Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty, persistent advertisement in bottom right hand corner, pornographic after midnight


  • This topic is locked This topic is locked
36 replies to this topic

#1 Brathly

Brathly

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 12:06 PM

Someone already had the same problem, but I'm too afraid to do exactly what he did. http://www.bleepingcomputer.com/forums/topic454440.html

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Britta at 12:59:04 on 2012-07-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1660 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\OSD\DellOSDservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files\Dell\OSD\DellOSD.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\AOL\1323321727\ee\aolsoftware.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: H - No File
uWindows: Load=C:\Users\Britta\AppData\Local\Temp\{15319~1.EXE
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [StickyNotesWidget] "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\notes_startup_widgets.exe" "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\start.umj"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [FAStartup]
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1323321727\ee\AOLSoftware.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{45EDF7F6-9048-4C36-A5EC-61578192C8CB} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{45EDF7F6-9048-4C36-A5EC-61578192C8CB}\05343524D27657563747 : DhcpNameServer = 168.213.64.92 168.213.64.93
TCP: Interfaces\{45EDF7F6-9048-4C36-A5EC-61578192C8CB}\14C6C616E672370296E6475627E65647 : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{45EDF7F6-9048-4C36-A5EC-61578192C8CB}\3486163756E62627F677E6 : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{45EDF7F6-9048-4C36-A5EC-61578192C8CB}\C696E6B6379737 : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{D129C513-993A-4244-A824-40C8CCF213CB} : NameServer = 68.28.231.132 68.28.230.132
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO-X64: FAIESSO Helper Object - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun-x64: [StickyNotesWidget] "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\notes_startup_widgets.exe" "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\start.umj"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [FAStartup]
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1323321727\ee\AOLSoftware.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun-x64: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 149.5.18.172 www.google-analytics.com.
Hosts: 149.5.18.172 ad-emea.doubleclick.net.
Hosts: 149.5.18.172 www.statcounter.com.
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\6lsfri4i.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\6lsfri4i.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DellOSDservice;DellOSDservice;C:\Program Files\Dell\OSD\DellOSDservice.exe [2010-11-25 7168]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-2-22 2409800]
R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-4-25 202296]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-14 655944]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-7-11 1019328]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]
R3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\system32\DRIVERS\BrSerIb.sys --> C:\Windows\system32\DRIVERS\BrSerIb.sys [?]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\system32\DRIVERS\BrUsbSIb.sys --> C:\Windows\system32\DRIVERS\BrUsbSIb.sys [?]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys --> C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 136176]
S3 bcm;WiMAX Network Adapter;C:\Windows\system32\DRIVERS\drxvi314_64.sys --> C:\Windows\system32\DRIVERS\drxvi314_64.sys [?]
S3 bcmbusctr;WiMAX Bus Driver;C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys --> C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys [?]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-5-31 245760]
S3 DIFMBUS;Franklin EVDO USB Modem Composite Device Driver;C:\Windows\system32\DRIVERS\DIFMBUS.sys --> C:\Windows\system32\DRIVERS\DIFMBUS.sys [?]
S3 DIFMCVsp;Franklin EVDO USB Modem CM Port;C:\Windows\system32\DRIVERS\DIFMCVsp.sys --> C:\Windows\system32\DRIVERS\DIFMCVsp.sys [?]
S3 DIFMMdm;Franklin EVDO USB Modem;C:\Windows\system32\DRIVERS\DIFMMdm.sys --> C:\Windows\system32\DRIVERS\DIFMMdm.sys [?]
S3 DIFMNET;Franklin EVDO USB Modem Network Adapter;C:\Windows\system32\DRIVERS\DIFMNET.sys --> C:\Windows\system32\DRIVERS\DIFMNET.sys [?]
S3 DIFMNVsp;Franklin EVDO USB Modem NMEA Port Serial Port;C:\Windows\system32\DRIVERS\DIFMNVsp.sys --> C:\Windows\system32\DRIVERS\DIFMNVsp.sys [?]
S3 DIFMVsp;Franklin EVDO USB Modem Diagnostics Port;C:\Windows\system32\DRIVERS\DIFMVsp.sys --> C:\Windows\system32\DRIVERS\DIFMVsp.sys [?]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-14 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\system32\DRIVERS\gtkdrv.sys --> C:\Windows\system32\DRIVERS\gtkdrv.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-15 16:21:48 -------- d-----w- C:\Users\Britta\AppData\Roaming\SpeedyPC Software
2012-07-15 16:21:48 -------- d-----w- C:\Users\Britta\AppData\Roaming\DriverCure
2012-07-15 16:21:32 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software
2012-07-15 16:21:30 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-07-15 16:21:30 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2012-07-15 15:56:31 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{24093BA7-939A-41CB-AFBC-0F6908EDEFFA}\offreg.dll
2012-07-15 06:08:21 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2012-07-15 06:01:45 -------- d-----w- C:\Users\Britta\AppData\Roaming\GetRightToGo
2012-07-15 05:36:42 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-15 05:36:42 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-15 05:18:06 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-07-15 05:18:06 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-07-15 05:14:05 116016 ----a-w- C:\Windows\System32\drivers\69839417.sys
2012-07-15 04:53:39 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-07-15 04:53:39 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-07-14 19:20:10 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{24093BA7-939A-41CB-AFBC-0F6908EDEFFA}\mpengine.dll
2012-07-13 05:06:14 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-12 16:24:39 110080 ----a-r- C:\Users\Britta\AppData\Roaming\Microsoft\Installer\{7289B0CC-BC41-4C7E-A2C7-DB1259E8E47A}\IconF7A21AF7.exe
2012-07-12 16:24:39 110080 ----a-r- C:\Users\Britta\AppData\Roaming\Microsoft\Installer\{7289B0CC-BC41-4C7E-A2C7-DB1259E8E47A}\IconD7F16134.exe
2012-07-12 16:24:39 110080 ----a-r- C:\Users\Britta\AppData\Roaming\Microsoft\Installer\{7289B0CC-BC41-4C7E-A2C7-DB1259E8E47A}\Icon5B4E0377.exe
2012-07-12 16:23:08 -------- d-----w- C:\Windows\7289B0CCBC414C7EA2C7DB1259E8E47A.TMP
2012-07-11 22:30:56 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 21:44:25 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-10 02:54:36 -------- d-----w- C:\Users\Britta\AppData\Local\Broadcom
2012-07-10 02:53:15 39464 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys
2012-07-10 02:53:14 21544 ----a-w- C:\Windows\System32\drivers\btwrchid.sys
2012-07-10 02:53:14 135720 ----a-w- C:\Windows\System32\drivers\btwavdt.sys
2012-07-10 02:53:14 102440 ----a-w- C:\Windows\System32\drivers\btwaudio.sys
2012-07-10 02:52:45 -------- d-----w- C:\Program Files\WIDCOMM
2012-07-10 02:47:30 319016 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2012-07-10 02:32:49 -------- d-----w- C:\Users\Britta\AppData\Roaming\Roxio Log Files
2012-07-09 17:15:56 -------- d-----w- C:\ProgramData\Sprint
2012-07-06 06:45:18 44544 ------w- C:\Windows\SysWow64\msxml4a.dll
2012-07-06 06:42:16 -------- d-----w- C:\ProgramData\LGMOBILEAX
2012-07-06 06:38:47 90112 ----a-w- C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGUTchkdl.dll
2012-07-06 06:38:47 5240832 ----a-w- C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LG_VZW_United_WHQL_v2.6.0.msi
2012-07-06 06:38:47 24576 ----a-w- C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGEUSBAutorun.dll
2012-07-06 06:38:46 1339392 ----a-w- C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\TL_PC.exe
2012-07-06 06:38:36 90112 ----a-r- C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Templates\E\LGUTchkdl.dll
2012-07-06 06:38:36 24576 ----a-r- C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Templates\E\LGEUSBAutorun.dll
2012-07-06 06:29:27 -------- d-----w- C:\Program Files (x86)\LG Electronics
2012-07-06 06:28:59 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-07-06 06:28:59 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-07-06 06:28:59 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-07-06 06:28:59 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-07-06 06:28:57 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-07-06 06:24:52 -------- d-----w- C:\Users\Britta\AppData\Local\Deployment
2012-07-06 06:24:52 -------- d-----w- C:\Users\Britta\AppData\Local\Apps
2012-07-06 06:17:34 -------- d-----w- C:\Users\Britta\AppData\Roaming\Dell Drivers Update Utility
2012-07-06 06:17:18 -------- d-----w- C:\Users\Britta\AppData\Local\DELL Drivers Update Utility
2012-07-06 05:37:24 -------- d-----w- C:\Users\Britta\AppData\Local\ElevatedDiagnostics
2012-07-04 18:37:42 -------- d-----w- C:\Program Files (x86)\Bilingual Books
2012-07-04 04:49:05 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B30E7AB3-3F80-4ABB-866C-129EF56693CE}\gapaengine.dll
2012-06-24 07:14:10 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-24 07:14:10 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-24 07:00:01 -------- d-----w- C:\Windows\3F97FA2CC160469697F9EDB23D106E21.TMP
2012-06-23 02:43:41 -------- d-----w- C:\Users\Britta\AppData\Local\Macromedia
2012-06-22 00:44:18 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 00:44:03 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 00:43:47 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 00:43:47 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
============= FINISH: 12:59:49.63 ===============


and the other one

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/7/2011 6:44:03 PM
System Uptime: 7/15/2012 11:31:08 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0DPRF9
Processor: AMD Athlon™ II X2 240e Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 195.107 GiB free.
D: is CDROM ()
E: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
RP147: 7/9/2012 4:25:39 AM - Windows Update
RP148: 7/9/2012 1:07:23 PM - Removed Sprint SmartView.
RP149: 7/9/2012 10:19:02 PM - Removed LG Verizon United Drivers.
RP150: 7/9/2012 10:23:23 PM - Removed Bonjour
RP151: 7/9/2012 10:31:28 PM - Removed Bing Maps 3D
RP152: 7/9/2012 10:52:29 PM - Installed Bluetooth Software
RP153: 7/11/2012 6:26:25 PM - Windows Update
RP154: 7/12/2012 12:23:31 PM - Installed SpyHunter
RP155: 7/14/2012 11:23:38 PM - Installed Garmin Lifetime Updater
RP156: 7/15/2012 12:53:48 AM - Windows Update
RP157: 7/15/2012 1:24:35 AM - Removed Adobe Reader X (10.1.3) MUI.
RP158: 7/15/2012 1:34:31 AM - Removed Adobe Reader X (10.1.3) MUI.
.
==== Hosts File Hijack ======================
.
Hosts: 149.5.18.172 www.google-analytics.com.
Hosts: 149.5.18.172 ad-emea.doubleclick.net.
Hosts: 149.5.18.172 www.statcounter.com.
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
Hosts: 108.163.215.51 www.statcounter.com.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
AIO_Scan
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Software Update
ATI Catalyst Control Center
Belkin Setup and Router Monitor
Brother MFL-Pro Suite MFC-7360N
BufferChm
C4200
c4200_Help
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CIR Tool Kit
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Copy
CyberLink YouPaint
Dell DataSafe Online
Dell Driver Download Manager
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Product Registration
Dell Stage
Dell Touch Software Suite Games
Dell VideoStage
Dell Webcam Central
Destinations
DeviceDiscovery
DocProc
Garmin Lifetime Updater
GERMAN in 10 minutes a day®
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
InstallVC90Support
Java Auto Updater
Java™ 6 Update 24
Junk Mail filter update
Kaspersky Security Scan
Malwarebytes Anti-Malware version 1.62.0.1300
MarketResearch
Microsoft Choice Guard
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Touch Pack for Windows 7
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 3.0
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
PS_AIO_Software_min
QuickTime
Realtek High Definition Audio Driver
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skins
Skype Click to Call
Skype™ 5.5
SmartWebPrinting
SolutionCenter
SpeedyPC Pro
Status
StickyNotes
swMSM
Toolbox
TrayApp
Trojan Killer
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Viewpoint Media Player
WebM Media Foundation Components
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
7/8/2012 6:18:05 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1186.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/8/2012 4:17:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1186.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/15/2012 2:32:37 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 2 time(s).
7/15/2012 2:12:38 AM, Error: Service Control Manager [7003] - The PC Tools Spyware Doctor Driver service depends the following service: PCTCore. This service might not be installed.
7/15/2012 12:24:25 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s).
7/15/2012 11:32:44 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
7/15/2012 11:32:44 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
7/15/2012 11:32:10 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
7/15/2012 11:32:04 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
7/15/2012 11:31:55 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/15/2012 11:25:43 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCTSD
7/11/2012 9:52:20 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1379.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/11/2012 5:37:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1379.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/11/2012 1:43:41 AM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/11/2012 1:43:41 AM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.
7/11/2012 1:43:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 AM

Posted 15 July 2012 - 12:11 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 12:24 PM

Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 24
Java version out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (13.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

I also have Spyhunter but it's turned off right now

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 AM

Posted 15 July 2012 - 12:29 PM

OK that look good so far so go ahead and let me have the combofix report when it is complete


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 12:33 PM

I thought it's only for Windows XP?
I have Windows 7 on this computer

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 AM

Posted 15 July 2012 - 12:33 PM

It has been updated and will work fine


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 12:34 PM

ok thanks

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 AM

Posted 15 July 2012 - 12:51 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 01:12 PM

When combofix restarted my omputer, spyhunter (that I initially deactivated) opened by itself and started to mess around

Combofix has been saying "preparing log report" for 5 min now but nothing is happening

should I start over?

#10 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 01:18 PM

nothing works anymore
I get an error message when I attempt to open IE or firefox or AOL or anything. I'm writing this from a second computer.........

I have to admit I lost patience after combofix stalled and closed it

#11 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 01:19 PM

Illegal operation attempted on a registery key that has been marked for deletion... will restart computer

#12 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 01:49 PM

ComboFix 12-07-14.01 - Britta 07/15/2012 14:24:47.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2283 [GMT -4:00]
Running from: c:\users\Britta\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Britta\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
.
---- Previous Run -------
.
c:\users\Britta\AppData\Local\Microsoft\Windows\Temporary Internet Files\{1BDCD971-C013-4CE8-905B-8CC865BC9E68}.xps
c:\users\Britta\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Britta\Documents\~WRL0005.tmp
c:\windows\system32\drivers\etc\lmhosts
c:\windows\SysWow64\pt\Lagoon.resources.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-15 to 2012-07-15 )))))))))))))))))))))))))))))))
.
.
2012-07-15 18:31 . 2012-07-15 18:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-15 16:21 . 2012-07-15 16:21 -------- d-----w- c:\users\Britta\AppData\Roaming\SpeedyPC Software
2012-07-15 16:21 . 2012-07-15 16:21 -------- d-----w- c:\users\Britta\AppData\Roaming\DriverCure
2012-07-15 16:21 . 2012-07-15 16:21 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-07-15 16:21 . 2012-07-15 16:21 -------- d-----w- c:\programdata\SpeedyPC Software
2012-07-15 16:21 . 2012-07-15 16:21 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-07-15 06:38 . 2012-07-15 06:38 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-07-15 06:08 . 2012-07-15 15:31 -------- d-----w- c:\program files (x86)\PC Tools Security
2012-07-15 06:01 . 2012-07-15 08:30 -------- d-----w- c:\users\Britta\AppData\Roaming\GetRightToGo
2012-07-15 05:36 . 2012-07-15 05:36 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-15 05:36 . 2012-07-15 05:36 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-15 05:18 . 2012-07-15 05:18 -------- d-----w- c:\programdata\Kaspersky Lab
2012-07-15 05:18 . 2012-07-15 05:18 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2012-07-15 05:14 . 2012-07-15 05:14 116016 ----a-w- c:\windows\system32\drivers\69839417.sys
2012-07-15 04:53 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-07-15 04:53 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-07-14 19:20 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{24093BA7-939A-41CB-AFBC-0F6908EDEFFA}\mpengine.dll
2012-07-13 05:06 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-12 16:24 . 2012-07-12 16:24 110080 ----a-r- c:\users\Britta\AppData\Roaming\Microsoft\Installer\{7289B0CC-BC41-4C7E-A2C7-DB1259E8E47A}\IconF7A21AF7.exe
2012-07-12 16:24 . 2012-07-12 16:24 110080 ----a-r- c:\users\Britta\AppData\Roaming\Microsoft\Installer\{7289B0CC-BC41-4C7E-A2C7-DB1259E8E47A}\IconD7F16134.exe
2012-07-12 16:24 . 2012-07-12 16:24 110080 ----a-r- c:\users\Britta\AppData\Roaming\Microsoft\Installer\{7289B0CC-BC41-4C7E-A2C7-DB1259E8E47A}\Icon5B4E0377.exe
2012-07-12 16:23 . 2012-07-12 16:24 -------- d-----w- c:\windows\7289B0CCBC414C7EA2C7DB1259E8E47A.TMP
2012-07-11 22:30 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 21:44 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-10 02:54 . 2012-07-10 02:54 -------- d-----w- c:\users\Britta\AppData\Local\Broadcom
2012-07-10 02:53 . 2009-11-17 23:45 39464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2012-07-10 02:53 . 2009-11-25 00:06 102440 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-07-10 02:53 . 2009-11-25 00:06 135720 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-07-10 02:53 . 2009-11-25 00:06 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-07-10 02:52 . 2012-07-10 02:52 -------- d-----w- c:\program files\WIDCOMM
2012-07-10 02:47 . 2009-11-30 18:37 319016 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2012-07-10 02:32 . 2012-07-10 02:32 -------- d-----w- c:\users\Britta\AppData\Roaming\Roxio Log Files
2012-07-09 17:15 . 2012-07-09 17:15 -------- d-----w- c:\programdata\Sprint
2012-07-07 04:34 . 2012-07-07 04:34 -------- d-----w- c:\program files\DIFX
2012-07-06 06:45 . 2005-10-04 05:39 44544 ------w- c:\windows\SysWow64\msxml4a.dll
2012-07-06 06:42 . 2012-07-10 02:55 -------- d-----w- c:\programdata\LGMOBILEAX
2012-07-06 06:38 . 2012-07-06 06:38 5240832 ----a-w- c:\users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LG_VZW_United_WHQL_v2.6.0.msi
2012-07-06 06:38 . 2012-07-06 06:38 90112 ----a-w- c:\users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGUTchkdl.dll
2012-07-06 06:38 . 2012-07-06 06:38 24576 ----a-w- c:\users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGEUSBAutorun.dll
2012-07-06 06:38 . 2012-07-06 06:38 1339392 ----a-w- c:\users\Britta\AppData\Roaming\Microsoft\Windows\Templates\TLPC\TL_PC.exe
2012-07-06 06:38 . 2010-12-03 08:01 90112 ----a-r- c:\users\Britta\AppData\Roaming\Microsoft\Windows\Templates\E\LGUTchkdl.dll
2012-07-06 06:38 . 2010-11-12 10:36 24576 ----a-r- c:\users\Britta\AppData\Roaming\Microsoft\Windows\Templates\E\LGEUSBAutorun.dll
2012-07-06 06:29 . 2012-07-10 02:20 -------- d-----w- c:\program files (x86)\LG Electronics
2012-07-06 06:28 . 2001-09-05 09:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-07-06 06:28 . 2001-09-05 09:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-07-06 06:28 . 2001-09-05 09:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-07-06 06:28 . 2001-09-05 09:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-07-06 06:28 . 2002-07-25 21:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-07-06 06:24 . 2012-07-06 06:51 -------- d-----w- c:\users\Britta\AppData\Local\Deployment
2012-07-06 06:24 . 2012-07-06 06:24 -------- d-----w- c:\users\Britta\AppData\Local\Apps
2012-07-06 06:17 . 2012-07-06 06:17 -------- d-----w- c:\users\Britta\AppData\Roaming\Dell Drivers Update Utility
2012-07-06 06:17 . 2012-07-06 06:21 -------- d-----w- c:\users\Britta\AppData\Local\DELL Drivers Update Utility
2012-07-06 05:37 . 2012-07-06 05:37 -------- d-----w- c:\users\Britta\AppData\Local\ElevatedDiagnostics
2012-07-04 18:37 . 2012-07-04 18:37 -------- d-----w- c:\program files (x86)\Bilingual Books
2012-07-04 04:49 . 2012-02-12 01:02 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B30E7AB3-3F80-4ABB-866C-129EF56693CE}\gapaengine.dll
2012-06-24 07:14 . 2012-06-24 07:14 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-24 07:14 . 2012-06-24 07:14 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-24 07:00 . 2012-07-12 16:24 -------- d-----w- c:\windows\3F97FA2CC160469697F9EDB23D106E21.TMP
2012-06-23 02:43 . 2012-06-23 02:43 -------- d-----w- c:\users\Britta\AppData\Local\Macromedia
2012-06-22 00:44 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 00:44 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 00:44 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 00:44 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 00:44 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 00:44 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 00:44 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 00:43 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 00:43 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 17:46 . 2012-04-20 00:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-23 03:17 . 2012-05-23 03:17 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-04 11:06 . 2012-06-14 01:38 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 01:38 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 01:38 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 01:38 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-14 01:37 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-14 01:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-14 01:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-14 01:38 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-14 01:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-14 01:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-14 01:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-14 01:37 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-14 01:37 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-14 01:37 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-15_17.57.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-07-15 18:22 60992 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-15 18:22 46898 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-08 00:01 . 2012-07-15 18:22 17318 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3540595668-819061181-2041913830-1000_UserData.bin
- 2012-07-10 02:56 . 2012-07-15 17:55 1797 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-07-10 02:56 . 2012-07-15 18:31 1797 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2012-07-15 17:56 . 2012-07-15 17:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-15 18:32 . 2012-07-15 18:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-15 17:56 . 2012-07-15 17:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-15 18:32 . 2012-07-15 18:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-07-15 17:55 385888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-15 18:31 385888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-12-08 00:19 . 2012-07-15 17:55 35491367 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3540595668-819061181-2041913830-1000-8192.dat
+ 2011-12-08 00:19 . 2012-07-15 18:31 35491367 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3540595668-819061181-2041913830-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2012-04-25 202296]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-15 39408]
"AOL Fast Start"="c:\program files (x86)\AOL Desktop 9.6\AOL.EXE" [2011-04-25 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ShwiconXP6366"="c:\program files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe" [2009-07-17 237568]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-22 98304]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2010-02-22 95560]
"StickyNotesWidget"="c:\program files (x86)\Dell Touch Software Suite\StickyNotes\notes_startup_widgets.exe" [2011-03-18 666344]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"FAStartup"="" [BU]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-11-10 4144448]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"HostManager"="c:\program files (x86)\Common Files\AOL\1323321727\ee\AOLSoftware.exe" [2010-03-08 41800]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-06-04 1466760]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-05-27 2015136]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-11-30 1120032]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-02-22 20:24 144712 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
R3 bcm;WiMAX Network Adapter;c:\windows\system32\DRIVERS\drxvi314_64.sys [2010-03-27 359040]
R3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\DRIVERS\BcmBusCtr_64.sys [2010-03-27 62976]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 DIFMBUS;Franklin EVDO USB Modem Composite Device Driver;c:\windows\system32\DRIVERS\DIFMBUS.sys [2010-04-28 69960]
R3 DIFMCVsp;Franklin EVDO USB Modem CM Port;c:\windows\system32\DRIVERS\DIFMCVsp.sys [2010-04-28 181320]
R3 DIFMMdm;Franklin EVDO USB Modem;c:\windows\system32\DRIVERS\DIFMMdm.sys [2010-04-28 181320]
R3 DIFMNET;Franklin EVDO USB Modem Network Adapter;c:\windows\system32\DRIVERS\DIFMNET.sys [2010-05-04 123976]
R3 DIFMNVsp;Franklin EVDO USB Modem NMEA Port Serial Port;c:\windows\system32\DRIVERS\DIFMNVsp.sys [2010-04-28 181320]
R3 DIFMVsp;Franklin EVDO USB Modem Diagnostics Port;c:\windows\system32\DRIVERS\DIFMVsp.sys [2010-04-28 181320]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-24 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\DRIVERS\gtkdrv.sys [2012-01-04 16640]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-08 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-21 203264]
S2 DellOSDservice;DellOSDservice;c:\program files\Dell\OSD\DellOSDservice.exe [2010-11-25 7168]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-02-22 2409800]
S2 KSS;Kaspersky Security Scan Service;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-04-25 202296]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-21 7883264]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-21 285696]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2010-02-02 20984]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys [2009-11-03 87552]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys [2009-11-03 14592]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2009-11-30 319016]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-17 39464]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x64.sys [2010-07-14 33792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-15 02:22]
.
2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-15 02:22]
.
2012-07-09 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 01:20]
.
2012-07-15 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2012-07-15 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-07-15 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
2012-07-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 01:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-02 5712896]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D129C513-993A-4244-A824-40C8CCF213CB}: NameServer = 68.28.231.132 68.28.230.132
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
FF - ProfilePath - c:\users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\6lsfri4i.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
.
**************************************************************************
.
Completion time: 2012-07-15 14:41:23 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-15 18:40
.
Pre-Run: 212,040,073,216 bytes free
Post-Run: 211,736,256,512 bytes free
.
- - End Of File - - 34E3EE4246B3121B257C9AB52359CDB6

#13 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 02:00 PM

weird looking pornographic iphone pop up is no longer popping up

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 AM

Posted 15 July 2012 - 02:29 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Brathly

Brathly
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 15 July 2012 - 02:46 PM

15:31:03.0830 4560 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
15:31:04.0220 4560 ============================================================
15:31:04.0220 4560 Current date / time: 2012/07/15 15:31:04.0220
15:31:04.0220 4560 SystemInfo:
15:31:04.0220 4560
15:31:04.0220 4560 OS Version: 6.1.7601 ServicePack: 1.0
15:31:04.0220 4560 Product type: Workstation
15:31:04.0220 4560 ComputerName: BRITTA-PC
15:31:04.0220 4560 UserName: Britta
15:31:04.0220 4560 Windows directory: C:\Windows
15:31:04.0220 4560 System windows directory: C:\Windows
15:31:04.0220 4560 Running under WOW64
15:31:04.0220 4560 Processor architecture: Intel x64
15:31:04.0220 4560 Number of processors: 2
15:31:04.0220 4560 Page size: 0x1000
15:31:04.0220 4560 Boot type: Normal boot
15:31:04.0220 4560 ============================================================
15:31:06.0919 4560 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:31:07.0153 4560 Drive \Device\Harddisk2\DR2 - Size: 0x79F00000 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:31:07.0168 4560 ============================================================
15:31:07.0168 4560 \Device\Harddisk0\DR0:
15:31:07.0168 4560 MBR partitions:
15:31:07.0168 4560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
15:31:07.0168 4560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x3862166B
15:31:07.0168 4560 \Device\Harddisk2\DR2:
15:31:07.0168 4560 MBR partitions:
15:31:07.0168 4560 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x177, BlocksNum 0x3CF689
15:31:07.0168 4560 ============================================================
15:31:07.0168 4560 C: <-> \Device\Harddisk0\DR0\Partition1
15:31:07.0168 4560 ============================================================
15:31:07.0168 4560 Initialize success
15:31:07.0168 4560 ============================================================
15:31:08.0760 1112 ============================================================
15:31:08.0760 1112 Scan started
15:31:08.0760 1112 Mode: Manual;
15:31:08.0760 1112 ============================================================
15:31:09.0399 1112 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:31:09.0399 1112 1394ohci - ok
15:31:09.0430 1112 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:31:09.0430 1112 ACPI - ok
15:31:09.0446 1112 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:31:09.0446 1112 AcpiPmi - ok
15:31:09.0571 1112 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:31:09.0571 1112 AdobeARMservice - ok
15:31:09.0664 1112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:31:09.0680 1112 adp94xx - ok
15:31:09.0696 1112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:31:09.0696 1112 adpahci - ok
15:31:09.0711 1112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:31:09.0711 1112 adpu320 - ok
15:31:09.0758 1112 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:31:09.0758 1112 AeLookupSvc - ok
15:31:09.0836 1112 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:31:09.0836 1112 AFD - ok
15:31:10.0008 1112 AffinegyService (b29bc445561f1ac7b1daf67af954c36b) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
15:31:10.0117 1112 AffinegyService - ok
15:31:10.0179 1112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:31:10.0179 1112 agp440 - ok
15:31:10.0242 1112 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:31:10.0242 1112 ALG - ok
15:31:10.0273 1112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:31:10.0273 1112 aliide - ok
15:31:10.0351 1112 AMD External Events Utility (91da5a257b800c21cc3b6674e579cf90) C:\Windows\system32\atiesrxx.exe
15:31:10.0366 1112 AMD External Events Utility - ok
15:31:10.0413 1112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:31:10.0413 1112 amdide - ok
15:31:10.0429 1112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:31:10.0429 1112 AmdK8 - ok
15:31:10.0632 1112 amdkmdag (b64724ca6c9f3d8325f0f1a02c6adfaf) C:\Windows\system32\DRIVERS\atikmdag.sys
15:31:10.0772 1112 amdkmdag - ok
15:31:10.0912 1112 amdkmdap (18f03be6118ba9d8a9dc0b98997dc98e) C:\Windows\system32\DRIVERS\atikmpag.sys
15:31:10.0912 1112 amdkmdap - ok
15:31:10.0975 1112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:31:10.0975 1112 AmdPPM - ok
15:31:11.0022 1112 amdsata (cc3021d064eb6d3c2f949530e2b0ba47) C:\Windows\system32\drivers\amdsata.sys
15:31:11.0022 1112 amdsata - ok
15:31:11.0068 1112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:31:11.0068 1112 amdsbs - ok
15:31:11.0100 1112 amdxata (ffc5a0f6263574ef0d5467496b721f77) C:\Windows\system32\drivers\amdxata.sys
15:31:11.0100 1112 amdxata - ok
15:31:11.0240 1112 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
15:31:11.0256 1112 AOL ACS - ok
15:31:11.0287 1112 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:31:11.0287 1112 AppID - ok
15:31:11.0318 1112 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:31:11.0334 1112 AppIDSvc - ok
15:31:11.0349 1112 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:31:11.0349 1112 Appinfo - ok
15:31:11.0412 1112 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:11.0412 1112 Apple Mobile Device - ok
15:31:11.0443 1112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:31:11.0443 1112 arc - ok
15:31:11.0474 1112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:31:11.0490 1112 arcsas - ok
15:31:11.0646 1112 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:31:11.0646 1112 aspnet_state - ok
15:31:11.0661 1112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:11.0677 1112 AsyncMac - ok
15:31:11.0739 1112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:31:11.0739 1112 atapi - ok
15:31:11.0786 1112 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\drivers\AtiPcie64.sys
15:31:11.0802 1112 AtiPcie - ok
15:31:11.0880 1112 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:31:11.0895 1112 AudioEndpointBuilder - ok
15:31:11.0911 1112 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:31:11.0911 1112 AudioSrv - ok
15:31:11.0973 1112 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:31:11.0973 1112 AxInstSV - ok
15:31:12.0036 1112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:31:12.0051 1112 b06bdrv - ok
15:31:12.0114 1112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:31:12.0129 1112 b57nd60a - ok
15:31:12.0192 1112 bcm (d1ba00d7cb6c1fbf29dc8935d8525d22) C:\Windows\system32\DRIVERS\drxvi314_64.sys
15:31:12.0192 1112 bcm - ok
15:31:12.0223 1112 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
15:31:12.0238 1112 BCM42RLY - ok
15:31:12.0348 1112 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:31:12.0426 1112 BCM43XX - ok
15:31:12.0566 1112 bcmbusctr (5ccd19e7fa04db87adf171fa702a4169) C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
15:31:12.0582 1112 bcmbusctr - ok
15:31:12.0644 1112 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
15:31:12.0644 1112 BcmVWL - ok
15:31:12.0691 1112 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:31:12.0691 1112 BDESVC - ok
15:31:12.0753 1112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:31:12.0753 1112 Beep - ok
15:31:12.0816 1112 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:31:12.0816 1112 BFE - ok
15:31:12.0894 1112 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:31:12.0909 1112 BITS - ok
15:31:13.0018 1112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:31:13.0034 1112 blbdrive - ok
15:31:13.0081 1112 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:31:13.0081 1112 bowser - ok
15:31:13.0096 1112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:31:13.0096 1112 BrFiltLo - ok
15:31:13.0112 1112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:31:13.0112 1112 BrFiltUp - ok
15:31:13.0143 1112 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:31:13.0143 1112 BridgeMP - ok
15:31:13.0190 1112 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:31:13.0190 1112 Browser - ok
15:31:13.0252 1112 BrSerIb (6df544e72ff139e8fbbba6d0e569bea5) C:\Windows\system32\DRIVERS\BrSerIb.sys
15:31:13.0252 1112 BrSerIb - ok
15:31:13.0268 1112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:31:13.0284 1112 Brserid - ok
15:31:13.0284 1112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:31:13.0284 1112 BrSerWdm - ok
15:31:13.0346 1112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:31:13.0346 1112 BrUsbMdm - ok
15:31:13.0362 1112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:31:13.0362 1112 BrUsbSer - ok
15:31:13.0377 1112 BrUsbSIb (80082ad46578f0d3270d2e56d6433082) C:\Windows\system32\DRIVERS\BrUsbSIb.sys
15:31:13.0377 1112 BrUsbSIb - ok
15:31:13.0471 1112 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:31:13.0564 1112 BrYNSvc - ok
15:31:13.0596 1112 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
15:31:13.0596 1112 BthEnum - ok
15:31:13.0627 1112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:31:13.0627 1112 BTHMODEM - ok
15:31:13.0658 1112 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:31:13.0658 1112 BthPan - ok
15:31:13.0720 1112 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
15:31:13.0736 1112 BTHPORT - ok
15:31:13.0798 1112 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:31:13.0798 1112 bthserv - ok
15:31:13.0845 1112 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
15:31:13.0861 1112 BTHUSB - ok
15:31:13.0892 1112 btwampfl (163668fdc42cc73f397a0b5ef00017fd) C:\Windows\system32\drivers\btwampfl.sys
15:31:13.0892 1112 btwampfl - ok
15:31:13.0923 1112 btwaudio (e37d4f461c912b0b46941f2a2048006f) C:\Windows\system32\drivers\btwaudio.sys
15:31:13.0923 1112 btwaudio - ok
15:31:14.0095 1112 btwavdt (4360cb566324a43a8962730b13c172c6) C:\Windows\system32\DRIVERS\btwavdt.sys
15:31:14.0110 1112 btwavdt - ok
15:31:14.0251 1112 btwdins (756b097ef48254b26218b816fbd20f9f) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:31:14.0251 1112 btwdins - ok
15:31:14.0266 1112 btwl2cap (272108a7da53a6fddaa5dae42e64c9f4) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:31:14.0266 1112 btwl2cap - ok
15:31:14.0298 1112 btwrchid (f55d36511c2c0e423bad6008c3e746fc) C:\Windows\system32\DRIVERS\btwrchid.sys
15:31:14.0298 1112 btwrchid - ok
15:31:14.0344 1112 catchme - ok
15:31:14.0422 1112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:31:14.0422 1112 cdfs - ok
15:31:14.0469 1112 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:31:14.0469 1112 cdrom - ok
15:31:14.0532 1112 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:31:14.0532 1112 CertPropSvc - ok
15:31:14.0547 1112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:31:14.0547 1112 circlass - ok
15:31:14.0578 1112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:31:14.0578 1112 CLFS - ok
15:31:14.0688 1112 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:14.0688 1112 clr_optimization_v2.0.50727_32 - ok
15:31:14.0781 1112 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:14.0797 1112 clr_optimization_v2.0.50727_64 - ok
15:31:14.0906 1112 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:14.0906 1112 clr_optimization_v4.0.30319_32 - ok
15:31:14.0922 1112 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:14.0922 1112 clr_optimization_v4.0.30319_64 - ok
15:31:14.0968 1112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:31:14.0968 1112 CmBatt - ok
15:31:15.0015 1112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:31:15.0015 1112 cmdide - ok
15:31:15.0062 1112 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
15:31:15.0078 1112 CNG - ok
15:31:15.0109 1112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:31:15.0109 1112 Compbatt - ok
15:31:15.0124 1112 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:31:15.0124 1112 CompositeBus - ok
15:31:15.0140 1112 COMSysApp - ok
15:31:15.0156 1112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:31:15.0156 1112 crcdisk - ok
15:31:15.0218 1112 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:31:15.0218 1112 CryptSvc - ok
15:31:15.0280 1112 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:31:15.0296 1112 CtClsFlt - ok
15:31:15.0343 1112 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:31:15.0358 1112 DcomLaunch - ok
15:31:15.0421 1112 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:31:15.0421 1112 defragsvc - ok
15:31:15.0530 1112 DellOSDservice (cdc66fe3a870dd689137d0a9e42d7984) C:\Program Files\Dell\OSD\DellOSDservice.exe
15:31:15.0546 1112 DellOSDservice - ok
15:31:15.0561 1112 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:31:15.0561 1112 DfsC - ok
15:31:15.0624 1112 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:31:15.0624 1112 Dhcp - ok
15:31:15.0670 1112 DIFMBUS (96d83233107fb6ef09aead53612d89c0) C:\Windows\system32\DRIVERS\DIFMBUS.sys
15:31:15.0670 1112 DIFMBUS - ok
15:31:15.0717 1112 DIFMCVsp (968c5e792d7e35317a03fd25ab9f216f) C:\Windows\system32\DRIVERS\DIFMCVsp.sys
15:31:15.0717 1112 DIFMCVsp - ok
15:31:15.0748 1112 DIFMMdm (9ffa3e5a40917dda57382fb934fd3e13) C:\Windows\system32\DRIVERS\DIFMMdm.sys
15:31:15.0748 1112 DIFMMdm - ok
15:31:15.0780 1112 DIFMNET (042d928b37e910da9334b611103f8206) C:\Windows\system32\DRIVERS\DIFMNET.sys
15:31:15.0795 1112 DIFMNET - ok
15:31:15.0811 1112 DIFMNVsp (abce22878585de461aeea641a4ae8052) C:\Windows\system32\DRIVERS\DIFMNVsp.sys
15:31:15.0811 1112 DIFMNVsp - ok
15:31:15.0826 1112 DIFMVsp (9c0a424039a9fad6851bb3ecdd988b63) C:\Windows\system32\DRIVERS\DIFMVsp.sys
15:31:15.0826 1112 DIFMVsp - ok
15:31:15.0858 1112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:31:15.0858 1112 discache - ok
15:31:15.0904 1112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:31:15.0904 1112 Disk - ok
15:31:15.0982 1112 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:31:15.0982 1112 Dnscache - ok
15:31:16.0029 1112 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:31:16.0045 1112 dot3svc - ok
15:31:16.0107 1112 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:31:16.0107 1112 Dot4 - ok
15:31:16.0185 1112 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:31:16.0185 1112 Dot4Print - ok
15:31:16.0201 1112 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:31:16.0201 1112 dot4usb - ok
15:31:16.0232 1112 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:31:16.0232 1112 DPS - ok
15:31:16.0279 1112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:31:16.0294 1112 drmkaud - ok
15:31:16.0388 1112 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:31:16.0388 1112 DXGKrnl - ok
15:31:16.0419 1112 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:31:16.0419 1112 EapHost - ok
15:31:16.0528 1112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:31:16.0591 1112 ebdrv - ok
15:31:17.0511 1112 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:31:17.0511 1112 EFS - ok
15:31:17.0620 1112 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:31:17.0636 1112 ehRecvr - ok
15:31:17.0652 1112 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:31:17.0652 1112 ehSched - ok
15:31:17.0730 1112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:31:17.0745 1112 elxstor - ok
15:31:17.0761 1112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:31:17.0776 1112 ErrDev - ok
15:31:17.0917 1112 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
15:31:17.0932 1112 esgiguard - ok
15:31:17.0995 1112 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:31:18.0010 1112 EventSystem - ok
15:31:18.0042 1112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:31:18.0042 1112 exfat - ok
15:31:18.0104 1112 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
15:31:18.0120 1112 FACAP - ok
15:31:18.0276 1112 FAService (25afc9a2da1939ae295b346d81390c21) c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
15:31:18.0712 1112 FAService - ok
15:31:18.0868 1112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:31:18.0884 1112 fastfat - ok
15:31:18.0962 1112 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:31:18.0978 1112 Fax - ok
15:31:18.0993 1112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:31:18.0993 1112 fdc - ok
15:31:18.0993 1112 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:31:18.0993 1112 fdPHost - ok
15:31:19.0009 1112 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:31:19.0009 1112 FDResPub - ok
15:31:19.0024 1112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:31:19.0024 1112 FileInfo - ok
15:31:19.0040 1112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:31:19.0040 1112 Filetrace - ok
15:31:19.0040 1112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:31:19.0040 1112 flpydisk - ok
15:31:19.0056 1112 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:31:19.0071 1112 FltMgr - ok
15:31:19.0212 1112 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:31:19.0227 1112 FontCache - ok
15:31:19.0321 1112 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:19.0321 1112 FontCache3.0.0.0 - ok
15:31:19.0368 1112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:31:19.0383 1112 FsDepends - ok
15:31:19.0399 1112 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:31:19.0414 1112 Fs_Rec - ok
15:31:19.0446 1112 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:31:19.0446 1112 fvevol - ok
15:31:19.0461 1112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:31:19.0461 1112 gagp30kx - ok
15:31:19.0508 1112 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:31:19.0524 1112 GEARAspiWDM - ok
15:31:19.0602 1112 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:31:19.0617 1112 gpsvc - ok
15:31:19.0664 1112 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
15:31:19.0664 1112 grmnusb - ok
15:31:19.0773 1112 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:19.0789 1112 gupdate - ok
15:31:19.0804 1112 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:19.0804 1112 gupdatem - ok
15:31:19.0867 1112 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:31:19.0867 1112 gusvc - ok
15:31:19.0929 1112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:31:19.0929 1112 hcw85cir - ok
15:31:19.0945 1112 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:19.0945 1112 HDAudBus - ok
15:31:19.0960 1112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:31:19.0960 1112 HidBatt - ok
15:31:19.0976 1112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:31:19.0976 1112 HidBth - ok
15:31:19.0992 1112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:31:19.0992 1112 HidIr - ok
15:31:20.0038 1112 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:31:20.0038 1112 hidserv - ok
15:31:20.0070 1112 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:31:20.0070 1112 HidUsb - ok
15:31:20.0116 1112 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:31:20.0116 1112 hkmsvc - ok
15:31:20.0132 1112 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:31:20.0132 1112 HomeGroupListener - ok
15:31:20.0179 1112 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:31:20.0179 1112 HomeGroupProvider - ok
15:31:20.0366 1112 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:31:20.0366 1112 hpqcxs08 - ok
15:31:20.0382 1112 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:31:20.0382 1112 hpqddsvc - ok
15:31:20.0397 1112 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:31:20.0413 1112 HpSAMD - ok
15:31:20.0444 1112 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:31:20.0460 1112 HTTP - ok
15:31:20.0491 1112 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:31:20.0506 1112 hwpolicy - ok
15:31:20.0538 1112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:31:20.0538 1112 i8042prt - ok
15:31:20.0584 1112 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:31:20.0600 1112 iaStorV - ok
15:31:20.0787 1112 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:20.0787 1112 idsvc - ok
15:31:20.0818 1112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:31:20.0818 1112 iirsp - ok
15:31:20.0912 1112 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:31:20.0912 1112 IKEEXT - ok
15:31:21.0052 1112 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
15:31:21.0084 1112 IntcAzAudAddService - ok
15:31:21.0271 1112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:31:21.0271 1112 intelide - ok
15:31:21.0302 1112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:31:21.0302 1112 intelppm - ok
15:31:21.0349 1112 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:31:21.0349 1112 IPBusEnum - ok
15:31:21.0380 1112 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:21.0380 1112 IpFilterDriver - ok
15:31:21.0442 1112 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:31:21.0442 1112 iphlpsvc - ok
15:31:21.0474 1112 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:31:21.0474 1112 IPMIDRV - ok
15:31:21.0505 1112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:31:21.0505 1112 IPNAT - ok
15:31:21.0645 1112 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
15:31:21.0661 1112 iPod Service - ok
15:31:21.0708 1112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:31:21.0708 1112 IRENUM - ok
15:31:21.0723 1112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:31:21.0723 1112 isapnp - ok
15:31:21.0754 1112 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:31:21.0754 1112 iScsiPrt - ok
15:31:21.0786 1112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:21.0786 1112 kbdclass - ok
15:31:21.0817 1112 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:31:21.0817 1112 kbdhid - ok
15:31:21.0879 1112 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:31:21.0879 1112 KeyIso - ok
15:31:21.0926 1112 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
15:31:21.0926 1112 KSecDD - ok
15:31:21.0973 1112 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
15:31:21.0973 1112 KSecPkg - ok
15:31:22.0176 1112 KSS (e47ffca0909871ac1bff0d446ff63ca9) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
15:31:22.0176 1112 KSS - ok
15:31:22.0238 1112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:31:22.0238 1112 ksthunk - ok
15:31:22.0300 1112 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:31:22.0300 1112 KtmRm - ok
15:31:22.0332 1112 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:31:22.0332 1112 LanmanServer - ok
15:31:22.0378 1112 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:31:22.0394 1112 LanmanWorkstation - ok
15:31:22.0441 1112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:31:22.0456 1112 lltdio - ok
15:31:22.0519 1112 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:31:22.0534 1112 lltdsvc - ok
15:31:22.0566 1112 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:31:22.0566 1112 lmhosts - ok
15:31:22.0597 1112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:31:22.0597 1112 LSI_FC - ok
15:31:22.0612 1112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:31:22.0612 1112 LSI_SAS - ok
15:31:22.0628 1112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:31:22.0628 1112 LSI_SAS2 - ok
15:31:22.0644 1112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:31:22.0644 1112 LSI_SCSI - ok
15:31:22.0675 1112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:31:22.0675 1112 luafv - ok
15:31:22.0768 1112 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
15:31:22.0768 1112 MBAMProtector - ok
15:31:22.0956 1112 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:31:22.0971 1112 MBAMService - ok
15:31:23.0034 1112 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:31:23.0034 1112 Mcx2Svc - ok
15:31:23.0080 1112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:31:23.0096 1112 megasas - ok
15:31:23.0112 1112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:31:23.0112 1112 MegaSR - ok
15:31:23.0158 1112 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:31:23.0158 1112 MMCSS - ok
15:31:23.0174 1112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:31:23.0174 1112 Modem - ok
15:31:23.0205 1112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:31:23.0205 1112 monitor - ok
15:31:23.0205 1112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:31:23.0221 1112 mouclass - ok
15:31:23.0236 1112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:31:23.0236 1112 mouhid - ok
15:31:23.0236 1112 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:31:23.0252 1112 mountmgr - ok
15:31:23.0377 1112 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:31:23.0377 1112 MozillaMaintenance - ok
15:31:23.0486 1112 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:31:23.0486 1112 MpFilter - ok
15:31:23.0517 1112 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:31:23.0517 1112 mpio - ok
15:31:23.0564 1112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:31:23.0580 1112 mpsdrv - ok
15:31:23.0673 1112 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:31:23.0689 1112 MpsSvc - ok
15:31:23.0704 1112 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:31:23.0704 1112 MRxDAV - ok
15:31:23.0751 1112 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:23.0751 1112 mrxsmb - ok
15:31:23.0814 1112 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:23.0814 1112 mrxsmb10 - ok
15:31:23.0829 1112 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:23.0829 1112 mrxsmb20 - ok
15:31:23.0876 1112 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:31:23.0876 1112 msahci - ok
15:31:23.0907 1112 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:31:23.0907 1112 msdsm - ok
15:31:23.0954 1112 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:31:23.0954 1112 MSDTC - ok
15:31:23.0970 1112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:31:23.0970 1112 Msfs - ok
15:31:23.0985 1112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:31:23.0985 1112 mshidkmdf - ok
15:31:23.0985 1112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:31:23.0985 1112 msisadrv - ok
15:31:24.0048 1112 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:31:24.0048 1112 MSiSCSI - ok
15:31:24.0048 1112 msiserver - ok
15:31:24.0094 1112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:31:24.0094 1112 MSKSSRV - ok
15:31:24.0188 1112 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:31:24.0188 1112 MsMpSvc - ok
15:31:24.0375 1112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:24.0391 1112 MSPCLOCK - ok
15:31:24.0453 1112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:31:24.0469 1112 MSPQM - ok
15:31:24.0531 1112 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:31:24.0547 1112 MsRPC - ok
15:31:24.0563 1112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:24.0563 1112 mssmbios - ok
15:31:24.0579 1112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:31:24.0579 1112 MSTEE - ok
15:31:24.0595 1112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:31:24.0595 1112 MTConfig - ok
15:31:24.0610 1112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:31:24.0610 1112 Mup - ok
15:31:24.0688 1112 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:31:24.0704 1112 napagent - ok
15:31:24.0735 1112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:31:24.0751 1112 NativeWifiP - ok
15:31:24.0829 1112 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
15:31:24.0844 1112 NDIS - ok
15:31:24.0875 1112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:31:24.0875 1112 NdisCap - ok
15:31:24.0907 1112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:24.0907 1112 NdisTapi - ok
15:31:24.0922 1112 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:24.0922 1112 Ndisuio - ok
15:31:24.0938 1112 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:24.0953 1112 NdisWan - ok
15:31:24.0953 1112 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:31:24.0953 1112 NDProxy - ok
15:31:25.0016 1112 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
15:31:25.0016 1112 Net Driver HPZ12 - ok
15:31:25.0031 1112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:31:25.0031 1112 NetBIOS - ok
15:31:25.0063 1112 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:31:25.0063 1112 NetBT - ok
15:31:25.0109 1112 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:31:25.0109 1112 Netlogon - ok
15:31:25.0172 1112 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:31:25.0187 1112 Netman - ok
15:31:25.0297 1112 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:25.0297 1112 NetMsmqActivator - ok
15:31:25.0297 1112 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:25.0297 1112 NetPipeActivator - ok
15:31:25.0328 1112 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:31:25.0328 1112 netprofm - ok
15:31:25.0328 1112 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:25.0328 1112 NetTcpActivator - ok
15:31:25.0343 1112 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:25.0343 1112 NetTcpPortSharing - ok
15:31:25.0437 1112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:31:25.0437 1112 nfrd960 - ok
15:31:25.0499 1112 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:31:25.0499 1112 NisDrv - ok
15:31:25.0610 1112 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
15:31:25.0610 1112 NisSrv - ok
15:31:25.0688 1112 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:31:25.0688 1112 NlaSvc - ok
15:31:25.0875 1112 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:31:25.0906 1112 NOBU - ok
15:31:26.0062 1112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:31:26.0062 1112 Npfs - ok
15:31:26.0093 1112 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:31:26.0093 1112 nsi - ok
15:31:26.0124 1112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:31:26.0124 1112 nsiproxy - ok
15:31:26.0218 1112 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:31:26.0249 1112 Ntfs - ok
15:31:26.0327 1112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:31:26.0343 1112 Null - ok
15:31:26.0390 1112 nuviocir (be29aa3cba78480ab8591873197cb56a) C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys
15:31:26.0390 1112 nuviocir - ok
15:31:26.0421 1112 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:31:26.0421 1112 nvraid - ok
15:31:26.0436 1112 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:31:26.0436 1112 nvstor - ok
15:31:26.0452 1112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:31:26.0468 1112 nv_agp - ok
15:31:26.0514 1112 NWADI (f79633a8b7db75cb5fad53b02985a414) C:\Windows\system32\DRIVERS\NWADIenum.sys
15:31:26.0514 1112 NWADI - ok
15:31:26.0530 1112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:31:26.0530 1112 ohci1394 - ok
15:31:26.0702 1112 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:26.0702 1112 ose64 - ok
15:31:26.0920 1112 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:31:26.0998 1112 osppsvc - ok
15:31:27.0138 1112 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:31:27.0154 1112 p2pimsvc - ok
15:31:27.0232 1112 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:31:27.0248 1112 p2psvc - ok
15:31:27.0326 1112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:31:27.0326 1112 Parport - ok
15:31:27.0372 1112 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:31:27.0372 1112 partmgr - ok
15:31:27.0435 1112 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:31:27.0450 1112 PcaSvc - ok
15:31:27.0497 1112 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:31:27.0497 1112 pci - ok
15:31:27.0497 1112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:31:27.0497 1112 pciide - ok
15:31:27.0544 1112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:31:27.0544 1112 pcmcia - ok
15:31:27.0560 1112 PCTINDIS5X64 - ok
15:31:27.0575 1112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:31:27.0575 1112 pcw - ok
15:31:27.0606 1112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:31:27.0606 1112 PEAUTH - ok
15:31:27.0716 1112 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:31:27.0716 1112 PerfHost - ok
15:31:27.0840 1112 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:31:27.0856 1112 pla - ok
15:31:27.0934 1112 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:31:27.0934 1112 PlugPlay - ok
15:31:28.0012 1112 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
15:31:28.0012 1112 Pml Driver HPZ12 - ok
15:31:28.0059 1112 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:31:28.0059 1112 PNRPAutoReg - ok
15:31:28.0090 1112 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:31:28.0090 1112 PNRPsvc - ok
15:31:28.0152 1112 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:31:28.0168 1112 PolicyAgent - ok
15:31:28.0230 1112 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:31:28.0230 1112 Power - ok
15:31:28.0324 1112 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:31:28.0324 1112 PptpMiniport - ok
15:31:28.0371 1112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:31:28.0371 1112 Processor - ok
15:31:28.0433 1112 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:31:28.0433 1112 ProfSvc - ok
15:31:28.0480 1112 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:31:28.0480 1112 ProtectedStorage - ok
15:31:28.0511 1112 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:31:28.0511 1112 Psched - ok
15:31:28.0558 1112 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:31:28.0558 1112 PxHlpa64 - ok
15:31:28.0636 1112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:31:28.0698 1112 ql2300 - ok
15:31:28.0870 1112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:31:28.0870 1112 ql40xx - ok
15:31:28.0932 1112 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:31:28.0932 1112 QWAVE - ok
15:31:28.0932 1112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:31:28.0932 1112 QWAVEdrv - ok
15:31:28.0948 1112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:31:28.0948 1112 RasAcd - ok
15:31:29.0010 1112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:31:29.0010 1112 RasAgileVpn - ok
15:31:29.0057 1112 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:31:29.0057 1112 RasAuto - ok
15:31:29.0073 1112 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:29.0073 1112 Rasl2tp - ok
15:31:29.0135 1112 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:31:29.0151 1112 RasMan - ok
15:31:29.0166 1112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:29.0166 1112 RasPppoe - ok
15:31:29.0182 1112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:31:29.0182 1112 RasSstp - ok
15:31:29.0198 1112 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:31:29.0198 1112 rdbss - ok
15:31:29.0213 1112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:31:29.0213 1112 rdpbus - ok
15:31:29.0229 1112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:29.0229 1112 RDPCDD - ok
15:31:29.0260 1112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:31:29.0260 1112 RDPENCDD - ok
15:31:29.0260 1112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:31:29.0260 1112 RDPREFMP - ok
15:31:29.0322 1112 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:31:29.0322 1112 RDPWD - ok
15:31:29.0400 1112 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:31:29.0400 1112 rdyboost - ok
15:31:29.0447 1112 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:31:29.0447 1112 RemoteAccess - ok
15:31:29.0712 1112 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:31:29.0712 1112 RemoteRegistry - ok
15:31:29.0775 1112 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:31:29.0775 1112 RFCOMM - ok
15:31:29.0806 1112 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:31:29.0806 1112 RimVSerPort - ok
15:31:29.0837 1112 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
15:31:29.0853 1112 ROOTMODEM - ok
15:31:29.0900 1112 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:31:29.0900 1112 RpcEptMapper - ok
15:31:29.0915 1112 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:31:29.0915 1112 RpcLocator - ok
15:31:29.0946 1112 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:31:29.0946 1112 RpcSs - ok
15:31:29.0962 1112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:31:29.0962 1112 rspndr - ok
15:31:30.0024 1112 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:31:30.0040 1112 RTL8167 - ok
15:31:30.0087 1112 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:31:30.0087 1112 SamSs - ok
15:31:30.0102 1112 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:31:30.0102 1112 sbp2port - ok
15:31:30.0118 1112 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:31:30.0134 1112 SCardSvr - ok
15:31:30.0180 1112 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:31:30.0180 1112 scfilter - ok
15:31:30.0212 1112 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:31:30.0227 1112 Schedule - ok
15:31:30.0274 1112 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:31:30.0274 1112 SCPolicySvc - ok
15:31:30.0274 1112 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:31:30.0290 1112 SDRSVC - ok
15:31:30.0368 1112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:31:30.0368 1112 secdrv - ok
15:31:30.0383 1112 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:31:30.0383 1112 seclogon - ok
15:31:30.0399 1112 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:31:30.0399 1112 SENS - ok
15:31:30.0430 1112 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:31:30.0430 1112 SensrSvc - ok
15:31:30.0446 1112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:31:30.0446 1112 Serenum - ok
15:31:30.0461 1112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:31:30.0461 1112 Serial - ok
15:31:30.0477 1112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:31:30.0477 1112 sermouse - ok
15:31:30.0508 1112 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:31:30.0508 1112 SessionEnv - ok
15:31:30.0524 1112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:31:30.0524 1112 sffdisk - ok
15:31:30.0539 1112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:31:30.0539 1112 sffp_mmc - ok
15:31:30.0539 1112 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:31:30.0539 1112 sffp_sd - ok
15:31:30.0555 1112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:31:30.0555 1112 sfloppy - ok
15:31:30.0664 1112 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:31:30.0664 1112 SharedAccess - ok
15:31:30.0726 1112 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:31:30.0742 1112 ShellHWDetection - ok
15:31:30.0789 1112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:31:30.0789 1112 SiSRaid2 - ok
15:31:30.0820 1112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:31:30.0820 1112 SiSRaid4 - ok
15:31:30.0851 1112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:31:30.0851 1112 Smb - ok
15:31:30.0882 1112 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:31:30.0882 1112 SNMPTRAP - ok
15:31:30.0882 1112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:31:30.0882 1112 spldr - ok
15:31:30.0914 1112 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:31:30.0914 1112 Spooler - ok
15:31:31.0070 1112 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:31:31.0148 1112 sppsvc - ok
15:31:31.0272 1112 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:31:31.0272 1112 sppuinotify - ok
15:31:31.0460 1112 SpyHunter 4 Service (cef26d36cf0c8a2ae6aac27767070308) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:31:31.0538 1112 SpyHunter 4 Service - ok
15:31:31.0662 1112 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:31:31.0662 1112 srv - ok
15:31:31.0725 1112 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:31:31.0740 1112 srv2 - ok
15:31:31.0756 1112 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:31:31.0756 1112 srvnet - ok
15:31:31.0803 1112 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:31:31.0818 1112 SSDPSRV - ok
15:31:31.0834 1112 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:31:31.0834 1112 SstpSvc - ok
15:31:31.0881 1112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:31:31.0896 1112 stexstor - ok
15:31:31.0928 1112 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:31:31.0928 1112 stisvc - ok
15:31:31.0943 1112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:31:31.0943 1112 swenum - ok
15:31:31.0990 1112 swmsflt (7e6fa3ad57467b3af471c3e1041e350c) C:\Windows\System32\drivers\swmsflt.sys
15:31:31.0990 1112 swmsflt - ok
15:31:32.0052 1112 swmx00 (75e4cfcef62d3cf4b3b0b0d7801278e7) C:\Windows\system32\DRIVERS\swmx00.sys
15:31:32.0099 1112 swmx00 - ok
15:31:32.0146 1112 SWNC5E00 (43bdd56b5419d4458ec5241c39a52e0c) C:\Windows\system32\DRIVERS\SWNC5E00.sys
15:31:32.0162 1112 SWNC5E00 - ok
15:31:32.0224 1112 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:31:32.0240 1112 swprv - ok
15:31:32.0286 1112 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:31:32.0318 1112 SysMain - ok
15:31:32.0427 1112 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:31:32.0442 1112 TabletInputService - ok
15:31:32.0458 1112 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:31:32.0458 1112 TapiSrv - ok
15:31:32.0474 1112 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:31:32.0474 1112 TBS - ok
15:31:32.0583 1112 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:31:32.0614 1112 Tcpip - ok
15:31:32.0771 1112 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:31:32.0787 1112 TCPIP6 - ok
15:31:32.0849 1112 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:31:32.0865 1112 tcpipreg - ok
15:31:32.0880 1112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:31:32.0880 1112 TDPIPE - ok
15:31:32.0927 1112 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:31:32.0943 1112 TDTCP - ok
15:31:32.0958 1112 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:31:32.0958 1112 tdx - ok
15:31:32.0974 1112 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
15:31:32.0974 1112 TermDD - ok
15:31:33.0036 1112 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:31:33.0067 1112 TermService - ok
15:31:33.0067 1112 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:31:33.0067 1112 Themes - ok
15:31:33.0099 1112 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:31:33.0099 1112 THREADORDER - ok
15:31:33.0130 1112 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:31:33.0130 1112 TrkWks - ok
15:31:33.0177 1112 TrojanKillerDriver (9bf9e809fbb2d5d0403b32b15abe5f30) C:\Windows\system32\DRIVERS\gtkdrv.sys
15:31:33.0192 1112 TrojanKillerDriver - ok
15:31:33.0270 1112 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:31:33.0286 1112 TrustedInstaller - ok
15:31:33.0301 1112 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:33.0301 1112 tssecsrv - ok
15:31:33.0317 1112 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:31:33.0317 1112 TsUsbFlt - ok
15:31:33.0364 1112 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:31:33.0364 1112 TsUsbGD - ok
15:31:33.0395 1112 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:31:33.0395 1112 tunnel - ok
15:31:33.0411 1112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:31:33.0426 1112 uagp35 - ok
15:31:33.0442 1112 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:31:33.0442 1112 udfs - ok
15:31:33.0489 1112 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:31:33.0504 1112 UI0Detect - ok
15:31:33.0535 1112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:31:33.0535 1112 uliagpkx - ok
15:31:33.0567 1112 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:31:33.0567 1112 umbus - ok
15:31:33.0582 1112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:31:33.0582 1112 UmPass - ok
15:31:33.0598 1112 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:31:33.0613 1112 upnphost - ok
15:31:33.0629 1112 usbbus - ok
15:31:33.0676 1112 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:33.0676 1112 usbccgp - ok
15:31:33.0691 1112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:31:33.0707 1112 usbcir - ok
15:31:33.0707 1112 UsbDiag - ok
15:31:33.0738 1112 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:31:33.0738 1112 usbehci - ok
15:31:33.0801 1112 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
15:31:33.0801 1112 usbhub - ok
15:31:33.0816 1112 USBModem - ok
15:31:33.0832 1112 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:31:33.0832 1112 usbohci - ok
15:31:33.0863 1112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:31:33.0863 1112 usbprint - ok
15:31:33.0910 1112 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:31:33.0910 1112 usbscan - ok
15:31:33.0925 1112 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:33.0925 1112 USBSTOR - ok
15:31:33.0941 1112 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:31:33.0957 1112 usbuhci - ok
15:31:34.0019 1112 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:31:34.0019 1112 usbvideo - ok
15:31:34.0066 1112 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:31:34.0081 1112 UxSms - ok
15:31:34.0128 1112 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:31:34.0128 1112 VaultSvc - ok
15:31:34.0175 1112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:31:34.0175 1112 vdrvroot - ok
15:31:34.0222 1112 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:31:34.0222 1112 vds - ok
15:31:34.0237 1112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:34.0237 1112 vga - ok
15:31:34.0237 1112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:31:34.0237 1112 VgaSave - ok
15:31:34.0269 1112 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:31:34.0269 1112 vhdmp - ok
15:31:34.0269 1112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:31:34.0269 1112 viaide - ok
15:31:34.0284 1112 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:31:34.0284 1112 volmgr - ok
15:31:34.0300 1112 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:31:34.0315 1112 volmgrx - ok
15:31:34.0331 1112 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:31:34.0331 1112 volsnap - ok
15:31:34.0362 1112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:31:34.0362 1112 vsmraid - ok
15:31:34.0440 1112 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:31:34.0503 1112 VSS - ok
15:31:34.0659 1112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:31:34.0659 1112 vwifibus - ok
15:31:34.0674 1112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:31:34.0674 1112 vwififlt - ok
15:31:34.0705 1112 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:31:34.0705 1112 vwifimp - ok
15:31:34.0815 1112 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:31:34.0830 1112 W32Time - ok
15:31:34.0877 1112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:31:34.0893 1112 WacomPen - ok
15:31:34.0908 1112 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:31:34.0924 1112 WANARP - ok
15:31:34.0924 1112 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:31:34.0924 1112 Wanarpv6 - ok
15:31:34.0971 1112 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys
15:31:34.0986 1112 wanatw - ok
15:31:35.0080 1112 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:31:35.0095 1112 WatAdminSvc - ok
15:31:35.0189 1112 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:31:35.0220 1112 wbengine - ok
15:31:35.0329 1112 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:31:35.0345 1112 WbioSrvc - ok
15:31:35.0361 1112 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:31:35.0361 1112 wcncsvc - ok
15:31:35.0361 1112 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:31:35.0376 1112 WcsPlugInService - ok
15:31:35.0423 1112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:31:35.0423 1112 Wd - ok
15:31:35.0470 1112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:31:35.0470 1112 Wdf01000 - ok
15:31:35.0485 1112 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:31:35.0485 1112 WdiServiceHost - ok
15:31:35.0485 1112 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:31:35.0501 1112 WdiSystemHost - ok
15:31:35.0517 1112 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:31:35.0517 1112 WebClient - ok
15:31:35.0532 1112 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:31:35.0532 1112 Wecsvc - ok
15:31:35.0548 1112 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:31:35.0548 1112 wercplsupport - ok
15:31:35.0563 1112 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:31:35.0563 1112 WerSvc - ok
15:31:35.0657 1112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:31:35.0657 1112 WfpLwf - ok
15:31:35.0673 1112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:31:35.0673 1112 WIMMount - ok
15:31:35.0735 1112 WinDefend - ok
15:31:35.0766 1112 WinHttpAutoProxySvc - ok
15:31:35.0813 1112 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:31:35.0813 1112 Winmgmt - ok
15:31:35.0922 1112 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:31:35.0969 1112 WinRM - ok
15:31:36.0172 1112 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:31:36.0187 1112 Wlansvc - ok
15:31:36.0250 1112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:31:36.0250 1112 WmiAcpi - ok
15:31:36.0328 1112 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:31:36.0328 1112 wmiApSrv - ok
15:31:36.0375 1112 WMPNetworkSvc - ok
15:31:36.0437 1112 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:31:36.0437 1112 WPCSvc - ok
15:31:36.0468 1112 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:31:36.0468 1112 WPDBusEnum - ok
15:31:36.0484 1112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:31:36.0484 1112 ws2ifsl - ok
15:31:36.0531 1112 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:31:36.0531 1112 wscsvc - ok
15:31:36.0546 1112 WSearch - ok
15:31:36.0671 1112 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:31:36.0718 1112 wuauserv - ok
15:31:36.0874 1112 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:31:36.0874 1112 WudfPf - ok
15:31:36.0905 1112 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:36.0905 1112 WUDFRd - ok
15:31:36.0952 1112 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:31:36.0967 1112 wudfsvc - ok
15:31:36.0983 1112 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:31:36.0999 1112 WwanSvc - ok
15:31:37.0045 1112 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:31:37.0201 1112 \Device\Harddisk0\DR0 - ok
15:31:37.0201 1112 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
15:31:37.0201 1112 \Device\Harddisk2\DR2 - ok
15:31:37.0217 1112 Boot (0x1200) (78d5bb26c53ee037ea261a382c7aad9b) \Device\Harddisk0\DR0\Partition0
15:31:37.0217 1112 \Device\Harddisk0\DR0\Partition0 - ok
15:31:37.0248 1112 Boot (0x1200) (3a09c2af0fa8da46d90646136cecd050) \Device\Harddisk0\DR0\Partition1
15:31:37.0248 1112 \Device\Harddisk0\DR0\Partition1 - ok
15:31:37.0264 1112 Boot (0x1200) (d91c85e600241eb5ebcff279e81f518d) \Device\Harddisk2\DR2\Partition0
15:31:37.0264 1112 \Device\Harddisk2\DR2\Partition0 - ok
15:31:37.0264 1112 ============================================================
15:31:37.0264 1112 Scan finished
15:31:37.0264 1112 ============================================================
15:31:37.0295 5248 Detected object count: 0
15:31:37.0295 5248 Actual detected object count: 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users