvvid2.dll [x]
    2 Amsmpu4p; C:\Windows\System32\a016bus.dll [x]
    2 apache2; C:\Windows\System32\prfldsvc.dll [x]
    2 application; C:\Windows\System32\w810mgmt.dll [x]
    2 ARCSOFTVIRTUALCAPTURE; C:\Windows\System32\w810mgmt.dll [x]
    2 armoucfltr; C:\Windows\System32\NETGEAR_MA111.dll [x]
    2 arp1394; C:\Windows\System32\AVRec.dll [x]
    2 aslm75; C:\Windows\System32\vmusb.dll [x]
    2 aswtdi; C:\Windows\System32\vtserver.dll [x]
    2 atchksrv; C:\Windows\System32\STV672.dll [x]
    2 ATIBTXBAR; C:\Windows\System32\w3svc.dll [x]
    2 ATKGFNEXSrv; C:\Windows\System32\igfx.dll [x]
    2 atksgt; C:\Windows\System32\lmimaint.dll [x]
    2 Atmuni; C:\Windows\System32\epsonstatusagent2.dll [x]
    2 avc; C:\Windows\System32\wdm_au8820.dll [x]
    2 avg7rsw; C:\Windows\System32\db2.dll [x]
    2 avsinc; C:\Windows\System32\euq_monitor.dll [x]
    2 avsvcmonitor; C:\Windows\System32\vaiomediaplatform-photoserver-appserver.dll [x]
    2 b57w2k; C:\Windows\System32\TSHWMDTCP.dll [x]
    2 backupclientsvc; C:\Windows\System32\S7oppilx.dll [x]
    2 backupexecrpcservice; C:\Windows\System32\rimusb.dll [x]
    2 bb-run; C:\Windows\System32\ATIVXSTW.dll [x]
    2 bdrsdrv; C:\Windows\System32\Ld51ocnucsnp.dll [x]
    2 bgmainsvc; C:\Windows\System32\mnmsrvc.dll [x]
    2 bgsvcgen; C:\Windows\System32\nhcDriverDevice.dll [x]
    2 bmuservice; C:\Windows\System32\AKSIFDH.dll [x]
    2 bocdrive; C:\Windows\System32\anio.dll [x]
    2 btcsrusb; C:\Windows\System32\xpadminserver.dll [x]
    2 bthpan; C:\Windows\System32\sfhlp01.dll [x]
    2 caccprovsp; C:\Windows\System32\nuvvid2.dll [x]
    2 cbidf; C:\Windows\System32\usbvideo.dll [x]
    2 CcmExec; C:\Windows\System32\PSSdk21.dll [x]
    2 CdaC15BA; C:\Windows\System32\pxfhserd.dll [x]
    2 CDRPDACC; C:\Windows\System32\MXOPSWD.dll [x]
    2 CE3; C:\Windows\System32\CnxTrLan.dll [x]
    2 centennialiptransferagent; C:\Windows\System32\asapiw2k.dll [x]
    2 cfsvcs; C:\Windows\System32\nscirda.dll [x]
    2 client32; C:\Windows\System32\mysql.dll [x]
    2 CnxTrUsb; C:\Windows\System32\raspti.dll [x]
    2 CoachVc; C:\Windows\System32\NICM.dll [x]
    2 contentfilter; C:\Windows\System32\i2omgmt.dll [x]
    2 contentindex; C:\Windows\System32\xpadminserver.dll [x]
    2 cpqdmi; C:\Windows\System32\revudfservice.dll [x]
    2 cpqvcagent; C:\Windows\System32\Xyz777s.dll [x]
    2 cpsvc; C:\Windows\System32\wmdmpmsn.dll [x]
    2 cq_mem; C:\Windows\System32\asapiw2k.dll [x]
    2 crystaloutputfileserver; C:\Windows\System32\rupsmon.dll [x]
    2 CTHWIUT.DLL; C:\Windows\System32\DN2AKNET.dll [x]
    2 CTMMOUNT; C:\Windows\System32\V0070VID.dll [x]
    2 ctusfsyn; C:\Windows\System32\epsonbidirectionalservice.dll [x]
    2 curtainssyssvc; C:\Windows\System32\PSSdk23.dll [x]
    2 CVPNDRVA; C:\Windows\System32\CTDevice_Srv.dll [x]
    2 d-link_st3402; C:\Windows\System32\ageremodemaudio.dll [x]
    2 db2; C:\Windows\System32\RecAgent.dll [x]
    2 dbmanagerscheduler; C:\Windows\System32\btkrnl.dll [x]
    2 dbmang; C:\Windows\System32\papyjoy.dll [x]
    2 DcCam; C:\Windows\System32\ZY202_XP.dll [x]
    2 DeviceScanner; C:\Windows\System32\fsks.dll [x]
    2 Dfs; C:\Windows\System32\omniusbl.dll [x]
    2 digictrl; C:\Windows\System32\pavdrv.dll [x]
    2 DivisCTP; C:\Windows\System32\itmrtsvc.dll [x]
    2 dklogger; C:\Windows\System32\SMCB000.dll [x]
    2 dlbx_device; C:\Windows\System32\aslm75.dll [x]
    2 dmload; C:\Windows\System32\symc8xx.dll [x]
    2 DNE; C:\Windows\System32\naimagent32.dll [x]
    2 dot4ufd; C:\Windows\System32\vulfnths.dll [x]
    2 dpc_srv_webcast; C:\Windows\System32\kl1.dll [x]
    2 driverhardwarev2; C:\Windows\System32\gusvc.dll [x]
    2 DSI_SiUSBXp_3_1; C:\Windows\System32\mraid35x.dll [x]
    2 dsncservice; C:\Windows\System32\snare.dll [x]
    2 dvd-ram_service; C:\Windows\System32\ifxspmgtsrv.dll [x]
    2 dwusbdnt; C:\Windows\System32\pavfnsvr.dll [x]
    2 eeyeevnt; C:\Windows\System32\comhost.dll [x]
    2 ELacpi; C:\Windows\System32\disk.dll [x]
    2 epfwtdi; C:\Windows\System32\sfng32.dll [x]
    2 F700imd; C:\Windows\System32\oracleservicelocalora.dll [x]
    2 fasttrackinstallerservice; C:\Windows\System32\s125bus.dll [x]
    2 FireTDI; C:\Windows\System32\GTSCSER.dll [x]
    2 flashpnt; C:\Windows\System32\se2Cnd5.dll [x]
    2 FTDIBUS; C:\Windows\System32\RadProbe.dll [x]
    2 ftrtsvc; C:\Windows\System32\ARPolicy.dll [x]
    2 FVXSCSI; C:\Windows\System32\ultra66.dll [x]
    2 gs30s; C:\Windows\System32\hamachi.dll [x]
    2 GVCplDrv; C:\Windows\System32\snpstd2.dll [x]
    2 HabuFltr; C:\Windows\System32\lanmanserver.dll [x]
    2 hap17v2k; C:\Windows\System32\lxce_device.dll [x]
    2 hcmon; C:\Windows\System32\s616mdfl.dll [x]
    2 hf30service; C:\Windows\System32\bt3cser.dll [x]
    2 hpqddsvc; C:\Windows\System32\msmpsvc.dll [x]
    2 hpwirelessmgr; C:\Windows\System32\mcredirector.dll [x]
    2 hsfhwazl; C:\Windows\System32\rslinxng.dll [x]
    2 hSONYPVh; C:\Windows\System32\cwafreportscheduler.dll [x]
    2 HssSrv; C:\Windows\System32\https-admserv61.dll [x]
    2 hsvcmod; C:\Windows\System32\k750mdfl.dll [x]
    2 HSX_DP; C:\Windows\System32\HFACSVC.dll [x]
    2 HWIONT; C:\Windows\System32\volsnap.dll [x]
    2 i2omgmt; C:\Windows\System32\redbook.dll [x]
    2 iaantmon; C:\Windows\System32\gv3.dll [x]
    2 iAimFP7; C:\Windows\System32\ProcObsrv.dll [x]
    2 icraplus; C:\Windows\System32\MA-620.dll [x]
    2 ifp800; C:\Windows\System32\vulfntrs.dll [x]
    2 ifxspmgtsrv; C:\Windows\System32\ZSMC301b.dll [x]
    2 ikfilesec; C:\Windows\System32\akshasp.dll [x]
    2 ikhlayer; C:\Windows\System32\RVIEG01.dll [x]
    2 imonitor; C:\Windows\System32\lirsgt.dll [x]
    2 ino_flpy; C:\Windows\System32\SymIM.dll [x]
    2 Invoker; C:\Windows\System32\hkmsvc.dll [x]
    2 iolodmv; C:\Windows\System32\ibmasrex.dll [x]
    2 iolo_srv; C:\Windows\System32\USIUDF.dll [x]
    2 JiaoCap; C:\Windows\System32\VIAPFD.dll [x]
    2 JRAID; C:\Windows\System32\vpctcom.dll [x]
    2 jsdaemon; C:\Windows\System32\WmHidLo.dll [x]
    2 k750bus; C:\Windows\System32\licensemanagersocket.dll [x]
    2 KLOGNT; C:\Windows\System32\avfilter.dll [x]
    2 kpf4; C:\Windows\System32\bwmservice.dll [x]
    2 kwatchsvc; C:\Windows\System32\admservice.dll [x]
    2 L1e; C:\Windows\System32\scanwscs.dll [x]
    2 ldlcserv; C:\Windows\System32\lxrjd31s.dll [x]
    2 lhidflt2; C:\Windows\System32\rsvchost.dll [x]
    2 LHidKe; C:\Windows\System32\avidsdmservice.dll [x]
    2 lirsgt; C:\Windows\System32\sentinel.dll [x]
    2 LKbdFlt2; C:\Windows\System32\NWUSBPort.dll [x]
    2 LMouKE; C:\Windows\System32\MXOPSWD.dll [x]
    2 lp6nds35; C:\Windows\System32\pae_avs.dll [x]
    2 LPDSVC; C:\Windows\System32\raidmagt.dll [x]
    2 ltxred; C:\Windows\System32\bdftdif.dll [x]
    2 lvcomser; C:\Windows\System32\sit_mdm.dll [x]
    2 lvhidsvc; C:\Windows\System32\Ktp.dll [x]
    2 lwwlicenseservice; C:\Windows\System32\earthlinksafeconnectagent.dll [x]
    2 lxbu_device; C:\Windows\System32\sis315.dll [x]
    2 M3AD; C:\Windows\System32\cdr4_xp.dll [x]
    2 mail2ec; C:\Windows\System32\hidgame.dll [x]
    2 maxbackserviceint; C:\Windows\System32\oracle_load_balancer_60_client-forms6ip14.dll [x]
    2 mcdbus; C:\Windows\System32\wlluc48.dll [x]
    2 mcods; C:\Windows\System32\atitool.dll [x]
    2 mdvrmng; C:\Windows\System32\atimtag.dll [x]
    2 meiudf; C:\Windows\System32\dladresm.dll [x]
    2 merakpop3; C:\Windows\System32\httpfilter.dll [x]
    2 mfeavfk; C:\Windows\System32\iwebmsg.dll [x]
    2 minilog; C:\Windows\System32\prosync1.dll [x]
    2 modemcsa; C:\Windows\System32\trufos.dll [x]
    2 motoswitchservice; C:\Windows\System32\symlcbrd.dll [x]
    2 mpfirewl; C:\Windows\System32\QV2KUX.dll [x]
    2 mqdmmdm; C:\Windows\System32\NVR0Dev.dll [x]
    2 MREMP50a64; C:\Windows\System32\ppa3.dll [x]
    2 MRENDIS5; C:\Windows\System32\nvax.dll [x]
    2 mrobeservice; C:\Windows\System32\siside.dll [x]
    2 MSFWDrv; C:\Windows\System32\armoucfltr.dll [x]
    2 MSFWHLPR; C:\Windows\System32\ELacpi.dll [x]
    2 mvserver; C:\Windows\System32\F700imd.dll [x]
    2 mxserver; C:\Windows\System32\ZSMC301b.dll [x]
    2 n558; C:\Windows\System32\symantecantibotshim.dll [x]
    2 Ncrc710; C:\Windows\System32\ulcdrhlp.dll [x]
    2 ndassvc; C:\Windows\System32\ZDCNDIS5.dll [x]
    2 netdetect; C:\Windows\System32\asp.net_1.1.4322.dll [x]
    2 ngserver; C:\Windows\System32\noipducservice.dll [x]
    2 nidomainservice; C:\Windows\System32\dashsvc.dll [x]
    2 nimcrpcsu; C:\Windows\System32\WinDriver6.dll [x]
    2 NITaggerService; C:\Windows\System32\pxfhmdfl.dll [x]
    2 Nsynas32; C:\Windows\System32\atiavaiw.dll [x]
    2 ntiopnp; C:\Windows\System32\sony_ssm.sys.dll [x]
    2 ntsecure; C:\Windows\System32\kl1.dll [x]
    2 nvedavt; C:\Windows\System32\xusb21.dll [x]
    2 nwlnkipx; C:\Windows\System32\s3savagemx.dll [x]
    2 nwlnkspx; C:\Windows\System32\se59unic.dll [x]
    2 NWSIPX32; C:\Windows\System32\SrvcEPECioctl.dll [x]
    2 NxFsMon; C:\Windows\System32\npkcrypt.dll [x]
    2 O2SCBUS; C:\Windows\System32\lockmgr.dll [x]
    2 odserv; C:\Windows\System32\dsbrokerservice.dll [x]
    2 ooclevercacheagent; C:\Windows\System32\s116mgmt.dll [x]
    2 OracleOraHome92ClientCache; C:\Windows\System32\ovt519.dll [x]
    2 ovt519; C:\Windows\System32\wpsscannersvc.dll [x]
    2 p2pgasvc; C:\Windows\System32\XDva004.dll [x]
    2 p3; C:\Windows\System32\nhcDriverDevice.dll [x]
    2 parallel; C:\Windows\System32\fsssvc.dll [x]
    2 Pctspk; C:\Windows\System32\trackcam4.dll [x]
    2 PdiPorts; C:\Windows\System32\spcstb.dll [x]
    2 penrendezvous; C:\Windows\System32\toshidpt.dll [x]
    2 pmsveh; C:\Windows\System32\wmp54gsvc.dll [x]
    2 prism_a02; C:\Windows\System32\Intels51.dll [x]
    2 procmon10; C:\Windows\System32\iaimfp3.dll [x]
    2 prosync1; C:\Windows\System32\emproxy.dll [x]
    2 PTproct; C:\Windows\System32\p1110vid.dll [x]
    2 Ptserlp; C:\Windows\System32\USB_RNDIS_XP.dll [x]
    2 pxhelp20; C:\Windows\System32\pvservice.dll [x]
    2 ql1080; C:\Windows\System32\v124.dll [x]
    2 QPCapSvc; C:\Windows\System32\qcmerced.dll [x]
    2 R300; C:\Windows\System32\procexp90.dll [x]
    2 retroexplauncher; C:\Windows\System32\avidsdmservice.dll [x]
    2 rimvserport; C:\Windows\System32\ql1080.dll [x]
    2 roxupnprenderer; C:\Windows\System32\nvport.dll [x]
    2 rt2500; C:\Windows\System32\DXEC02.dll [x]
    2 RTHDMIAzAudService; C:\Windows\System32\VC4CB104.dll [x]
    2 rtl8023; C:\Windows\System32\suservice.dll [x]
    2 RTL8169; C:\Windows\System32\bb-run.dll [x]
    2 rxfilter; C:\Windows\System32\slee_503_service.dll [x]
    2 s616mgmt; C:\Windows\System32\FETNDISB.dll [x]
    2 SaiMini; C:\Windows\System32\vclone.dll [x]
    2 sddmi2; C:\Windows\System32\EpmShd.dll [x]
    2 SE26obex; C:\Windows\System32\lockmgr.dll [x]
    2 SE27mdm; C:\Windows\System32\dlbx_device.dll [x]
    2 se2Bunic; C:\Windows\System32\mqdmbus.dll [x]
    2 SE2Cmgmt; C:\Windows\System32\SPCtl.dll [x]
    2 SE2Emgmt; C:\Windows\System32\guardian2.dll [x]
    2 se2End5; C:\Windows\System32\n3900.dll [x]
    2 se44obex; C:\Windows\System32\ELhid.dll [x]
    2 sentinel; C:\Windows\System32\p17.dll [x]
    2 shdserv; C:\Windows\System32\WmBEnum.dll [x]
    2 Shockprf; C:\Windows\System32\cfgwzsvc.dll [x]
    2 simbad; C:\Windows\System32\MREMP50a64.dll [x]
    2 SimpTcp; C:\Windows\System32\avgntflt.dll [x]
    2 sit_mdm; C:\Windows\System32\MxlW2k.dll [x]
    2 slapd-data52; C:\Windows\System32\s125mdfl.dll [x]
    2 Slntamr; C:\Windows\System32\vpcbus.dll [x]
    2 smrt; C:\Windows\System32\Epiusb.dll [x]
    2 smwdm; C:\Windows\System32\ELhid.dll [x]
    2 snapman; C:\Windows\System32\nod32krn.dll [x]
    2 SNC; C:\Windows\System32\profos.dll [x]
    2 snoopfree; C:\Windows\System32\dsbrokerservice.dll [x]
    2 spcsutilityservice; C:\Windows\System32\pavfnsvr.dll [x]
    2 speedfan; C:\Windows\System32\amdagp.dll [x]
    2 sscdmdm; C:\Windows\System32\pelmouse.dll [x]
    2 ssrvc; C:\Windows\System32\ovmsmaccessmanager.dll [x]
    2 streamloadservice; C:\Windows\System32\VrAcFil.dll [x]
    2 stunnel; C:\Windows\System32\digictrl.dll [x]
    2 stylexpservice; C:\Windows\System32\thinkpadmodemservice.dll [x]
    2 susbser; C:\Windows\System32\viamraid.dll [x]
    2 symantecantibotagent; C:\Windows\System32\cdralw2k.dll [x]
    2 symantecantibotwatcher; C:\Windows\System32\addfiltr.dll [x]
    2 symc810; C:\Windows\System32\Ptserlp.dll [x]
    2 symc8xx; C:\Windows\System32\usnjsvc.dll [x]
    2 sym_u3; C:\Windows\System32\vet-rec.dll [x]
    2 sysdown; C:\Windows\System32\sqlserveragent.dll [x]
    2 Tablet2k; C:\Windows\System32\wanarp.dll [x]
    2 tappsrv; C:\Windows\System32\SRTSP.dll [x]
    2 tfsnboio; C:\Windows\System32\s716nd5.dll [x]
    2 thotkey; C:\Windows\System32\tifm21.dll [x]
    2 thpsrv; C:\Windows\System32\AMDPCI.dll [x]
    2 TMBUS; C:\Windows\System32\kpfwsvc.dll [x]
    2 tme3srv; C:\Windows\System32\coste.dll [x]
    2 tomcatcws3; C:\Windows\System32\tfsnudfa.dll [x]
    2 toshidpt; C:\Windows\System32\intelroam.dll [x]
    2 tosrfusb; C:\Windows\System32\CADlink.dll [x]
    2 tphdexlgsvc; C:\Windows\System32\mwsejcap.dll [x]
    2 TPM; C:\Windows\System32\service.dll [x]
    2 transactional; C:\Windows\System32\JL2005C.dll [x]
    2 TuneUp.Defrag; C:\Windows\System32\vclone.dll [x]
    2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\EMSCR.dll [x]
    2 tunmp; C:\Windows\System32\KMWDFilter.dll [x]
    2 tvichw32; C:\Windows\System32\DM9102.dll [x]
    2 U81xobex; C:\Windows\System32\d-link_st3402.dll [x]
    2 UCTblHid; C:\Windows\System32\WUSB54Gv4SVC.dll [x]
    2 ultra66; C:\Windows\System32\NWADI.dll [x]
    2 upsentry_smart; C:\Windows\System32\DSDrv4.dll [x]
    2 us30sys; C:\Windows\System32\winvnc.dll [x]
    2 usb20l; C:\Windows\System32\smservauth.dll [x]
    2 V0070VID; C:\Windows\System32\SABProcEnum.dll [x]
    2 v124; C:\Windows\System32\pdlnsx25.dll [x]
    2 VAIOMediaPlatform-PhotoServer-HTTP; C:\Windows\System32\ACDaemon.dll [x]
    2 vaiomediaplatform-videoserver-appserver; C:\Windows\System32\aswlsvc.dll [x]
    2 vcomm; C:\Windows\System32\AVerBDA.dll [x]
    2 VirtualCam; C:\Windows\System32\fltmgr.dll [x]
    2 VirtualFD; C:\Windows\System32\nvmd.dll [x]
    2 vncdrv; C:\Windows\System32\websensewfreportserver.dll [x]
    2 vproeventmonitor; C:\Windows\System32\tifsfilter.dll [x]
    2 VrAcFil; C:\Windows\System32\SrvcSSIOMngr.dll [x]
    2 vrmonsvc; C:\Windows\System32\aiclient.dll [x]
    2 vulfnths; C:\Windows\System32\ELmon.dll [x]
    2 w800obex; C:\Windows\System32\emAudio.dll [x]
    3 wampapache; "c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe" -k runservice [x]
    3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe wampmysqld [x]
    2 webrootcommagentservice; C:\Windows\System32\cltnetcnservice.dll [x]
    2 wfxsvc; C:\Windows\System32\bridge.dll [x]
    2 WGX; C:\Windows\System32\schscnt.dll [x]
    2 wlidsvc; C:\Windows\System32\dlacdbhm.dll [x]
    2 wmccds; C:\Windows\System32\amfilter.dll [x]
    2 wps; C:\Windows\System32\nv.dll [x]
    2 XilinxPC4Driver; C:\Windows\System32\pxhelp20.dll [x]
    2 z525bus; C:\Windows\System32\mgabg.dll [x]
    2 zdeviceservice; C:\Windows\System32\MSMQTriggers.dll [x]
    2 ZDPNDIS5; C:\Windows\System32\qmofiltr.dll [x]
    2 ZDPSp50; C:\Windows\System32\se26nd5.dll [x]
    2 zebrceb; C:\Windows\System32\ino_flpy.dll [x]
    2 zntport; C:\Windows\System32\WBHWDOCT.dll [x]
    2 ZSMC211; C:\Windows\System32\CAMCAUD.dll [x]
    2 ZY202_XP; C:\Windows\System32\aswrdr.dll [x]
    2 {6080a529-897e-4629-a488-aba0c29b635e}; C:\Windows\System32\nv_agp.dll [x]

    ==================== Drivers (Whitelisted) ====================

    1 cbaltlhf; \??\C:\Windows\system32\drivers\cbaltlhf.sys [43480 2012-11-15] (Microsoft Corporation)
    3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
    3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22856 2012-09-29] (Malwarebytes Corporation)
    3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2012-11-15] (Malwarebytes Corporation)
    0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
    3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [23920 2010-04-29] (MediaMall Technologies, Inc.)
    3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [552448 2007-08-16] (Ralink Technology Corp.)
    1 shsdulsr; \??\C:\Windows\system32\drivers\shsdulsr.sys [43480 2012-11-15] (Microsoft Corporation)
    1 nwtawkmn; \??\C:\Windows\system32\drivers\nwtawkmn.sys [x]
    3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
    3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
    3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================

    NETSVC: ami0nt -> C:\Windows\system32\nuvvid2.dll ==> No File.
    NETSVC: tomcatcws3 -> C:\Windows\system32\tfsnudfa.dll ==> No File.
    NETSVC: aswtdi -> C:\Windows\system32\vtserver.dll ==> No File.
    NETSVC: mxserver -> C:\Windows\system32\ZSMC301b.dll ==> No File.
    NETSVC: retroexplauncher -> C:\Windows\system32\avidsdmservice.dll ==> No File.
    NETSVC: NITaggerService -> C:\Windows\system32\pxfhmdfl.dll ==> No File.
    NETSVC: iAimFP7 -> C:\Windows\system32\ProcObsrv.dll ==> No File.
    NETSVC: hf30service -> C:\Windows\system32\bt3cser.dll ==> No File.
    NETSVC: TPM -> C:\Windows\system32\service.dll ==> No File.
    NETSVC: symantecantibotwatcher -> C:\Windows\system32\addfiltr.dll ==> No File.
    NETSVC: R300 -> C:\Windows\system32\procexp90.dll ==> No File.
    NETSVC: HabuFltr -> C:\Windows\system32\lanmanserver.dll ==> No File.
    NETSVC: lxbu_device -> C:\Windows\system32\sis315.dll ==> No File.
    NETSVC: ifp800 -> C:\Windows\system32\vulfntrs.dll ==> No File.
    NETSVC: flashpnt -> C:\Windows\system32\se2Cnd5.dll ==> No File.
    NETSVC: atchksrv -> C:\Windows\system32\STV672.dll ==> No File.
    NETSVC: ZDPNDIS5 -> C:\Windows\system32\qmofiltr.dll ==> No File.
    NETSVC: kwatchsvc -> C:\Windows\system32\admservice.dll ==> No File.
    NETSVC: lirsgt -> C:\Windows\system32\sentinel.dll ==> No File.
    NETSVC: bocdrive -> C:\Windows\system32\anio.dll ==> No File.
    NETSVC: vaiomediaplatform-videoserver-appserver -> C:\Windows\system32\aswlsvc.dll ==> No File.
    NETSVC: RTHDMIAzAudService -> C:\Windows\system32\VC4CB104.dll ==> No File.
    NETSVC: bb-run -> C:\Windows\system32\ATIVXSTW.dll ==> No File.
    NETSVC: kpf4 -> C:\Windows\system32\bwmservice.dll ==> No File.
    NETSVC: vcomm -> C:\Windows\system32\AVerBDA.dll ==> No File.
    NETSVC: SNC -> C:\Windows\system32\profos.dll ==> No File.
    NETSVC: zdeviceservice -> C:\Windows\system32\MSMQTriggers.dll ==> No File.
    NETSVC: ZDPSp50 -> C:\Windows\system32\se26nd5.dll ==> No File.
    NETSVC: curtainssyssvc -> C:\Windows\system32\PSSdk23.dll ==> No File.
    NETSVC: ATKGFNEXSrv -> C:\Windows\system32\igfx.dll ==> No File.
    NETSVC: apache2 -> C:\Windows\system32\prfldsvc.dll ==> No File.
    NETSVC: fasttrackinstallerservice -> C:\Windows\system32\s125bus.dll ==> No File.
    NETSVC: mdvrmng -> C:\Windows\system32\atimtag.dll ==> No File.
    NETSVC: simbad -> C:\Windows\system32\MREMP50a64.dll ==> No File.
    NETSVC: dpc_srv_webcast -> C:\Windows\system32\kl1.dll ==> No File.
    NETSVC: webrootcommagentservice -> C:\Windows\system32\cltnetcnservice.dll ==> No File.
    NETSVC: avc -> C:\Windows\system32\wdm_au8820.dll ==> No File.
    NETSVC: vproeventmonitor -> C:\Windows\system32\tifsfilter.dll ==> No File.
    NETSVC: tphdexlgsvc -> C:\Windows\system32\mwsejcap.dll ==> No File.
    NETSVC: ovt519 -> C:\Windows\system32\wpsscannersvc.dll ==> No File.
    NETSVC: tvichw32 -> C:\Windows\system32\DM9102.dll ==> No File.
    NETSVC: avsvcmonitor -> C:\Windows\system32\vaiomediaplatform-photoserver-appserver.dll ==> No File.
    NETSVC: LKbdFlt2 -> C:\Windows\system32\NWUSBPort.dll ==> No File.
    NETSVC: cpqvcagent -> C:\Windows\system32\Xyz777s.dll ==> No File.
    NETSVC: se44obex -> C:\Windows\system32\ELhid.dll ==> No File.
    NETSVC: driverhardwarev2 -> C:\Windows\system32\gusvc.dll ==> No File.
    NETSVC: NxFsMon -> C:\Windows\system32\npkcrypt.dll ==> No File.
    NETSVC: sddmi2 -> C:\Windows\system32\EpmShd.dll ==> No File.
    NETSVC: v124 -> C:\Windows\system32\pdlnsx25.dll ==> No File.
    NETSVC: n558 -> C:\Windows\system32\symantecantibotshim.dll ==> No File.
    NETSVC: ultra66 -> C:\Windows\system32\NWADI.dll ==> No File.
    NETSVC: VirtualFD -> C:\Windows\system32\nvmd.dll ==> No File.
    NETSVC: snapman -> C:\Windows\system32\nod32krn.dll ==> No File.
    NETSVC: Dfs -> C:\Windows\system32\omniusbl.dll ==> No File.
    NETSVC: thpsrv -> C:\Windows\system32\AMDPCI.dll ==> No File.
    NETSVC: mqdmmdm -> C:\Windows\system32\NVR0Dev.dll ==> No File.
    NETSVC: ZSMC211 -> C:\Windows\system32\CAMCAUD.dll ==> No File.
    NETSVC: backupexecrpcservice -> C:\Windows\system32\rimusb.dll ==> No File.
    NETSVC: nvedavt -> C:\Windows\system32\xusb21.dll ==> No File.
    NETSVC: cq_mem -> C:\Windows\system32\asapiw2k.dll ==> No File.
    NETSVC: penrendezvous -> C:\Windows\system32\toshidpt.dll ==> No File.
    NETSVC: b57w2k -> C:\Windows\system32\TSHWMDTCP.dll ==> No File.
    NETSVC: ntiopnp -> C:\Windows\system32\sony_ssm.sys.dll ==> No File.
    NETSVC: zebrceb -> C:\Windows\system32\ino_flpy.dll ==> No File.
    NETSVC: dot4ufd -> C:\Windows\system32\vulfnths.dll ==> No File.
    NETSVC: aslm75 -> C:\Windows\system32\vmusb.dll ==> No File.
    NETSVC: dklogger -> C:\Windows\system32\SMCB000.dll ==> No File.
    NETSVC: sentinel -> C:\Windows\system32\p17.dll ==> No File.
    NETSVC: SE27mdm -> C:\Windows\system32\dlbx_device.dll ==> No File.
    NETSVC: F700imd -> C:\Windows\system32\oracleservicelocalora.dll ==> No File.
    NETSVC: nidomainservice -> C:\Windows\system32\dashsvc.dll ==> No File.
    NETSVC: O2SCBUS -> C:\Windows\system32\lockmgr.dll ==> No File.
    NETSVC: shdserv -> C:\Windows\system32\WmBEnum.dll ==> No File.
    NETSVC: OracleOraHome92ClientCache -> C:\Windows\system32\ovt519.dll ==> No File.
    NETSVC: cpsvc -> C:\Windows\system32\wmdmpmsn.dll ==> No File.
    NETSVC: VrAcFil -> C:\Windows\system32\SrvcSSIOMngr.dll ==> No File.
    NETSVC: Atmuni -> C:\Windows\system32\epsonstatusagent2.dll ==> No File.
    NETSVC: Ptserlp -> C:\Windows\system32\USB_RNDIS_XP.dll ==> No File.
    NETSVC: bgsvcgen -> C:\Windows\system32\nhcDriverDevice.dll ==> No File.
    NETSVC: DivisCTP -> C:\Windows\system32\itmrtsvc.dll ==> No File.
    NETSVC: merakpop3 -> C:\Windows\system32\httpfilter.dll ==> No File.
    NETSVC: Tablet2k -> C:\Windows\system32\wanarp.dll ==> No File.
    NETSVC: DcCam -> C:\Windows\system32\ZY202_XP.dll ==> No File.
    NETSVC: gs30s -> C:\Windows\system32\hamachi.dll ==> No File.
    NETSVC: CcmExec -> C:\Windows\system32\PSSdk21.dll ==> No File.
    NETSVC: rt2500 -> C:\Windows\system32\DXEC02.dll ==> No File.
    NETSVC: admjoy -> C:\Windows\system32\WD_FireWire_HID.dll ==> No File.
    NETSVC: upsentry_smart -> C:\Windows\system32\DSDrv4.dll ==> No File.
    NETSVC: nimcrpcsu -> C:\Windows\system32\WinDriver6.dll ==> No File.
    NETSVC: MSFWDrv -> C:\Windows\system32\armoucfltr.dll ==> No File.
    NETSVC: crystaloutputfileserver -> C:\Windows\system32\rupsmon.dll ==> No File.
    NETSVC: tunmp -> C:\Windows\system32\KMWDFilter.dll ==> No File.
    NETSVC: JRAID -> C:\Windows\system32\vpctcom.dll ==> No File.
    NETSVC: Shockprf -> C:\Windows\system32\cfgwzsvc.dll ==> No File.
    NETSVC: ctusfsyn -> C:\Windows\system32\epsonbidirectionalservice.dll ==> No File.
    NETSVC: FVXSCSI -> C:\Windows\system32\ultra66.dll ==> No File.
    NETSVC: application -> C:\Windows\system32\w810mgmt.dll ==> No File.
    NETSVC: tosrfusb -> C:\Windows\system32\CADlink.dll ==> No File.
    NETSVC: btcsrusb -> C:\Windows\system32\xpadminserver.dll ==> No File.
    NETSVC: PdiPorts -> C:\Windows\system32\spcstb.dll ==> No File.
    NETSVC: M3AD -> C:\Windows\system32\cdr4_xp.dll ==> No File.
    NETSVC: ntsecure -> C:\Windows\system32\kl1.dll ==> No File.
    NETSVC: hpwirelessmgr -> C:\Windows\system32\mcredirector.dll ==> No File.
    NETSVC: vncdrv -> C:\Windows\system32\websensewfreportserver.dll ==> No File.
    NETSVC: contentindex -> C:\Windows\system32\xpadminserver.dll ==> No File.
    NETSVC: lp6nds35 -> C:\Windows\system32\pae_avs.dll ==> No File.
    NETSVC: 3comtftp -> C:\Windows\system32\mediaviewer.dll ==> No File.
    NETSVC: stylexpservice -> C:\Windows\system32\thinkpadmodemservice.dll ==> No File.
    NETSVC: SaiMini -> C:\Windows\system32\vclone.dll ==> No File.
    NETSVC: toshidpt -> C:\Windows\system32\intelroam.dll ==> No File.
    NETSVC: digictrl -> C:\Windows\system32\pavdrv.dll ==> No File.
    NETSVC: TMBUS -> C:\Windows\system32\kpfwsvc.dll ==> No File.
    NETSVC: k750bus -> C:\Windows\system32\licensemanagersocket.dll ==> No File.
    NETSVC: atksgt -> C:\Windows\system32\lmimaint.dll ==> No File.
    NETSVC: speedfan -> C:\Windows\system32\amdagp.dll ==> No File.
    NETSVC: streamloadservice -> C:\Windows\system32\VrAcFil.dll ==> No File.
    NETSVC: imonitor -> C:\Windows\system32\lirsgt.dll ==> No File.
    NETSVC: ZY202_XP -> C:\Windows\system32\aswrdr.dll ==> No File.
    NETSVC: DeviceScanner -> C:\Windows\system32\fsks.dll ==> No File.
    NETSVC: mail2ec -> C:\Windows\system32\hidgame.dll ==> No File.
    NETSVC: sym_u3 -> C:\Windows\system32\vet-rec.dll ==> No File.
    NETSVC: usb20l -> C:\Windows\system32\smservauth.dll ==> No File.
    NETSVC: ldlcserv -> C:\Windows\system32\lxrjd31s.dll ==> No File.
    NETSVC: ino_flpy -> C:\Windows\system32\SymIM.dll ==> No File.
    NETSVC: jsdaemon -> C:\Windows\system32\WmHidLo.dll ==> No File.
    NETSVC: ARCSOFTVIRTUALCAPTURE -> C:\Windows\system32\w810mgmt.dll ==> No File.
    NETSVC: HssSrv -> C:\Windows\system32\https-admserv61.dll ==> No File.
    NETSVC: hsfhwazl -> C:\Windows\system32\rslinxng.dll ==> No File.
    NETSVC: bdrsdrv -> C:\Windows\system32\Ld51ocnucsnp.dll ==> No File.
    NETSVC: FTDIBUS -> C:\Windows\system32\RadProbe.dll ==> No File.
    NETSVC: VirtualCam -> C:\Windows\system32\fltmgr.dll ==> No File.
    NETSVC: pxhelp20 -> C:\Windows\system32\pvservice.dll ==> No File.
    NETSVC: mcdbus -> C:\Windows\system32\wlluc48.dll ==> No File.
    NETSVC: contentfilter -> C:\Windows\system32\i2omgmt.dll ==> No File.
    NETSVC: symc810 -> C:\Windows\system32\Ptserlp.dll ==> No File.
    NETSVC: ndassvc -> C:\Windows\system32\ZDCNDIS5.dll ==> No File.
    NETSVC: HWIONT -> C:\Windows\system32\volsnap.dll ==> No File.
    NETSVC: DSI_SiUSBXp_3_1 -> C:\Windows\system32\mraid35x.dll ==> No File.
    NETSVC: JiaoCap -> C:\Windows\system32\VIAPFD.dll ==> No File.
    NETSVC: spcsutilityservice -> C:\Windows\system32\pavfnsvr.dll ==> No File.
    NETSVC: z525bus -> C:\Windows\system32\mgabg.dll ==> No File.
    NETSVC: 3combootp -> C:\Windows\system32\HSFHWALI.dll ==> No File.
    NETSVC: centennialiptransferagent -> C:\Windows\system32\asapiw2k.dll ==> No File.
    NETSVC: tappsrv -> C:\Windows\system32\SRTSP.dll ==> No File.
    NETSVC: L1e -> C:\Windows\system32\scanwscs.dll ==> No File.
    NETSVC: rimvserport -> C:\Windows\system32\ql1080.dll ==> No File.
    NETSVC: dsncservice -> C:\Windows\system32\snare.dll ==> No File.
    NETSVC: wps -> C:\Windows\system32\nv.dll ==> No File.
    NETSVC: backupclientsvc -> C:\Windows\system32\S7oppilx.dll ==> No File.
    NETSVC: U81xobex -> C:\Windows\system32\d-link_st3402.dll ==> No File.
    NETSVC: icraplus -> C:\Windows\system32\MA-620.dll ==> No File.
    NETSVC: zntport -> C:\Windows\system32\WBHWDOCT.dll ==> No File.
    NETSVC: dbmang -> C:\Windows\system32\papyjoy.dll ==> No File.
    NETSVC: avg7rsw -> C:\Windows\system32\db2.dll ==> No File.
    NETSVC: UCTblHid -> C:\Windows\system32\WUSB54Gv4SVC.dll ==> No File.
    NETSVC: KLOGNT -> C:\Windows\system32\avfilter.dll ==> No File.
    NETSVC: TuneUp.ProgramStatisticsSvc -> C:\Windows\system32\EMSCR.dll ==> No File.
    NETSVC: mpfirewl -> C:\Windows\system32\QV2KUX.dll ==> No File.
    NETSVC: mrobeservice -> C:\Windows\system32\siside.dll ==> No File.
    NETSVC: thotkey -> C:\Windows\system32\tifm21.dll ==> No File.
    NETSVC: ql1080 -> C:\Windows\system32\v124.dll ==> No File.
    NETSVC: caccprovsp -> C:\Windows\system32\nuvvid2.dll ==> No File.
    NETSVC: CnxTrUsb -> C:\Windows\system32\raspti.dll ==> No File.
    NETSVC: ifxspmgtsrv -> C:\Windows\system32\ZSMC301b.dll ==> No File.
    NETSVC: HSX_DP -> C:\Windows\system32\HFACSVC.dll ==> No File.
    NETSVC: cpqdmi -> C:\Windows\system32\revudfservice.dll ==> No File.
    NETSVC: se2End5 -> C:\Windows\system32\n3900.dll ==> No File.
    NETSVC: LMouKE -> C:\Windows\system32\MXOPSWD.dll ==> No File.
    NETSVC: i2omgmt -> C:\Windows\system32\redbook.dll ==> No File.
    NETSVC: XilinxPC4Driver -> C:\Windows\system32\pxhelp20.dll ==> No File.
    NETSVC: bthpan -> C:\Windows\system32\sfhlp01.dll ==> No File.
    NETSVC: CDRPDACC -> C:\Windows\system32\MXOPSWD.dll ==> No File.
    NETSVC: symc8xx -> C:\Windows\system32\usnjsvc.dll ==> No File.
    NETSVC: p3 -> C:\Windows\system32\nhcDriverDevice.dll ==> No File.
    NETSVC: nwlnkipx -> C:\Windows\system32\s3savagemx.dll ==> No File.
    NETSVC: CoachVc -> C:\Windows\system32\NICM.dll ==> No File.
    NETSVC: avsinc -> C:\Windows\system32\euq_monitor.dll ==> No File.
    NETSVC: hap17v2k -> C:\Windows\system32\lxce_device.dll ==> No File.
    NETSVC: motoswitchservice -> C:\Windows\system32\symlcbrd.dll ==> No File.
    NETSVC: iolo_srv -> C:\Windows\system32\USIUDF.dll ==> No File.
    NETSVC: dmload -> C:\Windows\system32\symc8xx.dll ==> No File.
    NETSVC: Slntamr -> C:\Windows\system32\vpcbus.dll ==> No File.
    NETSVC: Amsmpu4p -> C:\Windows\system32\a016bus.dll ==> No File.
    NETSVC: WGX -> C:\Windows\system32\schscnt.dll ==> No File.
    NETSVC: p2pgasvc -> C:\Windows\system32\XDva004.dll ==> No File.
    NETSVC: sit_mdm -> C:\Windows\system32\MxlW2k.dll ==> No File.
    NETSVC: ATIBTXBAR -> C:\Windows\system32\w3svc.dll ==> No File.
    NETSVC: hSONYPVh -> C:\Windows\system32\cwafreportscheduler.dll ==> No File.
    NETSVC: tme3srv -> C:\Windows\system32\coste.dll ==> No File.
    NETSVC: slapd-data52 -> C:\Windows\system32\s125mdfl.dll ==> No File.
    NETSVC: dvd-ram_service -> C:\Windows\system32\ifxspmgtsrv.dll ==> No File.
    NETSVC: arp1394 -> C:\Windows\system32\AVRec.dll ==> No File.
    NETSVC: CVPNDRVA -> C:\Windows\system32\CTDevice_Srv.dll ==> No File.
    NETSVC: snoopfree -> C:\Windows\system32\dsbrokerservice.dll ==> No File.
    NETSVC: netdetect -> C:\Windows\system32\asp.net_1.1.4322.dll ==> No File.
    NETSVC: Nsynas32 -> C:\Windows\system32\atiavaiw.dll ==> No File.
    NETSVC: LHidKe -> C:\Windows\system32\avidsdmservice.dll ==> No File.
    NETSVC: cfsvcs -> C:\Windows\system32\nscirda.dll ==> No File.
    NETSVC: hpqddsvc -> C:\Windows\system32\msmpsvc.dll ==> No File.
    NETSVC: SE2Emgmt -> C:\Windows\system32\guardian2.dll ==> No File.
    NETSVC: lvcomser -> C:\Windows\system32\sit_mdm.dll ==> No File.
    NETSVC: ELacpi -> C:\Windows\system32\disk.dll ==> No File.
    NETSVC: ftrtsvc -> C:\Windows\system32\ARPolicy.dll ==> No File.
    NETSVC: eeyeevnt -> C:\Windows\system32\comhost.dll ==> No File.
    NETSVC: CdaC15BA -> C:\Windows\system32\pxfhserd.dll ==> No File.
    NETSVC: PTproct -> C:\Windows\system32\p1110vid.dll ==> No File.
    NETSVC: transactional -> C:\Windows\system32\JL2005C.dll ==> No File.
    NETSVC: Invoker -> C:\Windows\system32\hkmsvc.dll ==> No File.
    NETSVC: CE3 -> C:\Windows\system32\CnxTrLan.dll ==> No File.
    NETSVC: vrmonsvc -> C:\Windows\system32\aiclient.dll ==> No File.
    NETSVC: parallel -> C:\Windows\system32\fsssvc.dll ==> No File.
    NETSVC: bmuservice -> C:\Windows\system32\AKSIFDH.dll ==> No File.
    NETSVC: smrt -> C:\Windows\system32\Epiusb.dll ==> No File.
    NETSVC: aexnsclient -> C:\Windows\system32\bgs_sdservice.dll ==> No File.
    NETSVC: NWSIPX32 -> C:\Windows\system32\SrvcEPECioctl.dll ==> No File.
    NETSVC: iaantmon -> C:\Windows\system32\gv3.dll ==> No File.
    NETSVC: us30sys -> C:\Windows\system32\winvnc.dll ==> No File.
    NETSVC: se2Bunic -> C:\Windows\system32\mqdmbus.dll ==> No File.
    NETSVC: FireTDI -> C:\Windows\system32\GTSCSER.dll ==> No File.
    NETSVC: QPCapSvc -> C:\Windows\system32\qcmerced.dll ==> No File.
    NETSVC: mcods -> C:\Windows\system32\atitool.dll ==> No File.
    NETSVC: ssrvc -> C:\Windows\system32\ovmsmaccessmanager.dll ==> No File.
    NETSVC: prism_a02 -> C:\Windows\system32\Intels51.dll ==> No File.
    NETSVC: SE26obex -> C:\Windows\system32\lockmgr.dll ==> No File.
    NETSVC: sscdmdm -> C:\Windows\system32\pelmouse.dll ==> No File.
    NETSVC: VAIOMediaPlatform-PhotoServer-HTTP -> C:\Windows\system32\ACDaemon.dll ==> No File.
    NETSVC: d-link_st3402 -> C:\Windows\system32\ageremodemaudio.dll ==> No File.
    NETSVC: hcmon -> C:\Windows\system32\s616mdfl.dll ==> No File.
    NETSVC: ACDaemon -> C:\Windows\system32\emAudio.dll ==> No File.
    NETSVC: cisvc -> No Registry Path.
    NETSVC: lwwlicenseservice -> C:\Windows\system32\earthlinksafeconnectagent.dll ==> No File.
    NETSVC: procmon10 -> C:\Windows\system32\iaimfp3.dll ==> No File.
    NETSVC: MRENDIS5 -> C:\Windows\system32\nvax.dll ==> No File.
    NETSVC: cbidf -> C:\Windows\system32\usbvideo.dll ==> No File.
    NETSVC: adsservice -> C:\Windows\system32\vwlogger.dll ==> No File.
    NETSVC: ngserver -> C:\Windows\system32\noipducservice.dll ==> No File.
    NETSVC: iolodmv -> C:\Windows\system32\ibmasrex.dll ==> No File.
    NETSVC: lhidflt2 -> C:\Windows\system32\rsvchost.dll ==> No File.
    NETSVC: w800obex -> C:\Windows\system32\emAudio.dll ==> No File.
    NETSVC: Ncrc710 -> C:\Windows\system32\ulcdrhlp.dll ==> No File.
    NETSVC: wmccds -> C:\Windows\system32\amfilter.dll ==> No File.
    NETSVC: {6080a529-897e-4629-a488-aba0c29b635e} -> C:\Windows\system32\nv_agp.dll ==> No File.
    NETSVC: Pctspk -> C:\Windows\system32\trackcam4.dll ==> No File.
    NETSVC: pmsveh -> C:\Windows\system32\wmp54gsvc.dll ==> No File.
    NETSVC: vulfnths -> C:\Windows\system32\ELmon.dll ==> No File.
    NETSVC: SimpTcp -> C:\Windows\system32\avgntflt.dll ==> No File.
    NETSVC: CTHWIUT.DLL -> C:\Windows\system32\DN2AKNET.dll ==> No File.
    NETSVC: abnetmon -> C:\Windows\system32\aeclienthostservice.dll ==> No File.
    NETSVC: prosync1 -> C:\Windows\system32\emproxy.dll ==> No File.
    NETSVC: LPDSVC -> C:\Windows\system32\raidmagt.dll ==> No File.
    NETSVC: rxfilter -> C:\Windows\system32\slee_503_service.dll ==> No File.
    NETSVC: epfwtdi -> C:\Windows\system32\sfng32.dll ==> No File.
    NETSVC: RTL8169 -> C:\Windows\system32\bb-run.dll ==> No File.
    NETSVC: TuneUp.Defrag -> C:\Windows\system32\vclone.dll ==> No File.
    NETSVC: tfsnboio -> C:\Windows\system32\s716nd5.dll ==> No File.
    NETSVC: symantecantibotagent -> C:\Windows\system32\cdralw2k.dll ==> No File.
    NETSVC: ooclevercacheagent -> C:\Windows\system32\s116mgmt.dll ==> No File.
    NETSVC: bgmainsvc -> C:\Windows\system32\mnmsrvc.dll ==> No File.
    NETSVC: GVCplDrv -> C:\Windows\system32\snpstd2.dll ==> No File.
    NETSVC: DNE -> C:\Windows\system32\naimagent32.dll ==> No File.
    NETSVC: modemcsa -> C:\Windows\system32\trufos.dll ==> No File.
    NETSVC: V0070VID -> C:\Windows\system32\SABProcEnum.dll ==> No File.
    NETSVC: nwlnkspx -> C:\Windows\system32\se59unic.dll ==> No File.
    NETSVC: ikfilesec -> C:\Windows\system32\akshasp.dll ==> No File.
    NETSVC: rtl8023 -> C:\Windows\system32\suservice.dll ==> No File.
    NETSVC: CTMMOUNT -> C:\Windows\system32\V0070VID.dll ==> No File.
    NETSVC: dwusbdnt -> C:\Windows\system32\pavfnsvr.dll ==> No File.
    NETSVC: dbmanagerscheduler -> C:\Windows\system32\btkrnl.dll ==> No File.
    NETSVC: maxbackserviceint -> C:\Windows\system32\oracle_load_balancer_60_client-forms6ip14.dll ==> No File.
    NETSVC: susbser -> C:\Windows\system32\viamraid.dll ==> No File.
    NETSVC: wfxsvc -> C:\Windows\system32\bridge.dll ==> No File.
    NETSVC: MREMP50a64 -> C:\Windows\system32\ppa3.dll ==> No File.
    NETSVC: odserv -> C:\Windows\system32\dsbrokerservice.dll ==> No File.
    NETSVC: roxupnprenderer -> C:\Windows\system32\nvport.dll ==> No File.
    NETSVC: armoucfltr -> C:\Windows\system32\NETGEAR_MA111.dll ==> No File.
    NETSVC: s616mgmt -> C:\Windows\system32\FETNDISB.dll ==> No File.
    NETSVC: hsvcmod -> C:\Windows\system32\k750mdfl.dll ==> No File.
    NETSVC: minilog -> C:\Windows\system32\prosync1.dll ==> No File.
    NETSVC: db2 -> C:\Windows\system32\RecAgent.dll ==> No File.
    NETSVC: dlbx_device -> C:\Windows\system32\aslm75.dll ==> No File.
    NETSVC: MSFWHLPR -> C:\Windows\system32\ELacpi.dll ==> No File.
    NETSVC: ikhlayer -> C:\Windows\system32\RVIEG01.dll ==> No File.
    NETSVC: client32 -> C:\Windows\system32\mysql.dll ==> No File.
    NETSVC: lvhidsvc -> C:\Windows\system32\Ktp.dll ==> No File.
    NETSVC: meiudf -> C:\Windows\system32\dladresm.dll ==> No File.
    NETSVC: stunnel -> C:\Windows\system32\digictrl.dll ==> No File.
    NETSVC: sysdown -> C:\Windows\system32\sqlserveragent.dll ==> No File.
    NETSVC: mvserver -> C:\Windows\system32\F700imd.dll ==> No File.
    NETSVC: ltxred -> C:\Windows\system32\bdftdif.dll ==> No File.
    NETSVC: smwdm -> C:\Windows\system32\ELhid.dll ==> No File.
    NETSVC: SE2Cmgmt -> C:\Windows\system32\SPCtl.dll ==> No File.
    NETSVC: mfeavfk -> C:\Windows\system32\iwebmsg.dll ==> No File.

    ==================== One Month Created Files and Folders ========

    2012-11-15 21:54 - 2012-11-15 21:54 - 00000000 ____D C:\FRST
    2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\shsdulsr.sys
    2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cbaltlhf.sys
    2012-11-15 21:36 - 2012-11-15 21:36 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys

    ==================== One Month Modified Files and Folders ========

    2012-11-15 21:54 - 2012-11-15 21:54 - 00000000 ____D C:\FRST
    2012-11-15 21:48 - 2011-08-03 23:31 - 00733518 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\shsdulsr.sys
    2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cbaltlhf.sys
    2012-11-15 21:41 - 2012-01-13 22:48 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-11-15 21:40 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-11-15 21:40 - 2009-07-13 20:39 - 00067796 ____A C:\Windows\setupact.log
    2012-11-15 21:36 - 2012-11-15 21:36 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
    2012-11-15 21:36 - 2012-01-13 22:48 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-11-15 21:32 - 2011-08-08 11:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2012-11-15 21:31 - 2009-07-13 20:34 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-11-15 21:31 - 2009-07-13 20:34 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-11-15 21:25 - 2011-08-03 23:21 - 01478198 ____A C:\Windows\WindowsUpdate.log

    ZeroAccess:
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\@
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L\00000004.@
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L\201d3dde
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U\80000000.@
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U\80000032.@

    ZeroAccess:
    C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}
    C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\@
    C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L
    C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\n
    C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U

    ZeroAccess:
    C:\Windows\assembly\GAC\Desktop.ini

    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2012-08-08 02:28:35
    Restore point made on: 2012-08-15 23:00:22
    Restore point made on: 2012-08-17 13:29:06

    ==================== Memory info ===========================

    Percentage of memory in use: 12%
    Total physical RAM: 4029.93 MB
    Available physical RAM: 3523.66 MB
    Total Pagefile: 4028.2 MB
    Available Pagefile: 3529.38 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1969.62 MB

    ==================== Partitions =============================

    1 Drive c: () (Fixed) (Total:465.66 GB) (Free:102.95 GB) NTFS
    2 Drive d: (Big Daddy) (Fixed) (Total:1863.01 GB) (Free:649.82 GB) NTFS
    4 Drive g: (GB) (Removable) (Total:0.99 GB) (Free:0.98 GB) FAT
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B
    Disk 1 Online 1863 GB 0 B
    Disk 2 Online 1009 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 465 GB 101 MB

    =========================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y System Rese NTFS Partition 100 MB Healthy

    =========================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 465 GB Healthy

    =========================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 1863 GB 1024 KB

    =========================================================

    Disk: 1
    Partition 1
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 D Big Daddy NTFS Partition 1863 GB Healthy

    =========================================================

    Partitions of Disk 2:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 1009 MB 16 KB

    =========================================================

    Disk: 2
    Partition 1
    Type : 06
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G GB FAT Removable 1009 MB Healthy

    =========================================================

    Last Boot: 2012-08-16 23:03

    ==================== End Of Log ============================

    Farbar Recovery Scan Tool (x86) Version: 12-11-2012
    Ran by SYSTEM at 2012-11-15 21:58:59
    Running from G:\

    ================== Search: "services.exe" ===================

    C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
    [2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6

    C:\Windows\System32\services.exe
    [2009-07-13 15:11] - [2012-08-19 20:42] - 0259072 ____A (Microsoft Corporation) A302BBFF2A7278C0E239EE5D471D86A9

    === End Of Search ===
  2. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ========================================

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Let me know if you can boot normally.

    Attached Files:

  3. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-11-2012
    Ran by SYSTEM at 2012-11-16 16:41:50 Run:1
    Running from G:\

    ==============================================

    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
    C:\Windows\System32\consrv.dll not found.
    cbaltlhf service deleted successfully.
    C:\Windows\system32\drivers\cbaltlhf.sys moved successfully.
    shsdulsr service deleted successfully.
    C:\Windows\system32\drivers\shsdulsr.sys moved successfully.
    nwtawkmn service deleted successfully.
    C:\Windows\system32\drivers\nwtawkmn.sys not found.
    C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350} moved successfully.
    C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350} moved successfully.
    C:\Windows\assembly\GAC\Desktop.ini moved successfully.
    C:\Windows\System32\services.exe moved successfully.
    C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe copied successfully to C:\Windows\System32\services.exe

    ==== End of Fixlog ====

    It is booting now with no issues.
  4. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    Good :)

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

    ============================

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    ==============================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
  5. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    RogueKiller V8.2.3 [11/07/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website: http://tigzy.geekstogo.com/roguekiller.php
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
    Started in : Normal mode
    User : Josh [Admin rights]
    Mode : Scan -- Date : 11/17/2012 17:54:13

    ¤¤¤ Bad processes : 1 ¤¤¤
    [SVCHOST] svchost.exe -- C:\Windows\System32\svchost.exe -> KILLED [TermThr]

    ¤¤¤ Registry Entries : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts



    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST3500641AS +++++
    --- User ---
    [MBR] fadd3cd50ffdf3e1d1b9044e0efc4a9c
    [BSP] daf16441f406d0f43baae37a5e5f7083 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: WDC WD2002FYPS-01U1B1 +++++
    --- User ---
    [MBR] 0313d59cabdea16ee12df855dba9378c
    [BSP] aee193f131d9d43f48fd4e5fa7d01c1a : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[4]_S_11172012_02d1754.txt >>
    RKreport[1]_S_11162012_02d2308.txt ; RKreport[2]_D_11172012_02d1753.txt ; RKreport[3]_D_11172012_02d1753.txt ; RKreport[4]_S_11172012_02d1754.txt


    Alright I have ran all three programs and everything looks to be working peachy keen, thank you so much for the help.
  6. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    This is an edited down log it won't let me post the whole thing.

    17:57:25.0449 4088 \Device\Harddisk1\DR1 - ok
    17:57:25.0449 4088 ================ Scan VBR ==================================
    17:57:25.0459 4088 [ D8A25C9032AF79CA9ED870F5FFA25B69 ] \Device\Harddisk0\DR0\Partition1
    17:57:25.0459 4088 \Device\Harddisk0\DR0\Partition1 - ok
    17:57:25.0469 4088 [ 489F8D25B6082084B87A2F57B1921A78 ] \Device\Harddisk0\DR0\Partition2
    17:57:25.0469 4088 \Device\Harddisk0\DR0\Partition2 - ok
    17:57:25.0469 4088 [ 49DCD569A7232D04DF3FC27CC6855C40 ] \Device\Harddisk1\DR1\Partition1
    17:57:25.0469 4088 \Device\Harddisk1\DR1\Partition1 - ok
    17:57:25.0469 4088 ============================================================
    17:57:25.0469 4088 Scan finished
    17:57:25.0469 4088 ============================================================
    17:57:25.0489 0408 Detected object count: 0
    17:57:25.0489 0408 Actual detected object count: 0

    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2012-11-17 17:59:10
    -----------------------------

    17:59:10.130 OS Version: Windows 6.1.7601 Service Pack 1
    17:59:10.130 Number of processors: 2 586 0xF06
    17:59:10.130 ComputerName: JOSH-PC UserName: Josh
    17:59:11.359 Initialize success
    17:59:21.621 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    17:59:21.621 Disk 0 Vendor: ST350064 3.AD Size: 476940MB BusType: 8
    17:59:21.637 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
    17:59:21.637 Disk 1 Vendor: WDC_WD20 04.0 Size: 1907729MB BusType: 8
    17:59:21.637 Disk 0 MBR read successfully
    17:59:21.652 Disk 0 MBR scan
    17:59:21.652 Disk 0 Windows 7 default MBR code
    17:59:21.652 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    17:59:21.668 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
    17:59:21.684 Disk 0 scanning sectors +976771072
    17:59:21.762 Disk 0 scanning C:\Windows\system32\drivers
    17:59:28.326 Service scanning
    17:59:36.500 Service MpKslc4ebaf85 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{207F953E-034D-44AA-8818-76440A481778}\MpKslc4ebaf85.sys **LOCKED** 32
    17:59:45.579 Modules scanning
    18:00:08.642 Disk 0 trace - called modules:
    18:00:08.642
    18:00:08.658 Scan finished successfully
    18:02:13.860 Disk 0 MBR has been saved successfully to "C:\Users\Josh\Desktop\MBR.dat"
    18:02:13.860 The log file has been saved successfully to "C:\Users\Josh\Desktop\aswMBR.txt"
  7. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    I need to see a whole log.
    Split it between couple of replies.

    Did you run TDSSKiller before RogueKiller or after?
  8. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    20:06:00.0130 0900 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    20:06:01.0070 0900 ============================================================
    20:06:01.0070 0900 Current date / time: 2012/11/17 20:06:01.0070
    20:06:01.0070 0900 SystemInfo:
    20:06:01.0070 0900
    20:06:01.0070 0900 OS Version: 6.1.7601 ServicePack: 1.0
    20:06:01.0070 0900 Product type: Workstation
    20:06:01.0070 0900 ComputerName: JOSH-PC
    20:06:01.0070 0900 UserName: Josh
    20:06:01.0070 0900 Windows directory: C:\Windows
    20:06:01.0070 0900 System windows directory: C:\Windows
    20:06:01.0070 0900 Processor architecture: Intel x86
    20:06:01.0070 0900 Number of processors: 2
    20:06:01.0070 0900 Page size: 0x1000
    20:06:01.0070 0900 Boot type: Normal boot
    20:06:01.0070 0900 ============================================================
    20:06:02.0060 0900 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    20:06:02.0450 0900 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    20:06:02.0460 0900 ============================================================
    20:06:02.0460 0900 \Device\Harddisk0\DR0:
    20:06:02.0470 0900 MBR partitions:
    20:06:02.0470 0900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    20:06:02.0470 0900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
    20:06:02.0470 0900 \Device\Harddisk1\DR1:
    20:06:02.0470 0900 MBR partitions:
    20:06:02.0470 0900 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
    20:06:02.0470 0900 ============================================================
    20:06:02.0490 0900 C: <-> \Device\Harddisk0\DR0\Partition2
    20:06:02.0500 0900 E: <-> \Device\Harddisk1\DR1\Partition1
    20:06:02.0500 0900 ============================================================
    20:06:02.0500 0900 Initialize success
    20:06:02.0500 0900 ============================================================
    20:06:03.0780 3700 ============================================================
    20:06:03.0780 3700 Scan started
    20:06:03.0780 3700 Mode: Manual;
    20:06:03.0780 3700 ============================================================
    20:06:04.0497 3700 ================ Scan system memory ========================
    20:06:04.0497 3700 System memory - ok
    20:06:04.0497 3700 ================ Scan services =============================
    20:06:04.0638 3700 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    20:06:04.0638 3700 1394ohci - ok
    20:06:04.0669 3700 3combootp - ok
    20:06:04.0684 3700 3comtftp - ok
    20:06:04.0684 3700 abnetmon - ok
    20:06:04.0700 3700 ACDaemon - ok
    20:06:04.0747 3700 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    20:06:04.0747 3700 ACPI - ok
    20:06:04.0778 3700 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    20:06:04.0778 3700 AcpiPmi - ok
    20:06:05.0121 3700 admjoy - ok
    20:06:05.0480 3700 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    20:06:05.0480 3700 AdobeARMservice - ok
    20:06:05.0636 3700 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    20:06:05.0761 3700 AdobeFlashPlayerUpdateSvc - ok
    20:06:05.0792 3700 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    20:06:05.0792 3700 adp94xx - ok
    20:06:05.0823 3700 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    20:06:05.0823 3700 adpahci - ok
    20:06:05.0839 3700 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    20:06:05.0839 3700 adpu320 - ok
    20:06:05.0854 3700 adsservice - ok
    20:06:05.0886 3700 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    20:06:05.0886 3700 AeLookupSvc - ok
    20:06:05.0917 3700 aexnsclient - ok
    20:06:05.0995 3700 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
    20:06:05.0995 3700 AFD - ok
    20:06:06.0042 3700 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
    20:06:06.0042 3700 agp440 - ok
    20:06:06.0088 3700 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
    20:06:06.0088 3700 aic78xx - ok
    20:06:06.0104 3700 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
    20:06:06.0104 3700 ALG - ok
    20:06:06.0166 3700 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
    20:06:06.0166 3700 aliide - ok
    20:06:06.0182 3700 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
    20:06:06.0182 3700 amdagp - ok
    20:06:06.0198 3700 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
    20:06:06.0198 3700 amdide - ok
    20:06:06.0229 3700 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    20:06:06.0229 3700 AmdK8 - ok
    20:06:06.0229 3700 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    20:06:06.0229 3700 AmdPPM - ok
    20:06:06.0260 3700 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
    20:06:06.0260 3700 amdsata - ok
    20:06:06.0276 3700 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    20:06:06.0276 3700 amdsbs - ok
    20:06:06.0291 3700 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    20:06:06.0291 3700 amdxata - ok
    20:06:06.0291 3700 ami0nt - ok
    20:06:06.0307 3700 Amsmpu4p - ok
    20:06:06.0322 3700 apache2 - ok
    20:06:06.0369 3700 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
    20:06:06.0369 3700 AppID - ok
    20:06:06.0400 3700 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    20:06:06.0400 3700 AppIDSvc - ok
    20:06:06.0447 3700 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
    20:06:06.0447 3700 Appinfo - ok
    20:06:06.0759 3700 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    20:06:06.0759 3700 Apple Mobile Device - ok
    20:06:06.0790 3700 application - ok
    20:06:06.0822 3700 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
    20:06:06.0822 3700 AppMgmt - ok
    20:06:06.0900 3700 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
    20:06:06.0900 3700 arc - ok
    20:06:06.0946 3700 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    20:06:06.0946 3700 arcsas - ok
    20:06:06.0993 3700 ARCSOFTVIRTUALCAPTURE - ok
    20:06:07.0071 3700 armoucfltr - ok
    20:06:07.0087 3700 arp1394 - ok
    20:06:07.0102 3700 aslm75 - ok
    20:06:07.0212 3700 aswtdi - ok
    20:06:07.0258 3700 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    20:06:07.0258 3700 AsyncMac - ok
    20:06:07.0680 3700 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
    20:06:07.0680 3700 atapi - ok
    20:06:07.0758 3700 atchksrv - ok
    20:06:08.0070 3700 [ ECF01C1E13591A1350FCF91D4197D9E2 ] athr C:\Windows\system32\DRIVERS\athr.sys
    20:06:08.0070 3700 athr - ok
    20:06:08.0085 3700 ATIBTXBAR - ok
    20:06:08.0148 3700 ATKGFNEXSrv - ok
    20:06:08.0148 3700 atksgt - ok
    20:06:08.0163 3700 Atmuni - ok
    20:06:08.0428 3700 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    20:06:08.0428 3700 AudioEndpointBuilder - ok
    20:06:08.0460 3700 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
    20:06:08.0460 3700 Audiosrv - ok
    20:06:08.0569 3700 avc - ok
    20:06:08.0803 3700 avg7rsw - ok
    20:06:08.0912 3700 avsinc - ok
    20:06:08.0912 3700 avsvcmonitor - ok
    20:06:09.0037 3700 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
    20:06:09.0037 3700 AxInstSV - ok
    20:06:09.0208 3700 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
    20:06:09.0208 3700 b06bdrv - ok
    20:06:09.0598 3700 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
    20:06:09.0598 3700 b57nd60x - ok
    20:06:09.0630 3700 b57w2k - ok
    20:06:09.0692 3700 backupclientsvc - ok
    20:06:09.0708 3700 backupexecrpcservice - ok
    20:06:09.0879 3700 bb-run - ok
    20:06:10.0004 3700 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
    20:06:10.0004 3700 BDESVC - ok
    20:06:10.0051 3700 bdrsdrv - ok
    20:06:10.0098 3700 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
    20:06:10.0098 3700 Beep - ok
    20:06:10.0144 3700 bgmainsvc - ok
    20:06:10.0160 3700 bgsvcgen - ok
    20:06:10.0222 3700 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    20:06:10.0238 3700 blbdrive - ok
    20:06:10.0269 3700 bmuservice - ok
    20:06:10.0300 3700 bocdrive - ok
    20:06:10.0550 3700 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    20:06:10.0550 3700 Bonjour Service - ok
    20:06:10.0644 3700 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    20:06:10.0644 3700 bowser - ok
    20:06:10.0753 3700 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    20:06:10.0753 3700 BrFiltLo - ok
    20:06:10.0784 3700 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    20:06:10.0784 3700 BrFiltUp - ok
    20:06:10.0815 3700 [ 77361D72A04F18809D0EFB6CCEB74D4B ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
    20:06:10.0815 3700 Bridge - ok
    20:06:10.0909 3700 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    20:06:10.0909 3700 BridgeMP - ok
    20:06:11.0018 3700 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
    20:06:11.0018 3700 Browser - ok
    20:06:11.0174 3700 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
    20:06:11.0174 3700 Brserid - ok
    20:06:11.0252 3700 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    20:06:11.0252 3700 BrSerWdm - ok
    20:06:11.0283 3700 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    20:06:11.0283 3700 BrUsbMdm - ok
    20:06:11.0330 3700 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
    20:06:11.0330 3700 BrUsbSer - ok
    20:06:11.0346 3700 btcsrusb - ok
    20:06:11.0392 3700 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    20:06:11.0392 3700 BTHMODEM - ok
    20:06:11.0424 3700 bthpan - ok
    20:06:11.0517 3700 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
    20:06:11.0517 3700 bthserv - ok
    20:06:11.0533 3700 caccprovsp - ok
    20:06:11.0533 3700 cbidf - ok
    20:06:11.0548 3700 CcmExec - ok
    20:06:11.0548 3700 CdaC15BA - ok
    20:06:11.0580 3700 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    20:06:11.0580 3700 cdfs - ok
    20:06:11.0876 3700 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    20:06:11.0876 3700 cdrom - ok
    20:06:11.0876 3700 CDRPDACC - ok
    20:06:11.0954 3700 CE3 - ok
    20:06:12.0001 3700 centennialiptransferagent - ok
    20:06:12.0172 3700 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
    20:06:12.0172 3700 CertPropSvc - ok
    20:06:12.0328 3700 cfsvcs - ok
    20:06:12.0391 3700 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    20:06:12.0391 3700 circlass - ok
    20:06:12.0469 3700 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
    20:06:12.0469 3700 CLFS - ok
    20:06:12.0500 3700 client32 - ok
    20:06:12.0921 3700 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    20:06:12.0921 3700 clr_optimization_v2.0.50727_32 - ok
    20:06:12.0999 3700 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    20:06:13.0030 3700 clr_optimization_v4.0.30319_32 - ok
    20:06:13.0062 3700 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    20:06:13.0062 3700 CmBatt - ok
    20:06:13.0108 3700 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
    20:06:13.0108 3700 cmdide - ok
    20:06:13.0202 3700 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
    20:06:13.0202 3700 CNG - ok
    20:06:13.0218 3700 CnxTrUsb - ok
    20:06:13.0233 3700 CoachVc - ok
    20:06:13.0249 3700 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    20:06:13.0249 3700 Compbatt - ok
    20:06:13.0264 3700 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    20:06:13.0264 3700 CompositeBus - ok
    20:06:13.0280 3700 COMSysApp - ok
    20:06:13.0280 3700 contentfilter - ok
    20:06:13.0342 3700 contentindex - ok
    20:06:13.0358 3700 cpqdmi - ok
    20:06:13.0384 3700 cpqvcagent - ok
    20:06:13.0394 3700 cpsvc - ok
    20:06:13.0414 3700 cq_mem - ok
    20:06:13.0434 3700 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    20:06:13.0434 3700 crcdisk - ok
    20:06:13.0504 3700 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    20:06:13.0504 3700 CryptSvc - ok
    20:06:13.0544 3700 crystaloutputfileserver - ok
    20:06:13.0604 3700 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
    20:06:13.0604 3700 CSC - ok
    20:06:13.0704 3700 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
    20:06:13.0704 3700 CscService - ok
    20:06:13.0724 3700 CTHWIUT.DLL - ok
    20:06:13.0744 3700 CTMMOUNT - ok
    20:06:13.0784 3700 ctusfsyn - ok
    20:06:13.0814 3700 curtainssyssvc - ok
    20:06:13.0854 3700 CVPNDRVA - ok
    20:06:13.0864 3700 d-link_st3402 - ok
    20:06:14.0124 3700 db2 - ok
    20:06:14.0284 3700 dbmanagerscheduler - ok
    20:06:14.0284 3700 dbmang - ok
    20:06:14.0294 3700 DcCam - ok
    20:06:14.0394 3700 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
    20:06:14.0394 3700 DcomLaunch - ok
    20:06:14.0484 3700 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
    20:06:14.0484 3700 defragsvc - ok
    20:06:14.0505 3700 DeviceScanner - ok
    20:06:14.0515 3700 Dfs - ok
    20:06:14.0555 3700 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    20:06:14.0555 3700 DfsC - ok
    20:06:14.0605 3700 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
    20:06:14.0605 3700 Dhcp - ok
    20:06:14.0615 3700 digictrl - ok
    20:06:14.0635 3700 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
    20:06:14.0635 3700 discache - ok
    20:06:14.0685 3700 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
    20:06:14.0685 3700 Disk - ok
    20:06:14.0685 3700 DivisCTP - ok
    20:06:14.0705 3700 dklogger - ok
    20:06:14.0725 3700 dlbx_device - ok
    20:06:14.0725 3700 dmload - ok
    20:06:14.0725 3700 DNE - ok
    20:06:14.0765 3700 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    20:06:14.0765 3700 Dnscache - ok
    20:06:14.0835 3700 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
    20:06:14.0845 3700 dot3svc - ok
    20:06:14.0845 3700 dot4ufd - ok
    20:06:14.0855 3700 dpc_srv_webcast - ok
    20:06:14.0895 3700 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
    20:06:14.0895 3700 DPS - ok
    20:06:14.0915 3700 driverhardwarev2 - ok
    20:06:14.0955 3700 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    20:06:14.0955 3700 drmkaud - ok
    20:06:14.0955 3700 DSI_SiUSBXp_3_1 - ok
    20:06:14.0975 3700 dsncservice - ok
    20:06:14.0985 3700 dvd-ram_service - ok
    20:06:15.0005 3700 dwusbdnt - ok
    20:06:15.0065 3700 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    20:06:15.0075 3700 DXGKrnl - ok
    20:06:15.0125 3700 [ 0535BFBEDB9378DDD15BDF9957D57D71 ] e1express C:\Windows\system32\DRIVERS\e1e6232.sys
    20:06:15.0125 3700 e1express - ok
    20:06:15.0155 3700 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
    20:06:15.0155 3700 EapHost - ok
    20:06:15.0595 3700 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
    20:06:15.0615 3700 ebdrv - ok
    20:06:15.0625 3700 eeyeevnt - ok
    20:06:15.0695 3700 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
    20:06:15.0695 3700 EFS - ok
    20:06:15.0955 3700 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    20:06:15.0965 3700 ehRecvr - ok
    20:06:16.0015 3700 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
    20:06:16.0015 3700 ehSched - ok
    20:06:16.0035 3700 ELacpi - ok
    20:06:16.0095 3700 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    20:06:16.0105 3700 elxstor - ok
    20:06:16.0135 3700 epfwtdi - ok
    20:06:16.0165 3700 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    20:06:16.0165 3700 ErrDev - ok
    20:06:16.0211 3700 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
    20:06:16.0211 3700 EventSystem - ok
    20:06:16.0243 3700 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
    20:06:16.0243 3700 exfat - ok
    20:06:16.0243 3700 F700imd - ok
    20:06:16.0289 3700 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    20:06:16.0289 3700 fastfat - ok
    20:06:16.0305 3700 fasttrackinstallerservice - ok
    20:06:16.0352 3700 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
    20:06:16.0367 3700 Fax - ok
    20:06:16.0383 3700 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    20:06:16.0383 3700 fdc - ok
    20:06:16.0414 3700 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
    20:06:16.0414 3700 fdPHost - ok
    20:06:16.0414 3700 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
    20:06:16.0414 3700 FDResPub - ok
    20:06:16.0445 3700 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    20:06:16.0445 3700 FileInfo - ok
    20:06:16.0461 3700 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    20:06:16.0461 3700 Filetrace - ok
    20:06:16.0477 3700 FireTDI - ok
    20:06:16.0492 3700 flashpnt - ok
    20:06:16.0508 3700 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    20:06:16.0508 3700 flpydisk - ok
    20:06:16.0523 3700 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    20:06:16.0523 3700 FltMgr - ok
    20:06:16.0586 3700 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
    20:06:16.0601 3700 FontCache - ok
    20:06:16.0648 3700 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    20:06:16.0648 3700 FontCache3.0.0.0 - ok
    20:06:16.0679 3700 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    20:06:16.0679 3700 FsDepends - ok
    20:06:16.0742 3700 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    20:06:16.0742 3700 Fs_Rec - ok
    20:06:16.0742 3700 FTDIBUS - ok
    20:06:16.0757 3700 ftrtsvc - ok
    20:06:16.0804 3700 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    20:06:16.0804 3700 fvevol - ok
    20:06:16.0835 3700 FVXSCSI - ok
    20:06:16.0867 3700 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    20:06:16.0867 3700 gagp30kx - ok
    20:06:16.0929 3700 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    20:06:16.0960 3700 GEARAspiWDM - ok
    20:06:17.0073 3700 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
    20:06:17.0083 3700 gpsvc - ok
    20:06:17.0103 3700 gs30s - ok
    20:06:17.0273 3700 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    20:06:17.0273 3700 gupdate - ok
    20:06:17.0303 3700 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    20:06:17.0303 3700 gupdatem - ok
    20:06:17.0343 3700 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    20:06:17.0353 3700 gusvc - ok
    20:06:17.0353 3700 GVCplDrv - ok
    20:06:17.0363 3700 HabuFltr - ok
    20:06:17.0363 3700 hap17v2k - ok
    20:06:17.0373 3700 hcmon - ok
    20:06:17.0423 3700 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    20:06:17.0433 3700 hcw85cir - ok
    20:06:17.0493 3700 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    20:06:17.0493 3700 HdAudAddService - ok
    20:06:17.0533 3700 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    20:06:17.0533 3700 HDAudBus - ok
    20:06:17.0563 3700 hf30service - ok
    20:06:17.0593 3700 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    20:06:17.0603 3700 HidBatt - ok
    20:06:17.0603 3700 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    20:06:17.0603 3700 HidBth - ok
    20:06:17.0613 3700 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    20:06:17.0613 3700 HidIr - ok
    20:06:17.0643 3700 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
    20:06:17.0643 3700 hidserv - ok
    20:06:17.0693 3700 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    20:06:17.0693 3700 HidUsb - ok
    20:06:17.0733 3700 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
    20:06:17.0753 3700 hkmsvc - ok
    20:06:17.0853 3700 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    20:06:17.0883 3700 HomeGroupListener - ok
    20:06:17.0953 3700 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    20:06:17.0953 3700 HomeGroupProvider - ok
    20:06:17.0963 3700 hpqddsvc - ok
    20:06:18.0003 3700 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    20:06:18.0003 3700 HpSAMD - ok
    20:06:18.0013 3700 hpwirelessmgr - ok
    20:06:18.0023 3700 hsfhwazl - ok
    20:06:18.0023 3700 hSONYPVh - ok
    20:06:18.0033 3700 HssSrv - ok
    20:06:18.0053 3700 hsvcmod - ok
    20:06:18.0063 3700 HSX_DP - ok
    20:06:18.0113 3700 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    20:06:18.0123 3700 HTTP - ok
    20:06:18.0123 3700 HWIONT - ok
    20:06:18.0193 3700 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    20:06:18.0193 3700 hwpolicy - ok
    20:06:18.0203 3700 i2omgmt - ok
    20:06:18.0243 3700 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    20:06:18.0243 3700 i8042prt - ok
    20:06:18.0253 3700 iaantmon - ok
    20:06:18.0283 3700 iAimFP7 - ok
    20:06:18.0303 3700 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    20:06:18.0303 3700 iaStorV - ok
    20:06:18.0313 3700 icraplus - ok
    20:06:18.0483 3700 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    20:06:18.0533 3700 idsvc - ok
    20:06:18.0533 3700 ifp800 - ok
    20:06:18.0553 3700 ifxspmgtsrv - ok
    20:06:18.0583 3700 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    20:06:18.0593 3700 iirsp - ok
    20:06:18.0683 3700 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
    20:06:18.0693 3700 IKEEXT - ok
    20:06:18.0703 3700 ikfilesec - ok
    20:06:18.0723 3700 ikhlayer - ok
    20:06:18.0733 3700 imonitor - ok
    20:06:18.0733 3700 ino_flpy - ok
    20:06:18.0753 3700 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
    20:06:18.0753 3700 intelide - ok
    20:06:18.0763 3700 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    20:06:18.0773 3700 intelppm - ok
    20:06:18.0783 3700 Invoker - ok
    20:06:18.0793 3700 iolodmv - ok
    20:06:18.0793 3700 iolo_srv - ok
    20:06:18.0823 3700 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    20:06:18.0823 3700 IPBusEnum - ok
    20:06:18.0843 3700 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    20:06:18.0843 3700 IpFilterDriver - ok
    20:06:18.0873 3700 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    20:06:18.0873 3700 IPMIDRV - ok
    20:06:18.0883 3700 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    20:06:18.0883 3700 IPNAT - ok
    20:06:18.0993 3700 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    20:06:18.0993 3700 iPod Service - ok
    20:06:19.0073 3700 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
    20:06:19.0093 3700 IRENUM - ok
    20:06:19.0123 3700 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    20:06:19.0123 3700 isapnp - ok
    20:06:19.0143 3700 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    20:06:19.0143 3700 iScsiPrt - ok
    20:06:19.0203 3700 JiaoCap - ok
    20:06:19.0233 3700 JRAID - ok
    20:06:19.0233 3700 jsdaemon - ok
    20:06:19.0253 3700 k750bus - ok
    20:06:19.0293 3700 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    20:06:19.0293 3700 kbdclass - ok
    20:06:19.0323 3700 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    20:06:19.0323 3700 kbdhid - ok
    20:06:19.0353 3700 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
    20:06:19.0353 3700 KeyIso - ok
    20:06:19.0373 3700 KLOGNT - ok
    20:06:19.0413 3700 kpf4 - ok
    20:06:19.0483 3700 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    20:06:19.0493 3700 KSecDD - ok
    20:06:19.0783 3700 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    20:06:19.0803 3700 KSecPkg - ok
    20:06:19.0893 3700 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
    20:06:19.0933 3700 KtmRm - ok
    20:06:20.0083 3700 kwatchsvc - ok
    20:06:20.0163 3700 L1e - ok
    20:06:20.0193 3700 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
    20:06:20.0193 3700 LanmanServer - ok
    20:06:20.0203 3700 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    20:06:20.0203 3700 LanmanWorkstation - ok
    20:06:20.0213 3700 ldlcserv - ok
    20:06:20.0223 3700 lhidflt2 - ok
    20:06:20.0233 3700 LHidKe - ok
    20:06:20.0243 3700 lirsgt - ok
    20:06:20.0263 3700 LKbdFlt2 - ok
    20:06:20.0303 3700 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    20:06:20.0313 3700 lltdio - ok
    20:06:20.0343 3700 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    20:06:20.0343 3700 lltdsvc - ok
    20:06:20.0363 3700 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
    20:06:20.0363 3700 lmhosts - ok
    20:06:20.0363 3700 LMouKE - ok
    20:06:20.0383 3700 lp6nds35 - ok
    20:06:20.0383 3700 LPDSVC - ok
    20:06:20.0423 3700 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    20:06:20.0423 3700 LSI_FC - ok
    20:06:20.0443 3700 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    20:06:20.0443 3700 LSI_SAS - ok
    20:06:20.0473 3700 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    20:06:20.0473 3700 LSI_SAS2 - ok
    20:06:20.0483 3700 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    20:06:20.0483 3700 LSI_SCSI - ok
    20:06:20.0523 3700 ltxred - ok
    20:06:20.0543 3700 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
    20:06:20.0543 3700 luafv - ok
    20:06:20.0553 3700 lvcomser - ok
    20:06:20.0553 3700 lvhidsvc - ok
    20:06:20.0563 3700 lwwlicenseservice - ok
    20:06:20.0583 3700 lxbu_device - ok
    20:06:20.0593 3700 M3AD - ok
    20:06:20.0603 3700 mail2ec - ok
    20:06:20.0643 3700 maxbackserviceint - ok
    20:06:20.0693 3700 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
    20:06:20.0693 3700 MBAMProtector - ok
    20:06:20.0913 3700 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    20:06:20.0953 3700 MBAMScheduler - ok
    20:06:21.0003 3700 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    20:06:21.0023 3700 MBAMService - ok
    20:06:21.0033 3700 mcdbus - ok
    20:06:21.0043 3700 mcods - ok
    20:06:21.0113 3700 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    20:06:21.0123 3700 Mcx2Svc - ok
    20:06:21.0133 3700 mdvrmng - ok
    20:06:21.0153 3700 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    20:06:21.0153 3700 megasas - ok
    20:06:21.0183 3700 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    20:06:21.0183 3700 MegaSR - ok
    20:06:21.0193 3700 meiudf - ok
    20:06:21.0203 3700 merakpop3 - ok
    20:06:21.0213 3700 mfeavfk - ok
    20:06:21.0283 3700 Microsoft SharePoint Workspace Audit Service - ok
    20:06:21.0293 3700 minilog - ok
    20:06:21.0353 3700 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
    20:06:21.0353 3700 MMCSS - ok
    20:06:21.0393 3700 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
    20:06:21.0413 3700 Modem - ok
    20:06:21.0413 3700 modemcsa - ok
    20:06:21.0483 3700 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    20:06:21.0483 3700 monitor - ok
    20:06:21.0503 3700 motoswitchservice - ok
    20:06:21.0543 3700 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    20:06:21.0543 3700 mouclass - ok
    20:06:21.0583 3700 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    20:06:21.0583 3700 mouhid - ok
    20:06:21.0623 3700 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    20:06:21.0633 3700 mountmgr - ok
    20:06:21.0703 3700 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    20:06:21.0703 3700 MozillaMaintenance - ok
    20:06:21.0803 3700 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    20:06:21.0823 3700 MpFilter - ok
    20:06:21.0913 3700 mpfirewl - ok
    20:06:21.0953 3700 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
    20:06:21.0953 3700 mpio - ok
    20:06:22.0303 3700 [ A69630D039C38018689190234F866D77 ] MpKsl3c61cc21 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{207F953E-034D-44AA-8818-76440A481778}\MpKsl3c61cc21.sys
    20:06:22.0303 3700 MpKsl3c61cc21 - ok
    20:06:22.0363 3700 [ A69630D039C38018689190234F866D77 ] MpKslc4ebaf85 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{207F953E-034D-44AA-8818-76440A481778}\MpKslc4ebaf85.sys
    20:06:22.0403 3700 MpKslc4ebaf85 - ok
    20:06:22.0433 3700 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    20:06:22.0433 3700 mpsdrv - ok
    20:06:22.0443 3700 mqdmmdm - ok
    20:06:22.0483 3700 MREMP50a64 - ok
    20:06:22.0483 3700 MRENDIS5 - ok
    20:06:22.0503 3700 mrobeservice - ok
    20:06:22.0543 3700 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    20:06:22.0543 3700 MRxDAV - ok
    20:06:22.0603 3700 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    20:06:22.0613 3700 mrxsmb - ok
    20:06:22.0653 3700 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    20:06:22.0653 3700 mrxsmb10 - ok
    20:06:22.0663 3700 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    20:06:22.0673 3700 mrxsmb20 - ok
    20:06:22.0693 3700 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
    20:06:22.0703 3700 msahci - ok
    20:06:22.0733 3700 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    20:06:22.0733 3700 msdsm - ok
    20:06:22.0753 3700 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
    20:06:22.0753 3700 MSDTC - ok
    20:06:22.0783 3700 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
    20:06:22.0783 3700 Msfs - ok
    20:06:22.0793 3700 MSFWDrv - ok
    20:06:22.0813 3700 MSFWHLPR - ok
    20:06:22.0823 3700 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    20:06:22.0823 3700 mshidkmdf - ok
    20:06:22.0863 3700 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    20:06:22.0863 3700 msisadrv - ok
    20:06:22.0893 3700 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    20:06:22.0893 3700 MSiSCSI - ok
    20:06:22.0893 3700 msiserver - ok
    20:06:22.0913 3700 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    20:06:22.0923 3700 MSKSSRV - ok
    20:06:22.0993 3700 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
    20:06:22.0993 3700 MsMpSvc - ok
    20:06:23.0013 3700 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    20:06:23.0013 3700 MSPCLOCK - ok
    20:06:23.0023 3700 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    20:06:23.0023 3700 MSPQM - ok
    20:06:23.0043 3700 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    20:06:23.0043 3700 MsRPC - ok
    20:06:23.0073 3700 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    20:06:23.0073 3700 mssmbios - ok
    20:06:23.0093 3700 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    20:06:23.0093 3700 MSTEE - ok
    20:06:23.0133 3700 [ 00C7B2306F1CA5389A1AC6D1DF9C2E25 ] msvad_simple C:\Windows\system32\drivers\povrtdev.sys
    20:06:23.0133 3700 msvad_simple - ok
    20:06:23.0183 3700 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    20:06:23.0263 3700 MTConfig - ok
    20:06:23.0293 3700 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
    20:06:23.0293 3700 Mup - ok
    20:06:23.0433 3700 mvserver - ok
    20:06:23.0433 3700 mxserver - ok
    20:06:23.0443 3700 n558 - ok
    20:06:23.0554 3700 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
    20:06:23.0594 3700 napagent - ok
    20:06:23.0754 3700 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    20:06:23.0794 3700 NativeWifiP - ok
    20:06:23.0804 3700 Ncrc710 - ok
    20:06:23.0834 3700 ndassvc - ok
    20:06:24.0004 3700 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
    20:06:24.0004 3700 NDIS - ok
    20:06:24.0054 3700 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    20:06:24.0054 3700 NdisCap - ok
    20:06:24.0094 3700 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    20:06:24.0094 3700 NdisTapi - ok
    20:06:24.0134 3700 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    20:06:24.0134 3700 Ndisuio - ok
    20:06:24.0174 3700 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    20:06:24.0174 3700 NdisWan - ok
    20:06:24.0224 3700 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    20:06:24.0234 3700 NDProxy - ok
    20:06:24.0244 3700 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    20:06:24.0244 3700 NetBIOS - ok
    20:06:24.0284 3700 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    20:06:24.0284 3700 NetBT - ok
    20:06:24.0294 3700 netdetect - ok
    20:06:24.0314 3700 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
    20:06:24.0314 3700 Netlogon - ok
    20:06:24.0364 3700 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
    20:06:24.0364 3700 Netman - ok
    20:06:24.0404 3700 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
    20:06:24.0414 3700 netprofm - ok
    20:06:24.0524 3700 [ 6F8480809D14F0594B4B1DF07385DA33 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
    20:06:24.0544 3700 netr28u - ok
  9. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    20:06:24.0564 3700 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    20:06:24.0564 3700 NetTcpPortSharing - ok
    20:06:24.0594 3700 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    20:06:24.0614 3700 nfrd960 - ok
    20:06:24.0624 3700 ngserver - ok
    20:06:24.0624 3700 nidomainservice - ok
    20:06:24.0634 3700 nimcrpcsu - ok
    20:06:24.0684 3700 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    20:06:24.0684 3700 NisDrv - ok
    20:06:24.0754 3700 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
    20:06:24.0764 3700 NisSrv - ok
    20:06:24.0804 3700 NITaggerService - ok
    20:06:24.0914 3700 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
    20:06:24.0914 3700 NlaSvc - ok
    20:06:24.0994 3700 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    20:06:25.0074 3700 Npfs - ok
    20:06:25.0124 3700 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
    20:06:25.0124 3700 nsi - ok
    20:06:25.0144 3700 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    20:06:25.0144 3700 nsiproxy - ok
    20:06:25.0144 3700 Nsynas32 - ok
    20:06:25.0694 3700 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    20:06:25.0774 3700 Ntfs - ok
    20:06:25.0774 3700 ntiopnp - ok
    20:06:25.0784 3700 ntsecure - ok
    20:06:25.0834 3700 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
    20:06:25.0874 3700 Null - ok
    20:06:25.0964 3700 nvedavt - ok
    20:06:27.0184 3700 [ 847B1755F7757F825305A1FFE6DAC3E9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    20:06:27.0235 3700 nvlddmkm - ok
    20:06:27.0266 3700 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    20:06:27.0266 3700 nvraid - ok
    20:06:27.0328 3700 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    20:06:27.0328 3700 nvstor - ok
    20:06:27.0469 3700 [ 7C732AFF202DCD06C3D262966D71604C ] nvsvc C:\Windows\system32\nvvsvc.exe
    20:06:27.0531 3700 nvsvc - ok
    20:06:28.0108 3700 [ 262D2FBF211A88DCB84249DF0F6EF6E7 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    20:06:28.0124 3700 nvUpdatusService - ok
    20:06:28.0171 3700 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    20:06:28.0186 3700 nv_agp - ok
    20:06:28.0186 3700 nwlnkipx - ok
    20:06:28.0202 3700 nwlnkspx - ok
    20:06:28.0202 3700 NWSIPX32 - ok
    20:06:28.0218 3700 NxFsMon - ok
    20:06:28.0233 3700 O2SCBUS - ok
    20:06:28.0264 3700 odserv - ok
    20:06:28.0296 3700 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    20:06:28.0296 3700 ohci1394 - ok
    20:06:28.0327 3700 ooclevercacheagent - ok
    20:06:28.0342 3700 OracleOraHome92ClientCache - ok
    20:06:28.0436 3700 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    20:06:28.0436 3700 ose - ok
    20:06:29.0060 3700 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    20:06:29.0216 3700 osppsvc - ok
    20:06:29.0247 3700 ovt519 - ok
    20:06:29.0263 3700 p2pgasvc - ok
    20:06:29.0361 3700 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    20:06:29.0391 3700 p2pimsvc - ok
    20:06:29.0471 3700 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
    20:06:29.0481 3700 p2psvc - ok
    20:06:29.0521 3700 p3 - ok
    20:06:29.0531 3700 parallel - ok
    20:06:29.0571 3700 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    20:06:29.0601 3700 Parport - ok
    20:06:29.0671 3700 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
    20:06:29.0671 3700 partmgr - ok
    20:06:29.0711 3700 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
    20:06:29.0721 3700 Parvdm - ok
    20:06:29.0751 3700 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
    20:06:29.0751 3700 PcaSvc - ok
    20:06:29.0811 3700 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
    20:06:29.0821 3700 pci - ok
    20:06:29.0831 3700 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
    20:06:29.0831 3700 pciide - ok
    20:06:29.0851 3700 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    20:06:29.0851 3700 pcmcia - ok
    20:06:29.0861 3700 Pctspk - ok
    20:06:29.0881 3700 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
    20:06:29.0881 3700 pcw - ok
    20:06:29.0891 3700 PdiPorts - ok
    20:06:29.0931 3700 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    20:06:29.0941 3700 PEAUTH - ok
    20:06:30.0081 3700 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    20:06:30.0141 3700 PeerDistSvc - ok
    20:06:30.0151 3700 penrendezvous - ok
    20:06:30.0541 3700 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
    20:06:30.0591 3700 pla - ok
    20:06:30.0651 3700 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    20:06:30.0661 3700 PlugPlay - ok
    20:06:30.0671 3700 pmsveh - ok
    20:06:30.0681 3700 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    20:06:30.0691 3700 PNRPAutoReg - ok
    20:06:30.0701 3700 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    20:06:30.0711 3700 PNRPsvc - ok
    20:06:30.0761 3700 [ 7D7A9C17D5455203DEA11E5EF886CC59 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
    20:06:30.0761 3700 Point32 - ok
    20:06:30.0821 3700 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    20:06:30.0841 3700 PolicyAgent - ok
    20:06:30.0881 3700 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
    20:06:30.0891 3700 Power - ok
    20:06:30.0921 3700 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    20:06:30.0921 3700 PptpMiniport - ok
    20:06:30.0931 3700 prism_a02 - ok
    20:06:30.0951 3700 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    20:06:30.0951 3700 Processor - ok
    20:06:30.0961 3700 procmon10 - ok
    20:06:31.0021 3700 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
    20:06:31.0031 3700 ProfSvc - ok
    20:06:31.0031 3700 prosync1 - ok
    20:06:31.0751 3700 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
    20:06:31.0761 3700 ProtectedStorage - ok
    20:06:31.0871 3700 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    20:06:31.0871 3700 Psched - ok
    20:06:31.0881 3700 PTproct - ok
    20:06:31.0901 3700 Ptserlp - ok
    20:06:31.0911 3700 pxhelp20 - ok
    20:06:31.0971 3700 ql1080 - ok
    20:06:32.0211 3700 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    20:06:32.0271 3700 ql2300 - ok
    20:06:32.0291 3700 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    20:06:32.0291 3700 ql40xx - ok
    20:06:32.0311 3700 QPCapSvc - ok
    20:06:32.0351 3700 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
    20:06:32.0351 3700 QWAVE - ok
    20:06:32.0361 3700 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    20:06:32.0371 3700 QWAVEdrv - ok
    20:06:32.0371 3700 R300 - ok
    20:06:32.0391 3700 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    20:06:32.0391 3700 RasAcd - ok
    20:06:32.0421 3700 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    20:06:32.0421 3700 RasAgileVpn - ok
    20:06:32.0441 3700 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
    20:06:32.0441 3700 RasAuto - ok
    20:06:32.0461 3700 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    20:06:32.0461 3700 Rasl2tp - ok
    20:06:32.0511 3700 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
    20:06:32.0531 3700 RasMan - ok
    20:06:32.0541 3700 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    20:06:32.0551 3700 RasPppoe - ok
    20:06:32.0561 3700 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    20:06:32.0561 3700 RasSstp - ok
    20:06:32.0611 3700 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    20:06:32.0611 3700 rdbss - ok
    20:06:32.0621 3700 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    20:06:32.0621 3700 rdpbus - ok
    20:06:32.0651 3700 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    20:06:32.0651 3700 RDPCDD - ok
    20:06:32.0681 3700 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    20:06:32.0681 3700 RDPDR - ok
    20:06:32.0711 3700 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    20:06:32.0711 3700 RDPENCDD - ok
    20:06:32.0741 3700 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    20:06:32.0741 3700 RDPREFMP - ok
    20:06:32.0831 3700 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    20:06:32.0831 3700 RdpVideoMiniport - ok
    20:06:32.0881 3700 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    20:06:32.0891 3700 RDPWD - ok
    20:06:32.0971 3700 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    20:06:32.0971 3700 rdyboost - ok
    20:06:32.0991 3700 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
    20:06:32.0991 3700 RemoteAccess - ok
    20:06:33.0021 3700 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    20:06:33.0021 3700 RemoteRegistry - ok
    20:06:33.0071 3700 retroexplauncher - ok
    20:06:33.0091 3700 rimvserport - ok
    20:06:33.0111 3700 roxupnprenderer - ok
    20:06:33.0151 3700 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    20:06:33.0151 3700 RpcEptMapper - ok
    20:06:33.0171 3700 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
    20:06:33.0171 3700 RpcLocator - ok
    20:06:33.0191 3700 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
    20:06:33.0191 3700 RpcSs - ok
    20:06:33.0271 3700 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    20:06:33.0271 3700 rspndr - ok
    20:06:33.0281 3700 rt2500 - ok
    20:06:33.0321 3700 RTHDMIAzAudService - ok
    20:06:33.0331 3700 rtl8023 - ok
    20:06:33.0331 3700 RTL8169 - ok
    20:06:33.0361 3700 rxfilter - ok
    20:06:33.0411 3700 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    20:06:33.0421 3700 s3cap - ok
    20:06:33.0451 3700 s616mgmt - ok
    20:06:33.0451 3700 SaiMini - ok
    20:06:33.0481 3700 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
    20:06:33.0481 3700 SamSs - ok
    20:06:33.0551 3700 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    20:06:33.0551 3700 sbp2port - ok
    20:06:33.0581 3700 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    20:06:33.0581 3700 SCardSvr - ok
    20:06:33.0601 3700 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    20:06:33.0601 3700 scfilter - ok
    20:06:33.0781 3700 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
    20:06:33.0821 3700 Schedule - ok
    20:06:33.0831 3700 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
    20:06:33.0841 3700 SCPolicySvc - ok
    20:06:33.0861 3700 sddmi2 - ok
    20:06:33.0931 3700 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    20:06:33.0951 3700 SDRSVC - ok
    20:06:33.0961 3700 SE26obex - ok
    20:06:33.0961 3700 SE27mdm - ok
    20:06:33.0971 3700 se2Bunic - ok
    20:06:33.0981 3700 SE2Cmgmt - ok
    20:06:33.0981 3700 SE2Emgmt - ok
    20:06:33.0991 3700 se2End5 - ok
    20:06:34.0161 3700 se44obex - ok
    20:06:34.0241 3700 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    20:06:34.0241 3700 secdrv - ok
    20:06:34.0261 3700 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
    20:06:34.0271 3700 seclogon - ok
    20:06:34.0301 3700 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
    20:06:34.0301 3700 SENS - ok
    20:06:34.0321 3700 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
    20:06:34.0341 3700 SensrSvc - ok
    20:06:34.0341 3700 sentinel - ok
    20:06:34.0361 3700 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    20:06:34.0361 3700 Serenum - ok
    20:06:34.0361 3700 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    20:06:34.0371 3700 Serial - ok
    20:06:34.0391 3700 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    20:06:34.0391 3700 sermouse - ok
    20:06:34.0461 3700 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
    20:06:34.0471 3700 SessionEnv - ok
    20:06:34.0501 3700 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    20:06:34.0501 3700 sffdisk - ok
    20:06:34.0521 3700 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    20:06:34.0521 3700 sffp_mmc - ok
    20:06:34.0531 3700 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    20:06:34.0541 3700 sffp_sd - ok
    20:06:34.0551 3700 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    20:06:34.0551 3700 sfloppy - ok
    20:06:34.0571 3700 shdserv - ok
    20:06:34.0592 3700 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    20:06:34.0602 3700 ShellHWDetection - ok
    20:06:34.0612 3700 Shockprf - ok
    20:06:34.0612 3700 simbad - ok
    20:06:34.0622 3700 SimpTcp - ok
    20:06:34.0672 3700 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
    20:06:34.0692 3700 sisagp - ok
    20:06:34.0712 3700 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    20:06:34.0712 3700 SiSRaid2 - ok
    20:06:34.0732 3700 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    20:06:34.0732 3700 SiSRaid4 - ok
    20:06:34.0742 3700 sit_mdm - ok
    20:06:34.0742 3700 slapd-data52 - ok
    20:06:34.0762 3700 Slntamr - ok
    20:06:34.0772 3700 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
    20:06:34.0782 3700 Smb - ok
    20:06:34.0782 3700 smrt - ok
    20:06:34.0842 3700 smwdm - ok
    20:06:34.0852 3700 snapman - ok
    20:06:34.0852 3700 SNC - ok
    20:06:34.0892 3700 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    20:06:34.0902 3700 SNMPTRAP - ok
    20:06:34.0902 3700 snoopfree - ok
    20:06:34.0912 3700 spcsutilityservice - ok
    20:06:34.0922 3700 speedfan - ok
    20:06:34.0942 3700 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
    20:06:34.0942 3700 spldr - ok
    20:06:35.0002 3700 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
    20:06:35.0052 3700 Spooler - ok
    20:06:35.0322 3700 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
    20:06:35.0342 3700 sppsvc - ok
    20:06:35.0392 3700 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    20:06:35.0402 3700 sppuinotify - ok
    20:06:35.0502 3700 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
    20:06:35.0552 3700 srv - ok
    20:06:35.0562 3700 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    20:06:35.0572 3700 srv2 - ok
    20:06:35.0583 3700 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    20:06:35.0583 3700 srvnet - ok
    20:06:35.0583 3700 sscdmdm - ok
    20:06:35.0613 3700 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    20:06:35.0623 3700 SSDPSRV - ok
    20:06:35.0623 3700 ssrvc - ok
    20:06:35.0643 3700 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
    20:06:35.0653 3700 SstpSvc - ok
    20:06:35.0673 3700 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    20:06:35.0673 3700 stexstor - ok
    20:06:35.0713 3700 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
    20:06:35.0723 3700 StiSvc - ok
    20:06:35.0763 3700 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
    20:06:35.0763 3700 storflt - ok
    20:06:35.0843 3700 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
    20:06:35.0843 3700 storvsc - ok
    20:06:35.0853 3700 streamloadservice - ok
    20:06:35.0863 3700 stunnel - ok
    20:06:35.0873 3700 stylexpservice - ok
    20:06:35.0903 3700 susbser - ok
    20:06:35.0943 3700 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
    20:06:35.0943 3700 swenum - ok
    20:06:35.0963 3700 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
    20:06:35.0973 3700 swprv - ok
    20:06:35.0983 3700 symantecantibotagent - ok
    20:06:35.0983 3700 symantecantibotwatcher - ok
    20:06:35.0993 3700 symc810 - ok
    20:06:36.0003 3700 symc8xx - ok
    20:06:36.0013 3700 sym_u3 - ok
    20:06:36.0023 3700 Synth3dVsc - ok
    20:06:36.0063 3700 sysdown - ok
    20:06:36.0131 3700 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
    20:06:36.0147 3700 SysMain - ok
    20:06:36.0163 3700 Tablet2k - ok
    20:06:36.0218 3700 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
    20:06:36.0268 3700 TabletInputService - ok
    20:06:36.0352 3700 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
    20:06:36.0361 3700 TapiSrv - ok
    20:06:36.0371 3700 tappsrv - ok
    20:06:36.0401 3700 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
    20:06:36.0401 3700 TBS - ok
    20:06:36.0722 3700 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    20:06:36.0792 3700 Tcpip - ok
    20:06:37.0112 3700 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    20:06:37.0122 3700 TCPIP6 - ok
    20:06:37.0282 3700 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    20:06:37.0282 3700 tcpipreg - ok
    20:06:37.0392 3700 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    20:06:37.0392 3700 TDPIPE - ok
    20:06:37.0702 3700 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    20:06:37.0712 3700 TDTCP - ok
    20:06:37.0762 3700 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    20:06:37.0782 3700 tdx - ok
    20:06:37.0842 3700 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
    20:06:37.0842 3700 TermDD - ok
    20:06:37.0902 3700 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
    20:06:37.0912 3700 TermService - ok
    20:06:37.0922 3700 tfsnboio - ok
    20:06:37.0942 3700 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
    20:06:37.0942 3700 Themes - ok
    20:06:37.0952 3700 thotkey - ok
    20:06:37.0962 3700 thpsrv - ok
    20:06:37.0982 3700 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
    20:06:37.0982 3700 THREADORDER - ok
    20:06:38.0022 3700 TMBUS - ok
    20:06:38.0032 3700 tme3srv - ok
    20:06:38.0052 3700 tomcatcws3 - ok
    20:06:38.0062 3700 toshidpt - ok
    20:06:38.0072 3700 tosrfusb - ok
    20:06:38.0082 3700 tphdexlgsvc - ok
    20:06:38.0092 3700 TPM - ok
    20:06:38.0102 3700 transactional - ok
    20:06:38.0142 3700 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
    20:06:38.0142 3700 TrkWks - ok
    20:06:38.0292 3700 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    20:06:38.0302 3700 TrustedInstaller - ok
    20:06:38.0352 3700 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    20:06:38.0372 3700 tssecsrv - ok
    20:06:38.0432 3700 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    20:06:38.0442 3700 TsUsbFlt - ok
    20:06:38.0452 3700 tsusbhub - ok
    20:06:38.0482 3700 TuneUp.Defrag - ok
    20:06:38.0512 3700 TuneUp.ProgramStatisticsSvc - ok
    20:06:38.0512 3700 tunmp - ok
    20:06:38.0562 3700 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    20:06:38.0652 3700 tunnel - ok
    20:06:38.0662 3700 tvichw32 - ok
    20:06:38.0672 3700 U81xobex - ok
    20:06:38.0762 3700 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    20:06:38.0772 3700 uagp35 - ok
    20:06:38.0792 3700 UCTblHid - ok
    20:06:38.0822 3700 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    20:06:38.0822 3700 udfs - ok
    20:06:38.0882 3700 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    20:06:38.0882 3700 UI0Detect - ok
    20:06:38.0912 3700 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    20:06:38.0922 3700 uliagpkx - ok
    20:06:38.0932 3700 ultra66 - ok
    20:06:39.0002 3700 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
    20:06:39.0002 3700 umbus - ok
    20:06:39.0012 3700 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    20:06:39.0022 3700 UmPass - ok
    20:06:39.0062 3700 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
    20:06:39.0062 3700 UmRdpService - ok
    20:06:39.0092 3700 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
    20:06:39.0102 3700 upnphost - ok
    20:06:39.0102 3700 upsentry_smart - ok
    20:06:39.0122 3700 us30sys - ok
    20:06:39.0132 3700 usb20l - ok
    20:06:39.0192 3700 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
    20:06:39.0192 3700 USBAAPL - ok
    20:06:39.0222 3700 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    20:06:39.0242 3700 usbaudio - ok
    20:06:39.0282 3700 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    20:06:39.0282 3700 usbccgp - ok
    20:06:39.0302 3700 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    20:06:39.0322 3700 usbcir - ok
    20:06:39.0362 3700 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    20:06:39.0382 3700 usbehci - ok
    20:06:39.0422 3700 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    20:06:39.0442 3700 usbhub - ok
    20:06:39.0482 3700 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    20:06:39.0492 3700 usbohci - ok
    20:06:39.0622 3700 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    20:06:39.0632 3700 usbprint - ok
    20:06:39.0672 3700 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    20:06:39.0712 3700 usbscan - ok
    20:06:39.0732 3700 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    20:06:39.0742 3700 USBSTOR - ok
    20:06:39.0752 3700 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
    20:06:39.0752 3700 usbuhci - ok
    20:06:39.0862 3700 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
    20:06:39.0862 3700 UxSms - ok
    20:06:39.0882 3700 V0070VID - ok
    20:06:39.0892 3700 v124 - ok
    20:06:39.0892 3700 VAIOMediaPlatform-PhotoServer-HTTP - ok
    20:06:39.0902 3700 vaiomediaplatform-videoserver-appserver - ok
    20:06:39.0932 3700 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
    20:06:39.0932 3700 VaultSvc - ok
    20:06:39.0952 3700 vcomm - ok
    20:06:39.0982 3700 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    20:06:39.0982 3700 vdrvroot - ok
    20:06:40.0032 3700 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
    20:06:40.0042 3700 vds - ok
    20:06:40.0082 3700 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    20:06:40.0082 3700 vga - ok
    20:06:40.0102 3700 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
    20:06:40.0102 3700 VgaSave - ok
    20:06:40.0112 3700 VGPU - ok
    20:06:40.0142 3700 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    20:06:40.0142 3700 vhdmp - ok
    20:06:40.0182 3700 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
    20:06:40.0192 3700 viaagp - ok
    20:06:40.0202 3700 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
    20:06:40.0202 3700 ViaC7 - ok
    20:06:40.0252 3700 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
    20:06:40.0252 3700 viaide - ok
    20:06:40.0262 3700 VirtualCam - ok
    20:06:40.0272 3700 VirtualFD - ok
    20:06:40.0322 3700 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
    20:06:40.0322 3700 vmbus - ok
    20:06:40.0342 3700 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    20:06:40.0342 3700 VMBusHID - ok
    20:06:40.0352 3700 vncdrv - ok
    20:06:40.0382 3700 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    20:06:40.0382 3700 volmgr - ok
    20:06:40.0412 3700 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    20:06:40.0412 3700 volmgrx - ok
    20:06:40.0432 3700 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    20:06:40.0432 3700 volsnap - ok
    20:06:40.0442 3700 vproeventmonitor - ok
    20:06:40.0452 3700 VrAcFil - ok
    20:06:40.0462 3700 vrmonsvc - ok
    20:06:40.0492 3700 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    20:06:40.0492 3700 vsmraid - ok
    20:06:40.0552 3700 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
    20:06:40.0592 3700 VSS - ok
    20:06:40.0612 3700 vulfnths - ok
    20:06:40.0632 3700 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    20:06:40.0642 3700 vwifibus - ok
    20:06:40.0672 3700 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    20:06:40.0672 3700 vwififlt - ok
    20:06:40.0722 3700 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
    20:06:40.0732 3700 W32Time - ok
    20:06:40.0742 3700 w800obex - ok
    20:06:40.0762 3700 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    20:06:40.0782 3700 WacomPen - ok
    20:06:40.0862 3700 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    20:06:40.0862 3700 WANARP - ok
    20:06:40.0872 3700 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    20:06:40.0872 3700 Wanarpv6 - ok
    20:06:40.0952 3700 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    20:06:41.0022 3700 WatAdminSvc - ok
    20:06:41.0233 3700 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
    20:06:41.0311 3700 wbengine - ok
    20:06:41.0405 3700 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    20:06:41.0420 3700 WbioSrvc - ok
    20:06:41.0451 3700 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
    20:06:41.0451 3700 wcncsvc - ok
    20:06:41.0483 3700 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    20:06:41.0514 3700 WcsPlugInService - ok
    20:06:41.0545 3700 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
    20:06:41.0561 3700 Wd - ok
    20:06:41.0592 3700 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    20:06:41.0592 3700 Wdf01000 - ok
    20:06:41.0607 3700 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
    20:06:41.0607 3700 WdiServiceHost - ok
    20:06:41.0623 3700 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
    20:06:41.0623 3700 WdiSystemHost - ok
    20:06:41.0685 3700 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
    20:06:41.0685 3700 WebClient - ok
    20:06:41.0701 3700 webrootcommagentservice - ok
    20:06:41.0717 3700 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
    20:06:41.0717 3700 Wecsvc - ok
    20:06:41.0763 3700 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
    20:06:41.0779 3700 wercplsupport - ok
    20:06:41.0841 3700 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
    20:06:41.0841 3700 WerSvc - ok
    20:06:41.0904 3700 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    20:06:41.0919 3700 WfpLwf - ok
    20:06:41.0935 3700 wfxsvc - ok
    20:06:41.0951 3700 WGX - ok
    20:06:41.0997 3700 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    20:06:41.0997 3700 WIMMount - ok
    20:06:41.0997 3700 WinHttpAutoProxySvc - ok
    20:06:42.0091 3700 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    20:06:42.0091 3700 Winmgmt - ok
    20:06:42.0153 3700 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
    20:06:42.0169 3700 WinRM - ok
    20:06:42.0263 3700 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    20:06:42.0278 3700 WinUsb - ok
    20:06:42.0606 3700 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
    20:06:42.0656 3700 Wlansvc - ok
    20:06:42.0666 3700 wlidsvc - ok
    20:06:42.0677 3700 wmccds - ok
    20:06:42.0727 3700 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    20:06:42.0727 3700 WmiAcpi - ok
    20:06:42.0787 3700 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    20:06:42.0787 3700 wmiApSrv - ok
    20:06:42.0867 3700 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
    20:06:42.0877 3700 WMPNetworkSvc - ok
    20:06:42.0947 3700 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
    20:06:43.0047 3700 WPCSvc - ok
    20:06:43.0127 3700 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    20:06:43.0147 3700 WPDBusEnum - ok
    20:06:43.0167 3700 wps - ok
    20:06:43.0217 3700 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    20:06:43.0217 3700 ws2ifsl - ok
    20:06:43.0227 3700 WSearch - ok
    20:06:43.0287 3700 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    20:06:43.0307 3700 WudfPf - ok
    20:06:43.0357 3700 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    20:06:43.0387 3700 WUDFRd - ok
    20:06:43.0497 3700 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    20:06:43.0527 3700 wudfsvc - ok
    20:06:43.0698 3700 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
    20:06:43.0738 3700 WwanSvc - ok
    20:06:43.0768 3700 XilinxPC4Driver - ok
    20:06:43.0928 3700 z525bus - ok
    20:06:43.0968 3700 zdeviceservice - ok
    20:06:44.0008 3700 ZDPNDIS5 - ok
    20:06:44.0018 3700 ZDPSp50 - ok
    20:06:44.0018 3700 zebrceb - ok
    20:06:44.0058 3700 zntport - ok
    20:06:44.0078 3700 ZSMC211 - ok
    20:06:44.0108 3700 ZY202_XP - ok
    20:06:44.0128 3700 {6080a529-897e-4629-a488-aba0c29b635e} - ok
    20:06:44.0138 3700 ================ Scan global ===============================
    20:06:44.0218 3700 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
    20:06:44.0378 3700 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
    20:06:44.0398 3700 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
    20:06:44.0468 3700 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
    20:06:44.0538 3700 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
    20:06:44.0538 3700 [Global] - ok
    20:06:44.0548 3700 ================ Scan MBR ==================================
    20:06:44.0568 3700 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    20:06:49.0869 3700 \Device\Harddisk0\DR0 - ok
    20:06:49.0879 3700 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
    20:06:49.0879 3700 \Device\Harddisk1\DR1 - ok
    20:06:49.0879 3700 ================ Scan VBR ==================================
    20:06:49.0889 3700 [ D8A25C9032AF79CA9ED870F5FFA25B69 ] \Device\Harddisk0\DR0\Partition1
    20:06:49.0909 3700 \Device\Harddisk0\DR0\Partition1 - ok
  10. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    I downloaded one of the programs at a time and ran them right after I downloaded them in the order that they were posted on the post, I didn't do a very good job of posting them in order sorry.
  11. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    OK.
    I still need aswMBR log.
  12. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2012-11-17 17:59:10
    -----------------------------
    17:59:10.130 OS Version: Windows 6.1.7601 Service Pack 1
    17:59:10.130 Number of processors: 2 586 0xF06
    17:59:10.130 ComputerName: JOSH-PC UserName: Josh
    17:59:11.359 Initialize success
    17:59:21.621 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    17:59:21.621 Disk 0 Vendor: ST350064 3.AD Size: 476940MB BusType: 8
    17:59:21.637 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
    17:59:21.637 Disk 1 Vendor: WDC_WD20 04.0 Size: 1907729MB BusType: 8
    17:59:21.637 Disk 0 MBR read successfully
    17:59:21.652 Disk 0 MBR scan
    17:59:21.652 Disk 0 Windows 7 default MBR code
    17:59:21.652 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    17:59:21.668 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
    17:59:21.684 Disk 0 scanning sectors +976771072
    17:59:21.762 Disk 0 scanning C:\Windows\system32\drivers
    17:59:28.326 Service scanning
    17:59:36.500 Service MpKslc4ebaf85 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{207F953E-034D-44AA-8818-76440A481778}\MpKslc4ebaf85.sys **LOCKED** 32
    17:59:45.579 Modules scanning
    18:00:08.642 Disk 0 trace - called modules:
    18:00:08.642
    18:00:08.658 Scan finished successfully
    18:02:13.860 Disk 0 MBR has been saved successfully to "C:\Users\Josh\Desktop\MBR.dat"
    18:02:13.860 The log file has been saved successfully to "C:\Users\Josh\Desktop\aswMBR.txt"
  13. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    Good :)

    Create new restore point before proceeding with the next step....
    How to:
    - Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
    - Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
    - Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
    - XP: http://support.microsoft.com/kb/948247

    ==============================

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  14. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    Thanks I was getting lost where one log began and where one ended.
  15. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    Alright here is the latest log.

    ComboFix 12-11-16.02 - Josh 11/17/2012 21:09:38.1.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3070.2010 [GMT -8:00]
    Running from: c:\users\Josh\Downloads\ComboFix.exe
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\$NtUninstallKB17208$
    c:\windows\$NtUninstallKB17208$\4224694519\L\xadqgnnk
    c:\windows\system32\dds_trash_log.cmd
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-10-18 to 2012-11-18 )))))))))))))))))))))))))))))))
    .
    .
    2012-11-18 05:24 . 2012-11-18 06:20 -------- d-----w- c:\users\Josh\AppData\Local\temp
    2012-11-18 05:24 . 2012-11-18 05:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2012-11-18 05:24 . 2012-11-18 05:24 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-11-18 05:07 . 2012-11-18 05:27 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{207F953E-034D-44AA-8818-76440A481778}\offreg.dll
    2012-11-18 04:02 . 2012-10-24 17:50 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
    2012-11-18 04:02 . 2012-10-24 17:50 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
    2012-11-18 04:02 . 2012-10-24 17:50 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
    2012-11-18 03:50 . 2012-08-21 21:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2012-11-18 03:50 . 2012-11-18 03:50 -------- d-----w- C:\Mozilla Plugins
    2012-11-18 03:50 . 2012-11-18 03:50 -------- d-----w- C:\iTunesMiniPlayer.Resources
    2012-11-18 03:50 . 2012-11-18 03:50 -------- d-----w- C:\iTunesHelper.Resources
    2012-11-18 03:49 . 2012-11-18 03:50 -------- d-----w- C:\iTunes.Resources
    2012-11-18 03:49 . 2012-11-18 03:49 -------- d-----w- c:\program files\iPod
    2012-11-18 03:49 . 2012-11-18 03:50 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2012-11-18 03:49 . 2012-11-18 03:49 -------- d-----w- C:\CD Configuration
    2012-11-18 03:48 . 2012-11-18 05:07 -------- d-----w- c:\program files\Mozilla Maintenance Service
    2012-11-17 00:48 . 2012-10-17 09:32 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{207F953E-034D-44AA-8818-76440A481778}\mpengine.dll
    2012-11-16 05:54 . 2012-11-16 05:54 -------- d-----w- C:\FRST
    2012-10-25 11:12 . 2012-10-25 11:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-10-25 11:12 . 2012-10-25 11:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-11-17 02:08 . 2012-04-10 21:44 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-11-17 02:08 . 2011-08-04 18:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-09-30 03:54 . 2012-04-10 21:55 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-10 07:30 . 2012-09-10 07:30 293776 ----a-w- C:\iTunesOutlookAddIn.dll
    2012-09-10 07:30 . 2012-09-10 07:30 124816 ----a-w- C:\iTunesMiniPlayer.dll
    2012-09-10 07:30 . 2012-09-10 07:30 421776 ----a-w- C:\iTunesHelper.exe
    2012-09-10 07:30 . 2012-09-10 07:30 403344 ----a-w- C:\iTunesAdmin.dll
    2012-09-10 07:30 . 2012-09-10 07:30 156560 ----a-w- C:\iTunesHelper.dll
    2012-09-10 07:30 . 2012-09-10 07:30 9777040 ----a-w- C:\iTunes.exe
    2012-09-10 07:30 . 2012-09-10 07:30 21131152 ----a-w- C:\iTunes.dll
    2012-09-10 07:30 . 2012-09-10 07:30 776216 ----a-w- C:\gnsdk_sdkmanager.dll
    2012-09-10 07:30 . 2012-09-10 07:30 3008536 ----a-w- C:\gnsdk_dsp.dll
    2012-09-10 07:30 . 2012-09-10 07:30 262680 ----a-w- C:\gnsdk_submit.dll
    2012-09-10 07:30 . 2012-09-10 07:30 219672 ----a-w- C:\gnsdk_musicid.dll
    2012-09-10 07:30 . 2012-09-10 07:30 2011024 ----a-w- C:\iPodUpdaterExt.dll
    2012-08-21 21:01 . 2011-08-06 23:32 106928 ----a-w- c:\windows\system32\GEARAspi.dll
    2012-10-24 17:50 . 2012-11-18 03:47 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]
    "iTunesHelper"="C:\iTunesHelper.exe" [2012-09-10 421776]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
    .
    c:\users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    .
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    NETSVCS REQUIRES REPAIRS - current entries shown
    AeLookupSvc
    CertPropSvc
    SCPolicySvc
    lanmanserver
    gpsvc
    IKEEXT
    AudioSrv
    FastUserSwitchingCompatibility
    Ias
    Irmon
    Nla
    Ntmssvc
    NWCWorkstation
    Nwsapagent
    Rasauto
    Rasman
    Remoteaccess
    SENS
    Sharedaccess
    SRService
    Tapisrv
    Wmi
    WmdmPmSp
    ami0nt
    tomcatcws3
    aswtdi
    mxserver
    retroexplauncher
    NITaggerService
    iAimFP7
    hf30service
    TPM
    symantecantibotwatcher
    R300
    HabuFltr
    lxbu_device
    ifp800
    flashpnt
    atchksrv
    ZDPNDIS5
    kwatchsvc
    lirsgt
    bocdrive
    vaiomediaplatform-videoserver-appserver
    RTHDMIAzAudService
    bb-run
    kpf4
    vcomm
    SNC
    zdeviceservice
    ZDPSp50
    curtainssyssvc
    ATKGFNEXSrv
    apache2
    fasttrackinstallerservice
    mdvrmng
    simbad
    dpc_srv_webcast
    webrootcommagentservice
    avc
    vproeventmonitor
    tphdexlgsvc
    ovt519
    tvichw32
    avsvcmonitor
    LKbdFlt2
    cpqvcagent
    se44obex
    driverhardwarev2
    NxFsMon
    sddmi2
    v124
    n558
    ultra66
    VirtualFD
    snapman
    Dfs
    thpsrv
    mqdmmdm
    ZSMC211
    backupexecrpcservice
    nvedavt
    cq_mem
    penrendezvous
    b57w2k
    ntiopnp
    zebrceb
    dot4ufd
    aslm75
    dklogger
    sentinel
    SE27mdm
    F700imd
    nidomainservice
    O2SCBUS
    shdserv
    OracleOraHome92ClientCache
    cpsvc
    VrAcFil
    Atmuni
    Ptserlp
    bgsvcgen
    DivisCTP
    merakpop3
    Tablet2k
    DcCam
    gs30s
    CcmExec
    rt2500
    admjoy
    upsentry_smart
    nimcrpcsu
    MSFWDrv
    crystaloutputfileserver
    tunmp
    JRAID
    Shockprf
    ctusfsyn
    FVXSCSI
    application
    tosrfusb
    btcsrusb
    PdiPorts
    M3AD
    ntsecure
    hpwirelessmgr
    vncdrv
    contentindex
    lp6nds35
    3comtftp
    stylexpservice
    SaiMini
    toshidpt
    digictrl
    TMBUS
    k750bus
    atksgt
    speedfan
    streamloadservice
    imonitor
    ZY202_XP
    DeviceScanner
    mail2ec
    sym_u3
    usb20l
    ldlcserv
    ino_flpy
    jsdaemon
    ARCSOFTVIRTUALCAPTURE
    HssSrv
    hsfhwazl
    bdrsdrv
    FTDIBUS
    VirtualCam
    pxhelp20
    mcdbus
    contentfilter
    symc810
    ndassvc
    HWIONT
    DSI_SiUSBXp_3_1
    JiaoCap
    spcsutilityservice
    z525bus
    3combootp
    centennialiptransferagent
    tappsrv
    L1e
    rimvserport
    dsncservice
    wps
    backupclientsvc
    U81xobex
    icraplus
    zntport
    dbmang
    avg7rsw
    UCTblHid
    KLOGNT
    TuneUp.ProgramStatisticsSvc
    mpfirewl
    mrobeservice
    thotkey
    ql1080
    caccprovsp
    CnxTrUsb
    ifxspmgtsrv
    HSX_DP
    cpqdmi
    se2End5
    LMouKE
    i2omgmt
    XilinxPC4Driver
    bthpan
    CDRPDACC
    symc8xx
    p3
    nwlnkipx
    CoachVc
    avsinc
    hap17v2k
    motoswitchservice
    iolo_srv
    dmload
    Slntamr
    Amsmpu4p
    WGX
    p2pgasvc
    sit_mdm
    ATIBTXBAR
    hSONYPVh
    tme3srv
    slapd-data52
    dvd-ram_service
    arp1394
    CVPNDRVA
    snoopfree
    netdetect
    Nsynas32
    LHidKe
    cfsvcs
    hpqddsvc
    SE2Emgmt
    lvcomser
    ELacpi
    ftrtsvc
    eeyeevnt
    CdaC15BA
    PTproct
    transactional
    Invoker
    CE3
    wlidsvc
    vrmonsvc
    parallel
    bmuservice
    smrt
    aexnsclient
    NWSIPX32
    iaantmon
    us30sys
    se2Bunic
    FireTDI
    QPCapSvc
    mcods
    ssrvc
    prism_a02
    SE26obex
    sscdmdm
    VAIOMediaPlatform-PhotoServer-HTTP
    d-link_st3402
    hcmon
    ACDaemon
    cisvc
    lwwlicenseservice
    procmon10
    MRENDIS5
    cbidf
    adsservice
    ngserver
    iolodmv
    lhidflt2
    w800obex
    Ncrc710
    wmccds
    {6080a529-897e-4629-a488-aba0c29b635e}
    Pctspk
    pmsveh
    vulfnths
    SimpTcp
    CTHWIUT.DLL
    abnetmon
    prosync1
    LPDSVC
    rxfilter
    epfwtdi
    RTL8169
    TuneUp.Defrag
    tfsnboio
    symantecantibotagent
    ooclevercacheagent
    bgmainsvc
    GVCplDrv
    DNE
    modemcsa
    V0070VID
    nwlnkspx
    ikfilesec
    rtl8023
    CTMMOUNT
    dwusbdnt
    dbmanagerscheduler
    maxbackserviceint
    susbser
    wfxsvc
    MREMP50a64
    odserv
    roxupnprenderer
    armoucfltr
    s616mgmt
    hsvcmod
    minilog
    db2
    dlbx_device
    MSFWHLPR
    ikhlayer
    client32
    lvhidsvc
    meiudf
    stunnel
    sysdown
    mvserver
    ltxred
    smwdm
    SE2Cmgmt
    mfeavfk
    TermService
    wuauserv
    BITS
    ShellHWDetection
    LogonHours
    PCAudit
    helpsvc
    uploadmgr
    iphlpsvc
    seclogon
    AppInfo
    msiscsi
    MMCSS
    wercplsupport
    EapHost
    ProfSvc
    schedule
    hkmsvc
    SessionEnv
    winmgmt
    browser
    Themes
    BDESVC
    AppMgmt
    .
    Rebuilding ... You need to reboot your machine for this to take effect.
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 02:08]
    .
    2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 06:48]
    .
    2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 06:48]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uDefault_Search_URL = hxxp://www.google.com/ie
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.2.1
    FF - ProfilePath - c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\l200lb69.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-{8660E5B3-6C41-44DE-8503-98D99BBECD41} - c:\program files\Coupons.com CouponBar\tbcore3.dll
    HKCU-Run-PlayOn - c:\program files\MediaMall\PlayOn.exe
    HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
    SafeBoot-48930758.sys
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\program files\Microsoft Security Client\MsMpEng.exe
    c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
    c:\windows\system32\nvvsvc.exe
    c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\system32\taskhost.exe
    c:\windows\system32\conhost.exe
    .
    **************************************************************************
    .
    Completion time: 2012-11-17 22:23:44 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-11-18 06:23
    .
    Pre-Run: 113,028,571,136 bytes free
    Post-Run: 115,978,592,256 bytes free
    .
    - - End Of File - - A83491BDF68C893C5C424814D671A00D
  16. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    Looks good :)

    Any current issues?

    ==============================

    Download OTL to your Desktop.
    Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
  17. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    There are no current issues.Here is the latest log.

    OTL logfile created on: 11/19/2012 6:56:43 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Josh\Downloads
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 50.82% Memory free
    5.99 Gb Paging File | 4.36 Gb Available in Paging File | 72.76% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 465.66 Gb Total Space | 104.79 Gb Free Space | 22.50% Space Free | Partition Type: NTFS
    Drive E: | 1863.01 Gb Total Space | 670.01 Gb Free Space | 35.96% Space Free | Partition Type: NTFS

    Computer Name: JOSH-PC | User Name: Josh | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/11/19 18:56:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Josh\Downloads\OTL.exe
    PRC - [2012/11/16 18:08:17 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
    PRC - [2012/10/24 09:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2012/10/02 11:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    PRC - [2012/10/02 11:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/09/09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\iTunesHelper.exe
    PRC - [2012/08/29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/06/13 15:53:48 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
    PRC - [2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/11/20 04:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/11/16 18:08:16 | 009,814,968 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll
    MOD - [2012/10/24 09:50:39 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012/03/16 14:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
    MOD - [2012/03/16 14:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
    MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aswrdr.dll -- (ZY202_XP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CAMCAUD.dll -- (ZSMC211)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WBHWDOCT.dll -- (zntport)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ino_flpy.dll -- (zebrceb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se26nd5.dll -- (ZDPSp50)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qmofiltr.dll -- (ZDPNDIS5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MSMQTriggers.dll -- (zdeviceservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mgabg.dll -- (z525bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pxhelp20.dll -- (XilinxPC4Driver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nv.dll -- (wps)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amfilter.dll -- (wmccds)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (wlidsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\schscnt.dll -- (WGX)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bridge.dll -- (wfxsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cltnetcnservice.dll -- (webrootcommagentservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emAudio.dll -- (w800obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELmon.dll -- (vulfnths)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aiclient.dll -- (vrmonsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcSSIOMngr.dll -- (VrAcFil)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifsfilter.dll -- (vproeventmonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensewfreportserver.dll -- (vncdrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvmd.dll -- (VirtualFD)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fltmgr.dll -- (VirtualCam)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AVerBDA.dll -- (vcomm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aswlsvc.dll -- (vaiomediaplatform-videoserver-appserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ACDaemon.dll -- (VAIOMediaPlatform-PhotoServer-HTTP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnsx25.dll -- (v124)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SABProcEnum.dll -- (V0070VID)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservauth.dll -- (usb20l)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winvnc.dll -- (us30sys)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSDrv4.dll -- (upsentry_smart)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWADI.dll -- (ultra66)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (UCTblHid)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\d-link_st3402.dll -- (U81xobex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DM9102.dll -- (tvichw32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\KMWDFilter.dll -- (tunmp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EMSCR.dll -- (TuneUp.ProgramStatisticsSvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vclone.dll -- (TuneUp.Defrag)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\JL2005C.dll -- (transactional)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\service.dll -- (TPM)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mwsejcap.dll -- (tphdexlgsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CADlink.dll -- (tosrfusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\intelroam.dll -- (toshidpt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnudfa.dll -- (tomcatcws3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\coste.dll -- (tme3srv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kpfwsvc.dll -- (TMBUS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AMDPCI.dll -- (thpsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm21.dll -- (thotkey)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s716nd5.dll -- (tfsnboio)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SRTSP.dll -- (tappsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wanarp.dll -- (Tablet2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sqlserveragent.dll -- (sysdown)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usnjsvc.dll -- (symc8xx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ptserlp.dll -- (symc810)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\addfiltr.dll -- (symantecantibotwatcher)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdralw2k.dll -- (symantecantibotagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-rec.dll -- (sym_u3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\viamraid.dll -- (susbser)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thinkpadmodemservice.dll -- (stylexpservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\digictrl.dll -- (stunnel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VrAcFil.dll -- (streamloadservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ovmsmaccessmanager.dll -- (ssrvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pelmouse.dll -- (sscdmdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amdagp.dll -- (speedfan)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavfnsvr.dll -- (spcsutilityservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (snoopfree)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\profos.dll -- (SNC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nod32krn.dll -- (snapman)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELhid.dll -- (smwdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Epiusb.dll -- (smrt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcbus.dll -- (Slntamr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125mdfl.dll -- (slapd-data52)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MxlW2k.dll -- (sit_mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avgntflt.dll -- (SimpTcp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50a64.dll -- (simbad)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cfgwzsvc.dll -- (Shockprf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmBEnum.dll -- (shdserv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p17.dll -- (sentinel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELhid.dll -- (se44obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\n3900.dll -- (se2End5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\guardian2.dll -- (SE2Emgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SPCtl.dll -- (SE2Cmgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mqdmbus.dll -- (se2Bunic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlbx_device.dll -- (SE27mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lockmgr.dll -- (SE26obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EpmShd.dll -- (sddmi2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vclone.dll -- (SaiMini)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FETNDISB.dll -- (s616mgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slee_503_service.dll -- (rxfilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bb-run.dll -- (RTL8169)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\suservice.dll -- (rtl8023)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VC4CB104.dll -- (RTHDMIAzAudService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DXEC02.dll -- (rt2500)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvport.dll -- (roxupnprenderer)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ql1080.dll -- (rimvserport)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (retroexplauncher)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp90.dll -- (R300)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qcmerced.dll -- (QPCapSvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v124.dll -- (ql1080)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pvservice.dll -- (pxhelp20)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USB_RNDIS_XP.dll -- (Ptserlp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p1110vid.dll -- (PTproct)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emproxy.dll -- (prosync1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Intels51.dll -- (prism_a02)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmp54gsvc.dll -- (pmsveh)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\toshidpt.dll -- (penrendezvous)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spcstb.dll -- (PdiPorts)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trackcam4.dll -- (Pctspk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsssvc.dll -- (parallel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nhcDriverDevice.dll -- (p3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\XDva004.dll -- (p2pgasvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wpsscannersvc.dll -- (ovt519)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ovt519.dll -- (OracleOraHome92ClientCache)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mgmt.dll -- (ooclevercacheagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (odserv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lockmgr.dll -- (O2SCBUS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcrypt.dll -- (NxFsMon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcEPECioctl.dll -- (NWSIPX32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se59unic.dll -- (nwlnkspx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s3savagemx.dll -- (nwlnkipx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (nvedavt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kl1.dll -- (ntsecure)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sony_ssm.sys.dll -- (ntiopnp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atiavaiw.dll -- (Nsynas32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pxfhmdfl.dll -- (NITaggerService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WinDriver6.dll -- (nimcrpcsu)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dashsvc.dll -- (nidomainservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\noipducservice.dll -- (ngserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asp.net_1.1.4322.dll -- (netdetect)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDCNDIS5.dll -- (ndassvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ulcdrhlp.dll -- (Ncrc710)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (n558)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZSMC301b.dll -- (mxserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\F700imd.dll -- (mvserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELacpi.dll -- (MSFWHLPR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\armoucfltr.dll -- (MSFWDrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\siside.dll -- (mrobeservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvax.dll -- (MRENDIS5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ppa3.dll -- (MREMP50a64)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NVR0Dev.dll -- (mqdmmdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\QV2KUX.dll -- (mpfirewl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symlcbrd.dll -- (motoswitchservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trufos.dll -- (modemcsa)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prosync1.dll -- (minilog)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iwebmsg.dll -- (mfeavfk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\httpfilter.dll -- (merakpop3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dladresm.dll -- (meiudf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atimtag.dll -- (mdvrmng)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atitool.dll -- (mcods)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlluc48.dll -- (mcdbus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_client-forms6ip14.dll -- (maxbackserviceint)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidgame.dll -- (mail2ec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_xp.dll -- (M3AD)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sis315.dll -- (lxbu_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\earthlinksafeconnectagent.dll -- (lwwlicenseservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ktp.dll -- (lvhidsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sit_mdm.dll -- (lvcomser)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdftdif.dll -- (ltxred)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\raidmagt.dll -- (LPDSVC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pae_avs.dll -- (lp6nds35)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MXOPSWD.dll -- (LMouKE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWUSBPort.dll -- (LKbdFlt2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sentinel.dll -- (lirsgt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (LHidKe)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rsvchost.dll -- (lhidflt2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxrjd31s.dll -- (ldlcserv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scanwscs.dll -- (L1e)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\admservice.dll -- (kwatchsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bwmservice.dll -- (kpf4)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avfilter.dll -- (KLOGNT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\licensemanagersocket.dll -- (k750bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmHidLo.dll -- (jsdaemon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpctcom.dll -- (JRAID)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VIAPFD.dll -- (JiaoCap)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmasrex.dll -- (iolodmv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USIUDF.dll -- (iolo_srv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hkmsvc.dll -- (Invoker)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SymIM.dll -- (ino_flpy)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lirsgt.dll -- (imonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RVIEG01.dll -- (ikhlayer)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\akshasp.dll -- (ikfilesec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZSMC301b.dll -- (ifxspmgtsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vulfntrs.dll -- (ifp800)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA-620.dll -- (icraplus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ProcObsrv.dll -- (iAimFP7)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gv3.dll -- (iaantmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (i2omgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\volsnap.dll -- (HWIONT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HFACSVC.dll -- (HSX_DP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (hsvcmod)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\https-admserv61.dll -- (HssSrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafreportscheduler.dll -- (hSONYPVh)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rslinxng.dll -- (hsfhwazl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcredirector.dll -- (hpwirelessmgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msmpsvc.dll -- (hpqddsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bt3cser.dll -- (hf30service)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s616mdfl.dll -- (hcmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxce_device.dll -- (hap17v2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lanmanserver.dll -- (HabuFltr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snpstd2.dll -- (GVCplDrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hamachi.dll -- (gs30s)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ultra66.dll -- (FVXSCSI)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ARPolicy.dll -- (ftrtsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RadProbe.dll -- (FTDIBUS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Cnd5.dll -- (flashpnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GTSCSER.dll -- (FireTDI)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125bus.dll -- (fasttrackinstallerservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleservicelocalora.dll -- (F700imd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfng32.dll -- (epfwtdi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\disk.dll -- (ELacpi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\comhost.dll -- (eeyeevnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavfnsvr.dll -- (dwusbdnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ifxspmgtsrv.dll -- (dvd-ram_service)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snare.dll -- (dsncservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mraid35x.dll -- (DSI_SiUSBXp_3_1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gusvc.dll -- (driverhardwarev2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kl1.dll -- (dpc_srv_webcast)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vulfnths.dll -- (dot4ufd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\naimagent32.dll -- (DNE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symc8xx.dll -- (dmload)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ageremodemaudio.dll -- (d-link_st3402)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aslm75.dll -- (dlbx_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMCB000.dll -- (dklogger)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\itmrtsvc.dll -- (DivisCTP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavdrv.dll -- (digictrl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniusbl.dll -- (Dfs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsks.dll -- (DeviceScanner)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZY202_XP.dll -- (DcCam)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\papyjoy.dll -- (dbmang)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btkrnl.dll -- (dbmanagerscheduler)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RecAgent.dll -- (db2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTDevice_Srv.dll -- (CVPNDRVA)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSSdk23.dll -- (curtainssyssvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epsonbidirectionalservice.dll -- (ctusfsyn)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\V0070VID.dll -- (CTMMOUNT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DN2AKNET.dll -- (CTHWIUT.DLL)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rupsmon.dll -- (crystaloutputfileserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (cq_mem)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmdmpmsn.dll -- (cpsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Xyz777s.dll -- (cpqvcagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\revudfservice.dll -- (cpqdmi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xpadminserver.dll -- (contentindex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i2omgmt.dll -- (contentfilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICM.dll -- (CoachVc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\raspti.dll -- (CnxTrUsb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mysql.dll -- (client32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nscirda.dll -- (cfsvcs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (centennialiptransferagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CnxTrLan.dll -- (CE3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MXOPSWD.dll -- (CDRPDACC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pxfhserd.dll -- (CdaC15BA)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSSdk21.dll -- (CcmExec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbvideo.dll -- (cbidf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nuvvid2.dll -- (caccprovsp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfhlp01.dll -- (bthpan)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xpadminserver.dll -- (btcsrusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\anio.dll -- (bocdrive)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AKSIFDH.dll -- (bmuservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nhcDriverDevice.dll -- (bgsvcgen)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnmsrvc.dll -- (bgmainsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ld51ocnucsnp.dll -- (bdrsdrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATIVXSTW.dll -- (bb-run)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rimusb.dll -- (backupexecrpcservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\S7oppilx.dll -- (backupclientsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TSHWMDTCP.dll -- (b57w2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vaiomediaplatform-photoserver-appserver.dll -- (avsvcmonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\euq_monitor.dll -- (avsinc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2.dll -- (avg7rsw)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wdm_au8820.dll -- (avc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epsonstatusagent2.dll -- (Atmuni)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lmimaint.dll -- (atksgt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\igfx.dll -- (ATKGFNEXSrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w3svc.dll -- (ATIBTXBAR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\STV672.dll -- (atchksrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vtserver.dll -- (aswtdi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmusb.dll -- (aslm75)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AVRec.dll -- (arp1394)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NETGEAR_MA111.dll -- (armoucfltr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mgmt.dll -- (ARCSOFTVIRTUALCAPTURE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mgmt.dll -- (application)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prfldsvc.dll -- (apache2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\a016bus.dll -- (Amsmpu4p)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nuvvid2.dll -- (ami0nt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgs_sdservice.dll -- (aexnsclient)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vwlogger.dll -- (adsservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WD_FireWire_HID.dll -- (admjoy)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emAudio.dll -- (ACDaemon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aeclienthostservice.dll -- (abnetmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mediaviewer.dll -- (3comtftp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HSFHWALI.dll -- (3combootp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nv_agp.dll -- ({6080a529-897e-4629-a488-aba0c29b635e})
    SRV - [2012/11/16 18:08:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/10/24 09:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/08/04 14:52:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2009/07/13 17:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Josh\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - [2012/10/10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2010/11/20 04:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2010/11/20 04:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2010/11/20 04:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2010/11/20 02:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 02:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV - [2010/11/20 01:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/20 01:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2010/11/20 01:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
    DRV - [2010/04/29 12:40:52 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
    DRV - [2009/07/08 23:47:00 | 001,172,992 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/06/05 18:12:34 | 000,219,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express)
    DRV - [2007/08/16 12:49:48 | 000,552,448 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)


    ========== Standard Registry (SafeList) ==========
  18. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 03 89 63 59 53 CC 01 [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\SearchScopes,DefaultScope = {A690E7CF-96BA-4C0E-843A-981EC88EF834}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{A690E7CF-96BA-4C0E-843A-981EC88EF834}: "URL" = http://www.google.com/search?q={sea...tartIndex={startIndex?}&startPage={startPage}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/17 20:02:00 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/17 19:54:05 | 000,000,000 | ---D | M]

    [2012/02/05 07:02:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Extensions
    [2012/11/16 22:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\l200lb69.default\extensions
    [2012/11/18 11:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/11/18 11:02:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    [2012/10/24 09:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/10/24 09:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/10/24 09:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========


    O1 HOSTS File: ([2012/11/17 22:20:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\23.0.1271.64\npchrome_frame.dll (Google Inc.)
    O2 - BHO: (TBSB07898 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [iTunesHelper] C:\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F420228-8517-46CE-ABA2-E5374B8143C9}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB818722-AC78-459A-A451-6CA7FD0BF4F8}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3ACA713-E556-4469-BAF0-3EE34FF95898}: DhcpNameServer = 192.168.2.1
    O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\23.0.1271.64\npchrome_frame.dll (Google Inc.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/11/18 11:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    [2012/11/18 11:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2012/11/18 10:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
    [2012/11/18 10:48:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2012/11/17 22:20:39 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
    [2012/11/17 21:24:50 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\temp
    [2012/11/17 21:00:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/11/17 21:00:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/11/17 21:00:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/11/17 20:48:11 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/11/17 20:43:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2012/11/17 19:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    [2012/11/17 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2012/11/17 19:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    [2012/11/17 19:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2012/11/17 19:50:51 | 000,000,000 | ---D | C] -- C:\Mozilla Plugins
    [2012/11/17 19:50:49 | 000,000,000 | ---D | C] -- C:\iTunesMiniPlayer.Resources
    [2012/11/17 19:50:48 | 000,000,000 | ---D | C] -- C:\iTunesHelper.Resources
    [2012/11/17 19:49:09 | 000,000,000 | ---D | C] -- C:\iTunes.Resources
    [2012/11/17 19:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2012/11/17 19:49:05 | 000,000,000 | ---D | C] -- C:\CD Configuration
    [2012/11/17 19:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/11/17 19:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2012/11/17 19:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
    [2012/11/17 17:56:49 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Josh\Desktop\TDSSKiller.exe
    [2012/11/16 22:53:51 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\RK_Quarantine
    [2012/11/15 21:54:44 | 000,000,000 | ---D | C] -- C:\FRST

    ========== Files - Modified Within 30 Days ==========

    [2012/11/19 18:36:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/11/19 18:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/11/18 21:36:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/11/18 11:14:19 | 000,013,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/11/18 11:14:19 | 000,013,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/11/18 11:12:03 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/11/18 11:12:03 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/11/18 11:05:41 | 000,410,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/11/18 11:05:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/11/18 11:04:26 | 2414,284,800 | -HS- | M] () -- C:\hiberfil.sys
    [2012/11/18 03:07:32 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2012/11/17 22:20:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2012/11/17 20:02:22 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/11/17 19:54:01 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2012/11/17 19:51:09 | 000,001,393 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2012/11/17 18:02:13 | 000,000,512 | ---- | M] () -- C:\Users\Josh\Desktop\MBR.dat
    [2012/11/15 21:30:45 | 000,001,091 | ---- | M] () -- C:\Users\Josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2012/10/31 21:49:22 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Josh\Desktop\TDSSKiller.exe

    ========== Files Created - No Company Name ==========

    [2012/11/18 03:03:50 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    [2012/11/18 03:03:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    [2012/11/17 21:00:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/11/17 21:00:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/11/17 21:00:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/11/17 21:00:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/11/17 21:00:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/11/17 20:02:22 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/11/17 19:54:01 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2012/11/17 19:51:09 | 000,001,393 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2012/11/17 18:02:13 | 000,000,512 | ---- | C] () -- C:\Users\Josh\Desktop\MBR.dat
    [2012/11/15 21:30:45 | 000,001,091 | ---- | C] () -- C:\Users\Josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2011/10/24 20:28:05 | 000,186,844 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2011/10/06 18:35:01 | 029,360,128 | ---- | C] () -- C:\Users\Josh\ios_5_gm_seed__ipad_2__9a334.dmg
    [2011/10/06 17:37:34 | 751,482,123 | ---- | C] () -- C:\Users\Josh\ios_5_gm_seed__ipad_2__9a334.7z
    [2011/08/05 10:24:53 | 000,007,605 | ---- | C] () -- C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
    [2011/08/04 16:04:44 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
    [2011/08/04 16:03:08 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

    ========== ZeroAccess Check ==========

    [2009/07/13 20:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 17:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2011/11/16 16:13:54 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Catalina Marketing Corp
    [2012/06/13 10:33:37 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\com.amazon.music.uploader
    [2011/09/01 18:07:49 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Digiarty
    [2011/10/28 04:20:54 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Leadertech
    [2012/01/27 19:01:37 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Rainmeter
    [2011/12/31 19:22:32 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\redsn0w
    [2011/12/04 22:34:52 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Seas0nPass
    [2011/08/06 22:46:03 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TeamViewer
    [2012/04/16 18:30:05 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\uTorrent
    [2011/08/08 17:03:45 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\ZumoCast

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 168 bytes -> C:\Users\Josh\Desktop\signature.jpeg:3or4kl4x13tuuug3Byamue2s4b

    < End of report >
  19. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O2 - BHO: (TBSB07898 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
      @Alternate Data Stream - 168 bytes -> C:\Users\Josh\Desktop\signature.jpeg:3or4kl4x13tuuug3Byamue2s4b
      
      :Commands
      [purity]
      [emptytemp]
      [emptyjava]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

    ================================

    Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    Next...

    • Double click on adwcleaner.exe to run the tool.
    • Click on Uninstall.
    • Confirm with yes.

    ==================================

    Last scans...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

    2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

    3. Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.

    4. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click on List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
  20. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    OTL logfile created on: 11/22/2012 9:15:25 AM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Josh\Downloads
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 60.62% Memory free
    5.99 Gb Paging File | 4.69 Gb Available in Paging File | 78.26% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 465.66 Gb Total Space | 104.14 Gb Free Space | 22.36% Space Free | Partition Type: NTFS
    Drive E: | 1863.01 Gb Total Space | 670.01 Gb Free Space | 35.96% Space Free | Partition Type: NTFS

    Computer Name: JOSH-PC | User Name: Josh | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/11/19 18:56:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Josh\Downloads\OTL.exe
    PRC - [2012/11/16 18:08:17 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
    PRC - [2012/10/24 09:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2012/10/02 11:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    PRC - [2012/10/02 11:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/09/09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\iTunesHelper.exe
    PRC - [2012/08/29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2012/08/20 09:37:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2012/08/09 23:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
    PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/06/13 15:53:48 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
    PRC - [2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/11/20 04:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/11/16 18:08:16 | 009,814,968 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll
    MOD - [2012/10/24 09:50:39 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012/03/16 14:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
    MOD - [2012/03/16 14:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
    MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aswrdr.dll -- (ZY202_XP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CAMCAUD.dll -- (ZSMC211)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WBHWDOCT.dll -- (zntport)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ino_flpy.dll -- (zebrceb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se26nd5.dll -- (ZDPSp50)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qmofiltr.dll -- (ZDPNDIS5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MSMQTriggers.dll -- (zdeviceservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mgabg.dll -- (z525bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pxhelp20.dll -- (XilinxPC4Driver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nv.dll -- (wps)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amfilter.dll -- (wmccds)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (wlidsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\schscnt.dll -- (WGX)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bridge.dll -- (wfxsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cltnetcnservice.dll -- (webrootcommagentservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emAudio.dll -- (w800obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELmon.dll -- (vulfnths)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aiclient.dll -- (vrmonsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcSSIOMngr.dll -- (VrAcFil)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifsfilter.dll -- (vproeventmonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensewfreportserver.dll -- (vncdrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvmd.dll -- (VirtualFD)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fltmgr.dll -- (VirtualCam)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AVerBDA.dll -- (vcomm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aswlsvc.dll -- (vaiomediaplatform-videoserver-appserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ACDaemon.dll -- (VAIOMediaPlatform-PhotoServer-HTTP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnsx25.dll -- (v124)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SABProcEnum.dll -- (V0070VID)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservauth.dll -- (usb20l)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winvnc.dll -- (us30sys)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSDrv4.dll -- (upsentry_smart)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWADI.dll -- (ultra66)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (UCTblHid)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\d-link_st3402.dll -- (U81xobex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DM9102.dll -- (tvichw32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\KMWDFilter.dll -- (tunmp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EMSCR.dll -- (TuneUp.ProgramStatisticsSvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vclone.dll -- (TuneUp.Defrag)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\JL2005C.dll -- (transactional)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\service.dll -- (TPM)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mwsejcap.dll -- (tphdexlgsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CADlink.dll -- (tosrfusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\intelroam.dll -- (toshidpt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnudfa.dll -- (tomcatcws3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\coste.dll -- (tme3srv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kpfwsvc.dll -- (TMBUS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AMDPCI.dll -- (thpsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm21.dll -- (thotkey)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s716nd5.dll -- (tfsnboio)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SRTSP.dll -- (tappsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wanarp.dll -- (Tablet2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sqlserveragent.dll -- (sysdown)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usnjsvc.dll -- (symc8xx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ptserlp.dll -- (symc810)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\addfiltr.dll -- (symantecantibotwatcher)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdralw2k.dll -- (symantecantibotagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-rec.dll -- (sym_u3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\viamraid.dll -- (susbser)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thinkpadmodemservice.dll -- (stylexpservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\digictrl.dll -- (stunnel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VrAcFil.dll -- (streamloadservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ovmsmaccessmanager.dll -- (ssrvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pelmouse.dll -- (sscdmdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amdagp.dll -- (speedfan)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavfnsvr.dll -- (spcsutilityservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (snoopfree)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\profos.dll -- (SNC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nod32krn.dll -- (snapman)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELhid.dll -- (smwdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Epiusb.dll -- (smrt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcbus.dll -- (Slntamr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125mdfl.dll -- (slapd-data52)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MxlW2k.dll -- (sit_mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avgntflt.dll -- (SimpTcp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50a64.dll -- (simbad)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cfgwzsvc.dll -- (Shockprf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmBEnum.dll -- (shdserv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p17.dll -- (sentinel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELhid.dll -- (se44obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\n3900.dll -- (se2End5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\guardian2.dll -- (SE2Emgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SPCtl.dll -- (SE2Cmgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mqdmbus.dll -- (se2Bunic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlbx_device.dll -- (SE27mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lockmgr.dll -- (SE26obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EpmShd.dll -- (sddmi2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vclone.dll -- (SaiMini)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FETNDISB.dll -- (s616mgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slee_503_service.dll -- (rxfilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bb-run.dll -- (RTL8169)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\suservice.dll -- (rtl8023)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VC4CB104.dll -- (RTHDMIAzAudService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DXEC02.dll -- (rt2500)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvport.dll -- (roxupnprenderer)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ql1080.dll -- (rimvserport)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (retroexplauncher)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp90.dll -- (R300)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qcmerced.dll -- (QPCapSvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v124.dll -- (ql1080)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pvservice.dll -- (pxhelp20)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USB_RNDIS_XP.dll -- (Ptserlp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p1110vid.dll -- (PTproct)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emproxy.dll -- (prosync1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Intels51.dll -- (prism_a02)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmp54gsvc.dll -- (pmsveh)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\toshidpt.dll -- (penrendezvous)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spcstb.dll -- (PdiPorts)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trackcam4.dll -- (Pctspk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsssvc.dll -- (parallel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nhcDriverDevice.dll -- (p3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\XDva004.dll -- (p2pgasvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wpsscannersvc.dll -- (ovt519)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ovt519.dll -- (OracleOraHome92ClientCache)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mgmt.dll -- (ooclevercacheagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (odserv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lockmgr.dll -- (O2SCBUS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcrypt.dll -- (NxFsMon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcEPECioctl.dll -- (NWSIPX32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se59unic.dll -- (nwlnkspx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s3savagemx.dll -- (nwlnkipx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (nvedavt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kl1.dll -- (ntsecure)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sony_ssm.sys.dll -- (ntiopnp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atiavaiw.dll -- (Nsynas32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pxfhmdfl.dll -- (NITaggerService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WinDriver6.dll -- (nimcrpcsu)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dashsvc.dll -- (nidomainservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\noipducservice.dll -- (ngserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asp.net_1.1.4322.dll -- (netdetect)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDCNDIS5.dll -- (ndassvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ulcdrhlp.dll -- (Ncrc710)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (n558)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZSMC301b.dll -- (mxserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\F700imd.dll -- (mvserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ELacpi.dll -- (MSFWHLPR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\armoucfltr.dll -- (MSFWDrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\siside.dll -- (mrobeservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvax.dll -- (MRENDIS5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ppa3.dll -- (MREMP50a64)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NVR0Dev.dll -- (mqdmmdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\QV2KUX.dll -- (mpfirewl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symlcbrd.dll -- (motoswitchservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trufos.dll -- (modemcsa)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prosync1.dll -- (minilog)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iwebmsg.dll -- (mfeavfk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\httpfilter.dll -- (merakpop3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dladresm.dll -- (meiudf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atimtag.dll -- (mdvrmng)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atitool.dll -- (mcods)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlluc48.dll -- (mcdbus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_client-forms6ip14.dll -- (maxbackserviceint)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidgame.dll -- (mail2ec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_xp.dll -- (M3AD)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sis315.dll -- (lxbu_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\earthlinksafeconnectagent.dll -- (lwwlicenseservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ktp.dll -- (lvhidsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sit_mdm.dll -- (lvcomser)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdftdif.dll -- (ltxred)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\raidmagt.dll -- (LPDSVC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pae_avs.dll -- (lp6nds35)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MXOPSWD.dll -- (LMouKE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWUSBPort.dll -- (LKbdFlt2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sentinel.dll -- (lirsgt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (LHidKe)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rsvchost.dll -- (lhidflt2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxrjd31s.dll -- (ldlcserv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scanwscs.dll -- (L1e)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\admservice.dll -- (kwatchsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bwmservice.dll -- (kpf4)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avfilter.dll -- (KLOGNT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\licensemanagersocket.dll -- (k750bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmHidLo.dll -- (jsdaemon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpctcom.dll -- (JRAID)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VIAPFD.dll -- (JiaoCap)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmasrex.dll -- (iolodmv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USIUDF.dll -- (iolo_srv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hkmsvc.dll -- (Invoker)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SymIM.dll -- (ino_flpy)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lirsgt.dll -- (imonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RVIEG01.dll -- (ikhlayer)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\akshasp.dll -- (ikfilesec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZSMC301b.dll -- (ifxspmgtsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vulfntrs.dll -- (ifp800)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA-620.dll -- (icraplus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ProcObsrv.dll -- (iAimFP7)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gv3.dll -- (iaantmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (i2omgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\volsnap.dll -- (HWIONT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HFACSVC.dll -- (HSX_DP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (hsvcmod)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\https-admserv61.dll -- (HssSrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafreportscheduler.dll -- (hSONYPVh)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rslinxng.dll -- (hsfhwazl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcredirector.dll -- (hpwirelessmgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msmpsvc.dll -- (hpqddsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bt3cser.dll -- (hf30service)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s616mdfl.dll -- (hcmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxce_device.dll -- (hap17v2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lanmanserver.dll -- (HabuFltr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snpstd2.dll -- (GVCplDrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hamachi.dll -- (gs30s)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ultra66.dll -- (FVXSCSI)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ARPolicy.dll -- (ftrtsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RadProbe.dll -- (FTDIBUS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Cnd5.dll -- (flashpnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GTSCSER.dll -- (FireTDI)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s125bus.dll -- (fasttrackinstallerservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleservicelocalora.dll -- (F700imd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfng32.dll -- (epfwtdi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\disk.dll -- (ELacpi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\comhost.dll -- (eeyeevnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavfnsvr.dll -- (dwusbdnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ifxspmgtsrv.dll -- (dvd-ram_service)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snare.dll -- (dsncservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mraid35x.dll -- (DSI_SiUSBXp_3_1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gusvc.dll -- (driverhardwarev2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kl1.dll -- (dpc_srv_webcast)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vulfnths.dll -- (dot4ufd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\naimagent32.dll -- (DNE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symc8xx.dll -- (dmload)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ageremodemaudio.dll -- (d-link_st3402)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aslm75.dll -- (dlbx_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMCB000.dll -- (dklogger)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\itmrtsvc.dll -- (DivisCTP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavdrv.dll -- (digictrl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniusbl.dll -- (Dfs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsks.dll -- (DeviceScanner)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZY202_XP.dll -- (DcCam)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\papyjoy.dll -- (dbmang)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btkrnl.dll -- (dbmanagerscheduler)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RecAgent.dll -- (db2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTDevice_Srv.dll -- (CVPNDRVA)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSSdk23.dll -- (curtainssyssvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epsonbidirectionalservice.dll -- (ctusfsyn)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\V0070VID.dll -- (CTMMOUNT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DN2AKNET.dll -- (CTHWIUT.DLL)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rupsmon.dll -- (crystaloutputfileserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (cq_mem)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmdmpmsn.dll -- (cpsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Xyz777s.dll -- (cpqvcagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\revudfservice.dll -- (cpqdmi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xpadminserver.dll -- (contentindex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i2omgmt.dll -- (contentfilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICM.dll -- (CoachVc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\raspti.dll -- (CnxTrUsb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mysql.dll -- (client32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nscirda.dll -- (cfsvcs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (centennialiptransferagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CnxTrLan.dll -- (CE3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MXOPSWD.dll -- (CDRPDACC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pxfhserd.dll -- (CdaC15BA)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSSdk21.dll -- (CcmExec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbvideo.dll -- (cbidf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nuvvid2.dll -- (caccprovsp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfhlp01.dll -- (bthpan)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xpadminserver.dll -- (btcsrusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\anio.dll -- (bocdrive)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AKSIFDH.dll -- (bmuservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nhcDriverDevice.dll -- (bgsvcgen)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnmsrvc.dll -- (bgmainsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ld51ocnucsnp.dll -- (bdrsdrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATIVXSTW.dll -- (bb-run)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rimusb.dll -- (backupexecrpcservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\S7oppilx.dll -- (backupclientsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TSHWMDTCP.dll -- (b57w2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vaiomediaplatform-photoserver-appserver.dll -- (avsvcmonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\euq_monitor.dll -- (avsinc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2.dll -- (avg7rsw)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wdm_au8820.dll -- (avc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epsonstatusagent2.dll -- (Atmuni)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lmimaint.dll -- (atksgt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\igfx.dll -- (ATKGFNEXSrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w3svc.dll -- (ATIBTXBAR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\STV672.dll -- (atchksrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vtserver.dll -- (aswtdi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmusb.dll -- (aslm75)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AVRec.dll -- (arp1394)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NETGEAR_MA111.dll -- (armoucfltr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mgmt.dll -- (ARCSOFTVIRTUALCAPTURE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w810mgmt.dll -- (application)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prfldsvc.dll -- (apache2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\a016bus.dll -- (Amsmpu4p)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nuvvid2.dll -- (ami0nt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgs_sdservice.dll -- (aexnsclient)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vwlogger.dll -- (adsservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WD_FireWire_HID.dll -- (admjoy)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emAudio.dll -- (ACDaemon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aeclienthostservice.dll -- (abnetmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mediaviewer.dll -- (3comtftp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HSFHWALI.dll -- (3combootp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nv_agp.dll -- ({6080a529-897e-4629-a488-aba0c29b635e})
    SRV - [2012/11/16 18:08:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/10/24 09:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/08/04 14:52:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2009/07/13 17:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Josh\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - [2012/10/10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2010/11/20 04:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2010/11/20 04:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2010/11/20 04:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2010/11/20 02:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 02:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV - [2010/11/20 01:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/20 01:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2010/11/20 01:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
    DRV - [2010/04/29 12:40:52 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
    DRV - [2009/07/08 23:47:00 | 001,172,992 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/06/05 18:12:34 | 000,219,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express)
    DRV - [2007/08/16 12:49:48 | 000,552,448 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
  21. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 03 89 63 59 53 CC 01 [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\SearchScopes,DefaultScope = {A690E7CF-96BA-4C0E-843A-981EC88EF834}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{A690E7CF-96BA-4C0E-843A-981EC88EF834}: "URL" = http://www.google.com/search?q={sea...tartIndex={startIndex?}&startPage={startPage}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/17 20:02:00 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/17 19:54:05 | 000,000,000 | ---D | M]

    [2012/02/05 07:02:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Extensions
    [2012/11/16 22:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\l200lb69.default\extensions
    [2012/11/18 11:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/11/18 11:02:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    [2012/10/24 09:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/10/24 09:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/10/24 09:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========


    O1 HOSTS File: ([2012/11/17 22:20:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\23.0.1271.64\npchrome_frame.dll (Google Inc.)
    O2 - BHO: (TBSB07898 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [iTunesHelper] C:\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F420228-8517-46CE-ABA2-E5374B8143C9}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB818722-AC78-459A-A451-6CA7FD0BF4F8}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3ACA713-E556-4469-BAF0-3EE34FF95898}: DhcpNameServer = 192.168.2.1
    O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\23.0.1271.64\npchrome_frame.dll (Google Inc.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/11/21 17:09:18 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
    [2012/11/18 11:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    [2012/11/18 11:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2012/11/18 11:02:05 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
    [2012/11/18 11:02:04 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2012/11/18 11:02:04 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2012/11/18 11:02:04 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2012/11/18 10:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
    [2012/11/18 10:48:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2012/11/18 04:38:55 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    [2012/11/18 04:38:55 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
    [2012/11/18 04:38:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    [2012/11/18 04:38:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    [2012/11/18 04:38:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    [2012/11/18 04:38:36 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
    [2012/11/18 04:38:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
    [2012/11/18 04:37:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
    [2012/11/18 04:37:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2012/11/18 04:36:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
    [2012/11/18 04:35:50 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
    [2012/11/18 04:35:50 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
    [2012/11/18 04:35:50 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
    [2012/11/18 04:35:50 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
    [2012/11/18 04:35:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
    [2012/11/18 04:35:36 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
    [2012/11/18 04:35:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
    [2012/11/18 04:35:28 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2012/11/18 04:35:27 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2012/11/18 04:35:24 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
    [2012/11/18 04:35:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
    [2012/11/18 04:35:17 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2012/11/18 03:03:49 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
    [2012/11/18 03:03:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
    [2012/11/18 03:03:21 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
    [2012/11/18 03:03:21 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
    [2012/11/18 03:03:20 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
    [2012/11/18 03:02:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2012/11/18 03:02:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2012/11/18 03:02:15 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2012/11/18 03:02:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2012/11/18 03:02:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2012/11/18 03:02:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2012/11/18 03:02:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2012/11/18 03:02:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2012/11/17 22:20:39 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
    [2012/11/17 21:24:50 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\temp
    [2012/11/17 21:00:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/11/17 21:00:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/11/17 21:00:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/11/17 20:48:11 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/11/17 20:43:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2012/11/17 19:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    [2012/11/17 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2012/11/17 19:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    [2012/11/17 19:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2012/11/17 19:50:51 | 000,000,000 | ---D | C] -- C:\Mozilla Plugins
    [2012/11/17 19:50:49 | 000,000,000 | ---D | C] -- C:\iTunesMiniPlayer.Resources
    [2012/11/17 19:50:48 | 000,000,000 | ---D | C] -- C:\iTunesHelper.Resources
    [2012/11/17 19:49:09 | 000,000,000 | ---D | C] -- C:\iTunes.Resources
    [2012/11/17 19:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2012/11/17 19:49:05 | 000,000,000 | ---D | C] -- C:\CD Configuration
    [2012/11/17 19:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/11/17 19:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2012/11/17 19:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
    [2012/11/17 17:56:49 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Josh\Desktop\TDSSKiller.exe
    [2012/11/16 22:53:51 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\RK_Quarantine
    [2012/11/15 21:54:44 | 000,000,000 | ---D | C] -- C:\FRST
    [2012/10/25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
    [2012/10/25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

    ========== Files - Modified Within 30 Days ==========

    [2012/11/22 09:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/11/22 08:36:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/11/21 21:36:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/11/21 17:13:44 | 000,013,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/11/21 17:13:44 | 000,013,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/11/21 17:02:29 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/11/21 17:02:29 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/11/21 16:56:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/11/21 16:56:09 | 2414,284,800 | -HS- | M] () -- C:\hiberfil.sys
    [2012/11/18 11:05:41 | 000,410,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/11/18 11:01:55 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2012/11/18 11:01:55 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2012/11/18 11:01:55 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2012/11/18 11:01:54 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
    [2012/11/18 11:01:54 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
    [2012/11/18 03:07:32 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2012/11/17 22:20:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2012/11/17 20:02:22 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/11/17 19:54:01 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2012/11/17 19:51:09 | 000,001,393 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2012/11/17 18:02:13 | 000,000,512 | ---- | M] () -- C:\Users\Josh\Desktop\MBR.dat
    [2012/11/16 18:08:16 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2012/11/16 18:08:16 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2012/11/15 21:30:45 | 000,001,091 | ---- | M] () -- C:\Users\Josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2012/10/31 21:49:22 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Josh\Desktop\TDSSKiller.exe
    [2012/10/25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
    [2012/10/25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

    ========== Files Created - No Company Name ==========

    [2012/11/18 03:03:50 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    [2012/11/18 03:03:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    [2012/11/17 21:00:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/11/17 21:00:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/11/17 21:00:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/11/17 21:00:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/11/17 21:00:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/11/17 20:02:22 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/11/17 19:54:01 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2012/11/17 19:51:09 | 000,001,393 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2012/11/17 18:02:13 | 000,000,512 | ---- | C] () -- C:\Users\Josh\Desktop\MBR.dat
    [2012/11/15 21:30:45 | 000,001,091 | ---- | C] () -- C:\Users\Josh\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2011/10/24 20:28:05 | 000,186,844 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2011/10/06 18:35:01 | 029,360,128 | ---- | C] () -- C:\Users\Josh\ios_5_gm_seed__ipad_2__9a334.dmg
    [2011/10/06 17:37:34 | 751,482,123 | ---- | C] () -- C:\Users\Josh\ios_5_gm_seed__ipad_2__9a334.7z
    [2011/08/05 10:24:53 | 000,007,605 | ---- | C] () -- C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
    [2011/08/04 16:04:44 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
    [2011/08/04 16:03:08 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

    ========== ZeroAccess Check ==========

    [2009/07/13 20:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 17:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== Custom Scans ==========

    < :OTL >

    < O2 - BHO: (TBSB07898 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found >

    < @Alternate Data Stream - 168 bytes -> C:\Users\Josh\Desktop\signature.jpeg:3or4kl4x13tuuug3Byamue2s4b >

    < >

    < :Commands >

    < [purity] >

    < [emptytemp] >

    < [emptyjava] >

    < [emptyflash] >

    < [Reboot] >

    ========== Alternate Data Streams ==========
  22. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    Sorry it's taken so long to get back to the post very busy with work, Happy Gobble Gobble.
  23. Broni

    Broni Malware Annihilator Posts: 45,175   +242

    OTL log is incorrect.
    You clicked on "Scan" button instead of "Fix" button.
    Redo.
  24. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    All processes killed
    Error: Unable to interpret <Code:> in the current context!
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
    ADS C:\Users\Josh\Desktop\signature.jpeg:3or4kl4x13tuuug3Byamue2s4b deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 56475 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Josh
    ->Temp folder emptied: 1430398 bytes
    ->Temporary Internet Files folder emptied: 159717251 bytes
    ->Java cache emptied: 25905 bytes
    ->FireFox cache emptied: 335714009 bytes
    ->Google Chrome cache emptied: 6288918 bytes
    ->Flash cache emptied: 95478 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 26933744 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 506.00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: Josh
    ->Java cache emptied: 0 bytes

    User: Public

    User: UpdatusUser

    Total Java Files Cleaned = 0.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Josh
    ->Flash cache emptied: 0 bytes

    User: Public

    User: UpdatusUser

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 11222012_094000

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
  25. Gobbler

    Gobbler Newcomer, in training Topic Starter Posts: 20

    AdwCleaner v2.008 - Logfile created 11/22/2012 at 09:48:47
    # Updated 17/11/2012 by Xplode
    # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
    # User : Josh - JOSH-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Josh\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Deleted : C:\Users\Josh\AppData\LocalLow\Toolbar4

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Registry is clean.

    -\\ Mozilla Firefox v16.0.2 (en-US)

    Profile name : default
    File : C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\l200lb69.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v [Unable to get version]

    File : C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [5363 octets] - [22/11/2012 09:37:49]
    AdwCleaner[R2].txt - [5212 octets] - [22/11/2012 09:45:11]
    AdwCleaner[S1].txt - [5253 octets] - [22/11/2012 09:48:47]

    ########## EOF - C:\AdwCleaner[S1].txt - [5313 octets] ##########


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.