Solved Replicating virus help

Status
Not open for further replies.
M

melissadotcom

Posts: 16   +0
I had randomly checked my OS on the 5th and saw that I had a folder named exactly this "3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ". I opened it up to see a bunch of Zzzz Folders and some zipped ones as well. I deleted them and watched as it produced more. I had used CC cleaner around the time. Just to be safe I want to make sure there is nothing on my computer. I have used ESET online scanner and it picked up 11 threats that I removed. I haven't seen anymore ZZZ folders but I do keep getting randomly empty and locked folders in my OS as well as 4 removable disk drives that I didn't put there and I do not have a program that I know of that would produce those. I did the preliminary removal instructions and I will post those next.
 
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.07.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Melissa :: TASTEYCAKES-HP [administrator]

10/7/2012 12:33:08 PM
mbam-log-2012-10-07 (12-33-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243952
Time elapsed: 3 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
GMER did not produce a log.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Melissa at 13:03:21 on 2012-10-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.1931 [GMT -4:00]
.
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\explorer.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\notepad.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
TB: {CD90BF73-20F6-44EF-993D-BB920303BD2E} - No File
TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{523CBA15-2B94-425B-9B4D-57993E00C0E0} : DhcpNameServer = 7.254.254.254
TCP: Interfaces\{8D03BF52-2AC9-47E3-A112-495293878872} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8D03BF52-2AC9-47E3-A112-495293878872}\D456F677 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B3278EA2-419B-460B-A287-5524BD0EBC95} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {CD90BF73-20F6-44EF-993D-BB920303BD2E} - No File
TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\gid5nsgr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll
FF - plugin: C:\Users\Melissa\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-10-4 8704]
R?2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
R1 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys --> C:\Windows\system32\DRIVERS\EpfwLWF.sys [?]
R1 RapportCerberus_34302;RapportCerberus_34302;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys [2011-12-15 397520]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-11-7 55056]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-11-7 61712]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-3-7 913144]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-6 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-3 676936]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-15 1258856]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-1-3 1119768]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-7 931640]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-9-24 1328736]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-9-24 656480]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250288]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-9-20 131912]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2011-12-19 21712]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-21 114144]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-8-18 738152]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-11-11 306416]
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
.
=============== Created Last 30 ================
.
2012-10-07 07:00:29 -------- d-----w- C:\1153cc263f688a0653c5
2012-10-07 06:21:47 -------- d-----w- C:\e7799947958651ca0a0f4baa56fc2c5d
2012-10-07 06:19:57 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44650D84-5D01-4E3A-939A-5D04455FDBD1}\offreg.dll
2012-10-07 06:09:22 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44650D84-5D01-4E3A-939A-5D04455FDBD1}\mpengine.dll
2012-10-07 03:45:27 -------- d-----w- C:\temp
2012-10-07 03:02:02 -------- d-----w- C:\Users\Melissa\AppData\Roaming\ESET
2012-10-07 03:02:02 -------- d-----w- C:\Users\Melissa\AppData\Local\ESET
2012-10-07 02:59:58 -------- d-----w- C:\Program Files\ESET
2012-10-06 16:38:44 -------- d-----w- C:\Program Files (x86)\ESET
2012-10-06 12:39:24 -------- d-----w- C:\Users\Melissa\AppData\Local\Secunia PSI
2012-10-06 12:36:59 -------- d-----w- C:\Program Files (x86)\Secunia
2012-10-05 18:01:54 98816 ----a-w- C:\Windows\sed.exe
2012-10-05 18:01:54 518144 ----a-w- C:\Windows\SWREG.exe
2012-10-05 18:01:54 256000 ----a-w- C:\Windows\PEV.exe
2012-10-05 18:01:54 208896 ----a-w- C:\Windows\MBR.exe
2012-10-05 11:06:32 -------- d-----w- C:\Users\Melissa\AppData\Local\{8D2FCF44-AAEE-4203-AE40-FB1FA91A555C}
2012-10-05 01:00:36 -------- d-----w- C:\Users\Melissa\AppData\Local\red 5 studios
2012-10-05 00:19:58 -------- d-----w- C:\Program Files (x86)\Xiph.Org
2012-10-05 00:19:09 -------- d-----w- C:\Program Files (x86)\Red 5 Studios
2012-10-04 23:05:14 -------- d-----w- C:\Users\Melissa\AppData\Local\Windows Live
2012-10-04 23:04:39 -------- d-----w- C:\Users\Melissa\AppData\Local\{9CCBFB02-A252-4606-BFCB-388D7D9B3FB6}
2012-10-04 23:04:39 -------- d-----w- C:\Users\Melissa\AppData\Local\{9C135C57-E88F-45E3-A239-82AA7B2BD7DA}
2012-10-04 16:31:07 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2012-10-04 16:24:31 -------- d-----w- C:\Users\Melissa\AppData\Local\Demo2
2012-10-04 16:24:17 -------- d-----w- C:\Users\Melissa\AppData\Local\GameMaker_Player
2012-10-04 15:21:03 -------- d-----w- C:\Users\Melissa\AppData\Local\gamemaker_studio
2012-10-04 15:21:02 -------- d-----w- C:\ProgramData\gamemaker_studio
2012-10-04 06:41:08 -------- d-----w- C:\ProgramData\Hi-Rez Studios
2012-10-04 06:40:50 -------- d-----w- C:\Program Files (x86)\Hi-Rez Studios
2012-09-25 23:45:01 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-24 14:40:54 -------- d-----w- C:\ProgramData\boost_interprocess
2012-09-21 16:49:38 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-21 15:05:53 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
2012-09-21 14:56:19 -------- d-----w- C:\ProgramData\EA Logs
2012-09-21 04:22:12 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2012-09-21 01:21:22 -------- d-----w- C:\Users\Melissa\AppData\Roaming\Origin
2012-09-21 01:21:22 -------- d-----w- C:\Program Files (x86)\Origin Games
2012-09-21 01:21:16 -------- d-----w- C:\Users\Melissa\AppData\Local\Origin
2012-09-21 01:19:27 -------- d-----w- C:\ProgramData\Origin
2012-09-21 01:19:14 -------- d-----w- C:\Program Files (x86)\Origin
2012-09-20 21:42:32 -------- d-----w- C:\Users\Melissa\AppData\Local\Desura
2012-09-20 21:41:28 -------- d-----w- C:\Program Files (x86)\Common Files\Desura
2012-09-20 21:36:40 -------- d-----w- C:\ProgramData\Desura
2012-09-20 21:36:36 -------- d-----w- C:\Program Files (x86)\Desura
2012-09-20 01:51:14 -------- d-----w- C:\hidden
2012-09-15 18:04:17 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-09-15 18:03:31 -------- d-----w- C:\Program Files\iPod
2012-09-15 18:03:30 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-15 18:03:30 -------- d-----w- C:\Program Files\iTunes
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-09-15 17:58:30 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-09-12 12:45:46 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 12:45:46 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 12:45:44 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 12:45:44 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 12:45:42 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 12:45:41 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 12:45:41 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-09 03:43:54 -------- d-----w- C:\Users\Melissa\AppData\Roaming\.minecraft
2012-09-09 03:41:08 -------- d-----w- C:\Program Files (x86)\Minecraft
2012-09-09 03:22:28 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-09 03:14:22 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-09 01:07:50 -------- d-----w- C:\Program Files\Nightly
.
==================== Find3M ====================
.
2012-09-25 23:52:47 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-09-25 23:52:47 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-09-25 23:52:16 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-09-22 02:50:56 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-09-21 08:06:52 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 08:06:52 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-09 03:22:14 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-09 03:22:14 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-09 03:14:13 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-09-09 03:14:13 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-09-07 21:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-30 19:14:00 9066344 ----a-w- C:\Windows\System32\nvcuda.dll
2012-08-30 16:18:05 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-08-30 16:18:05 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-08-30 16:18:05 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-08-30 16:18:01 3266920 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-08-30 16:17:59 6198120 ----a-w- C:\Windows\System32\nvcpl.dll
2012-08-30 14:40:14 429416 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 13:04:06.55 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/27/2011 2:32:04 AM
System Uptime: 10/6/2012 11:19:27 PM (14 hours ago)
.
Motherboard: FOXCONN | | 2AB1
Processor: AMD Athlon(tm) II X4 640 Processor | CPU 1 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 442.746 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.586 GiB free.
E: is CDROM (UDF)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Hamachi Network Interface
Device ID: ROOT\NET\0001
Manufacturer: LogMeIn, Inc.
Name: Hamachi Network Interface
PNP Device ID: ROOT\NET\0001
Service: hamachi
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2AB1103C&REV_05\4&C011167&0&0050
Manufacturer: Realtek
Name: Realtek PCIe FE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2AB1103C&REV_05\4&C011167&0&0050
Service: RTL8167
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: 802.11n Wireless LAN Card
Device ID: PCI\VEN_1814&DEV_3090&SUBSYS_663211AD&REV_00\4&125A0B80&0&0028
Manufacturer: Ralink Technology, Corp.
Name: 802.11n Wireless LAN Card
PNP Device ID: PCI\VEN_1814&DEV_3090&SUBSYS_663211AD&REV_00\4&125A0B80&0&0028
Service: netr28x
.
==== System Restore Points ===================
.
RP470: 10/6/2012 8:45:43 AM - Installed MSXML 4.0 SP3 Parser
RP471: 10/6/2012 8:46:43 AM - Windows Update
RP472: 10/6/2012 8:50:29 AM - Windows Update
RP473: 10/6/2012 8:52:09 AM - Windows Update
RP474: 10/6/2012 9:27:14 AM - Windows Update
RP475: 10/6/2012 12:24:07 PM - Windows Update
RP476: 10/6/2012 4:04:31 PM - Windows Update
RP477: 10/7/2012 2:21:22 AM - Windows Update
RP478: 10/7/2012 3:00:10 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
AC3Filter 1.63b
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
Agatha Christie - Peril at End House
Age of Chivalry
Ahriman's Prophecy
Amazon Kindle
APB Reloaded
Apple Application Support
Apple Software Update
ARMA 2
ARMA 2: Operation Arrowhead
Ask Toolbar
Atlantica
Auralux
Battlefield 3™
Battlefield Heroes
Battlelog Web Plugins
BattlEye for OA Uninstall
Bejeweled 2 Deluxe
Best Buy pc app
Blackhawk Striker 2
Blasterball 3
Blio
Bloody Good Time
Borderlands
Botanicula
Bounce Symphony
Build-a-lot 2
Caesar™ III
Cake Mania
Castle Crashers
Catalyst Control Center InstallProxy
Chuzzle Deluxe
ConvertHelper 2.2
Cool Timer 3.7
Counter-Strike
Counter-Strike: Global Offensive
Counter-Strike: Global Offensive - SDK
CyberLink DVD Suite Deluxe
D3DX10
Dead Island
Desura
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
ESET Online Scanner v3
ESN Sonar
F.E.A.R. 3
Fallout: New Vegas
Farm Frenzy
FATE
Final Drive Nitro
FlipShare
Fraps (remove only)
GamersFirst LIVE!
GameSpy Comrade
Garry's Mod
Garry's Mod 13 Beta
GECK - New Vegas Edition
GOM Player
Gotham City Impostors: Free To Play
GoToMyPC
Guild Wars 2
Half-Life 2
Half-Life 2: Lost Coast
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.2.0
Hi-Rez Studios Authenticate and Update Service
HiJackThis
HP Customer Experience Enhancements
HP Games
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Odometer
HP Product Detection
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
Hulu Desktop
Impulse®
Insanely Twisted Shadow Planet
Java 7 Update 7
Java Auto Updater
Jewel Quest Solitaire 2
Junk Mail filter update
Katawa Shoujo
Killing Floor
Kobo
LabelPrint
Left 4 Dead 2
Lightfish
LightScribe System Software
LogMeIn Hamachi
Lucidity
Malwarebytes Anti-Malware version 1.65.0.1400
Metro 2033
Microsoft .NET Framework 1.1
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MPEG2 Codec(libmpeg2/mad)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
Mystery P.I. - The London Caper
NVIDIA PhysX
NVIDIA PhysX Particle Fluid Demo
NVIDIA Stereoscopic 3D Driver
OpenAL
OpenOffice.org 3.4.1
Origin
Pando Media Booster
PAYDAY: The Heist
PDF Complete Special Edition
Penguins!
PhotoNow!
Pirates, Vikings, & Knights II
Plants vs. Zombies
Plants vs. Zombies: Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Portal
Power2Go
PowerDirector
PressReader
Project64 1.6
PunkBuster Services
QuickTime
Ralink RT2860 Wireless LAN Card
Rapport
Realtek High Definition Audio Driver
Recovery Manager
Samsung PC Studio 3 USB Driver Installer
Secunia PSI (3.0.0.4001)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
SimCity™ Societies
Singularity
Solar 2
Source SDK Base 2006
SPORE™
Star Wars: The Old Republic
Steam
Stranded II 1.0.0.1
swMSM
System Requirements Lab CYRI
Team Fortress 2
TeamSpeak 3 Client
Terraria
The Ship
The Ship Single Player
The Sims Medieval
The Sims™ 3
The Sims™ 3 Generations
The Sims™ 3 Late Night
The Sims™ 3 Pets
The Sims™ 3 World Adventures
Torchlight
Torchlight II
Tribes: Ascend
Tunngle beta
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
uTorrentBar Toolbar
uTorrentControl2 Toolbar
Veoh Giraffic Video Accelerator
Veoh Web Player Toolbar
Virtual Families
Virtual Villagers - New Believers Just For Fun Games
Virtual Villagers 4 - The Tree of Life
VoiceOver Kit
Wheel of Fortune 2
WildTangent Games App (HP Games)
Winamp
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Xfire (remove only)
Xiph.Org Open Codecs 0.85.17777
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
10/7/2012 3:02:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Chart Controls for Microsoft .NET Framework 3.5 Service Pack 1 (KB2500170).
10/6/2012 9:44:08 AM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
10/6/2012 11:24:27 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
10/6/2012 11:24:27 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
10/6/2012 11:22:24 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
10/6/2012 11:00:38 PM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/5/2012 9:22:19 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
10/5/2012 3:02:48 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/5/2012 3:01:51 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/4/2012 11:14:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/4/2012 11:14:36 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

ComboFix scan

Please download ComboFix
combofix.gif
by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
Running ComboFix:
  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
 
ComboFix 12-10-04.02 - Melissa 10/07/2012 14:36:29.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.1794 [GMT -4:00]
Running from: c:\users\Melissa\Downloads\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SET7086.tmp
c:\windows\SysWow64\SET9F8B.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-09-07 to 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-10-07 18:47 . 2012-10-07 18:47 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-10-07 18:47 . 2012-10-07 18:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-07 18:47 . 2012-10-07 18:47 -------- d-----w- c:\users\Mcx1-TASTEYCAKES-HP\AppData\Local\temp
2012-10-07 18:47 . 2012-10-07 18:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 07:00 . 2012-10-07 07:01 -------- d-----w- C:\1153cc263f688a0653c5
2012-10-07 06:21 . 2012-10-07 06:23 -------- d-----w- C:\e7799947958651ca0a0f4baa56fc2c5d
2012-10-07 06:19 . 2012-10-07 06:19 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{44650D84-5D01-4E3A-939A-5D04455FDBD1}\offreg.dll
2012-10-07 06:09 . 2012-09-19 04:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{44650D84-5D01-4E3A-939A-5D04455FDBD1}\mpengine.dll
2012-10-07 03:45 . 2012-10-07 03:45 -------- d-----w- C:\temp
2012-10-07 03:44 . 2012-10-07 03:45 -------- d-----w- c:\windows\LastGood
2012-10-07 03:02 . 2012-10-07 03:02 -------- d-----w- c:\users\Melissa\AppData\Local\ESET
2012-10-07 02:59 . 2012-10-07 02:59 -------- d-----w- c:\program files\ESET
2012-10-06 16:38 . 2012-10-06 16:38 -------- d-----w- c:\program files (x86)\ESET
2012-10-06 12:39 . 2012-10-06 12:39 -------- d-----w- c:\users\Melissa\AppData\Local\Secunia PSI
2012-10-06 12:36 . 2012-10-06 12:36 -------- d-----w- c:\program files (x86)\Secunia
2012-10-05 01:00 . 2012-10-05 01:00 -------- d-----w- c:\users\Melissa\AppData\Local\red 5 studios
2012-10-05 00:19 . 2012-10-05 00:19 -------- d-----w- c:\program files (x86)\Xiph.Org
2012-10-05 00:19 . 2012-10-05 00:19 -------- d-----w- c:\program files (x86)\Red 5 Studios
2012-10-04 23:05 . 2012-10-05 17:20 -------- d-----w- c:\users\Melissa\AppData\Local\Windows Live
2012-10-04 16:31 . 2012-10-04 16:31 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls
2012-10-04 16:24 . 2012-10-04 16:24 -------- d-----w- c:\users\Melissa\AppData\Local\Demo2
2012-10-04 16:24 . 2012-10-04 16:24 -------- d-----w- c:\users\Melissa\AppData\Local\GameMaker_Player
2012-10-04 15:21 . 2012-10-04 15:21 -------- d-----w- c:\users\Melissa\AppData\Local\gamemaker_studio
2012-10-04 15:21 . 2012-10-04 15:21 -------- d-----w- c:\programdata\gamemaker_studio
2012-10-04 06:41 . 2012-10-04 16:53 -------- d-----w- c:\programdata\Hi-Rez Studios
2012-10-04 06:40 . 2012-10-04 06:41 -------- d-----w- c:\program files (x86)\Hi-Rez Studios
2012-09-25 23:45 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 14:40 . 2012-09-24 14:40 -------- d-----w- c:\programdata\boost_interprocess
2012-09-21 16:49 . 2012-09-21 16:49 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-21 15:05 . 2012-09-21 15:05 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2012-09-21 14:56 . 2012-09-21 16:52 -------- d-----w- c:\programdata\EA Logs
2012-09-21 04:22 . 2012-09-21 04:22 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-21 01:21 . 2012-09-21 01:27 -------- d-----w- c:\program files (x86)\Origin Games
2012-09-21 01:21 . 2012-09-21 01:22 -------- d-----w- c:\users\Melissa\AppData\Roaming\Origin
2012-09-21 01:21 . 2012-09-21 14:56 -------- d-----w- c:\users\Melissa\AppData\Local\Origin
2012-09-21 01:19 . 2012-09-21 01:25 -------- d-----w- c:\programdata\Origin
2012-09-21 01:19 . 2012-09-21 01:21 -------- d-----w- c:\program files (x86)\Origin
2012-09-20 21:42 . 2012-09-20 21:42 -------- d-----w- c:\users\Melissa\AppData\Local\Desura
2012-09-20 21:41 . 2012-09-20 21:41 -------- d-----w- c:\program files (x86)\Common Files\Desura
2012-09-20 21:36 . 2012-09-20 21:36 -------- d-----w- c:\programdata\Desura
2012-09-20 21:36 . 2012-09-20 21:42 -------- d-----w- c:\program files (x86)\Desura
2012-09-20 01:51 . 2007-09-07 22:20 -------- d-----w- C:\hidden
2012-09-15 18:04 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-15 18:03 . 2012-09-15 18:03 -------- d-----w- c:\program files\iPod
2012-09-15 18:03 . 2012-09-15 18:04 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-15 18:03 . 2012-09-15 18:04 -------- d-----w- c:\program files\iTunes
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-09-15 17:58 . 2012-09-15 17:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-09-12 12:45 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 12:45 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 12:45 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 12:45 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 12:45 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 12:45 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 12:45 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-09 03:43 . 2012-09-30 04:09 -------- d-----w- c:\users\Melissa\AppData\Roaming\.minecraft
2012-09-09 03:41 . 2012-09-09 03:47 -------- d-----w- c:\program files (x86)\Minecraft
2012-09-09 03:22 . 2012-09-09 03:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-09 03:22 . 2012-09-09 03:22 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-09 03:14 . 2012-09-09 03:14 289768 ----a-w- c:\windows\system32\javaws.exe
2012-09-09 03:14 . 2012-09-09 03:14 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-09 03:14 . 2012-09-09 03:14 189416 ----a-w- c:\windows\system32\javaw.exe
2012-09-09 03:14 . 2012-09-09 03:14 188904 ----a-w- c:\windows\system32\java.exe
2012-09-09 03:14 . 2012-09-09 03:14 -------- d-----w- c:\program files\Java
2012-09-09 01:07 . 2012-09-22 02:04 -------- d-----w- c:\program files\Nightly
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-25 23:52 . 2011-06-14 05:53 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-25 23:52 . 2011-05-15 03:39 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-25 23:52 . 2011-05-15 03:39 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-22 02:50 . 2011-05-15 03:39 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-21 08:06 . 2012-04-12 12:46 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 08:06 . 2011-06-03 04:59 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-13 06:17 . 2011-02-28 10:40 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-09 03:22 . 2012-06-15 17:52 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-09 03:22 . 2011-02-28 10:02 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-09 03:14 . 2012-08-24 16:46 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-09 03:14 . 2012-08-24 16:46 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-07 21:04 . 2012-08-04 02:45 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-06 01:57 . 2012-09-06 01:57 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-06 01:57 . 2012-09-06 01:57 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-06 01:57 . 2012-09-06 01:57 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-06 01:57 . 2012-09-06 01:57 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-06 01:57 . 2012-09-06 01:57 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-06 01:57 . 2012-09-06 01:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-06 01:57 . 2012-09-06 01:57 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-06 01:57 . 2012-09-06 01:57 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-06 01:57 . 2012-09-06 01:57 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-06 01:57 . 2012-09-06 01:57 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-06 01:57 . 2012-09-06 01:57 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-06 01:57 . 2012-09-06 01:57 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-06 01:57 . 2012-09-06 01:57 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-06 01:57 . 2012-09-06 01:57 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-06 01:57 . 2012-09-06 01:57 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-06 01:57 . 2012-09-06 01:57 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-06 01:57 . 2012-09-06 01:57 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-09-06 01:57 . 2012-09-06 01:57 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-06 01:57 . 2012-09-06 01:57 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-06 01:57 . 2012-09-06 01:57 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-06 01:57 . 2012-09-06 01:57 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-06 01:57 . 2012-09-06 01:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-06 01:57 . 2012-09-06 01:57 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-06 01:57 . 2012-09-06 01:57 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-06 01:57 . 2012-09-06 01:57 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-06 01:57 . 2012-09-06 01:57 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-06 01:57 . 2012-09-06 01:57 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-06 01:57 . 2012-09-06 01:57 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-06 01:57 . 2012-09-06 01:57 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-06 01:57 . 2012-09-06 01:57 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-06 01:57 . 2012-09-06 01:57 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-06 01:57 . 2012-09-06 01:57 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-06 01:57 . 2012-09-06 01:57 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-06 01:57 . 2012-09-06 01:57 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-06 01:57 . 2012-09-06 01:57 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-06 01:57 . 2012-09-06 01:57 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-06 01:57 . 2012-09-06 01:57 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-06 01:57 . 2012-09-06 01:57 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-06 01:57 . 2012-09-06 01:57 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-06 01:57 . 2012-09-06 01:57 448512 ----a-w- c:\windows\system32\html.iec
2012-09-06 01:57 . 2012-09-06 01:57 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-06 01:57 . 2012-09-06 01:57 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-06 01:57 . 2012-09-06 01:57 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-06 01:57 . 2012-09-06 01:57 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-06 01:57 . 2012-09-06 01:57 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-06 01:57 . 2012-09-06 01:57 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-06 01:57 . 2012-09-06 01:57 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-06 01:57 . 2012-09-06 01:57 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-06 01:57 . 2012-09-06 01:57 103936 ----a-w- c:\windows\system32\inseng.dll
2012-08-30 19:14 . 2011-10-29 02:55 2422120 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-08-30 19:14 . 2011-10-29 02:55 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-08-30 19:14 . 2010-07-10 13:38 2725224 ----a-w- c:\windows\system32\nvapi64.dll
2012-08-30 19:14 . 2010-07-10 13:38 12465512 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-08-30 19:14 . 2009-07-13 21:59 14879080 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-08-30 16:18 . 2010-07-10 00:27 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 16:18 . 2010-07-10 00:27 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 16:18 . 2010-07-10 00:27 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 16:18 . 2010-07-10 00:27 3266920 ----a-w- c:\windows\system32\nvsvc64.dll
2012-08-30 16:17 . 2010-07-10 00:27 6198120 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 14:40 . 2012-08-30 14:40 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-08-21 17:01 . 2011-02-28 10:16 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 17:01 . 2011-02-28 10:16 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-07-18 18:15 . 2012-08-14 20:06 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-01-21 213816]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-08-29 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2011-8-15 2589808]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2012-1-24 16032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
2;2 cvhsvc;Client Virtualization Handler [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-11 6790656]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-11 221184]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-09-20 131912]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-12-19 21712]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-28 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-11-11 306416]
R3 X6va005;X6va005;c:\users\Melissa\AppData\Local\Temp\005742C.tmp [x]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys [2011-11-08 63760]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys [2011-12-15 397520]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-11-08 55056]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-11-08 61712]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-11 203264]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2012-07-02 2232504]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-08 931640]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 08:06]
.
2012-09-09 c:\windows\Tasks\HPCeeScheduleForMelissa.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2012-09-25 c:\windows\Tasks\HPCeeScheduleForTASTEYCAKES-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\gid5nsgr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{CD90BF73-20F6-44EF-993D-BB920303BD2E} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Melissa\AppData\Local\Temp\005742C.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-631818756-1652327538-4216934692-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,23,db,04,f9,fc,2c,96,3f,ae,f6,63,a5,43,15,71,60,02,fc,3b,b8,
aa,c4,99,50,f2,ba,60,15,7f,1f,f3,1f,53,46,ca,5b,10,14,66,cb,f1,56,2c,b8,69,\
"rkeysecu"=hex:df,80,1b,41,9e,10,4b,52,c7,c1,f5,5e,c2,ad,db,f1
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-07 14:50:16
ComboFix-quarantined-files.txt 2012-10-07 18:50
ComboFix2.txt 2012-10-05 19:05
.
Pre-Run: 475,080,794,112 bytes free
Post-Run: 474,942,537,728 bytes free
.
- - End Of File - - 95AE8EA6845EF8C60E7A36D34DF0D6D2
 
Hello again!
Download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
 
1st step done. It restarted my computer but here are the logs for the AdwCleaner.


# AdwCleaner v2.004 - Logfile created 10/07/2012 at 15:05:38
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Melissa - TASTEYCAKES-HP
# Boot Mode : Normal
# Running from : C:\Users\Melissa\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files (x86)\uTorrentBar
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\Program Files (x86)\Veoh_Web_Player
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Melissa\AppData\Local\Conduit
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\Veoh_Web_Player
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Software\Veoh_Web_Player
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\Software\Veoh_Web_Player
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E29D8C5-A98A-412D-BC57-7D4D4D3BF944}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CFA584A-641C-4D02-844D-C198F481F724}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7949C4F7-8725-459A-9024-3F3DB3D902E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F037A52B-0D98-4C74-AE19-70AC8064E313}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2173768-78BF-4981-81CB-91592F39A09E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Veoh_Web_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\gid5nsgr.default\prefs.js

[OK] File is clean.

-\\ Chromium v [Unable to get version]

File : C:\Users\Melissa\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9213 octets] - [07/10/2012 15:05:38]

########## EOF - C:\AdwCleaner[S1].txt - [9273 octets] ##########
 
15:20:47.0135 5836 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:20:47.0485 5836 ============================================================
15:20:47.0485 5836 Current date / time: 2012/10/07 15:20:47.0485
15:20:47.0485 5836 SystemInfo:
15:20:47.0485 5836
15:20:47.0485 5836 OS Version: 6.1.7601 ServicePack: 1.0
15:20:47.0485 5836 Product type: Workstation
15:20:47.0485 5836 ComputerName: TASTEYCAKES-HP
15:20:47.0485 5836 UserName: Melissa
15:20:47.0485 5836 Windows directory: C:\Windows
15:20:47.0485 5836 System windows directory: C:\Windows
15:20:47.0485 5836 Running under WOW64
15:20:47.0485 5836 Processor architecture: Intel x64
15:20:47.0485 5836 Number of processors: 4
15:20:47.0485 5836 Page size: 0x1000
15:20:47.0485 5836 Boot type: Normal boot
15:20:47.0485 5836 ============================================================
15:20:49.0325 5836 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:20:49.0388 5836 ============================================================
15:20:49.0388 5836 \Device\Harddisk0\DR0:
15:20:49.0388 5836 MBR partitions:
15:20:49.0388 5836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:20:49.0388 5836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72D01800
15:20:49.0388 5836 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72D34000, BlocksNum 0x19D2000
15:20:49.0388 5836 ============================================================
15:20:49.0450 5836 C: <-> \Device\Harddisk0\DR0\Partition2
15:20:49.0497 5836 D: <-> \Device\Harddisk0\DR0\Partition3
15:20:49.0497 5836 ============================================================
15:20:49.0497 5836 Initialize success
15:20:49.0497 5836 ============================================================
15:21:06.0829 2528 ============================================================
15:21:06.0829 2528 Scan started
15:21:06.0829 2528 Mode: Manual; SigCheck; TDLFS;
15:21:06.0829 2528 ============================================================
15:21:09.0262 2528 ================ Scan system memory ========================
15:21:09.0262 2528 System memory - ok
15:21:09.0262 2528 ================ Scan services =============================
15:21:09.0574 2528 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:21:09.0684 2528 1394ohci - ok
15:21:09.0715 2528 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:21:09.0730 2528 ACPI - ok
15:21:09.0762 2528 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:21:09.0824 2528 AcpiPmi - ok
15:21:09.0964 2528 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:21:09.0996 2528 AdobeFlashPlayerUpdateSvc - ok
15:21:10.0042 2528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:21:10.0105 2528 adp94xx - ok
15:21:10.0120 2528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:21:10.0167 2528 adpahci - ok
15:21:10.0183 2528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:21:10.0230 2528 adpu320 - ok
15:21:10.0276 2528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:21:10.0401 2528 AeLookupSvc - ok
15:21:10.0479 2528 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:21:10.0557 2528 AFD - ok
15:21:10.0588 2528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:21:10.0620 2528 agp440 - ok
15:21:10.0635 2528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:21:10.0682 2528 ALG - ok
15:21:10.0760 2528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:21:10.0807 2528 aliide - ok
15:21:10.0869 2528 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:21:10.0916 2528 AMD External Events Utility - ok
15:21:10.0963 2528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:21:10.0994 2528 amdide - ok
15:21:11.0025 2528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:21:11.0088 2528 AmdK8 - ok
15:21:11.0322 2528 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:21:11.0509 2528 amdkmdag - ok
15:21:11.0540 2528 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:21:11.0587 2528 amdkmdap - ok
15:21:11.0618 2528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:21:11.0680 2528 AmdPPM - ok
15:21:11.0727 2528 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:21:11.0805 2528 amdsata - ok
15:21:11.0868 2528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:21:11.0946 2528 amdsbs - ok
15:21:11.0977 2528 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:21:11.0977 2528 amdxata - ok
15:21:12.0008 2528 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
15:21:12.0024 2528 amd_sata - ok
15:21:12.0039 2528 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
15:21:12.0055 2528 amd_xata - ok
15:21:12.0086 2528 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:21:12.0164 2528 AppID - ok
15:21:12.0195 2528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:21:12.0367 2528 AppIDSvc - ok
15:21:12.0429 2528 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:21:12.0507 2528 Appinfo - ok
15:21:12.0710 2528 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:21:12.0741 2528 Apple Mobile Device - ok
15:21:12.0804 2528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:21:12.0882 2528 arc - ok
15:21:12.0928 2528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:21:12.0991 2528 arcsas - ok
15:21:13.0428 2528 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:21:13.0459 2528 aspnet_state - ok
15:21:13.0490 2528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:21:13.0584 2528 AsyncMac - ok
15:21:13.0646 2528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:21:13.0677 2528 atapi - ok
15:21:13.0740 2528 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
15:21:13.0755 2528 AtiPcie - ok
15:21:13.0833 2528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:21:13.0927 2528 AudioEndpointBuilder - ok
15:21:13.0942 2528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:21:13.0989 2528 AudioSrv - ok
15:21:14.0036 2528 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:21:14.0083 2528 AxInstSV - ok
15:21:14.0192 2528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:21:14.0332 2528 b06bdrv - ok
15:21:14.0395 2528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:21:14.0535 2528 b57nd60a - ok
15:21:14.0582 2528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:21:14.0660 2528 BDESVC - ok
15:21:14.0722 2528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:21:14.0832 2528 Beep - ok
15:21:14.0894 2528 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:21:14.0988 2528 BFE - ok
15:21:15.0066 2528 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:21:15.0175 2528 BITS - ok
15:21:15.0206 2528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:21:15.0253 2528 blbdrive - ok
15:21:15.0378 2528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:21:15.0409 2528 Bonjour Service - ok
15:21:15.0456 2528 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:21:15.0502 2528 bowser - ok
15:21:15.0534 2528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:21:15.0674 2528 BrFiltLo - ok
15:21:15.0690 2528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:21:15.0752 2528 BrFiltUp - ok
15:21:15.0799 2528 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:21:15.0892 2528 BridgeMP - ok
15:21:15.0939 2528 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:21:15.0970 2528 Browser - ok
15:21:16.0002 2528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:21:16.0126 2528 Brserid - ok
15:21:16.0173 2528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:21:16.0251 2528 BrSerWdm - ok
15:21:16.0267 2528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:21:16.0376 2528 BrUsbMdm - ok
15:21:16.0423 2528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:21:16.0485 2528 BrUsbSer - ok
15:21:16.0501 2528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:21:16.0563 2528 BTHMODEM - ok
15:21:16.0626 2528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:21:16.0672 2528 bthserv - ok
15:21:16.0672 2528 catchme - ok
15:21:16.0719 2528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:21:16.0797 2528 cdfs - ok
15:21:16.0828 2528 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:21:16.0891 2528 cdrom - ok
15:21:16.0969 2528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:21:17.0078 2528 CertPropSvc - ok
15:21:17.0094 2528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:21:17.0140 2528 circlass - ok
15:21:17.0172 2528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:21:17.0187 2528 CLFS - ok
15:21:17.0296 2528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:21:17.0359 2528 clr_optimization_v2.0.50727_32 - ok
15:21:17.0390 2528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:21:17.0421 2528 clr_optimization_v2.0.50727_64 - ok
15:21:17.0530 2528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:21:17.0593 2528 clr_optimization_v4.0.30319_32 - ok
15:21:17.0686 2528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:21:17.0718 2528 clr_optimization_v4.0.30319_64 - ok
15:21:17.0811 2528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:21:17.0967 2528 CmBatt - ok
15:21:18.0014 2528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:21:18.0092 2528 cmdide - ok
15:21:18.0186 2528 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:21:18.0310 2528 CNG - ok
15:21:18.0373 2528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:21:18.0466 2528 Compbatt - ok
15:21:18.0544 2528 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:21:18.0654 2528 CompositeBus - ok
15:21:18.0685 2528 COMSysApp - ok
15:21:18.0716 2528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:21:18.0763 2528 crcdisk - ok
15:21:18.0919 2528 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:21:19.0012 2528 CryptSvc - ok
15:21:19.0324 2528 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:21:19.0418 2528 cvhsvc - ok
15:21:19.0512 2528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:21:19.0652 2528 DcomLaunch - ok
15:21:19.0777 2528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:21:19.0886 2528 defragsvc - ok
15:21:20.0026 2528 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
15:21:20.0104 2528 Desura Install Service - ok
15:21:20.0151 2528 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:21:20.0214 2528 DfsC - ok
15:21:20.0292 2528 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:21:20.0416 2528 Dhcp - ok
15:21:20.0463 2528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:21:20.0572 2528 discache - ok
15:21:20.0635 2528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:21:20.0666 2528 Disk - ok
15:21:20.0697 2528 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:21:20.0791 2528 Dnscache - ok
15:21:20.0853 2528 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:21:20.0978 2528 dot3svc - ok
15:21:21.0009 2528 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:21:21.0072 2528 DPS - ok
15:21:21.0165 2528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:21:21.0259 2528 drmkaud - ok
15:21:21.0524 2528 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
15:21:21.0602 2528 DrvAgent64 - ok
15:21:21.0805 2528 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:21:21.0867 2528 DXGKrnl - ok
15:21:21.0898 2528 EagleX64 - ok
15:21:22.0039 2528 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
15:21:22.0070 2528 eamonm - ok
15:21:22.0132 2528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:21:22.0257 2528 EapHost - ok
15:21:22.0476 2528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:21:22.0647 2528 ebdrv - ok
15:21:22.0663 2528 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:21:22.0741 2528 EFS - ok
15:21:22.0819 2528 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
15:21:22.0881 2528 ehdrv - ok
15:21:23.0006 2528 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:21:23.0131 2528 ehRecvr - ok
15:21:23.0162 2528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:21:23.0193 2528 ehSched - ok
15:21:23.0443 2528 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
15:21:23.0505 2528 ekrn - ok
15:21:23.0568 2528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:21:23.0646 2528 elxstor - ok
15:21:23.0692 2528 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
15:21:23.0724 2528 epfw - ok
15:21:23.0802 2528 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
15:21:23.0880 2528 EpfwLWF - ok
15:21:23.0926 2528 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
15:21:23.0942 2528 epfwwfp - ok
15:21:23.0973 2528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:21:24.0067 2528 ErrDev - ok
15:21:24.0129 2528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:21:24.0223 2528 EventSystem - ok
15:21:24.0254 2528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:21:24.0301 2528 exfat - ok
15:21:24.0332 2528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:21:24.0394 2528 fastfat - ok
15:21:24.0441 2528 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:21:24.0535 2528 Fax - ok
15:21:24.0566 2528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:21:24.0675 2528 fdc - ok
15:21:24.0769 2528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:21:24.0878 2528 fdPHost - ok
15:21:24.0894 2528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:21:25.0112 2528 FDResPub - ok
15:21:25.0128 2528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:21:25.0143 2528 FileInfo - ok
15:21:25.0143 2528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:21:25.0221 2528 Filetrace - ok
15:21:25.0377 2528 [ 869BDE240B7FE9C7B25BD80DF85641C8 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
15:21:25.0393 2528 FlipShare Service - ok
15:21:25.0486 2528 [ 9C330B7DDEE9492373041E75DA01F80C ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
15:21:25.0564 2528 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
15:21:25.0564 2528 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
15:21:25.0611 2528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:21:25.0642 2528 flpydisk - ok
15:21:25.0689 2528 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:21:25.0736 2528 FltMgr - ok
15:21:25.0861 2528 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:21:25.0954 2528 FontCache - ok
15:21:26.0032 2528 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:21:26.0110 2528 FontCache3.0.0.0 - ok
15:21:26.0157 2528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:21:26.0188 2528 FsDepends - ok
15:21:26.0282 2528 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:21:26.0313 2528 Fs_Rec - ok
15:21:26.0376 2528 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:21:26.0438 2528 fvevol - ok
15:21:26.0454 2528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:21:26.0500 2528 gagp30kx - ok
15:21:26.0578 2528 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:21:26.0625 2528 GamesAppService - ok
15:21:26.0688 2528 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:21:26.0781 2528 GEARAspiWDM - ok
15:21:26.0844 2528 Giraffic - ok
15:21:26.0906 2528 [ 46B7A77463CB9DEC2688CC42C7309C39 ] GoToMyPC C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
15:21:26.0968 2528 GoToMyPC - ok
15:21:27.0078 2528 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:21:27.0202 2528 gpsvc - ok
15:21:27.0343 2528 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:21:27.0390 2528 hamachi - ok
15:21:27.0639 2528 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:21:27.0686 2528 Hamachi2Svc - ok
15:21:27.0764 2528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:21:27.0873 2528 hcw85cir - ok
15:21:27.0982 2528 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:21:28.0045 2528 HdAudAddService - ok
15:21:28.0107 2528 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:21:28.0154 2528 HDAudBus - ok
15:21:28.0216 2528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:21:28.0326 2528 HidBatt - ok
15:21:28.0357 2528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:21:28.0482 2528 HidBth - ok
15:21:28.0497 2528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:21:28.0560 2528 HidIr - ok
15:21:28.0591 2528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:21:28.0669 2528 hidserv - ok
15:21:28.0825 2528 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:21:28.0887 2528 HidUsb - ok
15:21:29.0059 2528 [ 00C71C3FB915BA353740999ADF447927 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
15:21:29.0106 2528 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
15:21:29.0106 2528 HiPatchService - detected UnsignedFile.Multi.Generic (1)
15:21:29.0199 2528 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:21:29.0355 2528 hkmsvc - ok
15:21:29.0433 2528 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:21:29.0480 2528 HomeGroupListener - ok
15:21:29.0527 2528 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:21:29.0589 2528 HomeGroupProvider - ok
15:21:29.0745 2528 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:21:29.0761 2528 HP Support Assistant Service - ok
15:21:29.0870 2528 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
15:21:29.0901 2528 HPClientSvc - ok
15:21:29.0979 2528 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:21:30.0010 2528 HPDrvMntSvc.exe - ok
15:21:30.0260 2528 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:21:30.0322 2528 hpqwmiex - ok
15:21:30.0369 2528 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:21:30.0385 2528 HpSAMD - ok
15:21:30.0494 2528 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:21:30.0619 2528 HTTP - ok
15:21:30.0666 2528 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:21:30.0697 2528 hwpolicy - ok
15:21:30.0775 2528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:21:30.0822 2528 i8042prt - ok
15:21:30.0900 2528 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:21:30.0946 2528 iaStorV - ok
15:21:31.0087 2528 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:21:31.0134 2528 idsvc - ok
15:21:31.0196 2528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:21:31.0227 2528 iirsp - ok
15:21:31.0305 2528 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:21:31.0414 2528 IKEEXT - ok
15:21:31.0648 2528 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:21:31.0726 2528 IntcAzAudAddService - ok
15:21:31.0789 2528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:21:31.0867 2528 intelide - ok
15:21:31.0898 2528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:21:31.0960 2528 intelppm - ok
15:21:32.0054 2528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:21:32.0163 2528 IPBusEnum - ok
15:21:32.0241 2528 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:21:32.0428 2528 IpFilterDriver - ok
15:21:32.0491 2528 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:21:32.0584 2528 iphlpsvc - ok
15:21:32.0647 2528 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:21:32.0740 2528 IPMIDRV - ok
15:21:32.0803 2528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:21:32.0865 2528 IPNAT - ok
15:21:33.0015 2528 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:21:33.0065 2528 iPod Service - ok
15:21:33.0115 2528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:21:33.0165 2528 IRENUM - ok
15:21:33.0205 2528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:21:33.0225 2528 isapnp - ok
15:21:33.0255 2528 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:21:33.0285 2528 iScsiPrt - ok
15:21:33.0315 2528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:21:33.0335 2528 kbdclass - ok
15:21:33.0345 2528 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:21:33.0415 2528 kbdhid - ok
15:21:33.0435 2528 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:21:33.0455 2528 KeyIso - ok
15:21:33.0495 2528 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:21:33.0505 2528 KSecDD - ok
15:21:33.0545 2528 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:21:33.0555 2528 KSecPkg - ok
15:21:33.0565 2528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:21:33.0645 2528 ksthunk - ok
15:21:33.0665 2528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:21:33.0735 2528 KtmRm - ok
15:21:33.0795 2528 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:21:33.0865 2528 LanmanServer - ok
15:21:33.0945 2528 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:21:34.0015 2528 LanmanWorkstation - ok
15:21:34.0195 2528 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:21:34.0235 2528 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:21:34.0235 2528 LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:21:34.0325 2528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:21:34.0415 2528 lltdio - ok
15:21:34.0505 2528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:21:34.0625 2528 lltdsvc - ok
15:21:34.0675 2528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:21:34.0715 2528 lmhosts - ok
15:21:34.0775 2528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:21:34.0845 2528 LSI_FC - ok
15:21:34.0915 2528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:21:34.0962 2528 LSI_SAS - ok
15:21:34.0978 2528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:21:34.0993 2528 LSI_SAS2 - ok
15:21:35.0024 2528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:21:35.0071 2528 LSI_SCSI - ok
15:21:35.0118 2528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:21:35.0180 2528 luafv - ok
15:21:35.0290 2528 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:21:35.0305 2528 MBAMProtector - ok
15:21:35.0399 2528 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:21:35.0430 2528 MBAMScheduler - ok
15:21:36.0148 2528 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:21:36.0506 2528 MBAMService - ok
15:21:36.0553 2528 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:21:36.0569 2528 Mcx2Svc - ok
15:21:36.0678 2528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:21:36.0834 2528 megasas - ok
15:21:36.0896 2528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:21:37.0084 2528 MegaSR - ok
15:21:37.0130 2528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:21:37.0193 2528 MMCSS - ok
15:21:37.0208 2528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:21:37.0271 2528 Modem - ok
15:21:37.0302 2528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:21:37.0349 2528 monitor - ok
 
15:21:37.0396 2528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:21:37.0411 2528 mouclass - ok
15:21:37.0442 2528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:21:37.0474 2528 mouhid - ok
15:21:37.0505 2528 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:21:37.0520 2528 mountmgr - ok
15:21:37.0661 2528 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:21:37.0708 2528 MozillaMaintenance - ok
15:21:37.0770 2528 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:21:37.0832 2528 mpio - ok
15:21:37.0895 2528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:21:37.0942 2528 mpsdrv - ok
15:21:38.0004 2528 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:21:38.0144 2528 MpsSvc - ok
15:21:38.0191 2528 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:21:38.0300 2528 MRxDAV - ok
15:21:38.0363 2528 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:21:38.0425 2528 mrxsmb - ok
15:21:38.0472 2528 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:21:38.0519 2528 mrxsmb10 - ok
15:21:38.0550 2528 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:21:38.0612 2528 mrxsmb20 - ok
15:21:38.0644 2528 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:21:38.0706 2528 msahci - ok
15:21:38.0722 2528 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:21:38.0753 2528 msdsm - ok
15:21:38.0800 2528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:21:38.0893 2528 MSDTC - ok
15:21:38.0940 2528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:21:38.0971 2528 Msfs - ok
15:21:38.0987 2528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:21:39.0049 2528 mshidkmdf - ok
15:21:39.0065 2528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:21:39.0065 2528 msisadrv - ok
15:21:39.0143 2528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:21:39.0236 2528 MSiSCSI - ok
15:21:39.0236 2528 msiserver - ok
15:21:39.0283 2528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:21:39.0377 2528 MSKSSRV - ok
15:21:39.0455 2528 [ 103B3BBE23AB774B009D182276EC6786 ] msloop C:\Windows\system32\DRIVERS\loop.sys
15:21:39.0548 2528 msloop - ok
15:21:39.0580 2528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:21:39.0658 2528 MSPCLOCK - ok
15:21:39.0689 2528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:21:39.0782 2528 MSPQM - ok
15:21:39.0829 2528 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:21:39.0845 2528 MsRPC - ok
15:21:39.0892 2528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:21:39.0954 2528 mssmbios - ok
15:21:39.0970 2528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:21:40.0063 2528 MSTEE - ok
15:21:40.0079 2528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:21:40.0157 2528 MTConfig - ok
15:21:40.0188 2528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:21:40.0219 2528 Mup - ok
15:21:40.0282 2528 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:21:40.0375 2528 napagent - ok
15:21:40.0422 2528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:21:40.0500 2528 NativeWifiP - ok
15:21:40.0594 2528 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:21:40.0656 2528 NDIS - ok
15:21:40.0687 2528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:21:40.0734 2528 NdisCap - ok
15:21:40.0765 2528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:21:40.0796 2528 NdisTapi - ok
15:21:40.0859 2528 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:21:40.0921 2528 Ndisuio - ok
15:21:40.0968 2528 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:21:41.0015 2528 NdisWan - ok
15:21:41.0046 2528 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:21:41.0124 2528 NDProxy - ok
15:21:41.0186 2528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:21:41.0296 2528 NetBIOS - ok
15:21:41.0374 2528 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:21:41.0514 2528 NetBT - ok
15:21:41.0530 2528 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:21:41.0545 2528 Netlogon - ok
15:21:41.0623 2528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:21:41.0717 2528 Netman - ok
15:21:41.0904 2528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:41.0951 2528 NetMsmqActivator - ok
15:21:41.0966 2528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:41.0982 2528 NetPipeActivator - ok
15:21:42.0013 2528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:21:42.0200 2528 netprofm - ok
15:21:42.0403 2528 [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:21:42.0497 2528 netr28x - ok
15:21:42.0528 2528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:42.0544 2528 NetTcpActivator - ok
15:21:42.0544 2528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:21:42.0559 2528 NetTcpPortSharing - ok
15:21:42.0575 2528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:21:42.0622 2528 nfrd960 - ok
15:21:42.0762 2528 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:21:42.0840 2528 NlaSvc - ok
15:21:42.0856 2528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:21:42.0902 2528 Npfs - ok
15:21:42.0965 2528 npggsvc - ok
15:21:42.0980 2528 NPPTNT2 - ok
15:21:43.0027 2528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:21:43.0105 2528 nsi - ok
15:21:43.0121 2528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:21:43.0214 2528 nsiproxy - ok
15:21:43.0355 2528 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:21:43.0448 2528 Ntfs - ok
15:21:43.0495 2528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:21:43.0542 2528 Null - ok
15:21:44.0478 2528 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:21:44.0634 2528 nvlddmkm - ok
15:21:44.0728 2528 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:21:44.0837 2528 nvraid - ok
15:21:44.0884 2528 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:21:45.0024 2528 nvstor - ok
15:21:45.0149 2528 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
15:21:45.0258 2528 nvsvc - ok
15:21:45.0445 2528 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:21:45.0492 2528 nvUpdatusService - ok
15:21:45.0539 2528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:21:45.0632 2528 nv_agp - ok
15:21:45.0664 2528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:21:45.0695 2528 ohci1394 - ok
15:21:45.0788 2528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:21:45.0835 2528 ose - ok
15:21:46.0194 2528 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:21:46.0381 2528 osppsvc - ok
15:21:46.0428 2528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:21:46.0459 2528 p2pimsvc - ok
15:21:46.0506 2528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:21:46.0584 2528 p2psvc - ok
15:21:46.0615 2528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:21:46.0662 2528 Parport - ok
15:21:46.0693 2528 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:21:46.0740 2528 partmgr - ok
15:21:46.0771 2528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:21:46.0896 2528 PcaSvc - ok
15:21:46.0943 2528 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:21:46.0974 2528 pci - ok
15:21:47.0021 2528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:21:47.0036 2528 pciide - ok
15:21:47.0068 2528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:21:47.0114 2528 pcmcia - ok
15:21:47.0130 2528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:21:47.0161 2528 pcw - ok
15:21:47.0224 2528 pdfcDispatcher - ok
15:21:47.0333 2528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:21:47.0473 2528 PEAUTH - ok
15:21:48.0191 2528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:21:48.0269 2528 PerfHost - ok
15:21:48.0409 2528 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:21:48.0503 2528 pla - ok
15:21:48.0596 2528 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:21:48.0706 2528 PlugPlay - ok
15:21:48.0768 2528 PnkBstrA - ok
15:21:48.0799 2528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:21:48.0846 2528 PNRPAutoReg - ok
15:21:48.0862 2528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:21:48.0893 2528 PNRPsvc - ok
15:21:48.0971 2528 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:21:49.0080 2528 PolicyAgent - ok
15:21:49.0142 2528 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:21:49.0236 2528 Power - ok
15:21:49.0298 2528 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:21:49.0423 2528 PptpMiniport - ok
15:21:49.0470 2528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:21:49.0564 2528 Processor - ok
15:21:49.0626 2528 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:21:49.0688 2528 ProfSvc - ok
15:21:49.0704 2528 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:21:49.0735 2528 ProtectedStorage - ok
15:21:49.0844 2528 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:21:49.0985 2528 Psched - ok
15:21:50.0047 2528 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
15:21:50.0094 2528 PSI - ok
15:21:50.0219 2528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:21:50.0375 2528 ql2300 - ok
15:21:50.0422 2528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:21:50.0468 2528 ql40xx - ok
15:21:50.0515 2528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:21:50.0593 2528 QWAVE - ok
15:21:50.0624 2528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:21:50.0671 2528 QWAVEdrv - ok
15:21:50.0887 2528 [ 5E0459ED0A8F540D2F7B6E52DA12C9D4 ] RapportCerberus_34302 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys
15:21:50.0927 2528 RapportCerberus_34302 - ok
15:21:51.0007 2528 [ C3C5F9517AAC5848FFB7F66040780C3C ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
15:21:51.0047 2528 RapportEI64 - ok
15:21:51.0077 2528 [ F6CD072AF2E424CD4FF82194E36A6F3C ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
15:21:51.0097 2528 RapportKE64 - ok
15:21:51.0247 2528 [ C7D3492630472DC0546715DD4157B6C2 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
15:21:51.0287 2528 RapportMgmtService - ok
15:21:51.0337 2528 [ 819E5A7E3729273C252AE35F9E5E0BC8 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
15:21:51.0357 2528 RapportPG64 - ok
15:21:51.0377 2528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:21:51.0427 2528 RasAcd - ok
15:21:51.0477 2528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:21:51.0587 2528 RasAgileVpn - ok
15:21:51.0637 2528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:21:51.0737 2528 RasAuto - ok
15:21:51.0767 2528 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:21:51.0917 2528 Rasl2tp - ok
15:21:51.0977 2528 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:21:52.0067 2528 RasMan - ok
15:21:52.0107 2528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:21:52.0207 2528 RasPppoe - ok
15:21:52.0257 2528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:21:52.0327 2528 RasSstp - ok
15:21:52.0367 2528 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:21:52.0447 2528 rdbss - ok
15:21:52.0477 2528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:21:52.0537 2528 rdpbus - ok
15:21:52.0557 2528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:21:52.0617 2528 RDPCDD - ok
15:21:52.0667 2528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:21:52.0752 2528 RDPENCDD - ok
15:21:52.0768 2528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:21:52.0799 2528 RDPREFMP - ok
15:21:52.0893 2528 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:21:52.0955 2528 RDPWD - ok
15:21:53.0018 2528 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:21:53.0080 2528 rdyboost - ok
15:21:53.0236 2528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:21:53.0392 2528 RemoteAccess - ok
15:21:53.0470 2528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:21:53.0657 2528 RemoteRegistry - ok
15:21:53.0688 2528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:21:53.0813 2528 RpcEptMapper - ok
15:21:53.0844 2528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:21:53.0938 2528 RpcLocator - ok
15:21:54.0016 2528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:21:54.0047 2528 RpcSs - ok
15:21:54.0078 2528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:21:54.0172 2528 rspndr - ok
15:21:54.0219 2528 [ B15C021C2C9BB217A799D9532E8F04D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:21:54.0297 2528 RTL8167 - ok
15:21:54.0312 2528 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:21:54.0328 2528 SamSs - ok
15:21:54.0375 2528 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:21:54.0437 2528 sbp2port - ok
15:21:54.0500 2528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:21:54.0593 2528 SCardSvr - ok
15:21:54.0624 2528 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:21:54.0734 2528 scfilter - ok
15:21:54.0858 2528 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:21:55.0030 2528 Schedule - ok
15:21:55.0061 2528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:21:55.0092 2528 SCPolicySvc - ok
15:21:55.0139 2528 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:21:55.0217 2528 SDRSVC - ok
15:21:55.0295 2528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:21:55.0342 2528 secdrv - ok
15:21:55.0373 2528 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:21:55.0451 2528 seclogon - ok
15:21:55.0779 2528 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:21:55.0826 2528 Secunia PSI Agent - ok
15:21:55.0982 2528 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
15:21:56.0044 2528 Secunia Update Agent - ok
15:21:56.0091 2528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:21:56.0169 2528 SENS - ok
15:21:56.0200 2528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:21:56.0231 2528 SensrSvc - ok
15:21:56.0294 2528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:21:56.0387 2528 Serenum - ok
15:21:56.0418 2528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:21:56.0512 2528 Serial - ok
15:21:56.0559 2528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:21:56.0574 2528 sermouse - ok
15:21:56.0621 2528 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:21:56.0762 2528 SessionEnv - ok
15:21:56.0777 2528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:21:56.0840 2528 sffdisk - ok
15:21:56.0871 2528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:21:56.0933 2528 sffp_mmc - ok
15:21:56.0964 2528 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:21:57.0027 2528 sffp_sd - ok
15:21:57.0089 2528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:21:57.0167 2528 sfloppy - ok
15:21:57.0245 2528 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:21:57.0276 2528 Sftfs - ok
15:21:57.0386 2528 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:21:57.0432 2528 sftlist - ok
15:21:57.0510 2528 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:21:57.0542 2528 Sftplay - ok
15:21:57.0573 2528 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:21:57.0604 2528 Sftredir - ok
15:21:57.0604 2528 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:21:57.0635 2528 Sftvol - ok
15:21:57.0651 2528 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:21:57.0682 2528 sftvsa - ok
15:21:57.0729 2528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:21:57.0807 2528 SharedAccess - ok
15:21:57.0854 2528 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:21:57.0978 2528 ShellHWDetection - ok
15:21:57.0994 2528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:21:58.0041 2528 SiSRaid2 - ok
15:21:58.0056 2528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:21:58.0088 2528 SiSRaid4 - ok
15:21:58.0103 2528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:21:58.0166 2528 Smb - ok
15:21:58.0212 2528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:21:58.0290 2528 SNMPTRAP - ok
15:21:58.0306 2528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:21:58.0322 2528 spldr - ok
15:21:58.0368 2528 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:21:58.0446 2528 Spooler - ok
15:21:58.0618 2528 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:21:58.0946 2528 sppsvc - ok
15:21:58.0992 2528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:21:59.0133 2528 sppuinotify - ok
15:21:59.0226 2528 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:21:59.0336 2528 srv - ok
15:21:59.0382 2528 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:21:59.0429 2528 srv2 - ok
15:21:59.0445 2528 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:21:59.0476 2528 srvnet - ok
15:21:59.0554 2528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:21:59.0632 2528 SSDPSRV - ok
15:21:59.0663 2528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:21:59.0694 2528 SstpSvc - ok
15:21:59.0757 2528 Steam Client Service - ok
15:21:59.0882 2528 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:21:59.0913 2528 Stereo Service - ok
15:21:59.0944 2528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:21:59.0960 2528 stexstor - ok
15:22:00.0038 2528 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:22:00.0100 2528 stisvc - ok
15:22:00.0131 2528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:22:02.0253 2528 swenum - ok
15:22:02.0315 2528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:22:02.0440 2528 swprv - ok
15:22:02.0627 2528 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:22:02.0783 2528 SysMain - ok
15:22:02.0861 2528 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:22:03.0017 2528 TabletInputService - ok
15:22:03.0111 2528 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
15:22:03.0189 2528 tap0901t ( UnsignedFile.Multi.Generic ) - warning
15:22:03.0189 2528 tap0901t - detected UnsignedFile.Multi.Generic (1)
15:22:03.0251 2528 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:22:03.0376 2528 TapiSrv - ok
15:22:03.0423 2528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:22:03.0501 2528 TBS - ok
15:22:03.0704 2528 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:22:03.0906 2528 Tcpip - ok
15:22:04.0031 2528 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:22:04.0078 2528 TCPIP6 - ok
15:22:04.0125 2528 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:22:04.0218 2528 tcpipreg - ok
15:22:04.0530 2528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:22:04.0593 2528 TDPIPE - ok
15:22:04.0640 2528 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:22:04.0686 2528 TDTCP - ok
15:22:04.0796 2528 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:22:04.0858 2528 tdx - ok
15:22:04.0905 2528 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:22:04.0920 2528 TermDD - ok
15:22:04.0967 2528 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:22:05.0030 2528 TermService - ok
15:22:05.0061 2528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:22:05.0373 2528 Themes - ok
15:22:05.0420 2528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:22:05.0482 2528 THREADORDER - ok
15:22:05.0560 2528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:22:05.0700 2528 TrkWks - ok
15:22:06.0153 2528 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:22:06.0262 2528 TrustedInstaller - ok
15:22:06.0324 2528 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:22:06.0418 2528 tssecsrv - ok
15:22:06.0496 2528 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:22:06.0543 2528 TsUsbFlt - ok
15:22:06.0605 2528 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:22:06.0699 2528 tunnel - ok
15:22:07.0073 2528 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
15:22:07.0136 2528 TunngleService ( UnsignedFile.Multi.Generic ) - warning
15:22:07.0136 2528 TunngleService - detected UnsignedFile.Multi.Generic (1)
15:22:07.0167 2528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:22:07.0182 2528 uagp35 - ok
15:22:07.0245 2528 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:22:07.0292 2528 udfs - ok
15:22:07.0323 2528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:22:07.0354 2528 UI0Detect - ok
15:22:07.0370 2528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:22:07.0401 2528 uliagpkx - ok
15:22:07.0448 2528 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:22:07.0526 2528 umbus - ok
15:22:07.0572 2528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:22:07.0635 2528 UmPass - ok
15:22:07.0697 2528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:22:07.0791 2528 upnphost - ok
15:22:07.0853 2528 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:22:07.0962 2528 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:22:07.0962 2528 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:22:08.0040 2528 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:22:08.0087 2528 usbaudio - ok
15:22:08.0150 2528 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:22:08.0243 2528 usbccgp - ok
15:22:08.0274 2528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:22:08.0306 2528 usbcir - ok
15:22:08.0368 2528 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:22:08.0446 2528 usbehci - ok
15:22:08.0477 2528 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:22:08.0493 2528 usbfilter - ok
15:22:08.0633 2528 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:22:08.0696 2528 usbhub - ok
15:22:08.0742 2528 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:22:08.0805 2528 usbohci - ok
15:22:08.0852 2528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:22:08.0945 2528 usbprint - ok
15:22:08.0976 2528 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:22:09.0008 2528 USBSTOR - ok
15:22:09.0008 2528 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:22:09.0039 2528 usbuhci - ok
15:22:09.0086 2528 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:22:09.0132 2528 usbvideo - ok
15:22:09.0179 2528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:22:09.0273 2528 UxSms - ok
15:22:09.0304 2528 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:22:09.0335 2528 VaultSvc - ok
15:22:09.0351 2528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:22:09.0366 2528 vdrvroot - ok
15:22:09.0429 2528 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:22:09.0491 2528 vds - ok
15:22:09.0491 2528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:22:09.0522 2528 vga - ok
15:22:09.0554 2528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:22:09.0678 2528 VgaSave - ok
15:22:09.0725 2528 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:22:09.0819 2528 vhdmp - ok
15:22:09.0850 2528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:22:09.0912 2528 viaide - ok
15:22:09.0928 2528 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:22:09.0959 2528 volmgr - ok
15:22:09.0990 2528 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:22:10.0022 2528 volmgrx - ok
15:22:10.0053 2528 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:22:10.0084 2528 volsnap - ok
15:22:10.0115 2528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:22:10.0146 2528 vsmraid - ok
15:22:10.0256 2528 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:22:10.0349 2528 VSS - ok
15:22:10.0365 2528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:22:10.0412 2528 vwifibus - ok
15:22:10.0427 2528 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:22:10.0443 2528 vwififlt - ok
15:22:10.0521 2528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:22:10.0552 2528 W32Time - ok
15:22:10.0583 2528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:22:10.0630 2528 WacomPen - ok
15:22:10.0677 2528 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:22:10.0724 2528 WANARP - ok
15:22:10.0724 2528 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:22:10.0770 2528 Wanarpv6 - ok
15:22:10.0942 2528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:22:11.0004 2528 WatAdminSvc - ok
15:22:11.0192 2528 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:22:11.0316 2528 wbengine - ok
15:22:11.0348 2528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:22:11.0379 2528 WbioSrvc - ok
15:22:11.0472 2528 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:22:11.0550 2528 wcncsvc - ok
15:22:11.0566 2528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:22:11.0597 2528 WcsPlugInService - ok
15:22:11.0660 2528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:22:11.0706 2528 Wd - ok
15:22:11.0800 2528 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:22:11.0894 2528 Wdf01000 - ok
15:22:11.0894 2528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:22:11.0940 2528 WdiServiceHost - ok
15:22:11.0940 2528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:22:11.0956 2528 WdiSystemHost - ok
15:22:12.0003 2528 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:22:12.0096 2528 WebClient - ok
15:22:12.0128 2528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:22:12.0190 2528 Wecsvc - ok
15:22:12.0237 2528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:22:12.0315 2528 wercplsupport - ok
15:22:12.0346 2528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:22:12.0393 2528 WerSvc - ok
15:22:12.0424 2528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:22:12.0455 2528 WfpLwf - ok
15:22:12.0471 2528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:22:12.0486 2528 WIMMount - ok
15:22:12.0486 2528 WinDefend - ok
15:22:12.0486 2528 WinHttpAutoProxySvc - ok
15:22:12.0564 2528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:22:12.0611 2528 Winmgmt - ok
15:22:13.0001 2528 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:22:13.0095 2528 WinRM - ok
15:22:13.0173 2528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:22:13.0251 2528 Wlansvc - ok
15:22:13.0469 2528 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:22:13.0516 2528 wlidsvc - ok
15:22:13.0547 2528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:22:13.0563 2528 WmiAcpi - ok
15:22:13.0625 2528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:22:13.0703 2528 wmiApSrv - ok
15:22:13.0734 2528 WMPNetworkSvc - ok
15:22:13.0797 2528 [ 58540037A4A3EEEEFA47C84100E1694F ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
15:22:13.0812 2528 WMZuneComm - ok
15:22:13.0890 2528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:22:13.0953 2528 WPCSvc - ok
15:22:13.0984 2528 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:22:14.0000 2528 WPDBusEnum - ok
15:22:14.0015 2528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:22:14.0078 2528 ws2ifsl - ok
15:22:14.0093 2528 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:22:14.0140 2528 wscsvc - ok
15:22:14.0140 2528 WSearch - ok
15:22:14.0421 2528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:22:14.0483 2528 wuauserv - ok
15:22:14.0499 2528 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:22:14.0592 2528 WudfPf - ok
15:22:14.0655 2528 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:22:14.0702 2528 WUDFRd - ok
15:22:14.0748 2528 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:22:14.0795 2528 wudfsvc - ok
15:22:14.0858 2528 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:22:14.0889 2528 WwanSvc - ok
15:22:15.0201 2528 X6va005 - ok
15:22:15.0248 2528 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:22:15.0279 2528 xusb21 - ok
15:22:15.0435 2528 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:22:15.0450 2528 YahooAUService - ok
15:22:15.0887 2528 [ D6EF205269C2A584AF6B56B9F95010F8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
15:22:16.0074 2528 ZuneNetworkSvc - ok
15:22:16.0090 2528 [ 7A565AFE58F3822A9E622868E5CC0E5C ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
15:22:16.0121 2528 ZuneWlanCfgSvc - ok
15:22:16.0137 2528 ================ Scan global ===============================
15:22:16.0152 2528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:22:16.0184 2528 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:22:16.0199 2528 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:22:16.0215 2528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:22:16.0277 2528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:22:16.0308 2528 [Global] - ok
15:22:16.0308 2528 ================ Scan MBR ==================================
15:22:16.0402 2528 [ AA009EC3C3402BE4B5D00E6E29FC38EC ] \Device\Harddisk0\DR0
15:22:18.0071 2528 \Device\Harddisk0\DR0 - ok
15:22:18.0071 2528 ================ Scan VBR ==================================
15:22:18.0102 2528 [ 008F0737E1ACE846FA00BC315264D053 ] \Device\Harddisk0\DR0\Partition1
15:22:18.0102 2528 \Device\Harddisk0\DR0\Partition1 - ok
15:22:18.0118 2528 [ 57D8B1C3EC1C17F87DD3502CE8E19A13 ] \Device\Harddisk0\DR0\Partition2
15:22:18.0118 2528 \Device\Harddisk0\DR0\Partition2 - ok
15:22:18.0134 2528 [ 16D1778C5300332AFD2318821AD67134 ] \Device\Harddisk0\DR0\Partition3
15:22:18.0165 2528 \Device\Harddisk0\DR0\Partition3 - ok
15:22:18.0165 2528 ============================================================
15:22:18.0165 2528 Scan finished
15:22:18.0165 2528 ============================================================
15:22:18.0165 4120 Detected object count: 6
15:22:18.0165 4120 Actual detected object count: 6
15:23:39.0557 4120 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:23:39.0557 4120 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:23:39.0557 4120 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
15:23:39.0557 4120 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:23:39.0557 4120 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:23:39.0557 4120 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:23:39.0557 4120 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
15:23:39.0557 4120 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:23:39.0572 4120 TunngleService ( UnsignedFile.Multi.Generic ) - skipped by user
15:23:39.0572 4120 TunngleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:23:39.0572 4120 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:23:39.0572 4120 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:26:43.0694 2896 Deinitialize success
 
ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.


=======================================


Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death
 
I am scanning now. So far my computer has been good. I still have removable disks drivers there that I didn't put myself and a random folder popped up in my OS again that is empty and locked. The last ones were gone for a good few hours before this one popped up so I don't know if its something just with my computer that does it or something more. The only alert I have in my system tray is for a windows update that I can't get to update. It always has an error and doesn't finish.

I have work in a little bit so I will post the scan results tonight. Thanks again for helping. Main thing I want to be able to say is that my computer is clean so hopefully it is or will be.

I did scan with the exact scanner right before I asked for help on the forums. It did pick up 11 threats. I pasted what it found in note pad if you want me to give you that as well.
 
For the first screenshot, the hidden drives, those are no big deal. That actually highlights the reference points, if you were to plug in a flash drive or external drive to your PC.

To hide that, along with other hidden files/folders, press the ALT button while in Computer window there, press Tools > Folder Options.

Select the View tab, find "Don't show hidden files and folders" and select that, Apply changes.

That should make those disappear.

As for the second screenshot, those are files created by Windows to help update your computer, install service packs, etc. Only Windows Installer Cleanup utility can remove these. Which it doesn't matter if you keep them or not, as they are safe folders.
 
I had looked up the the files before and found the same thing about being made by windows. Just wanted to be safer then sorry. :)
Well that is great to know. I haven't seen anything else going on with my computer so far. I will post again if something comes up. Thanks again for helping me.
 
You're welcome!

We will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point
  • Go to Control Panel and select System and Maintenance
  • Select System
  • On the left select Advance System Settings and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name I.e. Clean
  • Select Create
Now we can purge the infected ones
  • Go back to the System and Maintenance page
  • Select Performance Information and Tools
  • On the left select Open Disk Cleanup
  • Select Files from all users and accept the warning if you get one
  • In the drop down box select your main drive I.e. C
  • For a few moments the system will make some calculations:
    diskcleanup1.png
  • Select the More Options tab
    moreoptions.png
  • In the System Restore and Shadow Backups select Clean up
    moreoptions2.png
  • Select Delete on the pop up
  • Select OK
  • Select Delete
Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
Note:If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Download CCleaner Slim and save it to your Desktop - Alternate download link

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.

* Double-click the CCleaner shortcut on the desktop to start the program.
* Click on the Options block on the left, then choose Cookies.
* Under Cookies to Delete, highlight any cookies you would like to retain permanently
* Click the right arrow > to move them to the Cookies to Keep window.
* Go into Options > Advanced & uncheck Only delete files in Windows Temp folders older than 48 hours
* Click Cleaner on the left then Run Cleaner on the right to run the program.
* Important: Make sure that ALL browser windows are closed before selecting Run Cleaner

Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
 
Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
ESET Smart Security 5.2
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.4001)
Malwarebytes Anti-Malware version 1.65.0.1400
Java 7 Update 7
Adobe Flash Player 11.4.402.287
Mozilla Firefox (15.0.1)
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
475
eriksnyman1
E
N
Very long delay in receiving incoming emails in outlook 2021
Replies
0
Views
280
Neitanod
N
S
Dell Latitude E5470 Video Issues
Replies
1
Views
711
Mark Fuller
M

Latest posts

Back