Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hotmail keeps geting locked.


  • This topic is locked This topic is locked
15 replies to this topic

#1 madnlooney

madnlooney

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 20 February 2013 - 07:06 PM

Hi all, im wondering if my laptop has a keylogger on as my hotmail keeps getting locked with loads of spam sent out before this happens, When i change the password this happens again about 2 weeks. The passwords i use are strong and not guessable words etc. so this is why i wondered if i had a keylogger.

Ive run kaspersky, spybot and malwarebytes but nothing was picked up,

 

here is my dds.com log

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 10.0.9200.16482  BrowserJavaVersion: 1.6.0_37
Run by laptop at 23:54:51 on 2013-02-20
Microsoft Windows 8 Pro  6.2.9200.0.1252.44.2057.18.3001.1390 [GMT 0:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ================
.
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\spoolsv.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\mqsvc.exe
C:\xampp\mysql\bin\mysqld.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWlan.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\taskhost.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_062bdf1d989801d0\TiWorker.exe
C:\WINDOWS\system32\conhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: CtxIEInterceptorBHO Class: {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - c:\program files\citrix\ica client\IEInterceptor.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
uRun: [Google Update] "c:\users\laptop\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [MusicManager] "c:\users\laptop\appdata\local\programs\google\musicmanager\MusicManager.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AllShareAgent] c:\program files\samsung\allshare\AllShareAgent.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Norton Ghost 15.0] "c:\program files\norton ghost\agent\VProTray.exe"
mRun: [vmware-tray.exe] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2013\runner_avp.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2013\ie_banner_deny.htm
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
LSP: %windir%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{82B2A1E5-6EBD-467B-90E4-810A2B254578} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1}\C496371637 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1}\C496371637 : DHCPNameServer = 192.168.2.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\citrix\icacli~1\RSHook.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2012-11-18 61464]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-2-14 67960]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2012-8-2 24408]
R1 klwfp;klwfp;c:\windows\system32\drivers\klwfp.sys [2012-8-3 41816]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 144344]
R2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe [2012-8-18 22016]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe [2012-8-17 356376]
R2 HTCMonitorService;HTCMonitorService;c:\program files\htc\htc sync manager\HSMServiceEntry.exe [2012-5-21 87368]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-9-15 89376]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-7-5 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-6-8 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-8-20 47640]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2012-4-13 88576]
R2 Realtek87B;Realtek87B;c:\program files\realtek\rtl8187 wireless lan utility\RtlService.exe [2012-6-13 40960]
R2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files\samsung\allshare\allsharedms\AllShareDMS.exe [2012-3-2 25504]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-2-20 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-2-20 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-2-20 168384]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-7-26 92632]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]
R2 VMwareHostd;VMware Workstation Server;c:\program files\vmware\vmware workstation\vmware-hostd.exe [2012-11-1 13234176]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-7-12 22768]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-10-25 25944]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-10-25 25944]
R3 NETwNs32;@oem16.inf,___ %NIC_Service_DispName_WIN7%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2012-4-18 7523840]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-12-15 174592]
R3 SymSnapService;SymSnapService;c:\program files\norton ghost\shared\drivers\SymSnapService.exe [2009-9-21 1964528]
R3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk63x86.sys [2012-7-25 238080]
S0 klelam;klelam;c:\windows\system32\drivers\klelam.sys [2012-7-27 24496]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-9-19 83168]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-8-10 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-8-10 8456]
S3 GenericMount Helper Service;GenericMount Helper Service;c:\program files\norton ghost\shared\drivers\GenericMountHelper.exe [2009-9-21 1571336]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]
S3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\samsung\allshare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-9-19 181344]
S3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2012-7-26 8704]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\drivers\WUDFRd.sys [2012-7-26 155136]
.
=============== Created Last 30 ================
.
2013-02-20 22:38:00    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2013-02-20 22:37:37    15224    ----a-w-    c:\windows\system32\sdnclean.exe
2013-02-20 22:37:31    --------    d-----w-    c:\program files\Spybot - Search & Destroy 2
2013-02-14 22:39:04    206016    ----a-w-    c:\programdata\microsoft\windows\sqm\manifest\Sqm10193.bin
2013-02-14 22:15:18    3400704    ----a-w-    c:\windows\system32\win32k.sys
2013-02-14 22:15:13    5554408    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-02-14 22:15:00    1817320    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-02-14 22:12:53    817664    ----a-w-    c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-11 20:16:46    --------    d-----w-    c:\users\laptop\appdata\local\{5ADFF67B-3BD9-4A48-A83E-4F523ED95301}
2013-02-10 21:30:31    --------    d-----w-    c:\users\laptop\appdata\local\{D0E84D6D-01ED-498E-A079-22B64C6B45CD}
2013-02-09 23:49:33    --------    d-----w-    c:\users\laptop\appdata\local\{FFD68072-962E-4940-BA2B-365FA889F2C4}
2013-02-08 17:26:15    --------    d-----w-    c:\users\laptop\appdata\local\{F04F91E0-F4EF-444A-8A69-506813B108BC}
2013-02-05 23:13:35    --------    d-----w-    c:\users\laptop\appdata\local\{8FF96893-BDD4-48E3-B8D3-7BC38D853ECB}
2013-01-31 17:07:46    --------    d-----w-    c:\users\laptop\appdata\roaming\avidemux
2013-01-31 09:01:44    --------    d-----w-    c:\users\laptop\appdata\local\{2DBD482D-558D-4D7A-AE05-E5F35FA8A8C7}
2013-01-27 00:30:38    --------    d-----w-    c:\users\laptop\appdata\local\{12C2E0B2-7263-4B40-9F8E-031C17E9A103}
2013-01-24 15:57:16    --------    d-----w-    c:\users\laptop\appdata\local\{748601BE-6C65-4355-9D9D-2B14ADD169AF}
.
==================== Find3M  ====================
.
2013-02-06 23:06:14    78176    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-06 23:06:14    692576    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-01-16 00:35:49    44032    ----a-w-    c:\windows\system32\UXInit.dll
2013-01-16 00:25:17    1437696    ----a-w-    c:\windows\system32\GdiPlus.dll
2013-01-10 01:07:00    24808    ----a-w-    c:\windows\system32\drivers\msgpiowin32.sys
2013-01-10 00:08:30    74984    ----a-w-    c:\windows\system32\drivers\partmgr.sys
2013-01-10 00:08:30    1614568    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-01-10 00:08:22    526960    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2013-01-10 00:02:20    158952    ----a-w-    c:\windows\system32\drivers\sdbus.sys
2013-01-10 00:02:15    104168    ----a-w-    c:\windows\system32\drivers\dumpsd.sys
2013-01-09 23:51:38    259816    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-01-09 23:51:38    1229032    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-01-09 23:25:58    741376    ----a-w-    c:\windows\system32\iphlpsvc.dll
2013-01-09 23:25:57    125440    ----a-w-    c:\windows\system32\inetpp.dll
2013-01-09 23:25:55    582144    ----a-w-    c:\windows\system32\gpprefcl.dll
2013-01-09 23:25:55    40960    ----a-w-    c:\windows\system32\drivers\umdf\HidBthLE.dll
2013-01-09 23:25:43    1505280    ----a-w-    c:\windows\system32\wbem\cimwin32.dll
2013-01-09 03:57:47    277504    ----a-w-    c:\windows\system32\drivers\HdAudio.sys
2013-01-04 05:32:36    2706432    ----a-w-    c:\windows\system32\mshtml.tlb
2012-12-20 00:37:37    1775616    ----a-w-    c:\windows\system32\wininet.dll
2012-12-20 00:37:35    662016    ----a-w-    c:\windows\system32\uxtheme.dll
2012-12-20 00:37:04    2881536    ----a-w-    c:\windows\system32\jscript9.dll
2012-12-20 00:37:02    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2012-12-20 00:36:50    431616    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2012-12-17 01:26:52    31    ---ha-w-    c:\windows\UKCpInfo.sys
2012-12-16 08:20:01    35328    ----a-w-    c:\windows\system32\atmlib.dll
2012-12-16 07:57:09    300032    ----a-w-    c:\windows\system32\atmfd.dll
2012-12-14 16:49:28    21104    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-12-07 23:30:04    859072    ----a-w-    c:\windows\system32\npDeployJava1.dll
2012-12-07 23:30:04    779704    ----a-w-    c:\windows\system32\deployJava1.dll
2012-12-06 04:23:01    114176    ----a-w-    c:\windows\system32\TimeBrokerServer.dll
2012-12-06 04:22:59    117248    ----a-w-    c:\windows\system32\SystemEventsBrokerServer.dll
2012-12-04 23:51:26    41816    ----a-w-    c:\windows\system32\drivers\klwfp.sys
2012-12-04 23:51:26    25944    ----a-w-    c:\windows\system32\drivers\klkbdflt.sys
2012-12-04 04:23:53    330752    ----a-w-    c:\windows\system32\sppwinob.dll
2012-11-29 05:42:09    58088    ----a-w-    c:\windows\system32\drivers\pdc.sys
2012-11-29 05:05:39    975360    ----a-w-    c:\windows\system32\AppXDeploymentServer.dll
2012-11-29 05:05:39    554496    ----a-w-    c:\windows\system32\AppXDeploymentExtensions.dll
2012-11-27 05:17:53    302312    ----a-w-    c:\windows\system32\drivers\storport.sys
2012-11-27 04:49:20    1027152    ----a-w-    c:\windows\system32\Taskmgr.exe
2012-11-27 04:20:56    581120    ----a-w-    c:\windows\system32\vds.exe
2012-11-27 04:20:50    1048064    ----a-w-    c:\windows\system32\mstsc.exe
2012-11-27 04:20:42    179200    ----a-w-    c:\windows\system32\wpnapps.dll
2012-11-27 04:20:39    818176    ----a-w-    c:\windows\system32\wmpmde.dll
2012-11-27 04:20:35    891904    ----a-w-    c:\windows\system32\winmde.dll
2012-11-27 04:20:31    798208    ----a-w-    c:\windows\system32\WebcamUi.dll
2012-11-27 04:20:28    560128    ----a-w-    c:\windows\system32\UserLanguagesCpl.dll
2012-11-27 04:20:28    192000    ----a-w-    c:\windows\system32\usbmon.dll
2012-11-27 04:20:23    146944    ----a-w-    c:\windows\system32\storewuauth.dll
2012-11-27 04:20:23    1217536    ----a-w-    c:\windows\system32\storagewmi.dll
2012-11-27 04:20:14    2799616    ----a-w-    c:\windows\system32\rdpcorets.dll
2012-11-27 04:20:07    702464    ----a-w-    c:\windows\system32\nshwfp.dll
2012-11-27 04:19:52    5088256    ----a-w-    c:\windows\system32\mstscax.dll
2012-11-27 04:19:27    679936    ----a-w-    c:\windows\system32\IKEEXT.DLL
2012-11-27 04:19:22    245248    ----a-w-    c:\windows\system32\FWPUCLNT.DLL
2012-11-27 04:19:03    473600    ----a-w-    c:\windows\system32\BFE.DLL
2012-11-27 04:19:02    2033664    ----a-w-    c:\windows\system32\authui.dll
2012-11-27 03:55:43    14848    ----a-w-    c:\windows\system32\drivers\BtaMPM.sys
2012-11-27 03:54:13    25856    ----a-w-    c:\windows\system32\drivers\BthAvrcpTg.sys
2012-11-27 03:53:14    22528    ----a-w-    c:\windows\system32\drivers\BthhfHid.sys
2012-11-26 04:21:18    71168    ----a-w-    c:\windows\system32\ncryptsslp.dll
.
============= FINISH: 23:55:57.67 ===============
 


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 24 February 2013 - 11:00 AM

Hi,

 

My forum name is Dev00790 and I'll be helping you clean up your computer.


I will reply as soon as possible (typically within 24 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.
Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us:
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
     
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
       
  • Please do not attach logs or use code boxes, just copy and paste the text.
     
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.  
  • Please read every post completely before doing anything.
         
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process. 
  • Please provide feedback about your experience as we go.
          
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          
  • I'm currently a trainee in the Malware Removal Training program and therefore my answers have to be checked by a Teacher before they get posted to you.
    There may be a delay due to this. I apologize in advance if this happens. Hold tight while I get the first set of instructions out to you.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

 

 

========================

 

Please do the following next:

 

step1.gif

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

 

 

 

step2.gif

 

  • Please rerun DDS by double clicking on the DDS icon, and allow it to run.
  • DDS will now display a red window with an option screen called DDS: Settings
  • Mark the options dds.txt and attach.txt.
  • Click on Start.
  • If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.com to run. Please allow it to do so.
  • DDS will automatically open both logfiles.
  • You can find them on your desktop as well.
  • Please post the content of those logfiles with your next answer.

Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet.  

Information on A/V control HERE

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 madnlooney

madnlooney
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 25 February 2013 - 07:48 PM

Hi dev00790

 

there were 7 threats found but no cure options just skip so i did this.  here is the log

 

 

00:33:35.0447 6796  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:33:35.0667 6796  ============================================================
00:33:35.0667 6796  Current date / time: 2013/02/26 00:33:35.0667
00:33:35.0667 6796  SystemInfo:
00:33:35.0667 6796  
00:33:35.0668 6796  OS Version: 6.2.9200 ServicePack: 0.0
00:33:35.0668 6796  Product type: Workstation
00:33:35.0668 6796  ComputerName: LAPTOP-PC
00:33:35.0668 6796  UserName: laptop
00:33:35.0668 6796  Windows directory: C:\WINDOWS
00:33:35.0668 6796  System windows directory: C:\WINDOWS
00:33:35.0668 6796  Processor architecture: Intel x86
00:33:35.0668 6796  Number of processors: 2
00:33:35.0668 6796  Page size: 0x1000
00:33:35.0668 6796  Boot type: Normal boot
00:33:35.0668 6796  ============================================================
00:33:40.0980 6796  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:33:40.0983 6796  ============================================================
00:33:40.0983 6796  \Device\Harddisk0\DR0:
00:33:40.0983 6796  MBR partitions:
00:33:40.0983 6796  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E848000
00:33:40.0983 6796  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x55EBE000
00:33:40.0983 6796  ============================================================
00:33:41.0020 6796  C: <-> \Device\Harddisk0\DR0\Partition1
00:33:41.0053 6796  D: <-> \Device\Harddisk0\DR0\Partition2
00:33:41.0053 6796  ============================================================
00:33:41.0053 6796  Initialize success
00:33:41.0053 6796  ============================================================
00:34:10.0337 6972  ============================================================
00:34:10.0337 6972  Scan started
00:34:10.0337 6972  Mode: Manual; SigCheck; TDLFS; 
00:34:10.0337 6972  ============================================================
00:34:12.0519 6972  ================ Scan system memory ========================
00:34:12.0519 6972  System memory - ok
00:34:12.0520 6972  ================ Scan services =============================
00:34:13.0908 6972  [ E7B9E170EFF01486D3118E372BA0AF21 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
00:34:14.0085 6972  1394ohci - ok
00:34:14.0126 6972  [ 96191579DDB1A201A2FB79C1D05680B4 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
00:34:14.0316 6972  3ware - ok
00:34:14.0959 6972  [ B69DD3D0C195558ED5A4CF69A9D241A4 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
00:34:14.0992 6972  ACPI - ok
00:34:15.0031 6972  [ 3A5DA97644B9E2662CFF186A8798519C ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
00:34:15.0055 6972  acpiex - ok
00:34:15.0087 6972  [ 87C4AE693CA8AB6E2A13B7C7453466DB ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
00:34:15.0117 6972  acpipagr - ok
00:34:15.0153 6972  [ C7D2BA04BA3C6CA702C2615A0C50469C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
00:34:15.0245 6972  AcpiPmi - ok
00:34:15.0337 6972  [ 38E110C96B2ACAB4D9A701777C9BCD98 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
00:34:15.0386 6972  acpitime - ok
00:34:15.0460 6972  [ 2FE756FD6E0336990D0B3652A07EBB9B ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
00:34:15.0497 6972  adp94xx - ok
00:34:15.0604 6972  [ CC579EC50EE5435A4070306C0E4EF9E6 ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
00:34:15.0634 6972  adpahci - ok
00:34:15.0673 6972  [ 82743090D0259BF9F1373AD48372CBAC ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
00:34:15.0689 6972  adpu320 - ok
00:34:15.0722 6972  [ 5D4FC8F08B45241857776E44AC71F0ED ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
00:34:15.0810 6972  AeLookupSvc - ok
00:34:15.0867 6972  [ F12EFEE4DD20519D0DDF8D78704EE4DE ] AFD             C:\WINDOWS\system32\drivers\afd.sys
00:34:15.0953 6972  AFD - ok
00:34:15.0995 6972  [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
00:34:16.0081 6972  AgereSoftModem - ok
00:34:16.0112 6972  [ 73BB2C687305C4195ED7511587B041AA ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
00:34:16.0136 6972  agp440 - ok
00:34:16.0167 6972  [ B5A707E902BE5FC9B93C389FBA6EDF9C ] ALG             C:\WINDOWS\System32\alg.exe
00:34:16.0220 6972  ALG - ok
00:34:16.0252 6972  [ 8F12F6811F8C4C248E2FAA8779C6FCFE ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
00:34:16.0336 6972  AllUserInstallAgent - ok
00:34:16.0371 6972  [ E44885EA3E89A54BF14C78892CE85EA0 ] amdagp          C:\WINDOWS\system32\drivers\amdagp.sys
00:34:16.0385 6972  amdagp - ok
00:34:16.0413 6972  [ FFDBB0DC75CDF6A3CC63B3DF790313EB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
00:34:16.0482 6972  AmdK8 - ok
00:34:16.0503 6972  [ DF7FE35014C17CC4659C2531F9EA5A36 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
00:34:16.0526 6972  AmdPPM - ok
00:34:16.0553 6972  [ 8D5D89177552EDFD5C9730CCE79F7FCC ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
00:34:16.0567 6972  amdsata - ok
00:34:16.0602 6972  [ 5725597CF5E002FB665C6C69787DAA8A ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
00:34:16.0620 6972  amdsbs - ok
00:34:16.0635 6972  [ FB336B5F110770CF22F6BFEB1906E773 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
00:34:16.0648 6972  amdxata - ok
00:34:16.0729 6972  [ 2467E63FC4F5831898A57FA3482EAFD5 ] Apache2.4       C:\xampp\apache\bin\httpd.exe
00:34:16.0752 6972  Apache2.4 ( UnsignedFile.Multi.Generic ) - warning
00:34:16.0752 6972  Apache2.4 - detected UnsignedFile.Multi.Generic (1)
00:34:16.0818 6972  [ 97A0F186497704C933281E231F69BE1B ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
00:34:16.0915 6972  AppHostSvc - ok
00:34:16.0953 6972  [ CB3613E82A5B058AB6A69846B0DDC6C5 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
00:34:17.0046 6972  AppID - ok
00:34:17.0065 6972  [ 721C445A7EE59589B26EE0DC767A7967 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
00:34:17.0098 6972  AppIDSvc - ok
00:34:17.0143 6972  [ 9EC93DFD472298D7006627C5F81DE250 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
00:34:17.0177 6972  Appinfo - ok
00:34:17.0206 6972  [ 8F0F777B167CADDF9D206180B8558433 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
00:34:17.0280 6972  AppMgmt - ok
00:34:17.0329 6972  [ A0982052EE6B01DC9B0CB7FEFD13040F ] arc             C:\WINDOWS\system32\drivers\arc.sys
00:34:17.0344 6972  arc - ok
00:34:17.0376 6972  [ 7E17A734B0D33B8F9287F28F1C583DD7 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
00:34:17.0391 6972  arcsas - ok
00:34:17.0533 6972  [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:34:17.0576 6972  aspnet_state - ok
00:34:17.0590 6972  [ E12BC771325E70C2A875136B0BAF491E ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:34:17.0623 6972  AsyncMac - ok
00:34:17.0655 6972  [ 48D8C3F2006698691F5AE0BB595FDCC8 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
00:34:17.0669 6972  atapi - ok
00:34:17.0759 6972  [ 28F42B76951DC8D41C5077EFA5F55C6D ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
00:34:17.0897 6972  AudioEndpointBuilder - ok
00:34:17.0952 6972  [ F2A27CD1E460CF7DFFE15FC61DF0E808 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
00:34:17.0987 6972  Audiosrv - ok
00:34:18.0119 6972  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
00:34:18.0160 6972  AVP - ok
00:34:18.0214 6972  [ 3F642D45EC0BE2E4843C35A2A1AA93D5 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
00:34:18.0282 6972  AxInstSV - ok
00:34:18.0324 6972  [ A96A499B6C931B7242D964D5D695A506 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
00:34:18.0369 6972  BasicDisplay - ok
00:34:18.0404 6972  [ D313E4D7DF0187CEDA121793F937EA89 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
00:34:18.0427 6972  BasicRender - ok
00:34:18.0463 6972  [ 30D98AE688C681196D411CA65E5E90D1 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
00:34:18.0518 6972  BDESVC - ok
00:34:18.0550 6972  [ E53DDF8C101E3CB6A0483D592A8CC476 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
00:34:18.0618 6972  Beep - ok
00:34:18.0656 6972  [ 81158030D8F2DDECF99F420D51AEAC1E ] BFE             C:\WINDOWS\System32\bfe.dll
00:34:18.0742 6972  BFE - ok
00:34:18.0789 6972  [ 6723B30920D4371367F468DF6061A7E9 ] BITS            C:\WINDOWS\System32\qmgr.dll
00:34:19.0015 6972  BITS - ok
00:34:19.0043 6972  [ D7148E90581185DB2CC6A2EED9C8281C ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
00:34:19.0108 6972  bowser - ok
00:34:19.0141 6972  [ 96A673069E7DFCCE0BEF8FABACB220C4 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
00:34:19.0192 6972  BrokerInfrastructure - ok
00:34:19.0226 6972  [ 771EE7009E428CCC3476838CB22DBA8D ] Browser         C:\WINDOWS\System32\browser.dll
00:34:19.0293 6972  Browser - ok
00:34:19.0323 6972  [ ABAAF1FD3426BCA12360845EB218C98D ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
00:34:19.0368 6972  BthAvrcpTg - ok
00:34:19.0397 6972  [ 3EEEA1B69C16A8D159B53896EC78420C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
00:34:19.0470 6972  BthHFEnum - ok
00:34:19.0491 6972  [ 403C9BA247F4D4C0E4FF6FFA5F096EF6 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
00:34:19.0518 6972  bthhfhid - ok
00:34:19.0535 6972  [ 0C706A8B022A44413F6C36ECEAAA2838 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
00:34:19.0570 6972  BTHMODEM - ok
00:34:19.0602 6972  [ 171AF9795CABEC4985D45640D3A5F8F0 ] bthserv         C:\WINDOWS\system32\bthserv.dll
00:34:19.0624 6972  bthserv - ok
00:34:19.0655 6972  [ 00B4FA77732C7823D292ECD672660882 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
00:34:19.0721 6972  cdfs - ok
00:34:19.0738 6972  [ 4E707EC5071DD8F5C29A7410780BD4C3 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
00:34:19.0789 6972  cdrom - ok
00:34:19.0819 6972  [ BAEE72BFBEC7B96AA85F861A6F4FE428 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
00:34:19.0848 6972  CertPropSvc - ok
00:34:19.0879 6972  [ 17BE1CB162768E886B2BBA63F8B89371 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
00:34:19.0899 6972  circlass - ok
00:34:19.0936 6972  [ D5370A0D3A8F7E531FE9BA3E3C81BAC8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
00:34:19.0955 6972  CLFS - ok
00:34:19.0989 6972  [ 16744C84320D33880E38DF7409585EBF ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
00:34:20.0041 6972  CmBatt - ok
00:34:20.0082 6972  [ D4EF3370F53CF9647B6D33A512DDC2E9 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
00:34:20.0108 6972  CNG - ok
00:34:20.0136 6972  [ 765969F18ABD50298AA880E803D2096F ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
00:34:20.0148 6972  cnghwassist - ok
00:34:20.0168 6972  [ 357444DE560252A907F8B687005B3DCA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
00:34:20.0201 6972  CompositeBus - ok
00:34:20.0206 6972  COMSysApp - ok
00:34:20.0232 6972  [ F1B79B7B595B0D7990756C12FA64F00E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
00:34:20.0315 6972  condrv - ok
00:34:20.0353 6972  [ 42EAE3259F8F39C7E22D0F385DBFADA9 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
00:34:20.0390 6972  CryptSvc - ok
00:34:20.0434 6972  [ 5531D4CFCBB6CBBD5BFB9E5FD089FADF ] CSC             C:\WINDOWS\system32\drivers\csc.sys
00:34:20.0484 6972  CSC - ok
00:34:20.0526 6972  [ A36C84BAC3128A6A3F41136A6ED426B1 ] CscService      C:\WINDOWS\System32\cscsvc.dll
00:34:20.0592 6972  CscService - ok
00:34:20.0625 6972  [ FFC5377AA2C1A3F5B18F359F661E76C8 ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
00:34:20.0640 6972  ctxusbm - ok
00:34:20.0663 6972  [ C266A8E3D8BC4573B0BE8AA6ADC0AD7E ] dam             C:\WINDOWS\system32\drivers\dam.sys
00:34:20.0676 6972  dam - ok
00:34:20.0733 6972  [ BCD3562ACB27B8137BF809F61BA44E80 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
00:34:20.0815 6972  DcomLaunch - ok
00:34:20.0871 6972  [ 3D36FBE5ABAF0D531085C5D3381DC770 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
00:34:20.0966 6972  defragsvc - ok
00:34:21.0003 6972  [ E5935B79D5AE9288AEB72487E1A1B662 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
00:34:21.0032 6972  DeviceAssociationService - ok
00:34:21.0068 6972  [ 84C433F0FA896BACFAB67D0B22CFA73C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
00:34:21.0100 6972  DeviceInstall - ok
00:34:21.0131 6972  [ B21FDAC50FCD4CE53C203F097273532A ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
00:34:21.0161 6972  Dfsc - ok
00:34:21.0197 6972  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
00:34:21.0208 6972  dg_ssudbus - ok
00:34:21.0249 6972  [ 120BFA182545EE73B832595137E080F8 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
00:34:21.0365 6972  Dhcp - ok
00:34:21.0396 6972  [ C0C87CCE88C4532B575AD60A95E7FD57 ] discache        C:\WINDOWS\system32\drivers\discache.sys
00:34:21.0434 6972  discache - ok
00:34:21.0474 6972  [ 4E3237D8266580412CCA774321056111 ] disk            C:\WINDOWS\system32\drivers\disk.sys
00:34:21.0488 6972  disk - ok
00:34:21.0532 6972  [ C701324C9E0C25DD9D60311BD87FBC84 ] DKbFltr         C:\WINDOWS\System32\drivers\DKbFltr.sys
00:34:21.0540 6972  DKbFltr - ok
00:34:21.0557 6972  [ 9B20A9DB154249E0E40036BC8BDC3E38 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
00:34:21.0644 6972  dmvsc - ok
00:34:21.0679 6972  [ 090D65A0A412F9056F16297D5A5B830F ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
00:34:21.0755 6972  Dnscache - ok
00:34:21.0793 6972  [ 7F0C01E0C0BB063136DF09845FFC4CE1 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
00:34:21.0824 6972  dot3svc - ok
00:34:21.0855 6972  [ 07D96198AFB530CF4A0A9B5C0E49073F ] DPS             C:\WINDOWS\system32\dps.dll
00:34:21.0891 6972  DPS - ok
00:34:21.0929 6972  [ 50B8D915F3514EC8BE7DF0D2EDEC44BA ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
00:34:21.0980 6972  drmkaud - ok
00:34:22.0015 6972  [ 0EF9D082E38EC861DD4886896666103B ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
00:34:22.0075 6972  DsmSvc - ok
00:34:22.0134 6972  [ 42CE6DD104BDA921C7A8939680876499 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
00:34:22.0180 6972  DXGKrnl - ok
00:34:22.0216 6972  [ 59ECF01342E0CDB726C7948E36A43309 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
00:34:22.0241 6972  EapHost - ok
00:34:22.0277 6972  [ 0118D8C2B0B04F6B6FE620EADDA53449 ] EFS             C:\WINDOWS\System32\lsass.exe
00:34:22.0364 6972  EFS - ok
00:34:22.0397 6972  [ BC7119CF5B5BC9F54C8FAE221C3227F2 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
00:34:22.0410 6972  EhStorClass - ok
00:34:22.0442 6972  [ 1A5945FA87A05A97A1175657B7BA4EDB ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
00:34:22.0457 6972  EhStorTcgDrv - ok
00:34:22.0485 6972  [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
00:34:22.0510 6972  epmntdrv ( UnsignedFile.Multi.Generic ) - warning
00:34:22.0510 6972  epmntdrv - detected UnsignedFile.Multi.Generic (1)
00:34:22.0526 6972  [ 8B22B788A329645F08AB4F86B9580AF3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
00:34:22.0554 6972  ErrDev - ok
00:34:22.0576 6972  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
00:34:22.0592 6972  EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
00:34:22.0592 6972  EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
00:34:22.0674 6972  [ 39FB0D2C74D4201F01BA30D06162525A ] EventSystem     C:\WINDOWS\system32\es.dll
00:34:22.0739 6972  EventSystem - ok
00:34:22.0776 6972  [ B60B2A0E110D640440263268FC02C726 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
00:34:22.0818 6972  exfat - ok
00:34:22.0836 6972  [ C8B18803E1521225BDBA86B5F7D2E9FC ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
00:34:22.0853 6972  fastfat - ok
00:34:22.0889 6972  [ 22A38E2F78153AB500482FD0D4A9DB65 ] Fax             C:\WINDOWS\system32\fxssvc.exe
00:34:22.0957 6972  Fax - ok
00:34:22.0992 6972  [ 9709867A1354A4D10046ADE31DA67511 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
00:34:23.0030 6972  fdc - ok
00:34:23.0060 6972  [ E099DF1CE3285FCA613AF84D792DBC15 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
00:34:23.0156 6972  fdPHost - ok
00:34:23.0187 6972  [ 141B98F42D71B4F5CFB0D8D4769FBA0C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
00:34:23.0221 6972  FDResPub - ok
00:34:23.0244 6972  [ 2754F16876B03037CCA6FBD8C20E1686 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
00:34:23.0276 6972  fhsvc - ok
00:34:23.0298 6972  [ 1018AE04A4D36BA60247C2C22D7BA7D1 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
00:34:23.0311 6972  FileInfo - ok
00:34:23.0324 6972  [ 3A2F87EF4400B5E542E2C2BA8FAB4222 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
00:34:23.0341 6972  Filetrace - ok
00:34:23.0374 6972  [ F37314C92AB8C876DB478A36A6D9FF0E ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
00:34:23.0409 6972  flpydisk - ok
00:34:23.0435 6972  [ 13C0B6F6EFD0D5C6871C07B56CB5403D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
00:34:23.0455 6972  FltMgr - ok
00:34:23.0496 6972  [ 89FB9BDDCEC278661EAF57639F9920D7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
00:34:23.0586 6972  FontCache - ok
00:34:23.0669 6972  [ 2AAF650823623D89B5FE5C399FC5D1BD ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:34:23.0690 6972  FontCache3.0.0.0 - ok
00:34:23.0706 6972  [ 16D4CC9AE485BC60B6AE026FF2497DE8 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
00:34:23.0719 6972  FsDepends - ok
00:34:23.0738 6972  [ 28E64CAC27FE3A7CA34E2F93E9A8092A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:34:23.0750 6972  Fs_Rec - ok
00:34:23.0777 6972  [ 42F4C92E85B2D5972CEBB28B8CCE6F9D ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
00:34:23.0800 6972  fvevol - ok
00:34:23.0813 6972  [ 05F58A34B5E1EB3274AE7B0875A143EF ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
00:34:23.0836 6972  FxPPM - ok
00:34:23.0875 6972  [ B5AD0B13AD7FD1C749FC45D81392B9DF ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
00:34:23.0888 6972  gagp30kx - ok
00:34:23.0918 6972  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:34:23.0927 6972  GEARAspiWDM - ok
00:34:23.0966 6972  [ A9608FF3B1B577BFC969A7B6797B1FC1 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
00:34:23.0990 6972  gencounter - ok
00:34:24.0103 6972  [ 33F0619AFBA455581916B1E3DC84B109 ] GenericMount Helper Service C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
00:34:24.0146 6972  GenericMount Helper Service - ok
00:34:24.0176 6972  [ 1E9080CAE8013BCB687547E238E54561 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
00:34:24.0192 6972  GPIOClx0101 - ok
00:34:24.0248 6972  [ B13CCD3028A44C6E16E03A3E1AD95FA4 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
00:34:24.0298 6972  gpsvc - ok
00:34:24.0361 6972  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:34:24.0378 6972  gupdate - ok
00:34:24.0385 6972  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:34:24.0394 6972  gupdatem - ok
00:34:24.0426 6972  [ B6F5AC88A1A1FDD802CB689721D640FE ] hcmon           C:\WINDOWS\system32\drivers\hcmon.sys
00:34:24.0435 6972  hcmon - ok
00:34:24.0473 6972  [ 7A63087EDE3504684055A57A45E2AFF9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
00:34:24.0509 6972  HdAudAddService - ok
00:34:24.0568 6972  [ 4A219AB84D6936C2A61FF44D32EF378D ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
00:34:24.0609 6972  HDAudBus - ok
00:34:24.0709 6972  [ 8CBCFA78D2B43CCC23BF5A4C09A700CA ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
00:34:24.0787 6972  HidBatt - ok
00:34:24.0841 6972  [ 9AF33AB459FE639783CF7CDBFFC7A449 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
00:34:24.0896 6972  HidBth - ok
00:34:24.0927 6972  [ 804019176228EBE260A821C5688CAFD2 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
00:34:25.0013 6972  hidi2c - ok
00:34:25.0057 6972  [ 11A4D12F4CADD18CDA334C2756FE450A ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
00:34:25.0105 6972  HidIr - ok
00:34:25.0136 6972  [ C0A9999E5B4C1953C6B07CD9105B41FD ] hidserv         C:\WINDOWS\system32\hidserv.dll
00:34:25.0151 6972  hidserv - ok
00:34:25.0177 6972  [ 1887E321B54832AD18CB0867DE359EE3 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
00:34:25.0224 6972  HidUsb - ok
00:34:25.0270 6972  [ 40AAA716A3F2E494E7F533C45DA3E7E8 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
00:34:25.0307 6972  hkmsvc - ok
00:34:25.0338 6972  [ F4847FFB1D1FD522B4B3848A6A97BE47 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
00:34:25.0407 6972  HomeGroupListener - ok
00:34:25.0450 6972  [ EFC6EEA348478FBAFCF2B2D03DE0B127 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
00:34:25.0520 6972  HomeGroupProvider - ok
00:34:25.0554 6972  [ D7544353157E11864C00A48BC90EF183 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
00:34:25.0575 6972  HpSAMD - ok
00:34:25.0608 6972  [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32        C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys
00:34:25.0647 6972  HTCAND32 - ok
00:34:25.0701 6972  [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
00:34:25.0710 6972  HTCMonitorService - ok
00:34:25.0733 6972  [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
00:34:25.0755 6972  htcnprot - ok
00:34:25.0803 6972  [ 6E6BCD909FC985D69105C57962CAACB5 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
00:34:25.0863 6972  HTTP - ok
00:34:25.0897 6972  [ 4A3E6732E5BEF6DF531A217B5EBB5C54 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
00:34:25.0909 6972  hwpolicy - ok
00:34:25.0920 6972  [ 0F819743721DFB5906734243ED0CE935 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
00:34:25.0943 6972  hyperkbd - ok
00:34:25.0960 6972  [ A14A2EBA22929901F64B496C1D555982 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
00:34:25.0987 6972  HyperVideo - ok
00:34:26.0028 6972  [ 11EDC37780E8A2F8E311D73F7658A4D7 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
00:34:26.0059 6972  i8042prt - ok
00:34:26.0079 6972  [ C444F83C318BE18719DC1FDAEFF10898 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
00:34:26.0105 6972  iaStorV - ok
00:34:26.0135 6972  [ 2714BB9E5C05BEBF8488207A1B5A5F62 ] IDMWFP          C:\WINDOWS\system32\DRIVERS\idmwfp.sys
00:34:26.0144 6972  IDMWFP - ok
00:34:26.0363 6972  [ D771E3D5E0ECE091FF9244BDF1303D6F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd32.sys
00:34:26.0593 6972  igfx - ok
00:34:26.0636 6972  [ 7BB542C7156FA72CC83C1177BB190F94 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
00:34:26.0649 6972  iirsp - ok
00:34:26.0714 6972  [ 2412FB8F2F3C48B93DC0179560EB029B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
00:34:26.0751 6972  IKEEXT - ok
00:34:26.0773 6972  [ A43BC9416741ABEA2B8DF60D2C0EA6A2 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
00:34:26.0786 6972  intelide - ok
00:34:26.0815 6972  [ BE23B0DF1401DC890B5CEFA369B1BD8E ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
00:34:26.0838 6972  intelppm - ok
00:34:26.0867 6972  [ AB308167857138B84E4DECDF2000DD27 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:34:26.0891 6972  IpFilterDriver - ok
00:34:26.0930 6972  [ 933DBF31E0632B96B74D1A1230AA2199 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
00:34:27.0022 6972  iphlpsvc - ok
00:34:27.0046 6972  [ 7E4FEE6D5C5BC52199C481DAC564FE43 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
00:34:27.0088 6972  IPMIDRV - ok
00:34:27.0111 6972  [ 57B0C0D982013C72911A3F5CBA795034 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
00:34:27.0140 6972  IPNAT - ok
00:34:27.0157 6972  [ 9D6DB34476AC6448B3CA59D8676F7CE6 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
00:34:27.0218 6972  IRENUM - ok
00:34:27.0249 6972  [ 2E1347C9CC7DDB43183AF725135ACF0D ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
00:34:27.0263 6972  isapnp - ok
00:34:27.0300 6972  [ 6AC2FF3AF40AE6AC39B097A07225B95B ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
00:34:27.0318 6972  iScsiPrt - ok
00:34:27.0345 6972  [ 4533BE9F8D67BDCF5FECA87DCC345448 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
00:34:27.0359 6972  kbdclass - ok
00:34:27.0386 6972  [ 8F73A6DAEF7F7D102FBBA6F3EBC47F97 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
00:34:27.0400 6972  kbdhid - ok
00:34:27.0431 6972  [ F7E302012680B0617C904B58594E0376 ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
00:34:27.0484 6972  kdnic - ok
00:34:27.0502 6972  [ 0118D8C2B0B04F6B6FE620EADDA53449 ] KeyIso          C:\WINDOWS\system32\lsass.exe
00:34:27.0526 6972  KeyIso - ok
00:34:27.0563 6972  [ EA26CB00F83686856F2C79673C00C686 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
00:34:27.0580 6972  kl1 - ok
00:34:27.0605 6972  [ 726CCF039BCC190F99B7214D6A062128 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
00:34:27.0619 6972  klelam - ok
00:34:27.0750 6972  [ 4C660FB3317527825CBE496102E1140A ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
00:34:27.0779 6972  KLIF - ok
00:34:27.0790 6972  [ 08F98A5AC1511EE5E62E50171B022382 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
00:34:27.0799 6972  KLIM6 - ok
00:34:27.0813 6972  [ 9B952029600F6327A2359DB852339A90 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
00:34:27.0822 6972  klkbdflt - ok
00:34:27.0840 6972  [ 6C64D60A9E3DD672B35307BC7DB15633 ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
00:34:27.0849 6972  klmouflt - ok
00:34:27.0873 6972  [ 620D38910F00855C9CE061B9892D0CF2 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
00:34:27.0884 6972  klwfp - ok
00:34:27.0899 6972  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
00:34:27.0910 6972  kneps - ok
00:34:27.0948 6972  [ 137AB78B8510F9E432C4793C0CF4CD80 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
00:34:27.0962 6972  KSecDD - ok
00:34:27.0999 6972  [ 90226157B0130F9F11A3890BAE6F07AA ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
00:34:28.0016 6972  KSecPkg - ok
00:34:28.0052 6972  [ C2ADC979C11A858949ECC1B9233B884C ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
00:34:28.0082 6972  KtmRm - ok
00:34:28.0118 6972  [ 57BA03D561180AFABCB812A57704BFA7 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
00:34:28.0177 6972  LanmanServer - ok
00:34:28.0205 6972  [ 7867CD2CC05D8B1377DC7FEE93716015 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
00:34:28.0260 6972  LanmanWorkstation - ok
00:34:28.0421 6972  [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate      C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
00:34:28.0491 6972  LiveUpdate - ok
00:34:28.0509 6972  [ AD581D8BA8C2CE46933D44392BA35C24 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
00:34:28.0533 6972  lltdio - ok
00:34:28.0549 6972  [ BCDCFD2C2115334419EF025C533AB6C5 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
00:34:28.0570 6972  lltdsvc - ok
00:34:28.0600 6972  [ FBA8BDF947B5289E85324F00043CC5D8 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
00:34:28.0647 6972  lmhosts - ok
00:34:28.0704 6972  [ 3D67740573A70C6C9B1614982CFAC4C5 ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
00:34:28.0728 6972  LMIGuardianSvc - ok
00:34:28.0755 6972  [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
00:34:28.0763 6972  LMIInfo - ok
00:34:28.0778 6972  [ D95F3217C9DFA24ECA582ED8E435E221 ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
00:34:28.0787 6972  LMIMaint - ok
00:34:28.0809 6972  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr         C:\WINDOWS\system32\DRIVERS\lmimirr.sys
00:34:28.0818 6972  lmimirr - ok
00:34:28.0823 6972  LMIRfsClientNP - ok
00:34:28.0838 6972  [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
00:34:28.0846 6972  LMIRfsDriver - ok
00:34:28.0862 6972  [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
00:34:28.0876 6972  LogMeIn - ok
00:34:28.0905 6972  [ 6B01CB678E1E390CEA9514D4774EFB51 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
00:34:28.0920 6972  LSI_SAS - ok
00:34:28.0941 6972  [ 4C3AFBA9ED36535313054AC26532E9DE ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
00:34:28.0955 6972  LSI_SAS2 - ok
00:34:28.0984 6972  [ 0715DC27611C202D04BC0365D666DD27 ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
00:34:28.0999 6972  LSI_SCSI - ok
00:34:29.0019 6972  [ DB6B9554AA4F83212E80D5107D8C53EE ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
00:34:29.0034 6972  LSI_SSS - ok
00:34:29.0078 6972  [ 7607DE91C0BFB0FC7210349F16737D16 ] LSM             C:\WINDOWS\System32\lsm.dll
00:34:29.0141 6972  LSM - ok
00:34:29.0172 6972  [ F731770C339FEB6563397D410793A756 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
00:34:29.0213 6972  luafv - ok
00:34:29.0234 6972  [ 125C3C5A315500A1AD54F0B4766AF815 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
00:34:29.0250 6972  megasas - ok
00:34:29.0281 6972  [ 05457CC7F5586C6E8D02FFA7F23FCEDF ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
00:34:29.0301 6972  MegaSR - ok
00:34:29.0380 6972  Microsoft SharePoint Workspace Audit Service - ok
00:34:29.0417 6972  [ CAAAB04E7775D8F11E166482F3596539 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
00:34:29.0493 6972  MMCSS - ok
00:34:29.0505 6972  [ 049E433162AFE9B08C05D81D2C62CD61 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
00:34:29.0523 6972  Modem - ok
00:34:29.0540 6972  [ 7E93949414DA50029E2B5746AD8BB3A3 ] monitor         C:\WINDOWS\system32\DRIVERS\monitor.sys
00:34:29.0634 6972  monitor - ok
00:34:29.0649 6972  [ 9D3F069A705325E7B7CEA36BFB65E616 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
00:34:29.0661 6972  mouclass - ok
00:34:29.0691 6972  [ A6BA920D42A6154B3F272F4290D33B48 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
00:34:29.0716 6972  mouhid - ok
00:34:29.0755 6972  [ 13D8E3077EF0AE583F4634236D9A0992 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
00:34:29.0776 6972  mountmgr - ok
00:34:29.0801 6972  [ 3343B276F4AD3BBF44C46AB2A1E8A23A ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
00:34:29.0852 6972  mpsdrv - ok
00:34:29.0893 6972  [ 1A9FED739F0BBD20451519C30D183AC8 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
00:34:29.0932 6972  MpsSvc - ok
00:34:29.0969 6972  [ C4A5B4DD9400D51D33AE68880C99DECB ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
00:34:30.0048 6972  MQAC - ok
00:34:30.0076 6972  [ 329E3ACBFC616666D3D04C6FDC1B71E0 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
00:34:30.0105 6972  MRxDAV - ok
00:34:30.0146 6972  [ 60B65EBAC1ACCD53BF32F6E43792105E ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:34:30.0194 6972  mrxsmb - ok
00:34:30.0217 6972  [ B9F3DA35CDE171B5CBA70319AD7D5E59 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
00:34:30.0249 6972  mrxsmb10 - ok
00:34:30.0272 6972  [ 17DA6DF0DE69E3B2963B54DF4E7C5541 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
00:34:30.0302 6972  mrxsmb20 - ok
00:34:30.0316 6972  [ 61E23CF0A54EDBAE5CFE3322E960ECC9 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
00:34:30.0343 6972  MsBridge - ok
00:34:30.0378 6972  [ 37594E0C3119827CA7F8D16D187239E0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
00:34:30.0397 6972  MSDTC - ok
00:34:30.0442 6972  [ 651DEF4337DD77E6A607CEE49D3C4B30 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
00:34:30.0455 6972  Msfs - ok
00:34:30.0494 6972  [ 8F47F5F31F001C4F97840DB723618DD0 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
00:34:30.0507 6972  msgpiowin32 - ok
00:34:30.0537 6972  [ 26BBD77D23FFABB14C3291A1B8555EA5 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
00:34:30.0562 6972  mshidkmdf - ok
00:34:30.0625 6972  [ 51808FEF911B77758A6CF7CEB469AF9E ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
00:34:30.0668 6972  mshidumdf - ok
00:34:30.0715 6972  [ F103DF830D370B7535FDA3D477C8D8A0 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
00:34:30.0734 6972  msisadrv - ok
00:34:30.0823 6972  [ 2C777DD7FD2340F9F9F8BD76B9810956 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
00:34:30.0882 6972  MSiSCSI - ok
00:34:30.0888 6972  msiserver - ok
00:34:30.0913 6972  [ 3FCF6AA904516872CF70ED248F86889B ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:34:30.0936 6972  MSKSSRV - ok
00:34:30.0953 6972  [ 10C229EAC28FDB8550EE93D955932F83 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
00:34:30.0982 6972  MsLldp - ok
00:34:30.0995 6972  [ A9BA83EC1F98992743A04F5EEEBB00CF ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
00:34:31.0018 6972  MSMQ - ok
00:34:31.0043 6972  [ BA786F089895196E18120F66F996A3D2 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:34:31.0070 6972  MSPCLOCK - ok
00:34:31.0106 6972  [ 362950A5F7B1794DA9CB985AF7BBCC4B ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
00:34:31.0146 6972  MSPQM - ok
00:34:31.0171 6972  [ 79A14AB6C6A5B01E9CE99937D1304D13 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
00:34:31.0189 6972  MsRPC - ok
00:34:31.0224 6972  [ A819A3006C27870AF05E408AD06FACFF ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
00:34:31.0236 6972  mssmbios - ok
00:34:31.0248 6972  [ FB1D61A2998A5C4456C6B73DD41D5352 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
00:34:31.0263 6972  MSTEE - ok
00:34:31.0283 6972  [ 3CC687876469F0FD3B2D936FA7A6EC59 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
00:34:31.0313 6972  MTConfig - ok
00:34:31.0330 6972  [ 6779B2A319A563C68B56DE8491E9EA76 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
00:34:31.0343 6972  Mup - ok
00:34:31.0364 6972  [ 1DEF95DC467131BF4AB52A8F72C42D89 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
00:34:31.0378 6972  mvumis - ok
00:34:31.0448 6972  mysql - ok
00:34:31.0566 6972  [ 34FEF8CBBD7C4FACDD6AB68E39E02062 ] napagent        C:\WINDOWS\system32\qagentRT.dll
00:34:31.0599 6972  napagent - ok
00:34:31.0642 6972  [ D48E3B33BD911BA28413A4337456724F ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
00:34:31.0662 6972  NativeWifiP - ok
00:34:31.0697 6972  [ 4B947B7F1ADCF1AE86B0EB717D55CE0C ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
00:34:31.0714 6972  NcaSvc - ok
00:34:31.0747 6972  [ 466C47B1335533884C06CA88D073B759 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
00:34:31.0795 6972  NcdAutoSetup - ok
00:34:31.0837 6972  [ 68D808AB2097E17511DBCF2FBCDA7832 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
00:34:31.0871 6972  NDIS - ok
00:34:31.0893 6972  [ 9B8BC481DEEAA07C51DA214D2CEF2FC9 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
00:34:31.0908 6972  NdisCap - ok
00:34:31.0941 6972  [ 1EA68DB9E05248EF9B940D6D0A0725B3 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
00:34:31.0971 6972  NdisImPlatform - ok
00:34:31.0999 6972  [ 71F6E2AF63B0E52B36CEE7F0AE076A18 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:34:32.0016 6972  NdisTapi - ok
00:34:32.0047 6972  [ DDC67239BFE82DC5A878039B464B1968 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:34:32.0073 6972  Ndisuio - ok
00:34:32.0088 6972  [ 556DB924D61BC4A5E0F95D383E9B1009 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:34:32.0105 6972  NdisWan - ok
00:34:32.0110 6972  [ 556DB924D61BC4A5E0F95D383E9B1009 ] NDISWANLEGACY   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:34:32.0127 6972  NDISWANLEGACY - ok
00:34:32.0146 6972  [ 730E417A5D4A0441C143F96B667618D7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
00:34:32.0160 6972  NDProxy - ok
00:34:32.0174 6972  [ 583F95CEFCD5D896B5531BD338030401 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
00:34:32.0189 6972  Ndu - ok
00:34:32.0209 6972  [ 4CA677A214248DB8227F8035B546F7D0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
00:34:32.0241 6972  NetBIOS - ok
00:34:32.0282 6972  [ 303A053C25E468B9925C22288BEF8484 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
00:34:32.0367 6972  NetBT - ok
00:34:32.0382 6972  [ 0118D8C2B0B04F6B6FE620EADDA53449 ] Netlogon        C:\WINDOWS\system32\lsass.exe
00:34:32.0397 6972  Netlogon - ok
00:34:32.0451 6972  [ A54157CE7FF480834897CC0FA6DDF620 ] Netman          C:\WINDOWS\System32\netman.dll
00:34:32.0519 6972  Netman - ok
00:34:32.0636 6972  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:34:32.0687 6972  NetMsmqActivator - ok
00:34:32.0693 6972  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:34:32.0709 6972  NetPipeActivator - ok
00:34:32.0774 6972  [ 5B6DABBEAC96119A65FBF6C731A35234 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
00:34:32.0812 6972  netprofm - ok
00:34:32.0818 6972  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:34:32.0834 6972  NetTcpActivator - ok
00:34:32.0840 6972  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:34:32.0857 6972  NetTcpPortSharing - ok
00:34:33.0233 6972  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\WINDOWS\system32\DRIVERS\NETw5s32.sys
00:34:33.0524 6972  NETw5s32 - ok
00:34:34.0842 6972  [ AECF4344A771231D538ED7D6080F0A38 ] NETwNs32        C:\WINDOWS\system32\DRIVERS\NETwNs32.sys
00:34:35.0141 6972  NETwNs32 - ok
00:34:35.0169 6972  [ 4B539272E9F5C3B8D9714D137FD340A6 ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
00:34:35.0183 6972  nfrd960 - ok
00:34:35.0210 6972  [ 6906D71601703792F395CF8497209FDD ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
00:34:35.0229 6972  NlaSvc - ok
00:34:36.0004 6972  [ 4AD196A3CFA4D546068E24477A720948 ] Norton Ghost    C:\Program Files\Norton Ghost\Agent\VProSvc.exe
00:34:36.0179 6972  Norton Ghost - ok
00:34:36.0247 6972  [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF             C:\WINDOWS\system32\drivers\npf.sys
00:34:36.0267 6972  NPF - ok
00:34:36.0317 6972  [ EAC569A77BE92B247FCA51E498B17DF1 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
00:34:36.0354 6972  Npfs - ok
00:34:36.0383 6972  [ 6E994702ED294CDBED7621590EC75735 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
00:34:36.0438 6972  npsvctrig - ok
00:34:36.0458 6972  [ 61C583D971CC3411CCD3D58704E9301B ] nsi             C:\WINDOWS\system32\nsisvc.dll
00:34:36.0481 6972  nsi - ok
00:34:36.0517 6972  [ 9588CCD14571FA22F8F2ECCF198AB448 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
00:34:36.0531 6972  nsiproxy - ok
00:34:36.0781 6972  [ 73A349516FC2A9EC810E96685E7DF0E1 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
00:34:36.0891 6972  Ntfs - ok
00:34:36.0929 6972  [ 0F965AF67042AF539274738FFD0C8C71 ] Null            C:\WINDOWS\system32\drivers\Null.sys
00:34:36.0956 6972  Null - ok
00:34:36.0979 6972  [ BD23FF50A9A59AAF48052F5E7D0682B0 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
00:34:36.0996 6972  nvraid - ok
00:34:37.0027 6972  [ 108DD54A5B1E73F583AF7DC94CCE52B8 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
00:34:37.0044 6972  nvstor - ok
00:34:37.0066 6972  [ 5ED87C9C51CFE59B1DDFF8290719E0E4 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
00:34:37.0081 6972  nv_agp - ok
00:34:37.0169 6972  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:34:37.0195 6972  ose - ok
00:34:37.0731 6972  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:34:37.0984 6972  osppsvc - ok
00:34:38.0072 6972  [ BB3916021D0AC8D33C02C1161B7A2621 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
00:34:38.0151 6972  p2pimsvc - ok
00:34:38.0236 6972  [ 433A776514D8A57DA92467991AE2FEFF ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
00:34:38.0278 6972  p2psvc - ok
00:34:38.0292 6972  [ 8BCE63AF5B52642E832630F862DE96EF ] Parport         C:\WINDOWS\System32\drivers\parport.sys
00:34:38.0307 6972  Parport - ok
00:34:38.0348 6972  [ 7289BE4566F0E5126868EB6E4292CC3C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
00:34:38.0370 6972  partmgr - ok
00:34:38.0402 6972  [ 49A439FEAB060F74B8EC7DBF44D4A7BA ] Parvdm          C:\WINDOWS\System32\drivers\parvdm.sys
00:34:38.0417 6972  Parvdm - ok
00:34:38.0438 6972  [ 9987ABA0E5DD0D46C95076B157B38C06 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
00:34:38.0457 6972  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
00:34:38.0457 6972  PassThru Service - detected UnsignedFile.Multi.Generic (1)
00:34:38.0492 6972  [ B06FF821B79BED0912579A48140A4C46 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
00:34:38.0529 6972  PcaSvc - ok
00:34:38.0550 6972  [ EA828C84C8948D0E4994C1E0A45EB05F ] pci             C:\WINDOWS\system32\drivers\pci.sys
00:34:38.0567 6972  pci - ok
00:34:38.0584 6972  [ B4444133ED61F87FD49A2ADD28285115 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
00:34:38.0597 6972  pciide - ok
00:34:38.0636 6972  [ 6E11FDE71F2015007CDD4AE9D2D700C9 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
00:34:38.0655 6972  pcmcia - ok
00:34:38.0669 6972  [ 8A56B080B12950D448D556FE4BA6C68C ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
00:34:38.0682 6972  pcw - ok
00:34:38.0715 6972  [ D046B75932043E203050D5416D69785D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
00:34:38.0728 6972  pdc - ok
00:34:38.0766 6972  [ 50F9CC87D2F7DA89356C99B9F73580D6 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
00:34:38.0793 6972  PEAUTH - ok
00:34:39.0130 6972  [ D90D72035BA6DB320C9700E16552D0FE ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
00:34:39.0208 6972  PeerDistSvc - ok
00:34:39.0585 6972  [ CCF3E6C601D71A4CBB4C08B5591E5D26 ] pla             C:\WINDOWS\system32\pla.dll
00:34:39.0634 6972  pla - ok
00:34:39.0660 6972  [ 84C433F0FA896BACFAB67D0B22CFA73C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
00:34:39.0677 6972  PlugPlay - ok
00:34:39.0718 6972  [ 7BB1FAB338641C440FDCDEB8B243648A ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
00:34:39.0762 6972  PNRPAutoReg - ok
00:34:39.0790 6972  [ BB3916021D0AC8D33C02C1161B7A2621 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
00:34:39.0808 6972  PNRPsvc - ok
00:34:39.0967 6972  [ 9DC57EB201F2F77E874084176EAD5BCF ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
00:34:40.0029 6972  PolicyAgent - ok
00:34:40.0067 6972  [ 556848D77F36645260DE452513A54F5D ] Power           C:\WINDOWS\system32\umpo.dll
00:34:40.0108 6972  Power - ok
00:34:40.0125 6972  [ 03D522782A0BB5108C8A43A10EE51CB0 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:34:40.0141 6972  PptpMiniport - ok
00:34:40.0446 6972  [ C5E38D8CACF357148BECFA9941B7F22C ] PrintNotify     C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
00:34:40.0550 6972  PrintNotify - ok
00:34:40.0573 6972  [ BD23C45A654066374E3EC7F4EF8FC9B6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
00:34:40.0587 6972  Processor - ok
00:34:40.0619 6972  [ FEE5D89ABE17FBD24FE8A6FD91543316 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
00:34:40.0655 6972  ProfSvc - ok
00:34:40.0691 6972  [ 42E46DC7767F5AB664E3F6B36D9764AD ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
00:34:40.0721 6972  Psched - ok
00:34:40.0794 6972  [ 9D8D860A9CF57A47E0041C9BDA415130 ] QWAVE           C:\WINDOWS\system32\qwave.dll
00:34:40.0844 6972  QWAVE - ok
00:34:40.0861 6972  [ 29E548E1C511BFBE56FA6438488DE0E0 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
00:34:40.0883 6972  QWAVEdrv - ok
00:34:40.0913 6972  [ C07E9331431C78D41F30E62A15E1D324 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:34:40.0951 6972  RasAcd - ok
00:34:40.0971 6972  [ F63755B2DCE1BE7927F5CEAB7991EFED ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
00:34:41.0004 6972  RasAgileVpn - ok
00:34:41.0031 6972  [ 63A57B7DDF705E4D7D6B0FF86BDBBF96 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
00:34:41.0058 6972  RasAuto - ok
00:34:41.0072 6972  [ 6E0649D7325D85C47C844EB3267E4625 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:34:41.0089 6972  Rasl2tp - ok
00:34:41.0143 6972  [ FA17FE26953E6B0DE7A5A966253869E9 ] RasMan          C:\WINDOWS\System32\rasmans.dll
00:34:41.0193 6972  RasMan - ok
00:34:41.0217 6972  [ 5BA6DB7AD04A8EADE0A41E6C8427582B ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:34:41.0243 6972  RasPppoe - ok
00:34:41.0260 6972  [ 3A421DDA09E3BF96E9D698D13FDC139E ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
00:34:41.0277 6972  RasSstp - ok
00:34:41.0313 6972  [ E0E033E0A8122FEC2AAF48B99EBC70F9 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:34:41.0336 6972  rdbss - ok
00:34:41.0360 6972  [ 4FB0345ADE5C2E15EA1A22F173E71D37 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
00:34:41.0403 6972  rdpbus - ok
00:34:41.0433 6972  [ 2CAD2A13569741C67CD9C52F97E0F992 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
00:34:41.0506 6972  RDPDR - ok
00:34:41.0544 6972  [ 40083918DB637FCB8A2C2453A2284603 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
00:34:41.0570 6972  RdpVideoMiniport - ok
00:34:41.0599 6972  [ EA0E833A1418C28E6085DFFA68731EA5 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
00:34:41.0616 6972  RDPWD - ok
00:34:41.0644 6972  [ 38A8012D03150D6852B9CDDB24280F1A ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
00:34:41.0660 6972  rdyboost - ok
00:34:41.0755 6972  [ BBFCAC1C23B867AE5D7EF96DF40680C5 ] Realtek87B      C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe
00:34:41.0774 6972  Realtek87B ( UnsignedFile.Multi.Generic ) - warning
00:34:41.0774 6972  Realtek87B - detected UnsignedFile.Multi.Generic (1)
00:34:41.0816 6972  [ 9F38A0A16958C33552C92EAE5AFC9E5F ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
00:34:41.0861 6972  RemoteAccess - ok
00:34:41.0892 6972  [ 8331C0CF128BD1A56440B2E82AAA5EB5 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
00:34:41.0932 6972  RemoteRegistry - ok
00:34:41.0989 6972  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
00:34:42.0010 6972  rpcapd - ok
00:34:42.0044 6972  [ 5AF682962162FCDB85B56CB8A0DB5E6B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
00:34:42.0076 6972  RpcEptMapper - ok
00:34:42.0107 6972  [ A8DDFFFBA3F655C82AB5D4A249E4D414 ] RpcLocator      C:\WINDOWS\system32\locator.exe
00:34:42.0136 6972  RpcLocator - ok
00:34:42.0212 6972  [ BCD3562ACB27B8137BF809F61BA44E80 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
00:34:42.0244 6972  RpcSs - ok
00:34:42.0259 6972  [ C7BD738B9BF45E797A6089AF946BAC47 ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
00:34:42.0286 6972  rspndr - ok
00:34:42.0357 6972  [ F9541F3B59DA30423F2F76EF443C07FC ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
00:34:42.0407 6972  RSUSBSTOR - ok
00:34:42.0420 6972  [ E21867D4A8FF3824150E56979E333610 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
00:34:42.0434 6972  s3cap - ok
00:34:42.0455 6972  [ 0118D8C2B0B04F6B6FE620EADDA53449 ] SamSs           C:\WINDOWS\system32\lsass.exe
00:34:42.0470 6972  SamSs - ok
00:34:42.0680 6972  [ 328100AF2EFD951EAB657384EC361B6F ] SamsungAllShareV2.0 C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
00:34:42.0693 6972  SamsungAllShareV2.0 - ok
00:34:42.0728 6972  [ 434F805B0B3840A52C19C96A7BB64AA3 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
00:34:42.0760 6972  sbp2port - ok
00:34:42.0791 6972  [ B1B737661EF9D779FEE8866CC38F7B98 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
00:34:42.0825 6972  SCardSvr - ok
00:34:42.0856 6972  [ 3F21FBE0550B41240B6A864F6C8C15E4 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
00:34:42.0883 6972  scfilter - ok
00:34:42.0945 6972  [ CDFE4C8A7AB71BD52B2804E5B4E9C4A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
00:34:42.0992 6972  Schedule - ok
00:34:43.0025 6972  [ BAEE72BFBEC7B96AA85F861A6F4FE428 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
00:34:43.0042 6972  SCPolicySvc - ok
00:34:43.0111 6972  [ 1D09A99E18AB7685324FA8A394A3EF9C ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
00:34:43.0149 6972  sdbus - ok
00:34:43.0195 6972  [ B433671D5A6D36D35141A56B6E75D086 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
00:34:43.0282 6972  SDRSVC - ok
00:34:43.0703 6972  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
00:34:43.0741 6972  SDScannerService - ok
00:34:43.0779 6972  [ 29A975CB4DDA873C80B0AAA91FFA74B8 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
00:34:43.0816 6972  sdstor - ok
00:34:44.0058 6972  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
00:34:44.0091 6972  SDUpdateService - ok
00:34:44.0125 6972  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
00:34:44.0136 6972  SDWSCService - ok
00:34:44.0157 6972  [ A8CC993CED4DF9710ADAABC9DA66B660 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
00:34:44.0178 6972  secdrv - ok
00:34:44.0208 6972  [ B83564D1603B821CCD82CC335C87AD97 ] seclogon        C:\WINDOWS\system32\seclogon.dll
00:34:44.0242 6972  seclogon - ok
00:34:44.0299 6972  [ 64355214ECE4573F553353597779EF11 ] SENS            C:\WINDOWS\System32\sens.dll
00:34:44.0336 6972  SENS - ok
00:34:44.0372 6972  [ 7E4F0DCAF6739C830B8043CCBF79ABBF ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
00:34:44.0437 6972  SensrSvc - ok
00:34:44.0495 6972  [ 3DE395F302C4DCD3D4792EB786A7B402 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
00:34:44.0546 6972  SerCx - ok
00:34:44.0579 6972  [ C706C88BAEE6B23C86C791EF47D901D4 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
00:34:44.0614 6972  Serenum - ok
00:34:44.0630 6972  [ F492965E2EDDB1BCA2E000A1085BE082 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
00:34:44.0647 6972  Serial - ok
00:34:44.0659 6972  [ 409C91880A6A70FDD33CFEDC43D0F808 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
00:34:44.0683 6972  sermouse - ok
00:34:44.0783 6972  [ E19B1B639B5017BF6224744565B08E38 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
00:34:44.0837 6972  SessionEnv - ok
00:34:44.0874 6972  [ BDF7F7AC3700DAF0A19D19C008D408C0 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
00:34:44.0904 6972  sfloppy - ok
00:34:44.0976 6972  [ 578AA5D3C4A4C1052C9B13B4FA748B00 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
00:34:45.0020 6972  SharedAccess - ok
00:34:45.0084 6972  [ C416B8E2EF38D100DA19C4DA8A3E8A17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:34:45.0179 6972  ShellHWDetection - ok
00:34:45.0236 6972  [ 1980FE1F5A32067DAD1D8776B63C2669 ] SimpleSlideShowServer C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
00:34:45.0262 6972  SimpleSlideShowServer - ok
00:34:45.0323 6972  [ A5A3C56B5E46F77E6992A3772F8E4C8D ] sisagp          C:\WINDOWS\system32\drivers\sisagp.sys
00:34:45.0354 6972  sisagp - ok
00:34:45.0371 6972  [ 39763193254A265FDA6F08EF375549DF ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
00:34:45.0385 6972  SiSRaid2 - ok
00:34:45.0417 6972  [ 2A95CC135283B3C56B783171532B62D0 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
00:34:45.0435 6972  SiSRaid4 - ok
00:34:45.0476 6972  [ 1FA732F662375B134B510B44686BABD2 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
00:34:45.0507 6972  SNMPTRAP - ok
00:34:45.0578 6972  [ 3B3EDACFE0E7B117AF01A4C8F37C9913 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
00:34:45.0615 6972  spaceport - ok
00:34:45.0635 6972  [ C8E9372645392E23CF36B4C1686B1509 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
00:34:45.0662 6972  SpbCx - ok
00:34:45.0705 6972  [ D246A6F32CD74A0AE1F00EF7C73A1DBC ] Spooler         C:\WINDOWS\System32\spoolsv.exe
00:34:45.0777 6972  Spooler - ok
00:34:46.0359 6972  [ ED4B93745C905B985BBE197970FFBF2E ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
00:34:46.0514 6972  sppsvc - ok
00:34:46.0550 6972  [ 8B20E19AF56E21E9549D4CA496BB78D6 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
00:34:46.0613 6972  srv - ok
00:34:46.0651 6972  [ 9804186617BBB92BC8361D01A59BFD58 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
00:34:46.0754 6972  srv2 - ok
00:34:46.0773 6972  [ 3CC26136D8A0180899F3FF02F44DD43B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
00:34:46.0790 6972  srvnet - ok
00:34:46.0819 6972  [ 9B4B2E29751312BF65CBE301AFB746A1 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
00:34:46.0847 6972  SSDPSRV - ok
00:34:46.0865 6972  [ F23D18AF0C34B5167BA72F9B95EEAB06 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
00:34:46.0884 6972  SstpSvc - ok
00:34:46.0941 6972  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
00:34:46.0969 6972  ssudmdm - ok
00:34:46.0988 6972  [ CC17B7A7C4DD72BE2B10DAF254147A2B ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
00:34:47.0001 6972  stexstor - ok
00:34:47.0031 6972  [ B9A28B6DA5EFEE202FAD396FEDFE73D8 ] StiSvc          C:\WINDOWS\System32\wiaservc.dll
00:34:47.0096 6972  StiSvc - ok
00:34:47.0131 6972  [ C34BCFA72A8BFE7D80092084B6A1E375 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
00:34:47.0152 6972  storahci - ok
00:34:47.0167 6972  [ B00DA575ADF228C1D33269CDE92A68EC ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
00:34:47.0183 6972  storflt - ok
00:34:47.0203 6972  [ 9AA77CAD9ADF035109B9E65EB3F8D61A ] StorSvc         C:\WINDOWS\system32\storsvc.dll
00:34:47.0254 6972  StorSvc - ok
00:34:47.0273 6972  [ 5C538C4975B53C31500BC535FF436CDC ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
00:34:47.0295 6972  storvsc - ok
00:34:47.0314 6972  [ 8DF8D4AEADF32F5D4C6FFA9936E16A10 ] svsvc           C:\WINDOWS\system32\svsvc.dll
00:34:47.0344 6972  svsvc - ok
00:34:47.0356 6972  [ 8DCA45AD5E2D83E00A1952BE2B541A27 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
00:34:47.0369 6972  swenum - ok
00:34:47.0408 6972  [ B53421FCD315F35837A07716E9F7A1E7 ] swprv           C:\WINDOWS\System32\swprv.dll
00:34:47.0445 6972  swprv - ok
00:34:47.0450 6972  Symantec SymSnap VSS Provider - ok
00:34:47.0477 6972  [ A5CF31080E99718949BCC38C83F13452 ] symsnap         C:\WINDOWS\system32\DRIVERS\symsnap.sys
00:34:47.0486 6972  symsnap - ok
00:34:47.0953 6972  [ 21FF886E6F679FC1EB352F231E846357 ] SymSnapService  C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
00:34:48.0012 6972  SymSnapService - ok
00:34:48.0043 6972  [ 47183E3520C88FADD5B0C87D57040DA5 ] SynTP           C:\WINDOWS\System32\drivers\SynTP.sys
00:34:48.0073 6972  SynTP - ok
00:34:48.0233 6972  [ 72EFFCDAAFDB8FB568A56B02D5703B76 ] SysMain         C:\WINDOWS\system32\sysmain.dll
00:34:48.0280 6972  SysMain - ok
00:34:48.0383 6972  [ EEBC8D1EE91FC6C632DE6996FEA9252A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
00:34:48.0451 6972  SystemEventsBroker - ok
00:34:48.0484 6972  [ 3705A5E2A2834EA94EF073D87AF88D8F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
00:34:48.0524 6972  TabletInputService - ok
00:34:48.0563 6972  [ 4A10477302BB35A17ED818CD8720478A ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
00:34:48.0590 6972  TapiSrv - ok
00:34:48.0842 6972  [ DA9D8FD38190C66E747D13B7F5E1945A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
00:34:48.0955 6972  Tcpip - ok
00:34:49.0008 6972  [ DA9D8FD38190C66E747D13B7F5E1945A ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:34:49.0061 6972  TCPIP6 - ok
00:34:49.0138 6972  [ D40FB114D559FDDE599293E1B5107644 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
00:34:49.0198 6972  tcpipreg - ok
00:34:49.0214 6972  [ 0886D9F1B5A5334FBB143A260E4BFB5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
00:34:49.0243 6972  tdx - ok
00:34:49.0275 6972  [ 0E099CC6D72DD47CAB9CC3D5DDF0A93E ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
00:34:49.0288 6972  terminpt - ok
00:34:49.0307 6972  [ 10DA7F780EF287FEA7D70C1633C68F0B ] TermService     C:\WINDOWS\System32\termsrv.dll
00:34:49.0332 6972  TermService - ok
00:34:49.0356 6972  [ 14378287DC6D4CF1E3279AA9EBD70665 ] Themes          C:\WINDOWS\system32\themeservice.dll
00:34:49.0375 6972  Themes - ok
00:34:49.0395 6972  [ CAAAB04E7775D8F11E166482F3596539 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
00:34:49.0409 6972  THREADORDER - ok
00:34:49.0473 6972  [ 9A15D7655125CB1FDEF007D30230CABC ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
00:34:49.0512 6972  TimeBroker - ok
00:34:49.0561 6972  [ E319535A8124F25C1C9C5288CACF3101 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
00:34:49.0576 6972  TomTomHOMEService - ok
00:34:49.0649 6972  [ FDFF6B80C62FAA6F8A22A64ACF0D18D3 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
00:34:49.0686 6972  TPM - ok
00:34:49.0725 6972  [ 7B19BA44B3A44494DBA300206FABA998 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
00:34:49.0775 6972  TrkWks - ok
00:34:49.0846 6972  [ FD9F6ED4C26CA21B8DD2994F14BD98FC ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
00:34:49.0883 6972  TrustedInstaller - ok
00:34:49.0900 6972  [ B9E622309DE8C780E6818531586F2221 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
00:34:49.0969 6972  TsUsbFlt - ok
00:34:49.0999 6972  [ 074440A1C04913F7DF81839565A47917 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
00:34:50.0021 6972  TsUsbGD - ok
00:34:50.0041 6972  [ 62EE13D4EE7DB793C13F33F51A21170E ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
00:34:50.0074 6972  tunnel - ok
00:34:50.0108 6972  [ E0750A399E378C8433165C843FD7F732 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
00:34:50.0122 6972  uagp35 - ok
00:34:50.0152 6972  [ B3B9DDEEFC3B823B3067DCADCD80014D ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
00:34:50.0167 6972  UASPStor - ok
00:34:50.0192 6972  [ C1798C9CEC2802C6C23119F269747E05 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
00:34:50.0209 6972  UCX01000 - ok
00:34:50.0262 6972  [ 942D7B29F95DC6C5D14B8758044627C1 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
00:34:50.0321 6972  udfs - ok
00:34:50.0364 6972  [ 3F7B87F8E850907783AC681AF542601D ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
00:34:50.0389 6972  UI0Detect - ok
00:34:50.0421 6972  [ C4FE9CC8AA769B1D140C07308574969D ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
00:34:50.0435 6972  uliagpkx - ok
00:34:50.0455 6972  [ D54E16CE5FF8493E611CFF34F96F5A00 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
00:34:50.0469 6972  umbus - ok
00:34:50.0484 6972  [ 4F92FB5D2353C1B75F0C3138C1822FC3 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
00:34:50.0497 6972  UmPass - ok
00:34:50.0534 6972  [ CC0CC034C75F8D445B7E561BA018E166 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
00:34:50.0562 6972  UmRdpService - ok
00:34:50.0595 6972  [ 4359A695FB0CF5C0C78A7FD2DACABC00 ] upnphost        C:\WINDOWS\System32\upnphost.dll
00:34:50.0632 6972  upnphost - ok
00:34:50.0646 6972  [ ABFF3E6009343A2613D31FDC241A6D6E ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
00:34:50.0661 6972  usbccgp - ok
00:34:50.0691 6972  [ 614BDD1AB210F6DCE5EDFE0624717C94 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
00:34:50.0713 6972  usbcir - ok
00:34:50.0741 6972  [ E7614B639357ADCB056D5FAAB9E2FB00 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
00:34:50.0763 6972  usbehci - ok
00:34:50.0784 6972  [ 2398AB1409B50ED2CFEE58375A777133 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
00:34:50.0804 6972  usbhub - ok
00:34:50.0837 6972  [ B9890F0900897968615F7B604226A857 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
00:34:50.0873 6972  USBHUB3 - ok
00:34:50.0900 6972  [ D3641BCE4BE9858423CF0FA843A77AC1 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
00:34:50.0938 6972  usbohci - ok
00:34:50.0957 6972  [ 81F2E53B5945995FD5D459180EB21AE7 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
00:34:51.0015 6972  usbprint - ok
00:34:51.0048 6972  [ 727CE341DF7EFDC94F2868393549F497 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
00:34:51.0064 6972  USBSTOR - ok
00:34:51.0092 6972  [ 599D7D0A2DD4F5517DA1ADEAAF0B468F ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
00:34:51.0142 6972  usbuhci - ok
00:34:51.0159 6972  [ 670994311A3E0B3E99CE0DC70DA8909F ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
00:34:51.0175 6972  usbvideo - ok
00:34:51.0195 6972  [ AAA7CE0689651F4B06FA30A7FF001616 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
00:34:51.0216 6972  USBXHCI - ok
00:34:51.0230 6972  [ 0118D8C2B0B04F6B6FE620EADDA53449 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
00:34:51.0244 6972  VaultSvc - ok
00:34:51.0270 6972  [ 0AA85E1C967652071D283147AC4B17CD ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
00:34:51.0282 6972  vdrvroot - ok
00:34:51.0415 6972  [ 9B2590EB5A93BA2E5C27B98C2EED81B0 ] vds             C:\WINDOWS\System32\vds.exe
00:34:51.0493 6972  vds - ok
00:34:51.0527 6972  [ F70882757673FA7D4E466D811E1AC029 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
00:34:51.0561 6972  VerifierExt - ok
00:34:51.0598 6972  [ 38DF48D22D63C1054DEF23629003B027 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
00:34:51.0655 6972  vhdmp - ok
00:34:51.0691 6972  [ 91A67D2DDDD75D173A6590B75E305E3C ] viaagp          C:\WINDOWS\system32\drivers\viaagp.sys
00:34:51.0712 6972  viaagp - ok
00:34:51.0725 6972  [ 05DD6EA970A2493D8BFCE2CFCF2F445C ] ViaC7           C:\WINDOWS\System32\drivers\viac7.sys
00:34:51.0751 6972  ViaC7 - ok
00:34:51.0772 6972  [ 11283532CE62BA51557D00E09262ED78 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
00:34:51.0785 6972  viaide - ok
00:34:51.0845 6972  [ A942813405C51998DD2C2B86A08394D5 ] VMAuthdService  C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
00:34:51.0869 6972  VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
00:34:51.0869 6972  VMAuthdService - detected UnsignedFile.Multi.Generic (1)
00:34:51.0903 6972  [ 2E4777120FC246CCF76A69C7BB4AEF57 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
00:34:51.0929 6972  vmbus - ok
00:34:51.0970 6972  [ FA7B57977E55B60409FD9E36FC57395C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
00:34:52.0039 6972  VMBusHID - ok
00:34:52.0074 6972  [ 753BD0240B6586ABA0D67A70B3EF44A0 ] vmci            C:\WINDOWS\system32\drivers\vmci.sys
00:34:52.0083 6972  vmci - ok
00:34:52.0114 6972  [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
00:34:52.0142 6972  vmicheartbeat - ok
00:34:52.0149 6972  [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
00:34:52.0166 6972  vmickvpexchange - ok
00:34:52.0173 6972  [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
00:34:52.0191 6972  vmicrdv - ok
00:34:52.0234 6972  [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
00:34:52.0259 6972  vmicshutdown - ok
00:34:52.0288 6972  [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
00:34:52.0305 6972  vmictimesync - ok
00:34:52.0355 6972  [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
00:34:52.0382 6972  vmicvss - ok
00:34:52.0419 6972  [ A267D2321ED281359D301BFEB8202652 ] VMnetAdapter    C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
00:34:52.0439 6972  VMnetAdapter - ok
00:34:52.0475 6972  [ 7A4BB278D7860551A716D46349492692 ] VMnetBridge     C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
00:34:52.0488 6972  VMnetBridge - ok
00:34:52.0524 6972  [ 24521D99BF36F190BA10BB2BFDB17682 ] VMnetDHCP       C:\WINDOWS\system32\vmnetdhcp.exe
00:34:52.0540 6972  VMnetDHCP - ok
00:34:52.0572 6972  [ 4214CE8AC6E4E2667E71B9A5E973D590 ] VMnetuserif     C:\WINDOWS\system32\drivers\vmnetuserif.sys
00:34:52.0617 6972  VMnetuserif - ok
00:34:52.0641 6972  [ AFB10AD9AA91D2F70C9F0E6BDA0D119B ] vmusb           C:\WINDOWS\System32\Drivers\vmusb.sys
00:34:52.0656 6972  vmusb - ok
00:34:52.0817 6972  [ 90B4CC5C515B52796E26F72F3EEAF643 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
00:34:52.0847 6972  VMUSBArbService - ok
00:34:52.0901 6972  [ 709B9008BCC9E0375D0A45B08F4C48ED ] VMware NAT Service C:\WINDOWS\system32\vmnat.exe
00:34:52.0940 6972  VMware NAT Service - ok
00:34:54.0186 6972  [ 5661E99CC628C53530B7A500930DF984 ] VMwareHostd     C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
00:34:54.0590 6972  VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
00:34:54.0590 6972  VMwareHostd - detected UnsignedFile.Multi.Generic (1)
00:34:54.0636 6972  [ 6B649BAAF488C8505C613A1159A8D05C ] vmx86           C:\WINDOWS\system32\Drivers\vmx86.sys
00:34:54.0686 6972  vmx86 - ok
00:34:54.0735 6972  [ 7E8BCEEA56197925D944CA7D230596F7 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
00:34:54.0793 6972  volmgr - ok
00:34:54.0895 6972  [ 9C21037D3983D9B93190D2AA16570395 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
00:34:54.0933 6972  volmgrx - ok
00:34:54.0980 6972  [ 8E15C3D58A8ADE841060661DBA6E7A9B ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
00:34:55.0017 6972  volsnap - ok
00:34:55.0038 6972  [ EF3506B04EB9124240B35148EAACBAA5 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys
00:34:55.0059 6972  VProEventMonitor - ok
00:34:55.0073 6972  [ C5B79DA9C82C01EEFAABA713A858649E ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
00:34:55.0090 6972  vsmraid - ok
00:34:55.0112 6972  [ 4B1B677FC0338C85E1C30BD6F1BFD584 ] vsock           C:\WINDOWS\system32\drivers\vsock.sys
00:34:55.0121 6972  vsock - ok
00:34:55.0251 6972  [ 700F5256DFCF1E65837F740EE0889F0F ] VSS             C:\WINDOWS\system32\vssvc.exe
00:34:55.0299 6972  VSS - ok
00:34:55.0329 6972  [ 0DC78E40A4D1303488670B2F289ADD80 ] vstor2-mntapi10-shared C:\WINDOWS\system32\drivers\vstor2-mntapi10-shared.sys
00:34:55.0345 6972  vstor2-mntapi10-shared - ok
00:34:55.0372 6972  [ AB5F5CC034E31E496606E666657F3CC2 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
00:34:55.0393 6972  VSTXRAID - ok
00:34:55.0417 6972  [ 23044877230094EE20D057BC63ED19F0 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
00:34:55.0455 6972  vwifibus - ok
00:34:55.0475 6972  [ 7139B7012EF75A82CA11177D4BF1CD37 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
00:34:55.0490 6972  vwififlt - ok
00:34:55.0506 6972  [ 3C93AA2C5AC6030706757DCEAF57CD64 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
00:34:55.0520 6972  vwifimp - ok
00:34:55.0548 6972  [ 56A40C6DFB12E33B88887C4F9D5917FF ] W32Time         C:\WINDOWS\system32\w32time.dll
00:34:55.0588 6972  W32Time - ok
00:34:55.0729 6972  [ 68F38E919889F6EB637B0E5242EACCB9 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
00:34:55.0789 6972  W3SVC - ok
00:34:55.0810 6972  [ B4254668F5806AAA051A320FE88146F6 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
00:34:55.0835 6972  WacomPen - ok
00:34:55.0870 6972  [ 0D1401969D950975F18104DA56A20196 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:34:55.0884 6972  Wanarp - ok
00:34:55.0888 6972  [ 0D1401969D950975F18104DA56A20196 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:34:55.0903 6972  Wanarpv6 - ok
00:34:55.0913 6972  [ 68F38E919889F6EB637B0E5242EACCB9 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
00:34:55.0930 6972  WAS - ok
00:34:56.0211 6972  [ 09EA8F80C26FEAAE7D34AC82A871A909 ] wbengine        C:\WINDOWS\system32\wbengine.exe
00:34:56.0297 6972  wbengine - ok
00:34:56.0330 6972  [ D7AB5A0119A208B53784863DF403C2F2 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
00:34:56.0348 6972  WbioSrvc - ok
00:34:56.0366 6972  [ AB66316B4ED378A2CBEA61D6C5844A98 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
00:34:56.0394 6972  Wcmsvc - ok
00:34:56.0440 6972  [ 2569DC92526501CA292A1985F54D174B ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
00:34:56.0493 6972  wcncsvc - ok
00:34:56.0508 6972  [ 1B0A5043CC13F7DEB9873CC464FB11C7 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
00:34:56.0571 6972  WcsPlugInService - ok
00:34:56.0605 6972  [ 9BF0CE1E215789664EB563A52EC0B83B ] Wd              C:\WINDOWS\system32\drivers\wd.sys
00:34:56.0644 6972  Wd - ok
00:34:56.0678 6972  [ B73E9524D0034A1BC7CE10CED727A116 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
00:34:56.0718 6972  WdBoot - ok
00:34:56.0849 6972  [ CEA67D4279BF8A268062F08330179738 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
00:34:56.0882 6972  Wdf01000 - ok
00:34:56.0896 6972  [ 357EA02565E599297D3729340FE0F961 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
00:34:56.0914 6972  WdFilter - ok
00:34:56.0939 6972  [ 2FC34E39DD120AB985DF1F63B10A4B4D ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
00:34:56.0960 6972  WdiServiceHost - ok
00:34:56.0965 6972  [ 2FC34E39DD120AB985DF1F63B10A4B4D ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
00:34:56.0986 6972  WdiSystemHost - ok
00:34:57.0058 6972  [ FD800739494EE57DC7849BD64BDA1EEC ] WebClient       C:\WINDOWS\System32\webclnt.dll
00:34:57.0091 6972  WebClient - ok
00:34:57.0112 6972  [ 476746404FC104242EE8F049F2A6FA4A ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
00:34:57.0137 6972  Wecsvc - ok
00:34:57.0163 6972  [ B8A6C4812FD65EF95EB0F723A48C2462 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
00:34:57.0239 6972  wercplsupport - ok
00:34:57.0285 6972  [ 4A1A99EB9B85679C0F97255E72A6DC85 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
00:34:57.0308 6972  WerSvc - ok
00:34:57.0340 6972  [ B7ADB3799F1B6D8172DFDCE1DA8937F5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
00:34:57.0353 6972  WFPLWFS - ok
00:34:57.0382 6972  [ 1764AA30CDF8AF8995D4A3CEADF6AB0D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
00:34:57.0398 6972  WiaRpc - ok
00:34:57.0431 6972  [ 090A2B8F055343815556A01F725F6C35 ] WimFltr         C:\WINDOWS\system32\DRIVERS\wimfltr.sys
00:34:57.0447 6972  WimFltr - ok
00:34:57.0480 6972  [ 8B7BBA41B67E92B73BAFEBDF570B3703 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
00:34:57.0493 6972  WIMMount - ok
00:34:57.0576 6972  [ 36A695E1683671009C2FEA38B5EB4CD4 ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
00:34:57.0606 6972  WinDefend - ok
00:34:57.0748 6972  [ 7A4797475ABAD6ECF1BCB08637922ECA ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
00:34:57.0810 6972  WinHttpAutoProxySvc - ok
00:34:57.0844 6972  [ 62B866B25BA8A3FCAEC457738DDA726E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
00:34:57.0873 6972  winmgmt - ok
00:34:58.0171 6972  [ EE08CA40473062F2962F1ED25C85306C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
00:34:58.0226 6972  WinRM - ok
00:34:58.0276 6972  [ 30122927052480564DB0695B0CEADE62 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
00:34:58.0309 6972  WinUSB - ok
00:34:58.0542 6972  [ 70752CC656FE991392C1FD262D386863 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
00:34:58.0589 6972  WlanSvc - ok
00:34:58.0875 6972  [ 7194769CA375358E5BD89929C2C47B4C ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
00:34:58.0956 6972  wlidsvc - ok
00:34:59.0017 6972  [ F8A31500A1B7EFDB95E5103A7C7275C1 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
00:34:59.0037 6972  WmiAcpi - ok
00:34:59.0133 6972  [ 8899BED47FE375EE665AD1821598E471 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
00:34:59.0174 6972  wmiApSrv - ok
00:34:59.0284 6972  [ 207CB1C1770997621C1798E78EADCBBD ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
00:34:59.0374 6972  WMPNetworkSvc - ok
00:34:59.0416 6972  [ 9C3F5C7B716247756575235A3218FD38 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
00:34:59.0473 6972  wpcfltr - ok
00:34:59.0492 6972  [ 32B4145D0513E913C13A73C3E640C931 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
00:34:59.0518 6972  WPCSvc - ok
00:34:59.0548 6972  [ 9BB009547532C1F2DF14455CE1102A33 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
00:34:59.0621 6972  WPDBusEnum - ok
00:34:59.0642 6972  [ E5DCECD5A6A21AE48E94F6C9DC0E093C ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
00:34:59.0665 6972  WpdUpFltr - ok
00:34:59.0697 6972  [ 7CB94AFFC7F56C8E645381DB9C23F845 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:34:59.0710 6972  ws2ifsl - ok
00:34:59.0731 6972  [ 005950A4A8B36C551F25AF947CFA749D ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
00:34:59.0798 6972  wscsvc - ok
00:34:59.0804 6972  WSearch - ok
00:35:00.0152 6972  [ 0636D43456AD9CC717FE1890AB467EEC ] WSService       C:\WINDOWS\System32\WSService.dll
00:35:00.0247 6972  WSService - ok
00:35:00.0627 6972  [ F815E68C555847518C8660FF9084F768 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
00:35:00.0757 6972  wuauserv - ok
00:35:00.0787 6972  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
00:35:00.0801 6972  WudfPf - ok
00:35:00.0817 6972  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
00:35:00.0834 6972  WUDFRd - ok
00:35:00.0856 6972  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:35:00.0871 6972  WUDFSensorLP - ok
00:35:00.0900 6972  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
00:35:01.0000 6972  wudfsvc - ok
00:35:01.0062 6972  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:35:01.0099 6972  WUDFWpdFs - ok
00:35:01.0174 6972  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:35:01.0196 6972  WUDFWpdMtp - ok
00:35:01.0359 6972  [ 5DB9AC725AF17FAEC17DC7A0ACC99152 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
00:35:01.0432 6972  WwanSvc - ok
00:35:01.0498 6972  [ 82A7CEA0D31FA2BADC6F02638FA8DE4C ] yukonw8         C:\WINDOWS\system32\DRIVERS\yk63x86.sys
00:35:01.0540 6972  yukonw8 - ok
00:35:01.0564 6972  ================ Scan global ===============================
00:35:01.0612 6972  [ 8D41654D0A9E15635ACF5E18FF470AB1 ] C:\WINDOWS\system32\basesrv.dll
00:35:01.0645 6972  [ 1EEFCA33A6329CE675FEFFBC563140A9 ] C:\WINDOWS\system32\winsrv.dll
00:35:01.0696 6972  [ 78A87B9D36AAD6AFD6A24915389E1221 ] C:\WINDOWS\system32\sxssrv.dll
00:35:01.0743 6972  [ 6528BAACA25356FE226904DD36C82BA7 ] C:\WINDOWS\system32\services.exe
00:35:01.0750 6972  [Global] - ok
00:35:01.0751 6972  ================ Scan MBR ==================================
00:35:01.0782 6972  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:35:05.0469 6972  \Device\Harddisk0\DR0 - ok
00:35:05.0470 6972  ================ Scan VBR ==================================
00:35:05.0495 6972  [ D31D2D67ECAB026C166EA810282B9762 ] \Device\Harddisk0\DR0\Partition1
00:35:05.0528 6972  \Device\Harddisk0\DR0\Partition1 - ok
00:35:05.0548 6972  [ 04B5D4529740C2567CAAC2AB07D9F1AF ] \Device\Harddisk0\DR0\Partition2
00:35:05.0594 6972  \Device\Harddisk0\DR0\Partition2 - ok
00:35:05.0596 6972  ============================================================
00:35:05.0596 6972  Scan finished
00:35:05.0596 6972  ============================================================
00:35:05.0615 6964  Detected object count: 7
00:35:05.0615 6964  Actual detected object count: 7
00:36:02.0823 6964  Apache2.4 ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0823 6964  Apache2.4 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:02.0823 6964  epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0824 6964  epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:02.0826 6964  EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0826 6964  EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:02.0829 6964  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0830 6964  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:02.0832 6964  Realtek87B ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0832 6964  Realtek87B ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:02.0834 6964  VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0834 6964  VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:02.0836 6964  VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:02.0836 6964  VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:36:09.0238 6776  Deinitialize success
 
 
here are the logs from dds.com
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 10.0.9200.16482  BrowserJavaVersion: 10.15.2
Run by laptop at 0:39:55 on 2013-02-26
Microsoft Windows 8 Pro  6.2.9200.0.1252.44.2057.18.3001.1839 [GMT 0:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ================
.
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\spoolsv.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\Explorer.EXE
C:\xampp\mysql\bin\mysqld.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe
C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWlan.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\conhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: CtxIEInterceptorBHO Class: {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - c:\program files\citrix\ica client\IEInterceptor.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
uRun: [Google Update] "c:\users\laptop\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [MusicManager] "c:\users\laptop\appdata\local\programs\google\musicmanager\MusicManager.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AllShareAgent] c:\program files\samsung\allshare\AllShareAgent.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Norton Ghost 15.0] "c:\program files\norton ghost\agent\VProTray.exe"
mRun: [vmware-tray.exe] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2013\runner_avp.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2013\ie_banner_deny.htm
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
LSP: %windir%\system32\vsocklib.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{82B2A1E5-6EBD-467B-90E4-810A2B254578} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1}\C496371637 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D1C36D3F-8E4C-4B67-8FD9-24E180B74DB1}\C496371637 : DHCPNameServer = 192.168.2.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\citrix\icacli~1\RSHook.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2012-11-18 61464]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-2-14 67960]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2012-8-2 24408]
R1 klwfp;klwfp;c:\windows\system32\drivers\klwfp.sys [2012-8-3 42920]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 144344]
R2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe [2012-8-18 22016]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe [2012-8-17 356376]
R2 HTCMonitorService;HTCMonitorService;c:\program files\htc\htc sync manager\HSMServiceEntry.exe [2012-5-21 87368]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-9-15 89376]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-7-5 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-6-8 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-8-20 47640]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2012-4-13 88576]
R2 Realtek87B;Realtek87B;c:\program files\realtek\rtl8187 wireless lan utility\RtlService.exe [2012-6-13 40960]
R2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files\samsung\allshare\allsharedms\AllShareDMS.exe [2012-3-2 25504]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-2-20 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-2-20 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-2-20 168384]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-7-26 92632]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-7-12 22768]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-10-25 25944]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-10-25 25944]
R3 NETwNs32;@oem16.inf,___ %NIC_Service_DispName_WIN7%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2012-4-18 7523840]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-12-15 174592]
R3 SymSnapService;SymSnapService;c:\program files\norton ghost\shared\drivers\SymSnapService.exe [2009-9-21 1964528]
R3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk63x86.sys [2012-7-25 238080]
S0 klelam;klelam;c:\windows\system32\drivers\klelam.sys [2012-7-27 24496]
S2 VMwareHostd;VMware Workstation Server;c:\program files\vmware\vmware workstation\vmware-hostd.exe [2012-11-1 13234176]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-9-19 83168]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-8-10 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-8-10 8456]
S3 GenericMount Helper Service;GenericMount Helper Service;c:\program files\norton ghost\shared\drivers\GenericMountHelper.exe [2009-9-21 1571336]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]
S3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\samsung\allshare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-9-19 181344]
S3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2012-7-26 8704]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\drivers\WUDFRd.sys [2012-7-26 155136]
.
=============== Created Last 30 ================
.
2013-02-23 00:52:56    190224    ----a-w-    c:\programdata\microsoft\windows\sqm\manifest\Sqm10194.bin
2013-02-23 00:24:47    94112    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-02-20 22:38:00    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2013-02-20 22:37:37    15224    ----a-w-    c:\windows\system32\sdnclean.exe
2013-02-20 22:37:31    --------    d-----w-    c:\program files\Spybot - Search & Destroy 2
2013-02-14 22:15:18    3400704    ----a-w-    c:\windows\system32\win32k.sys
2013-02-14 22:15:13    5554408    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-02-14 22:15:00    1817320    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-02-14 22:12:53    817664    ----a-w-    c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-11 20:16:46    --------    d-----w-    c:\users\laptop\appdata\local\{5ADFF67B-3BD9-4A48-A83E-4F523ED95301}
2013-02-10 21:30:31    --------    d-----w-    c:\users\laptop\appdata\local\{D0E84D6D-01ED-498E-A079-22B64C6B45CD}
2013-02-09 23:49:33    --------    d-----w-    c:\users\laptop\appdata\local\{FFD68072-962E-4940-BA2B-365FA889F2C4}
2013-02-08 17:26:15    --------    d-----w-    c:\users\laptop\appdata\local\{F04F91E0-F4EF-444A-8A69-506813B108BC}
2013-02-05 23:13:35    --------    d-----w-    c:\users\laptop\appdata\local\{8FF96893-BDD4-48E3-B8D3-7BC38D853ECB}
2013-01-31 17:07:46    --------    d-----w-    c:\users\laptop\appdata\roaming\avidemux
2013-01-31 09:01:44    --------    d-----w-    c:\users\laptop\appdata\local\{2DBD482D-558D-4D7A-AE05-E5F35FA8A8C7}
.
==================== Find3M  ====================
.
2013-02-23 00:24:25    861088    ----a-w-    c:\windows\system32\npDeployJava1.dll
2013-02-23 00:24:25    782240    ----a-w-    c:\windows\system32\deployJava1.dll
2013-02-23 00:11:33    42920    ----a-w-    c:\windows\system32\drivers\klwfp.sys
2013-02-06 23:06:14    78176    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-06 23:06:14    692576    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-01-16 00:35:49    44032    ----a-w-    c:\windows\system32\UXInit.dll
2013-01-16 00:25:17    1437696    ----a-w-    c:\windows\system32\GdiPlus.dll
2013-01-10 01:07:00    24808    ----a-w-    c:\windows\system32\drivers\msgpiowin32.sys
2013-01-10 00:08:30    74984    ----a-w-    c:\windows\system32\drivers\partmgr.sys
2013-01-10 00:08:30    1614568    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-01-10 00:08:22    526960    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2013-01-10 00:02:20    158952    ----a-w-    c:\windows\system32\drivers\sdbus.sys
2013-01-10 00:02:15    104168    ----a-w-    c:\windows\system32\drivers\dumpsd.sys
2013-01-09 23:51:38    259816    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-01-09 23:51:38    1229032    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-01-09 23:25:58    741376    ----a-w-    c:\windows\system32\iphlpsvc.dll
2013-01-09 23:25:57    125440    ----a-w-    c:\windows\system32\inetpp.dll
2013-01-09 23:25:55    582144    ----a-w-    c:\windows\system32\gpprefcl.dll
2013-01-09 23:25:55    40960    ----a-w-    c:\windows\system32\drivers\umdf\HidBthLE.dll
2013-01-09 23:25:43    1505280    ----a-w-    c:\windows\system32\wbem\cimwin32.dll
2013-01-09 03:57:47    277504    ----a-w-    c:\windows\system32\drivers\HdAudio.sys
2013-01-04 05:32:36    2706432    ----a-w-    c:\windows\system32\mshtml.tlb
2012-12-20 00:37:37    1775616    ----a-w-    c:\windows\system32\wininet.dll
2012-12-20 00:37:35    662016    ----a-w-    c:\windows\system32\uxtheme.dll
2012-12-20 00:37:04    2881536    ----a-w-    c:\windows\system32\jscript9.dll
2012-12-20 00:37:02    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2012-12-20 00:36:50    431616    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2012-12-17 01:26:52    31    ---ha-w-    c:\windows\UKCpInfo.sys
2012-12-16 08:20:01    35328    ----a-w-    c:\windows\system32\atmlib.dll
2012-12-16 07:57:09    300032    ----a-w-    c:\windows\system32\atmfd.dll
2012-12-14 16:49:28    21104    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-12-06 04:23:01    114176    ----a-w-    c:\windows\system32\TimeBrokerServer.dll
2012-12-06 04:22:59    117248    ----a-w-    c:\windows\system32\SystemEventsBrokerServer.dll
2012-12-04 23:51:26    25944    ----a-w-    c:\windows\system32\drivers\klkbdflt.sys
2012-12-04 04:23:53    330752    ----a-w-    c:\windows\system32\sppwinob.dll
2012-11-29 05:42:09    58088    ----a-w-    c:\windows\system32\drivers\pdc.sys
2012-11-29 05:05:39    975360    ----a-w-    c:\windows\system32\AppXDeploymentServer.dll
2012-11-29 05:05:39    554496    ----a-w-    c:\windows\system32\AppXDeploymentExtensions.dll
.
============= FINISH:  0:40:54.26 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 27/10/2012 21:56:32
System Uptime: 26/02/2013 00:27:37 (0 hours ago)
.
Motherboard: Acer            |  | CathedralPeak                  
Processor: Intel® Core™2 Duo CPU     T6400  @ 2.00GHz | U2E1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 244 GiB total, 200.136 GiB free.
D: is FIXED (NTFS) - 687 GiB total, 599.435 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP19: 11/02/2013 20:22:18 - Windows Live Essentials
RP20: 17/02/2013 21:41:41 - Windows Update
RP21: 20/02/2013 23:40:44 - Installed HiJackThis
RP22: 23/02/2013 00:17:14 - Removed Java™ 6 Update 37
.
==== Installed Programs ======================
.
7-Zip 9.20
Absolute Uninstaller 2.8.0.636
Adobe Flash Player 11 Plugin
Android SDK Tools
µTorrent
Avidemux 2.5 (32-bit)
Betfair Poker 1.0.0
calibre
CCleaner
Citrix Authentication Manager
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
ComicRack v0.9.155
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DOSShell 1.9
EA SPORTS Game Face Browser Plugin 1.5.3.0
EaseUS Partition Master 9.1.1 Home Edition
FileZilla Client 3.6.0.2
Foxit PhantomPDF
Foxit Reader
Google Chrome
Google Earth Plug-in
Google Update Helper
GrabIt 1.7.2 Beta 6 (build 1008)
HTC Driver Installer
HTC Sync Manager
Internet Download Manager
Java 7 Update 15
Java Auto Updater
JDownloader 0.9
Kaspersky Internet Security 2013
Launch Manager
LiveUpdate 3.2 (Symantec Corporation)
LogMeIn
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT Redists
MSVCRT110
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Manager
Norton Ghost
Online Plug-in
Photo Common
QuickTime
RapidShare Manager 2
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver and Utility
RebelBetting 4.8
SABnzbd 0.7.6
Samsung AllShare
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Self-service Plug-in
Sky Go Desktop
SMAC 2.7
Songr
Spybot - Search & Destroy
Synaptics Pointing Device Driver
TomTom HOME
TomTom HOME Visual Studio Merge Modules
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
Tyre
Unity Web Player
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VAP11G
Vegas Pro 11.0
Visual Studio C++ 10.0 Runtime
VLC media player 2.0.4
VMware Workstation
Winamp
Winamp Detector Plug-in
WinDirStat 1.1.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinPcap 4.1.2
WinRAR 4.10 beta 5 (32-bit)
XAMPP 1.8.1
XMedia Recode version 3.1.2.0
Yacc 0.4.0.3
.
==== Event Viewer Messages From Past Week ========
.
26/02/2013 00:30:07, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.4. The computer with the IP address 192.168.0.10 did not allow the name to be claimed by this computer.
26/02/2013 00:29:29, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the VMware Workstation Server service to connect.
26/02/2013 00:29:29, Error: Service Control Manager [7000]  - The VMware Workstation Server service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
25/02/2013 22:37:19, Error: BROWSER [8020]  - The browser was unable to promote itself to master browser.  The computer that currently believes it is the master browser is unknown.
23/02/2013 01:45:00, Error: BROWSER [8019]  - The browser was unable to promote itself to master browser.  The browser will continue to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.
23/02/2013 00:08:25, Error: Service Control Manager [7000]  - The 6273802drv service failed to start due to the following error:  A device attached to the system is not functioning.
20/02/2013 23:33:15, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
20/02/2013 23:32:58, Error: Service Control Manager [7001]  - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 23:32:52, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
20/02/2013 23:27:34, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}
20/02/2013 23:27:14, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
20/02/2013 23:24:42, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 23:24:42, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 23:24:42, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
20/02/2013 23:24:42, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
20/02/2013 23:24:42, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
20/02/2013 23:10:53, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
20/02/2013 23:03:06, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The VMware Workstation Server service depends on the Workstation service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error:  A device attached to the system is not functioning.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
20/02/2013 22:59:34, Error: Service Control Manager [7001]  - The Apache2.4 service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
20/02/2013 22:47:32, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
20/02/2013 22:47:32, Error: Service Control Manager [7000]  - The Server service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
20/02/2013 22:47:02, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
20/02/2013 22:42:57, Error: Service Control Manager [7043]  - The Group Policy Client service did not shut down properly after receiving a pre-shutdown control.
.
==== End Of File ===========================
 


#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 28 February 2013 - 09:16 AM

Hi,

 

Sorry for the delay.

 

Please do the following next:

 

:step1:

 

Going over your logs I noticed that you have utorrent installed.

  • Avoid peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall utorrent, however that choice is up to you.

If you choose to remove these programs, you can do so via:

  • Right Click on the Start window.
  • Click on All Apps button.
  • Under the Windows system list, click control panel then Programs and Features.

If you wish to keep it, please do not use it until your computer is cleaned.

 

 

:step2:

 

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. 

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not
encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". 

It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection.

 

In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.

2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Hence
For Windows XP: please go to Control Panel > "Add/Remove Programs", and remove either Windows Defender or Kaspersky Internet Security.
or
For Windows Vista / 7:please go to "Programs and Features", and remove either Windows Defender or Kaspersky Internet Security.  
or
For Windows 8:

 

  • Launch Windows Defender. The best way is to launch Start Menu and search for Defender.
  • Navigate to Settings tab in Windows Defender > click on the Administrator section.
  • Here uncheck the option Turn on Windows Defender and save the settings.

     

    Note:
    Windows Defender will be disabled instantly. If you want to enable
    Windows Defender protection in the future you can do that from the
    Windows Action Center.

 

 

:step3:

 

Please go to logo.gif
Browse to the following file path in the "Suspicious files to scan" field on the top of the page:

 

c:\windows\UKCpInfo.sys


Click on the Upload button
If a pop-up appears saying the file has been scanned already, please select the ReScan button.
Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the
Clipboard.
Paste the contents of the Clipboard in your next reply.

 

 

:step4:

 

We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In
order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer.

We can reenable it when we're done if you like.

  • Open SpyBot Search and Destroy by: Pressing the Windows key on the keyboard Start then Spybot Search and Destroy (if an icon for it appears).
    • If this doesn't work, then view all your apps via: right-click a blank part of the Start screen and then choose All Apps.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    spybotmode.png
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    spybottools.png
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active".
  • Close/Exit Spybot Search and Destroy.

 

 

:step5:

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

 

:step6:

 

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 02 March 2013 - 08:05 AM

Hi

Are you still with us?

The topic will be closed in 3 days if we do not receive a response from you.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 madnlooney

madnlooney
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 02 March 2013 - 04:18 PM

sorry, i will run these scans now and post the logs

thank you for the help so far



#7 madnlooney

madnlooney
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 02 March 2013 - 04:49 PM

heres the virscan log

 

 

Scanner results :   Scanners did not find malware! Time :   2013/03/03 05:26:07 (CST) Scanner arrow-down.gif Engine Ver Sig Ver Sig Date Scan result Time a-squared 5.1.0.4 20130303050524 2013-03-03
-
8.626 AhnLab V3 2013.03.02.00 2013.03.02 2013-03-02
-
2.775 AntiVir 8.2.10.202 7.11.50.58 2012-11-16
-
0.210 Antiy 2.0.18 2.0.18. 0002-18-00
-
0.176 Arcavir 2011 201302270013 2013-02-27
-
6.330 Authentium 5.1.1 201303012222 2013-03-01
-
1.648 AVAST! 4.7.4 130302-0 2013-03-02
-
0.162 AVG 12.0.1794 2641/5642 2013-03-02
-
0.246 BitDefender 7.90123.9202537 7.45745 2013-03-01
-
5.120 ClamAV 0.97.5 16772 2013-03-03
-
0.170 Comodo 5.1 15430 2013-03-02
-
2.287 CP Secure 1.3.0.5 2013.03.03 2013-03-03
-
0.166 Dr.Web 7.0.4.9250 2013.02.27 2013-02-27
-
17.290 F-Prot 4.6.2.117 20130301 2013-03-01
-
0.900 F-Secure 7.02.73807 2013.03.02.06 2013-03-02
-
2.478 Fortinet 4.3.392 16.549 2013-03-03
-
0.131 GData 22.8252 20130303 2013-03-03
-
6.971 Ikarus T3.1.32.31.0 2013.03.02.83582 2013-03-02
-
8.131 JiangMin 16.0.100 2013.02.09 2013-02-09
-
11.631 Kaspersky 5.5.10 2013.03.02 2013-03-02
-
0.218 KingSoft 2009.2.5.15 2013.3.1.9 2013-03-01
-
0.909 McAfee 5400.1158 7002 2013-03-02
-
11.327 Microsoft 1.9203 2013.03.02 2013-03-02
-
3.770 NOD32 3.0.21 7951 2013-01-30
-
0.159 Norman 6.8.3 201208311030 2012-08-31
-
0.000 nProtect 20130301.01 14084187 2013-03-01
-
1.591 Panda 9.05.01 2013.03.01 2013-03-01
-
0.614 Quick Heal 11.00 2013.03.01 2013-03-01
-
0.921 Rising 20.0 24.51.02.04 2013-02-27
-
0.241 Sophos 3.39.0 4.85 2013-03-03
-
6.318 Sunbelt 3.9.2558.2 15822 2013-03-02
-
0.774 Symantec 1.3.0.24 20130301.005 2013-03-01
-
0.178 The Hacker 6.8.0.0 v00200 2013-02-28
-
0.610 Trend Micro 9.500-1005 9.674.06 2013-01-22
-
0.197 VBA32 3.12.20.2 20130301.1938 2013-03-01
-
2.440 ViRobot 20130228 2013.02.28 2013-02-28
-
0.438 VirusBuster 5.5.2.13 15.0.364.0/10965901 2013-03-02
-
0.172

 

im also running spybot 2.0.12.0 and looking around i found this on there forum 

 

"Spybot 2 does currently not contain a resident protection.

Hence there are no compatibility issues to be expected.

The icon in the system tray is the Spybot icon which you can also use besides the desktop icon to start Spybot 2. 

If you still want to disable it completely:
Please open the Spybot-S&D Start-Center.
Choose the "Advanced User Mode" by ticking the checkbox to activate it.
Now click on "Startup Tools".
If being asked what you want to do choose "Browse system settings".

 

here is the FSS log

 

Farbar Service Scanner Version: 20-02-2013

Ran by laptop (administrator) on 02-03-2013 at 21:47:47
Running from "C:\Users\laptop\Desktop"
Windows 8 Pro  (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\nsisvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\WINDOWS\system32\dhcpcore.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tdx.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\mpssvc.dll => MD5 is legit
C:\WINDOWS\system32\bfe.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\WINDOWS\system32\SDRSVC.dll
[2012-07-26 01:13] - [2012-07-26 03:19] - 0121856 ____A (Microsoft Corporation) B433671D5A6D36D35141A56B6E75D086
 
C:\WINDOWS\system32\vssvc.exe => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuaueng.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\iphlpsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
here is theadwcleaner log
 
# AdwCleaner v2.113 - Logfile created 03/02/2013 at 21:48:53
# Updated 23/02/2013 by Xplode
# Operating system : Windows 8 Pro  (32 bits)
# User : laptop - LAPTOP-PC
# Boot Mode : Normal
# Running from : C:\Users\laptop\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16482
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.97
 
File : C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [1402 octets] - [02/03/2013 21:48:53]
 
########## EOF - C:\AdwCleaner[R1].txt - [1462 octets] ##########
 
 

Choose the tab "Autorun".
Open the following registry path by ticking the "+" in front of it:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

Now untick the checkbox in front of:
SDTray - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe "



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 03 March 2013 - 12:21 PM

Hi

Please do the following next:

:step1:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.
:spacer:
:step2:
  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.
Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

How is the computer running now?

Edited by dev00790, 03 March 2013 - 12:21 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 06 March 2013 - 03:15 PM

Hi

Are you still with us?

The topic will be closed in 3 days if we do not receive a response from you.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 madnlooney

madnlooney
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 07 March 2013 - 07:43 AM

sorry for the delay for some reason i didnt get an email but here are the logs you require

 

 

 Results of screen317's Security Check version 0.99.59  
   x86 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Norton Ghost    
 Malwarebytes Anti-Malware version 1.70.0.1100  
 CCleaner     
 Java 7 Update 15  
 Java version out of Date! 
 Adobe Flash Player 11.6.602.168  
 Google Chrome 25.0.1364.152  
 Google Chrome 25.0.1364.97  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Spybot Teatimer.exe is disabled! 
 Kaspersky Lab Kaspersky Internet Security 2013 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log`````````````````````` 
 
 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.06.13
 
Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16484
laptop :: LAPTOP-PC [administrator]
 
07/03/2013 00:57:50
mbam-log-2013-03-07 (00-57-50).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 467256
Time elapsed: 1 hour(s), 50 minute(s), 49 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 


#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 07 March 2013 - 12:57 PM

Hi

 

Thank you for the SecurityCheck, and MBAM logs.

 

The ESET log was not included (step3), and neither was how your computer is running now (step4), as requested in my earlier post here.

- Please provide these in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 madnlooney

madnlooney
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 08 March 2013 - 02:04 PM

Sorry here is the eset log
 
C:\Users\laptop\AppData\Local\Temp\nsaD6A4.tmp a variant of Win32/Somoto.A application cleaned by deleting - quarantined
D:\Documents\Android\wildfire s\JikantaruROM_XE_11711.zip a variant of Android/WifiKill.A application deleted - quarantined
 
The computer is running fine, Hotmail hasn't had password compromised so far, i also uninstalled the windows live mail


#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 10 March 2013 - 02:12 PM

Hi

 

Please do the following next:

 

:step1:

 

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

:step2:

 

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
 


Please follow these steps to remove older version Java components and update:
 

  • Download the latest version of Java Runtime Environment (JRE) Version 17 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.

Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.

  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u17-windows-i586.exe (or jre-7u17-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:

  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

 

:step3:

 

Please rerun Minitoolbox on your desktop

Checkmark the following checkboxes:

  • List last 10 Event Viewer log
  • List Installed Programs

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 madnlooney

madnlooney
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South London
  • Local time:10:53 AM

Posted 12 March 2013 - 01:44 PM

heres the logs
 
# AdwCleaner v2.114 - Logfile created 03/12/2013 at 18:29:29
# Updated 05/03/2013 by Xplode
# Operating system : Windows 8 Pro  (32 bits)
# User : laptop - LAPTOP-PC
# Boot Mode : Normal
# Running from : D:\Documents\Downloads\SCANS\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16482
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.152
 
File : C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R2].txt - [1183 octets] - [12/03/2013 18:29:09]
AdwCleaner[S1].txt - [1124 octets] - [12/03/2013 18:29:29]
 
########## EOF - C:\AdwCleaner[S1].txt - [1184 octets] ##########
 
 
 
 
MiniToolBox by Farbar  Version:05-03-2013
Ran by laptop (administrator) on 12-03-2013 at 18:44:05
Running from "D:\Documents\Downloads\SCANS"
Windows 8 Pro  (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/12/2013 06:22:27 PM) (Source: MsiInstaller) (User: LAPTOP-PC)
Description: Product: Java 7 Update 17 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (03/12/2013 06:11:52 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (03/09/2013 09:40:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Nero3D,processorArchitecture="x86",publicKeyToken="782f0d87cd3d50b0",type="win32",version="10.6.0.1"1".
Dependent Assembly Nero3D,processorArchitecture="x86",publicKeyToken="782f0d87cd3d50b0",type="win32",version="10.6.0.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/09/2013 09:40:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/09/2013 09:40:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "NScCoreComponents,type="win32",version="5.3.0.0"1".
Dependent Assembly NScCoreComponents,type="win32",version="5.3.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/09/2013 07:59:36 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (03/08/2013 06:58:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAPTOP-PC)
Description: Activation of application Microsoft.XboxCompanion_8wekyb3d8bbwe!Microsoft.XboxCompanion failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/08/2013 06:58:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAPTOP-PC)
Description: App Microsoft.XboxCompanion_8wekyb3d8bbwe!Microsoft.XboxCompanion did not launch within its allotted time.
 
Error: (03/07/2013 09:37:44 AM) (Source: .NET Runtime) (User: )
Description: Application: backgroundTaskHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.<ThrowAsync>b__1(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (03/07/2013 09:23:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a994
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988a1f
Exception code: 0xe0434352
Fault offset: 0x00012005
Faulting process ID: 0x1dd8
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report ID: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
 
System errors:
=============
Error: (03/12/2013 06:32:54 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.10 did not allow the name to be claimed by
this computer.
 
Error: (03/12/2013 06:12:35 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.4.
The computer with the IP address 192.168.0.10 did not allow the name to be claimed by
this computer.
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/12/2013 06:12:17 PM) (Source: DCOM) (User: LAPTOP-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-PClaptopS-1-5-21-1565894313-3183274041-338652841-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (03/12/2013 06:22:27 PM) (Source: MsiInstaller)(User: LAPTOP-PC)
Description: Product: Java 7 Update 17 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (03/12/2013 06:11:52 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (03/09/2013 09:40:48 PM) (Source: SideBySide)(User: )
Description: Nero3D,processorArchitecture="x86",publicKeyToken="782f0d87cd3d50b0",type="win32",version="10.6.0.1"c:\program files\HTC\htc sync manager\NEE\NeroBRServer.exe.Manifest
 
Error: (03/09/2013 09:40:45 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\HTC\htc sync manager\HTC Sync\FDAgentForOutlook64.exe
 
Error: (03/09/2013 09:40:41 PM) (Source: SideBySide)(User: )
Description: NScCoreComponents,type="win32",version="5.3.0.0"C:\Program Files\HTC\HTC Sync Manager\ptt\NMTvWizard.exe.Manifest
 
Error: (03/09/2013 07:59:36 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (03/08/2013 06:58:49 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAPTOP-PC)
Description: Microsoft.XboxCompanion_8wekyb3d8bbwe!Microsoft.XboxCompanion-2144927142
 
Error: (03/08/2013 06:58:33 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAPTOP-PC)
Description: Microsoft.XboxCompanion_8wekyb3d8bbwe!Microsoft.XboxCompanion
 
Error: (03/07/2013 09:37:44 AM) (Source: .NET Runtime)(User: )
Description: Application: backgroundTaskHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.<ThrowAsync>b__1(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (03/07/2013 09:23:08 AM) (Source: Application Error)(User: )
Description: backgroundTaskHost.exe6.2.9200.163845010a994KERNELBASE.dll6.2.9200.1645150988a1fe0434352000120051dd801ce1b15469318c2C:\WINDOWS\system32\backgroundTaskHost.exeC:\WINDOWS\system32\KERNELBASE.dll9f0ab53c-8708-11e2-b018-e2479f3799339301LawrenceGripper.BBCNewsMobile_1.0.0.13_neutral__seqmmyhgcfnf2App
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-19 21:07:15.273
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:15.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:14.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:14.619
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:14.464
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:14.346
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:11.418
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-02-19 21:07:09.607
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-01-16 19:41:22.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
  Date: 2013-01-16 19:41:21.790
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.2.1.28086)
7-Zip 9.20
Absolute Uninstaller 2.8.0.636
Adobe AIR (Version: 2.6.0.19140)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 Plugin (Version: 11.6.602.168)
Adobe Photoshop CS5.1 (Version: 12.1)
Android SDK Tools (Version: 1.16)
Avidemux 2.5 (32-bit) (Version: 2.5.4.7200)
Betfair Poker 1.0.0 (Version: 1.0.0)
calibre (Version: 0.8.60)
CCleaner (Version: 3.23)
Citrix Authentication Manager (Version: 2.0.0.41479)
Citrix Receiver (HDX Flash Redirection) (Version: 13.1.200.22)
Citrix Receiver (Version: 13.1.200.22)
Citrix Receiver Inside (Version: 3.2.0.5844)
Citrix Receiver(Aero) (Version: 13.1.200.22)
Citrix Receiver(DV) (Version: 13.1.200.22)
Citrix Receiver(USB) (Version: 13.1.200.22)
ComicRack v0.9.155 (Version: v0.9.155)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.46.1.0328)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DOSShell 1.9 (Version: 1.9)
EA SPORTS Game Face Browser Plugin 1.5.3.0 (Version: 1.5.3.0)
EaseUS Partition Master 9.1.1 Home Edition
ESET Online Scanner v3
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Foxit PhantomPDF (Version: 5.4.2.918)
Foxit Reader (Version: 5.4.5.124)
Google Chrome (Version: 25.0.1364.152)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.135)
GrabIt 1.7.2 Beta 6 (build 1008)
HTC Driver Installer (Version: 3.0.0.023)
HTC Sync Manager (Version: 1.0.34.4169)
Internet Download Manager
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
JDownloader 0.9 (Version: 0.9)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Launch Manager (Version: 3.0.00)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
LogMeIn (Version: 4.1.2504)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
Norton Ghost (Version: 15.0.0.35659)
Online Plug-in (Version: 13.1.200.22)
PDF Settings CS5 (Version: 10.0)
Photo Common (Version: 16.4.3505.0912)
QuickTime
RapidShare Manager 2 (Version: 2)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0145)
RebelBetting 4.8 (Version: 4.8)
SABnzbd 0.7.6 (Version: 0.7.6)
Samsung AllShare (Version: 2.1.0.12031_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.5.0)
Self-service Plug-in (Version: 3.2.0.24226)
Sky Go Desktop
SMAC 2.7
Songr (Version: 1.9.44)
Spybot - Search & Destroy (Version: 2.0.12)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
TomTom HOME (Version: 2.9.1)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
tools-freebsd (Version: 9.2.2.894247)
tools-linux (Version: 9.2.2.894247)
tools-netware (Version: 9.2.2.894247)
tools-solaris (Version: 9.2.2.894247)
tools-windows (Version: 9.2.2.894247)
tools-winPre2k (Version: 9.2.2.894247)
Tyre (Version: 6.0.0.28)
Unity Web Player (Version: )
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VAP11G (Version: 5.0.30.3 for WIN7/VISTA/WINXP)
Vegas Pro 11.0 (Version: 11.0.370)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.4 (Version: 2.0.4)
VMware Workstation (Version: 9.0.1)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinDirStat 1.1.2
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.10 beta 5 (32-bit) (Version: 4.10.5)
XAMPP 1.8.1
XMedia Recode version 3.1.2.0 (Version: 3.1.2.0)
Yacc 0.4.0.3 (Version: 0.4.0.3)
 
**** End of log ****
 


#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:53 PM

Posted 14 March 2013 - 04:15 AM

Hi

Please do the following next:

:step1:

Important Note: Your version of Adobe Air is out of date.

Uninstall Adobe Air
  • Open Programs and Features or Add and Remove Programs by clicking the Start / Windows "Orb" button, clicking Control Panel, clicking Programs, and then clicking Programs and Features or Add and Remove Programs.
  • Select any program with Adobe Air in the name, and then click Uninstall.
  • Repeat step 2 until no more programs containing Adobe Air are visible.
Note: Some programs include the option to change or repair the program in addition to uninstalling it, but many simply offer the option to uninstall. To change a program, click
Change or Repair. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Please follow these steps to Install the latest Adobe Air:
  • Go to http://get.adobe.com/air/
  • Click the Download now button, and save it to your Desktop
  • Double click the file to start the installation process.
:step2:

FINAL STEPS

If you are not experiencing any other malware related issues, it is time to do our final steps:
  • Any programs that we had you download and/or install can be removed at this time.
  • If we had you create or download any custom fixes, these can be deleted at this time.
  • If we had you download and run ComboFix, here is how to uninstall it:
    • Press and hold the Windows key Windows_Logo_key.gif and then press the letter R on your keyboard.
    • This opens the Run dialog box.
    • Copy and paste the below text inside the text-field:
      • "%userprofile%\desktop\ComboFix" /uninstall
    • Now press ENTER
    • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
  • If you used DeFogger to disable your Disk Emulation Software, you can reopen DeFogger and use the "Enable" button.
  • You can download this tool to delete more traces of our tools. Delete the tool itself afterwards.
  • Toggle System Restore OFF and then back ON.
  • You should delete your our old, potentially infected System Restore points and create a new, clean restore point.
    • If you are using Windows XP, read and follow the steps on "How to turn off or turn on System Restore" from this link
    • If you are using Windows Vista, read and follow the steps on "How do I turn System Restore on and off?" proceeded by "How do I create a restore point manually?" from this link.
    • If you are using Windows 7, read and follow the steps on "To delete all restore points" from this link proceeded by "Create a restore point" from this link.
    • If you are using Windows 8, read and follow the steps on "Disabling System Restore" from this link proceeded by "Manually Creating Restore Points" from this link.
  • Recommended reading material to protect your computer from infection in the future:
  • Be safe :hello:

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users