Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bitdefender cannot remove Trojan.Generic.4894589


  • Please log in to reply
17 replies to this topic

#1 wpfast

wpfast

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 13 May 2013 - 11:09 PM

Hello.

 

I had the following issue listed in Bitdefender under antivirus today.

 

Bitdefender has discovered this trojan and cannot remove it. My computer also had the Blue Screen the other day, but I ran ESET and it did find 1 infected file and removed it.

 

Bitdefender said the infected files are

 

C:\Users\Wells\AppData\Local\Tem\_avast4_\unp96259835.tmp

 

C:\Users\Wells\AppData\Local\Tem\_avast4_\unp881089841.tmp

 

I run IE 10 on 64 bit; Windows 7 Pro

 

I scanned with several programs but did not save scans.

 

Malwarebytes comes up clean; ditto for Superantivrus...

 

Computer is running slower than normal.

 

Any help greatly appreciated!

 

wpfast

 



BC AdBot (Login to Remove)

 


#2 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 16 May 2013 - 10:12 PM

http://www.bleepingcomputer.com/forums/t/494520/bitdefender-cannot-remove-trojangeneric4894589/?hl=%2Bwpfast



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 17 May 2013 - 11:58 AM

lets run these and see how it is after.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

 

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

>>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 18 May 2013 - 05:47 PM

Hello Boopme.

 

Minitool Results

MiniToolBox by Farbar  Version:21-04-2013
Ran by Wells (administrator) on 18-05-2013 at 17:17:09
Running from "C:\Users\Wells\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 taskoffload=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Wells-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-24-8C-26-8B-A6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4987:8495:8c51:d8a5%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 16, 2013 3:25:17 AM
   Lease Expires . . . . . . . . . . : Sunday, May 19, 2013 3:25:16 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890380
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-41-0C-E3-00-24-8C-26-8B-A6
   DNS Servers . . . . . . . . . . . : 24.217.0.5
                                       24.217.201.67
                                       24.247.15.53
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domain_not_set.invalid:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  vip01olvemo.stls.mo.charter.com
Address:  24.217.0.5

Name:    google.com
Addresses:  2607:f8b0:4009:800::1001
      74.125.225.39
      74.125.225.32
      74.125.225.41
      74.125.225.35
      74.125.225.40
      74.125.225.37
      74.125.225.46
      74.125.225.36
      74.125.225.38
      74.125.225.33
      74.125.225.34


Pinging google.com [74.125.225.41] with 32 bytes of data:
Reply from 74.125.225.41: bytes=32 time=21ms TTL=51
Reply from 74.125.225.41: bytes=32 time=21ms TTL=51

Ping statistics for 74.125.225.41:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 21ms, Maximum = 21ms, Average = 21ms
Server:  vip01olvemo.stls.mo.charter.com
Address:  24.217.0.5

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=238ms TTL=44
Reply from 98.139.183.24: bytes=32 time=237ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 237ms, Maximum = 238ms, Average = 237ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 24 8c 26 8b a6 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::4987:8495:8c51:d8a5/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/17/2013 04:11:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/16/2013 03:26:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2013 00:31:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/15/2013 10:58:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2013 10:55:38 AM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (05/15/2013 10:55:38 AM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (05/15/2013 10:55:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/15/2013 10:53:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2013 08:59:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2013 08:58:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (05/16/2013 03:25:24 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
SBRE

Error: (05/16/2013 03:24:23 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/16/2013 03:24:17 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/16/2013 03:24:17 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/16/2013 03:23:04 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/15/2013 10:56:50 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
SBRE

Error: (05/15/2013 10:56:22 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/15/2013 10:56:16 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/15/2013 10:56:16 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/15/2013 10:55:29 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (05/17/2013 04:11:30 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/16/2013 03:26:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2013 00:31:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/15/2013 10:58:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2013 10:55:38 AM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (05/15/2013 10:55:38 AM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (05/15/2013 10:55:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (05/15/2013 10:53:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2013 08:59:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2013 08:58:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-01-29 22:24:29.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 22:11:35.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:49:54.338
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:35:55.629
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:11:16.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 17:32:29.200
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 16:22:30.225
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 16:06:55.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 15:48:32.758
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 15:38:40.346
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Advanced SystemCare 6 (Version: 6.1)
Audio Creator LE (Version: 1.0)
Auslogics Disk Defrag (Version: 3.5)
Bitdefender Antivirus Plus 2013 (Version: 16.16.0.1348)
CCleaner (Version: 3.09)
CDBurnerXP (Version: 4.3.8.2523)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
DownloadTerms (Version: 1.0)
ESET Online Scanner v3
Glary Utilities 2.49.0.1600 (Version: 2.49.0.1600)
GOM Player (Version: 2.1.47.5133)
Google Chrome (Version: 26.0.1410.64)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
HiJackThis (Version: 1.0.0)
Internet Explorer Toolbar 4.7 by SweetPacks (Version: 4.7.0008)
IObit Malware Fighter (Version: 1.0)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Codec Pack 7.1.0 (Full) (Version: 7.1.0)
LogMeIn (Version: 4.0.966)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft IntelliType Pro 8.1 (Version: 8.15.406.0)
Microsoft Office Converter Pack (Version: 11.0.0.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
RegHunter (Version: 1.2.2.1568)
Revo Uninstaller 1.94 (Version: 1.94)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Smart Defrag 2 (Version: 2.7)
SpyHunter (Version: 4.11.10.4138)
SUPERAntiSpyware (Version: 5.5.1012)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)Resu
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Updater By SweetPacks 2.0.0.566 (Version: 2.0.0.566)
Vensim PLE
VLC media player 2.0.0 (Version: 2.0.0)
Window Washer (Version: )
Windows 8 Codecs Pack 1.0.0 (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3839.11 MB
Available physical RAM: 2346.83 MB
Total Pagefile: 11337.3 MB
Available Pagefile: 8879.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.22 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:466.2 GB) (Free:409.94 GB) NTFS
3 Drive d: (Backup) (Fixed) (Total:465.31 GB) (Free:29.18 GB) NTFS

========================= Users: ========================================

User accounts for \\WELLS-PC

Administrator            Guest                    LogMeInRemoteUser        
Wells                    


**** End of log ****
 

 

 

 

 

TDSKiller Results

17:22:46.0509 7832  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:22:47.0805 7832  ============================================================
17:22:47.0805 7832  Current date / time: 2013/05/18 17:22:47.0805
17:22:47.0805 7832  SystemInfo:
17:22:47.0805 7832  
17:22:47.0805 7832  OS Version: 6.1.7601 ServicePack: 1.0
17:22:47.0805 7832  Product type: Workstation
17:22:47.0805 7832  ComputerName: WELLS-PC
17:22:47.0805 7832  UserName: Wells
17:22:47.0805 7832  Windows directory: C:\Windows
17:22:47.0805 7832  System windows directory: C:\Windows
17:22:47.0805 7832  Running under WOW64
17:22:47.0805 7832  Processor architecture: Intel x64
17:22:47.0805 7832  Number of processors: 4
17:22:47.0805 7832  Page size: 0x1000
17:22:47.0805 7832  Boot type: Normal boot
17:22:47.0805 7832  ============================================================
17:22:48.0905 7832  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:22:48.0973 7832  ============================================================
17:22:48.0973 7832  \Device\Harddisk0\DR0:
17:22:48.0973 7832  MBR partitions:
17:22:48.0973 7832  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A4683BC
17:22:48.0993 7832  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A46843A, BlocksNum 0x3A29D587
17:22:48.0993 7832  ============================================================
17:22:49.0022 7832  C: <-> \Device\Harddisk0\DR0\Partition1
17:22:49.0047 7832  D: <-> \Device\Harddisk0\DR0\Partition2
17:22:49.0047 7832  ============================================================
17:22:49.0047 7832  Initialize success
17:22:49.0047 7832  ============================================================
17:23:21.0833 15788  ============================================================
17:23:21.0833 15788  Scan started
17:23:21.0833 15788  Mode: Manual; TDLFS;
17:23:21.0833 15788  ============================================================
17:23:22.0583 15788  ================ Scan system memory ========================
17:23:22.0583 15788  System memory - ok
17:23:22.0583 15788  ================ Scan services =============================
17:23:22.0619 15788  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:23:22.0620 15788  !SASCORE - ok
17:23:22.0758 15788  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:23:22.0761 15788  1394ohci - ok
17:23:22.0768 15788  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:23:22.0772 15788  ACPI - ok
17:23:22.0784 15788  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:23:22.0785 15788  AcpiPmi - ok
17:23:22.0855 15788  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:23:22.0855 15788  AdobeARMservice - ok
17:23:22.0963 15788  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:23:22.0964 15788  AdobeFlashPlayerUpdateSvc - ok
17:23:22.0975 15788  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:23:22.0981 15788  adp94xx - ok
17:23:22.0988 15788  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:23:22.0992 15788  adpahci - ok
17:23:22.0997 15788  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:23:23.0000 15788  adpu320 - ok
17:23:23.0044 15788  [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
17:23:23.0050 15788  AdvancedSystemCareService6 - ok
17:23:23.0067 15788  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:23:23.0069 15788  AeLookupSvc - ok
17:23:23.0094 15788  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:23:23.0101 15788  AFD - ok
17:23:23.0104 15788  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:23:23.0106 15788  agp440 - ok
17:23:23.0121 15788  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:23:23.0122 15788  ALG - ok
17:23:23.0133 15788  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:23:23.0134 15788  aliide - ok
17:23:23.0152 15788  [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:23:23.0155 15788  AMD External Events Utility - ok
17:23:23.0158 15788  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:23:23.0159 15788  amdide - ok
17:23:23.0163 15788  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:23:23.0164 15788  AmdK8 - ok
17:23:23.0305 15788  [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:23:23.0425 15788  amdkmdag - ok
17:23:23.0445 15788  [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:23:23.0451 15788  amdkmdap - ok
17:23:23.0468 15788  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:23:23.0469 15788  AmdPPM - ok
17:23:23.0487 15788  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:23:23.0489 15788  amdsata - ok
17:23:23.0494 15788  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:23:23.0498 15788  amdsbs - ok
17:23:23.0502 15788  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:23:23.0503 15788  amdxata - ok
17:23:23.0506 15788  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:23:23.0508 15788  AppID - ok
17:23:23.0534 15788  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:23:23.0535 15788  AppIDSvc - ok
17:23:23.0550 15788  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
17:23:23.0552 15788  Appinfo - ok
17:23:23.0568 15788  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:23:23.0571 15788  AppMgmt - ok
17:23:23.0575 15788  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
17:23:23.0577 15788  arc - ok
17:23:23.0581 15788  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:23:23.0582 15788  arcsas - ok
17:23:23.0613 15788  [ 6E98BB288696777A3A8A07A52B0EAEE9 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:23:23.0628 15788  aswSnx - ok
17:23:23.0632 15788  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:23:23.0633 15788  AsyncMac - ok
17:23:23.0637 15788  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:23:23.0637 15788  atapi - ok
17:23:23.0767 15788  [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:23:23.0811 15788  atikmdag - ok
17:23:23.0841 15788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:23:23.0849 15788  AudioEndpointBuilder - ok
17:23:23.0869 15788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:23:23.0872 15788  AudioSrv - ok
17:23:23.0907 15788  [ AAE1DAE483DD57D0E267FCA42FCB5133 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
17:23:23.0911 15788  avc3 - ok
17:23:23.0920 15788  [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
17:23:23.0921 15788  avchv - ok
17:23:23.0936 15788  [ 8183B715BD56561C27BEBB68B1192B7A ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
17:23:23.0942 15788  avckf - ok
17:23:23.0952 15788  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:23:23.0953 15788  AxInstSV - ok
17:23:23.0978 15788  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:23:23.0984 15788  b06bdrv - ok
17:23:23.0998 15788  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:23:24.0002 15788  b57nd60a - ok
17:23:24.0012 15788  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:23:24.0013 15788  BDESVC - ok
17:23:24.0073 15788  [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
17:23:24.0074 15788  bdfwfpf - ok
17:23:24.0077 15788  [ E311541A584A29C0D91DD73730B1DCBE ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
17:23:24.0078 15788  BDSandBox - ok
17:23:24.0086 15788  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:23:24.0087 15788  Beep - ok
17:23:24.0103 15788  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:23:24.0111 15788  BFE - ok
17:23:24.0141 15788  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:23:24.0151 15788  BITS - ok
17:23:24.0155 15788  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:23:24.0156 15788  blbdrive - ok
17:23:24.0178 15788  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:23:24.0180 15788  bowser - ok
17:23:24.0183 15788  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:23:24.0184 15788  BrFiltLo - ok
17:23:24.0195 15788  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:23:24.0196 15788  BrFiltUp - ok
17:23:24.0199 15788  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:23:24.0201 15788  BridgeMP - ok
17:23:24.0228 15788  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:23:24.0230 15788  Browser - ok
17:23:24.0239 15788  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:23:24.0243 15788  Brserid - ok
17:23:24.0247 15788  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:23:24.0248 15788  BrSerWdm - ok
17:23:24.0261 15788  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:23:24.0262 15788  BrUsbMdm - ok
17:23:24.0265 15788  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:23:24.0266 15788  BrUsbSer - ok
17:23:24.0271 15788  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:23:24.0273 15788  BTHMODEM - ok
17:23:24.0284 15788  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:23:24.0285 15788  bthserv - ok
17:23:24.0303 15788  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:23:24.0305 15788  cdfs - ok
17:23:24.0309 15788  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:23:24.0316 15788  cdrom - ok
17:23:24.0329 15788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:23:24.0330 15788  CertPropSvc - ok
17:23:24.0333 15788  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
17:23:24.0335 15788  circlass - ok
17:23:24.0361 15788  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:23:24.0366 15788  CLFS - ok
17:23:24.0410 15788  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:23:24.0411 15788  clr_optimization_v2.0.50727_32 - ok
17:23:24.0458 15788  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:23:24.0460 15788  clr_optimization_v2.0.50727_64 - ok
17:23:24.0490 15788  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:23:24.0504 15788  clr_optimization_v4.0.30319_32 - ok
17:23:24.0515 15788  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:23:24.0517 15788  clr_optimization_v4.0.30319_64 - ok
17:23:24.0520 15788  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:23:24.0521 15788  CmBatt - ok
17:23:24.0525 15788  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:23:24.0528 15788  cmdide - ok
17:23:24.0554 15788  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
17:23:24.0560 15788  CNG - ok
17:23:24.0564 15788  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:23:24.0565 15788  Compbatt - ok
17:23:24.0575 15788  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:23:24.0577 15788  CompositeBus - ok
17:23:24.0580 15788  COMSysApp - ok
17:23:24.0584 15788  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:23:24.0586 15788  crcdisk - ok
17:23:24.0610 15788  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:23:24.0613 15788  CryptSvc - ok
17:23:24.0636 15788  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
17:23:24.0643 15788  CSC - ok
17:23:24.0659 15788  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
17:23:24.0668 15788  CscService - ok
17:23:24.0688 15788  [ 7F61FBE259C18666D8DDF862F13A5EB0 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
17:23:24.0693 15788  dc3d - ok
17:23:24.0725 15788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:23:24.0732 15788  DcomLaunch - ok
17:23:24.0757 15788  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:23:24.0761 15788  defragsvc - ok
17:23:24.0765 15788  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:23:24.0767 15788  DfsC - ok
17:23:24.0780 15788  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:23:24.0784 15788  Dhcp - ok
17:23:24.0788 15788  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:23:24.0789 15788  discache - ok
17:23:24.0793 15788  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
17:23:24.0795 15788  Disk - ok
17:23:24.0810 15788  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:23:24.0812 15788  dmvsc - ok
17:23:24.0837 15788  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:23:24.0840 15788  Dnscache - ok
17:23:24.0857 15788  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:23:24.0860 15788  dot3svc - ok
17:23:24.0872 15788  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:23:24.0875 15788  DPS - ok
17:23:24.0897 15788  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:23:24.0898 15788  drmkaud - ok
17:23:24.0929 15788  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:23:24.0940 15788  DXGKrnl - ok
17:23:24.0971 15788  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:23:24.0973 15788  EapHost - ok
17:23:25.0133 15788  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:23:25.0169 15788  ebdrv - ok
17:23:25.0190 15788  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:23:25.0192 15788  EFS - ok
17:23:25.0247 15788  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:23:25.0255 15788  ehRecvr - ok
17:23:25.0272 15788  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:23:25.0275 15788  ehSched - ok
17:23:25.0299 15788  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:23:25.0306 15788  elxstor - ok
17:23:25.0317 15788  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:23:25.0318 15788  ErrDev - ok
17:23:25.0363 15788  [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
17:23:25.0367 15788  esgiguard - ok
17:23:25.0399 15788  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:23:25.0404 15788  EventSystem - ok
17:23:25.0422 15788  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:23:25.0425 15788  exfat - ok
17:23:25.0440 15788  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:23:25.0443 15788  fastfat - ok
17:23:25.0465 15788  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:23:25.0473 15788  Fax - ok
17:23:25.0477 15788  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:23:25.0478 15788  fdc - ok
17:23:25.0488 15788  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:23:25.0489 15788  fdPHost - ok
17:23:25.0507 15788  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:23:25.0509 15788  FDResPub - ok
17:23:25.0512 15788  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:23:25.0514 15788  FileInfo - ok
17:23:25.0582 15788  [ 060CC45CECAE2FEAFF9C8C52D8FAFAA8 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
17:23:25.0587 15788  FileMonitor - ok
17:23:25.0591 15788  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:23:25.0593 15788  Filetrace - ok
17:23:25.0596 15788  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:23:25.0598 15788  flpydisk - ok
17:23:25.0607 15788  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:23:25.0611 15788  FltMgr - ok
17:23:25.0652 15788  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:23:25.0670 15788  FontCache - ok
17:23:25.0718 15788  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:23:25.0719 15788  FontCache3.0.0.0 - ok
17:23:25.0726 15788  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:23:25.0727 15788  FsDepends - ok
17:23:25.0746 15788  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:23:25.0748 15788  Fs_Rec - ok
17:23:25.0777 15788  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:23:25.0780 15788  fvevol - ok
17:23:25.0784 15788  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:23:25.0786 15788  gagp30kx - ok
17:23:25.0814 15788  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:23:25.0823 15788  gpsvc - ok
17:23:25.0850 15788  [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
17:23:25.0853 15788  grmnusb - ok
17:23:25.0914 15788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:23:25.0915 15788  gupdate - ok
17:23:25.0918 15788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:23:25.0919 15788  gupdatem - ok
17:23:25.0923 15788  [ DB8A82239139348D6666434128D6F5DC ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
17:23:25.0924 15788  gzflt - ok
17:23:25.0928 15788  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:23:25.0929 15788  hcw85cir - ok
17:23:25.0936 15788  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:23:25.0941 15788  HdAudAddService - ok
17:23:25.0945 15788  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:23:25.0947 15788  HDAudBus - ok
17:23:25.0950 15788  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:23:25.0951 15788  HidBatt - ok
17:23:25.0955 15788  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:23:25.0956 15788  HidBth - ok
17:23:25.0960 15788  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:23:25.0962 15788  HidIr - ok
17:23:25.0971 15788  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
17:23:25.0972 15788  hidserv - ok
17:23:25.0976 15788  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:23:25.0977 15788  HidUsb - ok
17:23:25.0995 15788  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:23:25.0997 15788  hkmsvc - ok
17:23:26.0007 15788  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:23:26.0011 15788  HomeGroupListener - ok
17:23:26.0034 15788  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:23:26.0037 15788  HomeGroupProvider - ok
17:23:26.0046 15788  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:23:26.0047 15788  HpSAMD - ok
17:23:26.0063 15788  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:23:26.0072 15788  HTTP - ok
17:23:26.0085 15788  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:23:26.0086 15788  hwpolicy - ok
17:23:26.0090 15788  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:23:26.0092 15788  i8042prt - ok
17:23:26.0116 15788  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:23:26.0121 15788  iaStorV - ok
17:23:26.0154 15788  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:23:26.0163 15788  idsvc - ok
17:23:26.0178 15788  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:23:26.0179 15788  iirsp - ok
17:23:26.0203 15788  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:23:26.0213 15788  IKEEXT - ok
17:23:26.0257 15788  [ 8AE99EBE30E8338907361018D9030835 ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
17:23:26.0266 15788  IMFservice - ok
17:23:26.0272 15788  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:23:26.0274 15788  intelide - ok
17:23:26.0278 15788  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:23:26.0280 15788  intelppm - ok
17:23:26.0294 15788  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:23:26.0296 15788  IPBusEnum - ok
17:23:26.0306 15788  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:23:26.0308 15788  IpFilterDriver - ok
17:23:26.0343 15788  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:23:26.0350 15788  iphlpsvc - ok
17:23:26.0365 15788  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:23:26.0366 15788  IPMIDRV - ok
17:23:26.0370 15788  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:23:26.0372 15788  IPNAT - ok
17:23:26.0375 15788  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:23:26.0376 15788  IRENUM - ok
17:23:26.0380 15788  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:23:26.0383 15788  isapnp - ok
17:23:26.0396 15788  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:23:26.0400 15788  iScsiPrt - ok
17:23:26.0403 15788  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:23:26.0404 15788  kbdclass - ok
17:23:26.0408 15788  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:23:26.0409 15788  kbdhid - ok
17:23:26.0418 15788  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:23:26.0419 15788  KeyIso - ok
17:23:26.0433 15788  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:23:26.0435 15788  KSecDD - ok
17:23:26.0456 15788  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:23:26.0459 15788  KSecPkg - ok
17:23:26.0472 15788  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:23:26.0473 15788  ksthunk - ok
17:23:26.0503 15788  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:23:26.0508 15788  KtmRm - ok
17:23:26.0529 15788  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:23:26.0533 15788  LanmanServer - ok
17:23:26.0557 15788  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:23:26.0559 15788  LanmanWorkstation - ok
17:23:26.0564 15788  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:23:26.0565 15788  lltdio - ok
17:23:26.0580 15788  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:23:26.0584 15788  lltdsvc - ok
17:23:26.0597 15788  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:23:26.0599 15788  lmhosts - ok
17:23:26.0657 15788  [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
17:23:26.0661 15788  LMIGuardianSvc - ok
17:23:26.0673 15788  [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\rainfo.sys
17:23:26.0676 15788  LMIInfo - ok
17:23:26.0692 15788  [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
17:23:26.0694 15788  LMIMaint - ok
17:23:26.0722 15788  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
17:23:26.0725 15788  lmimirr - ok
17:23:26.0728 15788  LMIRfsClientNP - ok
17:23:26.0751 15788  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
17:23:26.0752 15788  LMIRfsDriver - ok
17:23:26.0766 15788  [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
17:23:26.0769 15788  LogMeIn - ok
17:23:26.0775 15788  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:23:26.0776 15788  LSI_FC - ok
17:23:26.0784 15788  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:23:26.0785 15788  LSI_SAS - ok
17:23:26.0794 15788  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:23:26.0796 15788  LSI_SAS2 - ok
17:23:26.0802 15788  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:23:26.0803 15788  LSI_SCSI - ok
17:23:26.0807 15788  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:23:26.0809 15788  luafv - ok
17:23:26.0827 15788  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:23:26.0828 15788  MBAMProtector - ok
17:23:26.0859 15788  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:23:26.0863 15788  MBAMScheduler - ok
17:23:26.0874 15788  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:23:26.0881 15788  MBAMService - ok
17:23:26.0899 15788  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:23:26.0901 15788  Mcx2Svc - ok
17:23:26.0971 15788  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:23:26.0975 15788  MDM - ok
17:23:26.0979 15788  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:23:26.0980 15788  megasas - ok
17:23:26.0993 15788  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:23:26.0997 15788  MegaSR - ok
17:23:27.0015 15788  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:23:27.0018 15788  MMCSS - ok
17:23:27.0022 15788  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:23:27.0024 15788  Modem - ok
17:23:27.0038 15788  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:23:27.0040 15788  monitor - ok
17:23:27.0043 15788  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:23:27.0045 15788  mouclass - ok
17:23:27.0058 15788  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:23:27.0060 15788  mouhid - ok
17:23:27.0064 15788  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:23:27.0066 15788  mountmgr - ok
17:23:27.0099 15788  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:23:27.0100 15788  MozillaMaintenance - ok
17:23:27.0105 15788  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:23:27.0109 15788  mpio - ok
17:23:27.0113 15788  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:23:27.0115 15788  mpsdrv - ok
17:23:27.0138 15788  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:23:27.0148 15788  MpsSvc - ok
17:23:27.0165 15788  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:23:27.0167 15788  MRxDAV - ok
17:23:27.0189 15788  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:23:27.0192 15788  mrxsmb - ok
17:23:27.0214 15788  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:23:27.0217 15788  mrxsmb10 - ok
17:23:27.0244 15788  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:23:27.0245 15788  mrxsmb20 - ok
17:23:27.0249 15788  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:23:27.0250 15788  msahci - ok
17:23:27.0255 15788  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:23:27.0260 15788  msdsm - ok
17:23:27.0275 15788  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:23:27.0278 15788  MSDTC - ok
17:23:27.0288 15788  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:23:27.0289 15788  Msfs - ok
17:23:27.0305 15788  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:23:27.0306 15788  mshidkmdf - ok
17:23:27.0309 15788  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:23:27.0311 15788  msisadrv - ok
17:23:27.0329 15788  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:23:27.0332 15788  MSiSCSI - ok
17:23:27.0335 15788  msiserver - ok
17:23:27.0343 15788  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:23:27.0345 15788  MSKSSRV - ok
17:23:27.0348 15788  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:23:27.0349 15788  MSPCLOCK - ok
17:23:27.0351 15788  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:23:27.0352 15788  MSPQM - ok
17:23:27.0368 15788  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:23:27.0372 15788  MsRPC - ok
17:23:27.0378 15788  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:23:27.0380 15788  mssmbios - ok
17:23:27.0388 15788  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:23:27.0389 15788  MSTEE - ok
17:23:27.0392 15788  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:23:27.0393 15788  MTConfig - ok
17:23:27.0403 15788  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:23:27.0405 15788  MTsensor - ok
17:23:27.0409 15788  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:23:27.0410 15788  Mup - ok
17:23:27.0432 15788  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:23:27.0438 15788  napagent - ok
17:23:27.0461 15788  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:23:27.0465 15788  NativeWifiP - ok
17:23:27.0493 15788  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:23:27.0504 15788  NDIS - ok
17:23:27.0518 15788  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:23:27.0519 15788  NdisCap - ok
17:23:27.0523 15788  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:23:27.0524 15788  NdisTapi - ok
17:23:27.0527 15788  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:23:27.0530 15788  Ndisuio - ok
17:23:27.0534 15788  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:23:27.0537 15788  NdisWan - ok
17:23:27.0540 15788  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:23:27.0541 15788  NDProxy - ok
17:23:27.0545 15788  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:23:27.0547 15788  NetBIOS - ok
17:23:27.0552 15788  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:23:27.0556 15788  NetBT - ok
17:23:27.0570 15788  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:23:27.0571 15788  Netlogon - ok
17:23:27.0593 15788  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:23:27.0598 15788  Netman - ok
17:23:27.0617 15788  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:23:27.0623 15788  netprofm - ok
17:23:27.0644 15788  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:23:27.0646 15788  NetTcpPortSharing - ok
17:23:27.0650 15788  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:23:27.0651 15788  nfrd960 - ok
17:23:27.0678 15788  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:23:27.0683 15788  NlaSvc - ok
17:23:27.0700 15788  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:23:27.0702 15788  Npfs - ok
17:23:27.0723 15788  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:23:27.0725 15788  nsi - ok
17:23:27.0728 15788  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:23:27.0729 15788  nsiproxy - ok
17:23:27.0772 15788  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:23:27.0797 15788  Ntfs - ok
17:23:27.0815 15788  [ 317020D31F1696334679B9D0416EB62E ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
17:23:27.0818 15788  NuidFltr - ok
17:23:27.0828 15788  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:23:27.0829 15788  Null - ok
17:23:27.0846 15788  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:23:27.0848 15788  nvraid - ok
17:23:27.0861 15788  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:23:27.0863 15788  nvstor - ok
17:23:27.0867 15788  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:23:27.0869 15788  nv_agp - ok
17:23:27.0873 15788  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:23:27.0875 15788  ohci1394 - ok
17:23:27.0903 15788  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:23:27.0905 15788  ose - ok
17:23:27.0918 15788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:23:27.0923 15788  p2pimsvc - ok
17:23:27.0952 15788  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:23:27.0958 15788  p2psvc - ok
17:23:27.0967 15788  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:23:27.0969 15788  Parport - ok
17:23:27.0986 15788  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:23:27.0987 15788  partmgr - ok
17:23:27.0997 15788  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:23:28.0001 15788  PcaSvc - ok
17:23:28.0005 15788  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:23:28.0009 15788  pci - ok
17:23:28.0012 15788  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:23:28.0013 15788  pciide - ok
17:23:28.0018 15788  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:23:28.0021 15788  pcmcia - ok
17:23:28.0025 15788  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:23:28.0026 15788  pcw - ok
17:23:28.0037 15788  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:23:28.0044 15788  PEAUTH - ok
17:23:28.0078 15788  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:23:28.0094 15788  PeerDistSvc - ok
17:23:28.0168 15788  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:23:28.0169 15788  PerfHost - ok
17:23:28.0203 15788  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:23:28.0219 15788  pla - ok
17:23:28.0246 15788  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:23:28.0249 15788  PlugPlay - ok
17:23:28.0264 15788  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:23:28.0265 15788  PNRPAutoReg - ok
17:23:28.0283 15788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:23:28.0286 15788  PNRPsvc - ok
17:23:28.0297 15788  [ 33328FA8A580885AB0065BE6DB266E9F ] Point64         C:\Windows\system32\DRIVERS\point64.sys
17:23:28.0301 15788  Point64 - ok
17:23:28.0334 15788  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:23:28.0341 15788  PolicyAgent - ok
17:23:28.0366 15788  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:23:28.0368 15788  Power - ok
17:23:28.0392 15788  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:23:28.0394 15788  PptpMiniport - ok
17:23:28.0400 15788  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
17:23:28.0401 15788  Processor - ok
17:23:28.0425 15788  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:23:28.0429 15788  ProfSvc - ok
17:23:28.0441 15788  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:23:28.0442 15788  ProtectedStorage - ok
17:23:28.0456 15788  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:23:28.0459 15788  Psched - ok
17:23:28.0469 15788  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
17:23:28.0472 15788  PSI - ok
17:23:28.0501 15788  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:23:28.0518 15788  ql2300 - ok
17:23:28.0523 15788  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:23:28.0525 15788  ql40xx - ok
17:23:28.0535 15788  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:23:28.0539 15788  QWAVE - ok
17:23:28.0543 15788  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:23:28.0544 15788  QWAVEdrv - ok
17:23:28.0547 15788  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:23:28.0548 15788  RasAcd - ok
17:23:28.0567 15788  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:23:28.0568 15788  RasAgileVpn - ok
17:23:28.0572 15788  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:23:28.0574 15788  RasAuto - ok
17:23:28.0578 15788  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:23:28.0580 15788  Rasl2tp - ok
17:23:28.0605 15788  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:23:28.0610 15788  RasMan - ok
17:23:28.0614 15788  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:23:28.0616 15788  RasPppoe - ok
17:23:28.0619 15788  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:23:28.0621 15788  RasSstp - ok
17:23:28.0629 15788  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:23:28.0633 15788  rdbss - ok
17:23:28.0636 15788  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:23:28.0637 15788  rdpbus - ok
17:23:28.0644 15788  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:23:28.0646 15788  RDPCDD - ok
17:23:28.0678 15788  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:23:28.0681 15788  RDPDR - ok
17:23:28.0691 15788  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:23:28.0692 15788  RDPENCDD - ok
17:23:28.0697 15788  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:23:28.0698 15788  RDPREFMP - ok
17:23:28.0703 15788  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:23:28.0704 15788  RdpVideoMiniport - ok
17:23:28.0727 15788  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:23:28.0730 15788  RDPWD - ok
17:23:28.0736 15788  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:23:28.0741 15788  rdyboost - ok
17:23:28.0775 15788  [ 5F9AC3243C206EC95F32E4348AE67C13 ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
17:23:28.0779 15788  RegFilter - ok
17:23:28.0812 15788  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:23:28.0815 15788  RemoteAccess - ok
17:23:28.0826 15788  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:23:28.0828 15788  RemoteRegistry - ok
17:23:28.0840 15788  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:23:28.0842 15788  RpcEptMapper - ok
17:23:28.0846 15788  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:23:28.0847 15788  RpcLocator - ok
17:23:28.0863 15788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:23:28.0867 15788  RpcSs - ok
17:23:28.0871 15788  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:23:28.0873 15788  rspndr - ok
17:23:28.0883 15788  [ 4FE1CEF69D36E913738234303986FBB3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:23:28.0891 15788  RTL8167 - ok
17:23:28.0910 15788  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:23:28.0911 15788  s3cap - ok
17:23:28.0922 15788  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:23:28.0923 15788  SamSs - ok
17:23:28.0954 15788  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:23:28.0957 15788  SASDIFSV - ok
17:23:28.0963 15788  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:23:28.0965 15788  SASKUTIL - ok
17:23:28.0969 15788  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:23:28.0971 15788  sbp2port - ok
17:23:28.0974 15788  SBRE - ok
17:23:28.0988 15788  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:23:28.0991 15788  SCardSvr - ok
17:23:28.0995 15788  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:23:28.0996 15788  scfilter - ok
17:23:29.0019 15788  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:23:29.0032 15788  Schedule - ok
17:23:29.0056 15788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:23:29.0056 15788  SCPolicySvc - ok
17:23:29.0072 15788  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:23:29.0075 15788  SDRSVC - ok
17:23:29.0080 15788  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:23:29.0081 15788  secdrv - ok
17:23:29.0095 15788  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:23:29.0097 15788  seclogon - ok
17:23:29.0139 15788  [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:23:29.0148 15788  Secunia PSI Agent - ok
17:23:29.0162 15788  [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:23:29.0166 15788  Secunia Update Agent - ok
17:23:29.0169 15788  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
17:23:29.0171 15788  SENS - ok
17:23:29.0185 15788  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:23:29.0187 15788  SensrSvc - ok
17:23:29.0190 15788  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:23:29.0191 15788  Serenum - ok
17:23:29.0203 15788  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:23:29.0205 15788  Serial - ok
17:23:29.0208 15788  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:23:29.0209 15788  sermouse - ok
17:23:29.0230 15788  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:23:29.0233 15788  SessionEnv - ok
17:23:29.0236 15788  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:23:29.0237 15788  sffdisk - ok
17:23:29.0247 15788  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:23:29.0248 15788  sffp_mmc - ok
17:23:29.0256 15788  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:23:29.0257 15788  sffp_sd - ok
17:23:29.0260 15788  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:23:29.0262 15788  sfloppy - ok
17:23:29.0292 15788  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:23:29.0302 15788  SharedAccess - ok
17:23:29.0318 15788  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:23:29.0328 15788  ShellHWDetection - ok
17:23:29.0331 15788  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:23:29.0333 15788  SiSRaid2 - ok
17:23:29.0336 15788  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:23:29.0338 15788  SiSRaid4 - ok
17:23:29.0358 15788  [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:23:29.0362 15788  SmartDefragDriver - ok
17:23:29.0366 15788  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:23:29.0368 15788  Smb - ok
17:23:29.0381 15788  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:23:29.0383 15788  SNMPTRAP - ok
17:23:29.0386 15788  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:23:29.0387 15788  spldr - ok
17:23:29.0412 15788  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:23:29.0420 15788  Spooler - ok
17:23:29.0491 15788  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:23:29.0530 15788  sppsvc - ok
17:23:29.0556 15788  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:23:29.0558 15788  sppuinotify - ok
17:23:29.0588 15788  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:23:29.0594 15788  srv - ok
17:23:29.0621 15788  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:23:29.0626 15788  srv2 - ok
17:23:29.0631 15788  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:23:29.0633 15788  srvnet - ok
17:23:29.0654 15788  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:23:29.0658 15788  SSDPSRV - ok
17:23:29.0671 15788  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:23:29.0673 15788  SstpSvc - ok
17:23:29.0696 15788  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:23:29.0697 15788  stexstor - ok
17:23:29.0719 15788  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:23:29.0723 15788  stisvc - ok
17:23:29.0746 15788  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:23:29.0747 15788  storflt - ok
17:23:29.0764 15788  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
17:23:29.0765 15788  StorSvc - ok
17:23:29.0771 15788  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:23:29.0773 15788  storvsc - ok
17:23:29.0776 15788  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:23:29.0777 15788  swenum - ok
17:23:29.0795 15788  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:23:29.0802 15788  swprv - ok
17:23:29.0841 15788  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:23:29.0861 15788  SysMain - ok
17:23:29.0866 15788  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:23:29.0868 15788  TabletInputService - ok
17:23:29.0875 15788  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:23:29.0880 15788  TapiSrv - ok
17:23:29.0893 15788  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:23:29.0896 15788  TBS - ok
17:23:29.0946 15788  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:23:29.0968 15788  Tcpip - ok
17:23:29.0991 15788  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:23:29.0999 15788  TCPIP6 - ok
17:23:30.0017 15788  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:23:30.0019 15788  tcpipreg - ok
17:23:30.0024 15788  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:23:30.0025 15788  TDPIPE - ok
17:23:30.0045 15788  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:23:30.0046 15788  TDTCP - ok
17:23:30.0050 15788  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:23:30.0052 15788  tdx - ok
17:23:30.0059 15788  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:23:30.0060 15788  TermDD - ok
17:23:30.0078 15788  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:23:30.0087 15788  TermService - ok
17:23:30.0096 15788  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:23:30.0098 15788  Themes - ok
17:23:30.0108 15788  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:23:30.0109 15788  THREADORDER - ok
17:23:30.0128 15788  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:23:30.0131 15788  TrkWks - ok
17:23:30.0147 15788  [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
17:23:30.0149 15788  trufos - ok
17:23:30.0184 15788  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:23:30.0187 15788  TrustedInstaller - ok
17:23:30.0192 15788  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:23:30.0194 15788  tssecsrv - ok
17:23:30.0202 15788  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:23:30.0204 15788  TsUsbFlt - ok
17:23:30.0207 15788  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:23:30.0210 15788  TsUsbGD - ok
17:23:30.0214 15788  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:23:30.0216 15788  tunnel - ok
17:23:30.0220 15788  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:23:30.0223 15788  uagp35 - ok
17:23:30.0242 15788  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:23:30.0246 15788  udfs - ok
17:23:30.0263 15788  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:23:30.0265 15788  UI0Detect - ok
17:23:30.0270 15788  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:23:30.0272 15788  uliagpkx - ok
17:23:30.0286 15788  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:23:30.0288 15788  umbus - ok
17:23:30.0297 15788  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:23:30.0298 15788  UmPass - ok
17:23:30.0327 15788  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
17:23:30.0329 15788  UmRdpService - ok
17:23:30.0392 15788  [ ED068A3787B67008B96B994F78302264 ] Updater By SweetPacks C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
17:23:30.0393 15788  Updater By SweetPacks - ok
17:23:30.0443 15788  [ 3B709E63B35A6949F4CFB05A6F6A180C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
17:23:30.0448 15788  UPDATESRV - ok
17:23:30.0463 15788  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:23:30.0466 15788  upnphost - ok
17:23:30.0475 15788  [ 241080F1B28E68F0D00F8F1066A3780D ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
17:23:30.0479 15788  UrlFilter - ok
17:23:30.0504 15788  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:23:30.0506 15788  usbaudio - ok
17:23:30.0531 15788  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:23:30.0533 15788  usbccgp - ok
17:23:30.0545 15788  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:23:30.0547 15788  usbcir - ok
17:23:30.0556 15788  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:23:30.0558 15788  usbehci - ok
17:23:30.0571 15788  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:23:30.0575 15788  usbhub - ok
17:23:30.0578 15788  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:23:30.0580 15788  usbohci - ok
17:23:30.0593 15788  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:23:30.0595 15788  usbprint - ok
17:23:30.0602 15788  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:23:30.0604 15788  usbscan - ok
17:23:30.0619 15788  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:23:30.0621 15788  USBSTOR - ok
17:23:30.0624 15788  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:23:30.0626 15788  usbuhci - ok
17:23:30.0637 15788  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:23:30.0639 15788  UxSms - ok
17:23:30.0647 15788  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:23:30.0648 15788  VaultSvc - ok
17:23:30.0651 15788  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:23:30.0653 15788  vdrvroot - ok
17:23:30.0673 15788  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:23:30.0676 15788  vds - ok
17:23:30.0685 15788  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:23:30.0686 15788  vga - ok
17:23:30.0689 15788  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:23:30.0691 15788  VgaSave - ok
17:23:30.0696 15788  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:23:30.0699 15788  vhdmp - ok
17:23:30.0711 15788  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:23:30.0712 15788  viaide - ok
17:23:30.0735 15788  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:23:30.0738 15788  vmbus - ok
17:23:30.0742 15788  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:23:30.0743 15788  VMBusHID - ok
17:23:30.0747 15788  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:23:30.0748 15788  volmgr - ok
17:23:30.0758 15788  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:23:30.0763 15788  volmgrx - ok
17:23:30.0770 15788  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:23:30.0774 15788  volsnap - ok
17:23:30.0778 15788  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:23:30.0781 15788  vsmraid - ok
17:23:30.0813 15788  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:23:30.0821 15788  VSS - ok
17:23:30.0860 15788  [ F4087B2AA00D96A852B084294B2C547A ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
17:23:30.0868 15788  VSSERV - ok
17:23:30.0872 15788  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:23:30.0874 15788  vwifibus - ok
17:23:30.0891 15788  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:23:30.0894 15788  W32Time - ok
17:23:30.0899 15788  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:23:30.0901 15788  WacomPen - ok
17:23:30.0904 15788  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:23:30.0907 15788  WANARP - ok
17:23:30.0911 15788  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:23:30.0911 15788  Wanarpv6 - ok
17:23:30.0951 15788  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:23:30.0965 15788  WatAdminSvc - ok
17:23:30.0995 15788  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:23:31.0004 15788  wbengine - ok
17:23:31.0009 15788  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:23:31.0012 15788  WbioSrvc - ok
17:23:31.0022 15788  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:23:31.0025 15788  wcncsvc - ok
17:23:31.0033 15788  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:23:31.0034 15788  WcsPlugInService - ok
17:23:31.0038 15788  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
17:23:31.0039 15788  Wd - ok
17:23:31.0073 15788  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:23:31.0082 15788  Wdf01000 - ok
17:23:31.0086 15788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:23:31.0088 15788  WdiServiceHost - ok
17:23:31.0091 15788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:23:31.0093 15788  WdiSystemHost - ok
17:23:31.0105 15788  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:23:31.0108 15788  WebClient - ok
17:23:31.0113 15788  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:23:31.0116 15788  Wecsvc - ok
17:23:31.0130 15788  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:23:31.0131 15788  wercplsupport - ok
17:23:31.0135 15788  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:23:31.0137 15788  WerSvc - ok
17:23:31.0140 15788  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:23:31.0141 15788  WfpLwf - ok
17:23:31.0145 15788  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:23:31.0147 15788  WIMMount - ok
17:23:31.0161 15788  WinDefend - ok
17:23:31.0174 15788  WinHttpAutoProxySvc - ok
17:23:31.0217 15788  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:23:31.0219 15788  Winmgmt - ok
17:23:31.0272 15788  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:23:31.0283 15788  WinRM - ok
17:23:31.0326 15788  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:23:31.0332 15788  Wlansvc - ok
17:23:31.0335 15788  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:23:31.0337 15788  WmiAcpi - ok
17:23:31.0357 15788  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:23:31.0358 15788  wmiApSrv - ok
17:23:31.0367 15788  WMPNetworkSvc - ok
17:23:31.0377 15788  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:23:31.0378 15788  WPCSvc - ok
17:23:31.0395 15788  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:23:31.0397 15788  WPDBusEnum - ok
17:23:31.0403 15788  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:23:31.0404 15788  ws2ifsl - ok
17:23:31.0415 15788  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
17:23:31.0417 15788  wscsvc - ok
17:23:31.0420 15788  WSearch - ok
17:23:31.0479 15788  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:23:31.0492 15788  wuauserv - ok
17:23:31.0513 15788  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:23:31.0515 15788  WudfPf - ok
17:23:31.0527 15788  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:23:31.0531 15788  WUDFRd - ok
17:23:31.0542 15788  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:23:31.0544 15788  wudfsvc - ok
17:23:31.0560 15788  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:23:31.0562 15788  WwanSvc - ok
17:23:31.0610 15788  [ D42B153CD9AC1237B7FAC8BA24E1A7E4 ] wwEngineSvc     C:\Program Files\Webroot\Washer\WasherSvc.exe
17:23:31.0613 15788  wwEngineSvc - ok
17:23:31.0619 15788  ================ Scan global ===============================
17:23:31.0661 15788  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:23:31.0687 15788  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:23:31.0692 15788  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:23:31.0710 15788  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:23:31.0736 15788  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:23:31.0740 15788  [Global] - ok
17:23:31.0740 15788  ================ Scan MBR ==================================
17:23:31.0748 15788  [ 043CE75BFCD7A71B1B2C082F207DEAA9 ] \Device\Harddisk0\DR0
17:23:32.0184 15788  \Device\Harddisk0\DR0 - ok
17:23:32.0184 15788  ================ Scan VBR ==================================
17:23:32.0186 15788  [ 90DE6FBACC42FC216D13B9EB44E91668 ] \Device\Harddisk0\DR0\Partition1
17:23:32.0187 15788  \Device\Harddisk0\DR0\Partition1 - ok
17:23:32.0190 15788  [ 066CDB6B065CABC535E90F8A47C5740B ] \Device\Harddisk0\DR0\Partition2
17:23:32.0192 15788  \Device\Harddisk0\DR0\Partition2 - ok
17:23:32.0192 15788  ============================================================
17:23:32.0192 15788  Scan finished
17:23:32.0192 15788  ============================================================
17:23:32.0200 11380  Detected object count: 0
17:23:32.0200 11380  Actual detected object count: 0
 

AdwCleaner and ESET to follow.

 

thanks!

wpfast

 

 



#5 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 18 May 2013 - 06:00 PM

# AdwCleaner v2.113 - Logfile created 02/26/2013 at 22:20:43
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Wells - WELLS-PC
# Boot Mode : Normal
# Running from : C:\Users\Wells\Downloads\AdwCleaner (1).exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : CltMngSvc
Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Deleted on reboot : \Zynga
Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\searchplugins\Conduit.xml
File Deleted : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\searchplugins\Search_Results.xml
File Deleted : C:\Windows\Tasks\PC Performer_DEFAULT.job
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\file scout
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\search results toolbar
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Wells\AppData\Local\APN
Folder Deleted : C:\Users\Wells\AppData\Local\Conduit
Folder Deleted : C:\Users\Wells\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Wells\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Wells\AppData\Local\Wajam
Folder Deleted : C:\Users\Wells\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Wells\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Wells\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Wells\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js

Deleted : user_pref("CT3279141_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT3279141&octid=CT327914[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3279141[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://dts.search-results.com/sr?src=ffb&gct=ds&[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3279141");
Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&Sea[...]
Deleted : user_pref("browser.search.order.1", "Search Results");
Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CU[...]
Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3279141");

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2121] : homepage = "http://search.conduit.com/?CUI=UN16690843212048893&ctid=CT3279141&SearchSource=48",

*************************

AdwCleaner[R1].txt - [42848 octets] - [08/01/2013 14:18:43]
AdwCleaner[S1].txt - [9402 octets] - [26/02/2013 22:20:43]

########## EOF - C:\AdwCleaner[S1].txt - [9462 octets] ##########
# AdwCleaner v2.113 - Logfile created 02/26/2013 at 22:20:43
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Wells - WELLS-PC
# Boot Mode : Normal
# Running from : C:\Users\Wells\Downloads\AdwCleaner (1).exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : CltMngSvc
Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Deleted on reboot : \Zynga
Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\searchplugins\Conduit.xml
File Deleted : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\searchplugins\Search_Results.xml
File Deleted : C:\Windows\Tasks\PC Performer_DEFAULT.job
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\file scout
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\search results toolbar
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Wells\AppData\Local\APN
Folder Deleted : C:\Users\Wells\AppData\Local\Conduit
Folder Deleted : C:\Users\Wells\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Wells\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Wells\AppData\Local\Wajam
Folder Deleted : C:\Users\Wells\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Wells\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Wells\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Wells\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js

Deleted : user_pref("CT3279141_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279141&octid=CT327914[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3279141");
Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&Sea[...]
Deleted : user_pref("browser.search.order.1", "Search Results");
Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CU[...]
Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3279141");

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2121] : homepage = "hxxp://search.conduit.com/?CUI=UN16690843212048893&ctid=CT3279141&SearchSource=48",

*************************

AdwCleaner[R1].txt - [42848 octets] - [08/01/2013 14:18:43]
AdwCleaner[S1].txt - [9402 octets] - [26/02/2013 22:20:43]

########## EOF - C:\AdwCleaner[S1].txt - [9462 octets] ##########
 

 

 

running ESET will post results later this evening. Thank you.

 

 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 18 May 2013 - 08:39 PM

OK, also let me know if you still see the Trojan,

 

Please remove these thru Control Panel/Uninstall

 

HiJackThis (Version: 1.0.0)...outdated
Internet Explorer Toolbar 4.7 by SweetPacks (Version: 4.7.0008) Unless you really want it
Java 7 Update 15 (Version: 7.0.150) Outdated and exploitable.

 

Reboot

 

Install  Java  Version 7 Update 21

 

 

Probably update and scan with SUPERAntiSpyware


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 May 2013 - 11:13 AM

ESET scan came up clear with no findings.

 

HiJackThis successfully removed.

Java 7 Update successfully removed.

Java V 7 Update 21 successfully installed and verified by Java test

Scanning with updated SuperAntispyware. Results:  scan log clean

 

 

I'm unable to remove IE Toolbar SweetPacks using Control Panel/Uninstall.

 

I get an error message as follows:        Error 1316 A network error ocurred when attempting to read from the file

 

C:\Windows\Installer\SWeetIESetup.msi

 

I looked in Revo Uninstaller as an alternative removal device and the toolbar does not even show up in the listing.

 

Rebooting now.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 19 May 2013 - 12:58 PM

If you still see "Sweetpack" in may be in your Add ons.

In FireFox it may be the Add ons/Plugins. First look for Sweetpack or SweetIm and disable. Or
Try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date


If it is your homepage...
Click the Firefox button at the top left corner of the page and choose Options.
In the Home Page URL box, enter the homepage you want to use instead of SweetPacks and then click OK.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 May 2013 - 01:24 PM

Thank you Boopme.

 

Updater by SweetPacks 2.0.0.566 is listed in Add-ons but I had disabled it quite a while ago. Seems it cannot be removed completely from Add-ons, just disabled?

 

Thank you for links to updating plug-ins; I am updating now.

 

Homepage is checked and okay on all browsers I use.

 

"Sweetpack" seems quite unpopular and under suspicious by some users who find it on their computer and try to remove it. I don't use it or want to use it. But it seems embeedded as if malware.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 19 May 2013 - 02:35 PM

You know it's weird  that I  removed this here

http://www.bleepingcomputer.com/forums/t/489925/sweetpackadvertisement-issue/

 

If you want it gone I am certain we can dig it out. You will need to start a new topic though as we will use tools we don't use here in AII forum.

 

Do steps 6,7, and 8

Preparation Guide


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 May 2013 - 05:04 PM

If you don't mind doing it, I'm up for it.

Clearly it is designed to be a nuisance program or it would be easy to remove!

Therefore, I am up for the challenge.

I will start a new topic.

And I'll take care of Steps 6, 7 and 8 above.

 

Thanks, boopme!



#12 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 May 2013 - 05:12 PM

I've opened a new topic under IE Toolbar 4.7 by SweetPack



#13 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 May 2013 - 05:32 PM

I compl;eted Step 6 above but have not posted logs as it says not to unless requested.

 

Thanks!

 

wpfast



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:31 AM

Posted 19 May 2013 - 06:33 PM

Post your DDS log


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 May 2013 - 07:08 PM

Here are both DDS logs. Thanks. wpfast

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/20/2011 2:54:42 PM
System Uptime: 5/19/2013 12:50:26 PM (5 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M3A78-EM
Processor: AMD Phenom™ II X4 940 Processor | AM2 | 3000/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 413.403 GiB free.
D: is FIXED (NTFS) - 465 GiB total, 62.106 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
RP452: 5/16/2013 3:00:14 AM - Windows Update
RP453: 5/19/2013 12:00:20 AM - Windows Backup
RP454: 5/19/2013 9:19:56 AM - Removed HiJackThis
RP455: 5/19/2013 9:20:34 AM - Removed Internet Explorer Toolbar 4.7 by SweetPacks
RP456: 5/19/2013 9:26:48 AM - Removed Java 7 Update 15
RP457: 5/19/2013 9:28:20 AM - Removed Internet Explorer Toolbar 4.7 by SweetPacks
RP458: 5/19/2013 11:01:35 AM - Installed Java 7 Update 21
RP459: 5/19/2013 12:38:28 PM - Removed Internet Explorer Toolbar 4.7 by SweetPacks
RP460: 5/19/2013 12:39:00 PM - Removed Internet Explorer Toolbar 4.7 by SweetPacks
RP461: 5/19/2013 12:47:18 PM - Revo Uninstaller's restore point - Lotoshare Registry Cleaner version 2011.01.01
RP462: 5/19/2013 1:21:34 PM - Installed Adobe Reader XI.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX 64-bit
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Advanced SystemCare 6
Audio Creator LE
Auslogics Disk Defrag
Bitdefender Antivirus Plus 2013
CCleaner
CDBurnerXP
Compatibility Pack for the 2007 Office system
DownloadTerms
ESET Online Scanner v3
Glary Utilities 2.49.0.1600
GOM Player
Google Chrome
Google Earth
Google Update Helper
Internet Explorer Toolbar 4.7 by SweetPacks
IObit Malware Fighter
Java 7 Update 21
Java Auto Updater
K-Lite Codec Pack 7.1.0 (Full)
LogMeIn
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.1
Microsoft IntelliType Pro 8.1
Microsoft Office Converter Pack
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
RegHunter
Revo Uninstaller 1.94
Secunia PSI (2.0.0.4003)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Smart Defrag 2
SpyHunter
SUPERAntiSpyware
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Updater By SweetPacks 2.0.0.566
Vensim PLE
VLC media player 2.0.6
Window Washer
Windows 8 Codecs Pack 1.0.0
.
==== Event Viewer Messages From Past Week ========
.
5/19/2013 12:51:06 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswSnx SBRE
5/19/2013 12:50:38 PM, Error: volmgr [46]  - Crash dump initialization failed!
5/15/2013 4:29:24 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
5/15/2013 10:46:11 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
5/14/2013 8:58:42 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
5/14/2013 8:58:41 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/14/2013 8:58:41 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/14/2013 8:58:38 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/14/2013 8:58:32 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/14/2013 8:58:23 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswSnx avc3 bdfwfpf discache gzflt SASDIFSV SASKUTIL SBRE spldr trufos Wanarpv6
5/14/2013 10:25:19 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wwEngineSvc with arguments "" in order to run the server: {4C3EFFC6-C5C0-4EB1-B249-3D3C86BEEAF6}
5/13/2013 3:00:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft Office 2007 suites (KB2596848).
5/13/2013 3:00:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Word 2003 (KB2760497).
5/13/2013 3:00:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2760416).
5/13/2013 3:00:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2687311).
5/13/2013 3:00:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2596615).
5/12/2013 9:27:51 PM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  Not enough storage is available to complete this operation.
5/12/2013 9:27:51 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  Not enough storage is available to complete this operation.
5/12/2013 9:25:35 PM, Error: Service Control Manager [7034]  - The IMF Service service terminated unexpectedly.  It has done this 1 time(s).
5/12/2013 9:23:57 PM, Error: Service Control Manager [7034]  - The Advanced SystemCare Service 6 service terminated unexpectedly.  It has done this 1 time(s).
.
==== End Of File ===========================
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576  BrowserJavaVersion: 10.21.2
Run by Wells at 17:19:50 on 2013-05-19
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3839.2481 [GMT -5:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [WsmUpdater] "C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe"
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 24.217.0.5 24.217.201.67 24.247.15.53
TCP: Interfaces\{49D2F846-FD41-48D8-BF88-EF2012E44B80} : DHCPNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
LSA: Notification Packages =  msv1_0 scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AutorunsDisabled - <orphaned>
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - duckduckgo.com
FF - prefs.js: keyword.URL - hxxp://www.google.co.uk/#output=search&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-05 20:45; {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}; C:\Program Files\Updater By SweetPacks\Firefox
FF - ExtSQL: 2013-04-23 00:41; {c1970c0d-dbe6-4d91-804f-c9c0de643a57}; C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}.xpi
FF - ExtSQL: 2013-05-02 02:19; donottrackplus@abine.com; C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\extensions\donottrackplus@abine.com
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-4-26 718840]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-3-28 147232]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-2-22 17720]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2012-7-13 103504]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-12-14 465216]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-26 203776]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-3-22 821592]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-4-22 375728]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2008-8-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-4-22 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-27 701512]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
R2 Updater By SweetPacks;Updater By SweetPacks;C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [2013-4-5 188760]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-3-28 68856]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2011-4-28 618896]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2012-12-12 261056]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-3-22 21384]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-27 25928]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-3-22 33224]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-21 413800]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-3-22 21904]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-4-26 819032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-4-26 593144]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2012-7-13 82384]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-18 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-18 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-18 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-20 1255736]
.
=============== Created Last 30 ================
.
2013-05-19 18:33:51    76232    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55E1BE24-526A-4CA9-B897-F9D2DFA822AE}\offreg.dll
2013-05-19 18:21:57    --------    d-----w-    C:\MSIccd32.tmp
2013-05-19 18:21:54    --------    d-----w-    C:\MSIccd30.tmp
2013-05-19 16:02:13    --------    d-----w-    C:\MSI123ab.tmp
2013-05-19 16:02:00    95648    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-19 16:01:34    --------    d-----w-    C:\MSIe62b.tmp
2013-05-19 14:27:42    --------    d-----w-    C:\MSI41350.tmp
2013-05-17 06:51:47    9460464    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55E1BE24-526A-4CA9-B897-F9D2DFA822AE}\mpengine.dll
2013-05-17 02:50:47    --------    d-----w-    C:\MSI51f48.tmp
2013-05-15 16:23:26    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-05-15 16:23:20    983400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 16:23:20    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 16:23:20    144384    ----a-w-    C:\Windows\System32\cdd.dll
2013-05-15 16:21:49    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-05-15 16:21:48    70144    ----a-w-    C:\Windows\System32\appinfo.dll
2013-05-15 16:21:48    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-05-15 16:21:48    111448    ----a-w-    C:\Windows\System32\consent.exe
2013-05-15 16:20:56    48640    ----a-w-    C:\Windows\System32\wwanprotdim.dll
2013-05-15 16:20:56    230400    ----a-w-    C:\Windows\System32\wwansvc.dll
2013-05-11 10:37:28    209472    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-05-02 07:10:05    --------    d-----w-    C:\Program Files\DoNotTrackPlus
2013-04-26 11:28:19    718840    ----a-w-    C:\Windows\System32\drivers\avc3.sys
2013-04-26 11:28:18    593144    ----a-w-    C:\Windows\System32\drivers\avckf.sys
2013-04-26 00:38:45    --------    d-----w-    C:\Program Files (x86)\ESET
2013-04-24 01:17:53    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
.
==================== Find3M  ====================
.
2013-05-19 16:01:56    866720    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2013-05-19 16:01:56    788896    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-05-18 22:48:23    946    ----a-w-    C:\Windows\DeleteOnReboot.bat
2013-05-14 21:02:14    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 21:02:14    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-02 07:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-04-13 05:49:23    135168    ----a-w-    C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19    350208    ----a-w-    C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19    308736    ----a-w-    C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19    111104    ----a-w-    C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16    474624    ----a-w-    C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15    2176512    ----a-w-    C:\Windows\apppatch\AcGenral.dll
2013-04-05 06:52:14    2242048    ----a-w-    C:\Windows\System32\wininet.dll
2013-04-05 06:50:36    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24    1767424    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 19:50:32    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-04-03 08:01:59    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-28 19:38:28    147232    ----a-w-    C:\Windows\System32\drivers\gzflt.sys
2013-03-19 06:04:06    5550424    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56    43520    ----a-w-    C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13    3968856    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10    3913560    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50    6656    ----a-w-    C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33    112640    ----a-w-    C:\Windows\System32\smss.exe
.
============= FINISH: 17:20:00.17 ===============
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users