Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mbam found registry key PUP.GamePlayLab and PUP.BundleInstaller.BI


  • Please log in to reply
9 replies to this topic

#1 queensfull

queensfull

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 09 August 2013 - 12:25 PM

I noticed my desktop running online videos in slow motion.  I ran mbam and had 5 detections.  Removed them but it still runs slow.  Can anyone recomend a solution?  I am using windows xp. I rran tdskiller, no problems detected.  The mbam log is:

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
USER :: USER-9AE4383ECF [administrator]

Protection: Enabled

9/29/2012 12:55:59 PM
mbam-log-2012-09-29 (12-55-59).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208342
Time elapsed: 36 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 55b24bce882403a23468b9f1881e3e76 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\USER\Downloads\HC2Setup.exe (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8612A512-3749-4C5F-A751-8C0772DE192E}\RP30\A0009002.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.

(end)


Edited by queensfull, 09 August 2013 - 12:37 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:09 PM

Posted 09 August 2013 - 03:02 PM

Welcome, lets see if here is more as it appears there is.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.
 
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 queensfull

queensfull
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 10 August 2013 - 01:09 PM

Thank you for the quick reply.  Here are the results for all the scans.

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by USER (administrator) on 10-08-2013 at 10:55:20
Running from "C:\Documents and Settings\USER\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15328 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : user-9ae4383ecf

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet

        Physical Address. . . . . . . . . : 00-0F-FE-2B-5C-02

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.4

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Saturday, August 10, 2013 9:08:08 AM

        Lease Expires . . . . . . . . . . : Sunday, August 11, 2013 9:08:08 AM

Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.228.100, 74.125.228.102, 74.125.228.105, 74.125.228.101
      74.125.228.99, 74.125.228.98, 74.125.228.97, 74.125.228.103, 74.125.228.104
      74.125.228.96, 74.125.228.110



Pinging google.com [74.125.228.68] with 32 bytes of data:



Reply from 74.125.228.68: bytes=32 time=21ms TTL=55

Reply from 74.125.228.68: bytes=32 time=18ms TTL=55



Ping statistics for 74.125.228.68:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 18ms, Maximum = 21ms, Average = 19ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=52ms TTL=49

Reply from 98.138.253.109: bytes=32 time=51ms TTL=49



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 51ms, Maximum = 52ms, Average = 51ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f fe 2b 5c 02 ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.4      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0      192.168.1.4     192.168.1.4      20
      192.168.1.4  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255      192.168.1.4     192.168.1.4      20
        224.0.0.0        240.0.0.0      192.168.1.4     192.168.1.4      20
  255.255.255.255  255.255.255.255      192.168.1.4     192.168.1.4      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (08/10/2013 09:20:50 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMOMSCOMPUTERNetBT_Tcpip_{A703C64C-4D79-4

Error: (08/10/2013 09:08:33 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/10/2013 09:04:41 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMOMSCOMPUTERNetBT_Tcpip_{A703C64C-4D79-4

Error: (08/10/2013 06:24:06 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMOMSCOMPUTERNetBT_Tcpip_{A703C64C-4D79-4

Error: (08/10/2013 05:26:42 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/09/2013 05:04:31 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/09/2013 08:45:02 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/09/2013 06:26:51 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (08/08/2013 06:54:16 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMOMSCOMPUTERNetBT_Tcpip_{A703C64C-4D79-4

Error: (08/08/2013 06:07:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
avast! Free Antivirus (Version: 8.0.1489.0)
BetOnline Poker 8.2 (Version: 8.2.10.201209281300)
Broadcom NetXtreme Ethernet Controller (Version: 11.32.03)
CamStudio Lossless Codec v1.5 (Version: 1.5)
CamStudio version 2.7 (Version: 2.7)
Card Player Poker
CCleaner (Version: 4.04)
ConvertHelper 2.2
Define Ext (Version: 8)
ESET Online Scanner v3
Foxit Reader (Version: 6.0.3.524)
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
Intel® Graphics Media Accelerator Driver
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers
QuickTime (Version: 7.74.80.86)
Skype Click to Call (Version: 6.10.13089)
Skype™ 6.6 (Version: 6.6.106)
SoundMAX (Version: 5.12.01.4070)
SpywareBlaster 5.0 (Version: 5.0.0)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM (Version: 8.0.50727.762)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
ZoneAlarm Antivirus (Version: 11.0.000.504)
ZoneAlarm Firewall (Version: 11.0.000.038)
ZoneAlarm Firewall (Version: 11.0.000.504)
ZoneAlarm Free Antivirus + Firewall (Version: 11.0.000.504)
ZoneAlarm Security (Version: 11.0.000.038)
ZoneAlarm Security (Version: 11.0.000.504)

========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 503.43 MB
Available physical RAM: 181.09 MB
Total Pagefile: 1219.99 MB
Available Pagefile: 736.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1966.36 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.53 GB) (Free:48.97 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-9AE4383ECF

Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         USER                     


**** End of log ****
 

# AdwCleaner v2.306 - Logfile created 08/10/2013 at 09:05:14
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : USER - USER-9AE4383ECF
# Boot Mode : Normal
# Running from : C:\Documents and Settings\USER\My Documents\Downloads\AdwCleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\USER\Application Data\blekko
Folder Deleted : C:\Documents and Settings\USER\Application Data\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vid-Saver
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\dfm8594y.default\prefs.js

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\dfm8594y.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\USER Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2659 octets] - [10/08/2013 09:05:14]

########## EOF - C:\AdwCleaner[S1].txt - [2719 octets] ##########
 

09:02:43.0812 3704  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
09:02:45.0812 3704  ============================================================
09:02:45.0812 3704  Current date / time: 2013/08/10 09:02:45.0812
09:02:45.0812 3704  SystemInfo:
09:02:45.0812 3704  
09:02:45.0812 3704  OS Version: 5.1.2600 ServicePack: 3.0
09:02:45.0812 3704  Product type: Workstation
09:02:45.0812 3704  ComputerName: USER-9AE4383ECF
09:02:45.0828 3704  UserName: USER
09:02:45.0828 3704  Windows directory: C:\WINDOWS
09:02:45.0828 3704  System windows directory: C:\WINDOWS
09:02:45.0828 3704  Processor architecture: Intel x86
09:02:45.0828 3704  Number of processors: 2
09:02:45.0828 3704  Page size: 0x1000
09:02:45.0828 3704  Boot type: Normal boot
09:02:45.0828 3704  ============================================================
09:02:59.0531 3704  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:02:59.0625 3704  ============================================================
09:02:59.0625 3704  \Device\Harddisk0\DR0:
09:02:59.0625 3704  MBR partitions:
09:02:59.0625 3704  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
09:02:59.0625 3704  ============================================================
09:02:59.0640 3704  C: <-> \Device\Harddisk0\DR0\Partition1
09:02:59.0656 3704  ============================================================
09:02:59.0656 3704  Initialize success
09:02:59.0656 3704  ============================================================
09:03:28.0515 3044  ============================================================
09:03:28.0515 3044  Scan started
09:03:28.0515 3044  Mode: Manual; TDLFS;
09:03:28.0515 3044  ============================================================
09:03:29.0546 3044  ================ Scan system memory ========================
09:03:29.0546 3044  System memory - ok
09:03:29.0546 3044  ================ Scan services =============================
09:03:29.0671 3044  Abiosdsk - ok
09:03:29.0671 3044  abp480n5 - ok
09:03:29.0703 3044  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:03:29.0703 3044  ACPI - ok
09:03:29.0750 3044  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
09:03:29.0750 3044  ACPIEC - ok
09:03:29.0812 3044  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:03:29.0843 3044  AdobeFlashPlayerUpdateSvc - ok
09:03:29.0859 3044  adpu160m - ok
09:03:29.0890 3044  [ 3CB6AE5435987B1F8C83FD2730479878 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys
09:03:29.0890 3044  aeaudio - ok
09:03:29.0937 3044  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
09:03:29.0937 3044  aec - ok
09:03:29.0968 3044  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
09:03:29.0984 3044  AFD - ok
09:03:29.0984 3044  Aha154x - ok
09:03:29.0984 3044  aic78u2 - ok
09:03:30.0000 3044  aic78xx - ok
09:03:30.0031 3044  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
09:03:30.0031 3044  Alerter - ok
09:03:30.0046 3044  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
09:03:30.0046 3044  ALG - ok
09:03:30.0046 3044  AliIde - ok
09:03:30.0062 3044  amsint - ok
09:03:30.0078 3044  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:03:30.0093 3044  AppMgmt - ok
09:03:30.0093 3044  asc - ok
09:03:30.0093 3044  asc3350p - ok
09:03:30.0109 3044  asc3550 - ok
09:03:30.0187 3044  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:03:30.0250 3044  aspnet_state - ok
09:03:30.0296 3044  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:03:30.0312 3044  aswFsBlk - ok
09:03:30.0359 3044  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:03:30.0375 3044  aswMonFlt - ok
09:03:30.0390 3044  [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
09:03:30.0390 3044  AswRdr - ok
09:03:30.0390 3044  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
09:03:30.0406 3044  aswRvrt - ok
09:03:30.0468 3044  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
09:03:30.0500 3044  aswSnx - ok
09:03:30.0531 3044  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
09:03:30.0531 3044  aswSP - ok
09:03:30.0546 3044  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
09:03:30.0546 3044  aswTdi - ok
09:03:30.0562 3044  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
09:03:30.0562 3044  aswVmm - ok
09:03:30.0609 3044  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:03:30.0609 3044  AsyncMac - ok
09:03:30.0609 3044  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
09:03:30.0609 3044  atapi - ok
09:03:30.0625 3044  Atdisk - ok
09:03:30.0640 3044  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:03:30.0656 3044  Atmarpc - ok
09:03:30.0687 3044  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
09:03:30.0687 3044  AudioSrv - ok
09:03:30.0734 3044  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
09:03:30.0734 3044  audstub - ok
09:03:30.0828 3044  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:03:30.0843 3044  avast! Antivirus - ok
09:03:30.0875 3044  [ 5175E788BCD1CB7345AB21F3E14369D2 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:03:30.0875 3044  b57w2k - ok
09:03:30.0906 3044  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:03:30.0906 3044  Beep - ok
09:03:30.0953 3044  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
09:03:30.0968 3044  BITS - ok
09:03:31.0000 3044  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
09:03:31.0000 3044  Browser - ok
09:03:31.0046 3044  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:03:31.0062 3044  BVRPMPR5 - ok
09:03:31.0140 3044  catchme - ok
09:03:31.0156 3044  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
09:03:31.0156 3044  cbidf2k - ok
09:03:31.0171 3044  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:03:31.0171 3044  CCDECODE - ok
09:03:31.0171 3044  cd20xrnt - ok
09:03:31.0187 3044  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
09:03:31.0187 3044  Cdaudio - ok
09:03:31.0234 3044  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
09:03:31.0250 3044  Cdfs - ok
09:03:31.0265 3044  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:03:31.0265 3044  Cdrom - ok
09:03:31.0265 3044  Changer - ok
09:03:31.0312 3044  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
09:03:31.0312 3044  CiSvc - ok
09:03:31.0343 3044  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
09:03:31.0343 3044  ClipSrv - ok
09:03:31.0406 3044  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:03:31.0515 3044  clr_optimization_v2.0.50727_32 - ok
09:03:31.0546 3044  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:03:31.0656 3044  clr_optimization_v4.0.30319_32 - ok
09:03:31.0656 3044  CmdIde - ok
09:03:31.0656 3044  COMSysApp - ok
09:03:31.0671 3044  Cpqarray - ok
09:03:31.0718 3044  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
09:03:31.0718 3044  CryptSvc - ok
09:03:31.0718 3044  dac2w2k - ok
09:03:31.0718 3044  dac960nt - ok
09:03:31.0765 3044  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:03:31.0781 3044  DcomLaunch - ok
09:03:31.0812 3044  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
09:03:31.0828 3044  Dhcp - ok
09:03:31.0859 3044  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
09:03:31.0859 3044  Disk - ok
09:03:31.0859 3044  dmadmin - ok
09:03:31.0906 3044  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
09:03:32.0015 3044  dmboot - ok
09:03:32.0031 3044  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
09:03:32.0031 3044  dmio - ok
09:03:32.0046 3044  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
09:03:32.0062 3044  dmload - ok
09:03:32.0078 3044  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
09:03:32.0078 3044  dmserver - ok
09:03:32.0109 3044  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
09:03:32.0125 3044  DMusic - ok
09:03:32.0156 3044  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:03:32.0156 3044  Dnscache - ok
09:03:32.0187 3044  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:03:32.0187 3044  Dot3svc - ok
09:03:32.0187 3044  dpti2o - ok
09:03:32.0234 3044  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
09:03:32.0234 3044  drmkaud - ok
09:03:32.0250 3044  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:03:32.0265 3044  EapHost - ok
09:03:32.0281 3044  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
09:03:32.0281 3044  ERSvc - ok
09:03:32.0312 3044  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
09:03:32.0328 3044  Eventlog - ok
09:03:32.0375 3044  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
09:03:32.0375 3044  EventSystem - ok
09:03:32.0390 3044  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
09:03:32.0390 3044  Fastfat - ok
09:03:32.0421 3044  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:03:32.0437 3044  FastUserSwitchingCompatibility - ok
09:03:32.0468 3044  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
09:03:32.0468 3044  Fdc - ok
09:03:32.0468 3044  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
09:03:32.0484 3044  Fips - ok
09:03:32.0500 3044  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:03:32.0500 3044  Flpydisk - ok
09:03:32.0531 3044  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:03:32.0546 3044  FltMgr - ok
09:03:32.0640 3044  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:03:32.0640 3044  FontCache3.0.0.0 - ok
09:03:32.0671 3044  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:03:32.0671 3044  Fs_Rec - ok
09:03:32.0687 3044  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:03:32.0687 3044  Ftdisk - ok
09:03:32.0750 3044  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:03:32.0781 3044  Gpc - ok
09:03:32.0859 3044  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:03:32.0890 3044  gupdate - ok
09:03:32.0890 3044  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:03:32.0906 3044  gupdatem - ok
09:03:32.0968 3044  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:03:32.0968 3044  helpsvc - ok
09:03:32.0968 3044  HidServ - ok
09:03:33.0015 3044  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:03:33.0031 3044  hidusb - ok
09:03:33.0078 3044  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
09:03:33.0078 3044  hkmsvc - ok
09:03:33.0093 3044  hpn - ok
09:03:33.0125 3044  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
09:03:33.0156 3044  HTTP - ok
09:03:33.0187 3044  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
09:03:33.0203 3044  HTTPFilter - ok
09:03:33.0203 3044  i2omgmt - ok
09:03:33.0218 3044  i2omp - ok
09:03:33.0250 3044  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:03:33.0265 3044  i8042prt - ok
09:03:33.0468 3044  [ 2AAE7BE67911F4AEC9AD28E9CFB9096F ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:03:33.0625 3044  ialm - ok
09:03:33.0703 3044  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:03:33.0734 3044  idsvc - ok
09:03:33.0750 3044  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
09:03:33.0750 3044  Imapi - ok
09:03:33.0796 3044  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
09:03:33.0812 3044  ImapiService - ok
09:03:33.0812 3044  ini910u - ok
09:03:33.0859 3044  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
09:03:33.0859 3044  IntelIde - ok
09:03:33.0875 3044  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:03:33.0890 3044  intelppm - ok
09:03:33.0906 3044  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
09:03:33.0906 3044  Ip6Fw - ok
09:03:33.0953 3044  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:03:33.0953 3044  IpFilterDriver - ok
09:03:33.0953 3044  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:03:33.0968 3044  IpInIp - ok
09:03:33.0984 3044  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:03:33.0984 3044  IpNat - ok
09:03:33.0984 3044  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:03:34.0000 3044  IPSec - ok
09:03:34.0031 3044  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
09:03:34.0031 3044  IRENUM - ok
09:03:34.0046 3044  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:03:34.0046 3044  isapnp - ok
09:03:34.0140 3044  [ 724A6A9AB5E1807665C5DB71C30BFC5F ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
09:03:34.0156 3044  ISWKL - ok
09:03:34.0187 3044  [ 57FE873B8246DEF1372503CBC57A7499 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
09:03:34.0234 3044  IswSvc - ok
09:03:34.0312 3044  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:03:34.0328 3044  JavaQuickStarterService - ok
09:03:34.0343 3044  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:03:34.0343 3044  Kbdclass - ok
09:03:34.0359 3044  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:03:34.0359 3044  kbdhid - ok
09:03:34.0406 3044  [ 2503B1AAAC2840A4708EC3578CC67928 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
09:03:34.0406 3044  KL1 - ok
09:03:34.0437 3044  [ DC091A2571EE1CB9FEDD7C67BB46C2D2 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
09:03:34.0453 3044  KLIF - ok
09:03:34.0468 3044  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
09:03:34.0484 3044  kmixer - ok
09:03:34.0515 3044  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
09:03:34.0515 3044  KSecDD - ok
09:03:34.0562 3044  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
09:03:34.0562 3044  lanmanserver - ok
09:03:34.0609 3044  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:03:34.0625 3044  lanmanworkstation - ok
09:03:34.0640 3044  lbrtfdc - ok
09:03:34.0687 3044  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
09:03:34.0687 3044  LmHosts - ok
09:03:34.0750 3044  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:03:34.0765 3044  MBAMScheduler - ok
09:03:34.0781 3044  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
09:03:34.0796 3044  Messenger - ok
09:03:34.0812 3044  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
09:03:34.0812 3044  mnmdd - ok
09:03:34.0843 3044  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
09:03:34.0843 3044  mnmsrvc - ok
09:03:34.0890 3044  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
09:03:34.0890 3044  Modem - ok
09:03:34.0937 3044  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:03:34.0937 3044  Mouclass - ok
09:03:34.0984 3044  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:03:35.0000 3044  mouhid - ok
09:03:35.0000 3044  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
09:03:35.0015 3044  MountMgr - ok
09:03:35.0093 3044  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:03:35.0093 3044  MozillaMaintenance - ok
09:03:35.0093 3044  mraid35x - ok
09:03:35.0109 3044  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:03:35.0125 3044  MRxDAV - ok
09:03:35.0250 3044  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:03:35.0265 3044  MRxSmb - ok
09:03:35.0312 3044  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
09:03:35.0312 3044  MSDTC - ok
09:03:35.0328 3044  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:03:35.0343 3044  Msfs - ok
09:03:35.0343 3044  MSIServer - ok
09:03:35.0359 3044  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:03:35.0375 3044  MSKSSRV - ok
09:03:35.0390 3044  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:03:35.0390 3044  MSPCLOCK - ok
09:03:35.0406 3044  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
09:03:35.0406 3044  MSPQM - ok
09:03:35.0421 3044  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:03:35.0421 3044  mssmbios - ok
09:03:35.0453 3044  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
09:03:35.0453 3044  MSTEE - ok
09:03:35.0453 3044  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
09:03:35.0468 3044  Mup - ok
09:03:35.0500 3044  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:03:35.0515 3044  NABTSFEC - ok
09:03:35.0656 3044  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
09:03:35.0671 3044  napagent - ok
09:03:35.0734 3044  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
09:03:35.0750 3044  NDIS - ok
09:03:35.0796 3044  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:03:35.0828 3044  NdisIP - ok
09:03:35.0859 3044  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:03:35.0859 3044  NdisTapi - ok
09:03:35.0906 3044  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:03:35.0921 3044  Ndisuio - ok
09:03:35.0953 3044  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:03:35.0968 3044  NdisWan - ok
09:03:36.0015 3044  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
09:03:36.0031 3044  NDProxy - ok
09:03:36.0078 3044  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
09:03:36.0109 3044  NetBIOS - ok
09:03:36.0171 3044  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:03:36.0203 3044  NetBT - ok
09:03:36.0234 3044  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
09:03:36.0234 3044  NetDDE - ok
09:03:36.0265 3044  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
09:03:36.0281 3044  NetDDEdsdm - ok
09:03:36.0312 3044  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:03:36.0328 3044  Netlogon - ok
09:03:36.0390 3044  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
09:03:36.0437 3044  Netman - ok
09:03:36.0484 3044  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:03:36.0500 3044  NetTcpPortSharing - ok
09:03:36.0546 3044  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
09:03:36.0578 3044  Nla - ok
09:03:36.0625 3044  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:03:36.0656 3044  Npfs - ok
09:03:36.0781 3044  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:03:36.0953 3044  Ntfs - ok
09:03:37.0078 3044  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
09:03:37.0078 3044  NtLmSsp - ok
09:03:37.0234 3044  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
09:03:37.0265 3044  NtmsSvc - ok
09:03:37.0296 3044  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:03:37.0296 3044  Null - ok
09:03:37.0343 3044  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:03:37.0359 3044  NwlnkFlt - ok
09:03:37.0375 3044  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:03:37.0390 3044  NwlnkFwd - ok
09:03:37.0437 3044  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
09:03:37.0453 3044  Parport - ok
09:03:37.0484 3044  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
09:03:37.0484 3044  PartMgr - ok
09:03:37.0531 3044  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
09:03:37.0531 3044  ParVdm - ok
09:03:37.0562 3044  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
09:03:37.0593 3044  PCI - ok
09:03:37.0593 3044  PCIDump - ok
09:03:37.0609 3044  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
09:03:37.0609 3044  PCIIde - ok
09:03:37.0656 3044  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
09:03:37.0687 3044  Pcmcia - ok
09:03:37.0687 3044  PDCOMP - ok
09:03:37.0687 3044  PDFRAME - ok
09:03:37.0703 3044  PDRELI - ok
09:03:37.0703 3044  PDRFRAME - ok
09:03:37.0703 3044  perc2 - ok
09:03:37.0718 3044  perc2hib - ok
09:03:37.0750 3044  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
09:03:37.0750 3044  PlugPlay - ok
09:03:37.0781 3044  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
09:03:37.0781 3044  PolicyAgent - ok
09:03:37.0828 3044  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:03:37.0859 3044  PptpMiniport - ok
09:03:37.0875 3044  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:03:37.0875 3044  ProtectedStorage - ok
09:03:37.0890 3044  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
09:03:37.0890 3044  PSched - ok
09:03:37.0937 3044  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:03:37.0937 3044  Ptilink - ok
09:03:37.0953 3044  ql1080 - ok
09:03:37.0953 3044  Ql10wnt - ok
09:03:37.0968 3044  ql12160 - ok
09:03:37.0968 3044  ql1240 - ok
09:03:37.0968 3044  ql1280 - ok
09:03:38.0015 3044  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:03:38.0015 3044  RasAcd - ok
09:03:38.0078 3044  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:03:38.0078 3044  RasAuto - ok
09:03:38.0093 3044  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:03:38.0109 3044  Rasl2tp - ok
09:03:38.0140 3044  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:03:38.0156 3044  RasMan - ok
09:03:38.0171 3044  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:03:38.0171 3044  RasPppoe - ok
09:03:38.0187 3044  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
09:03:38.0187 3044  Raspti - ok
09:03:38.0203 3044  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:03:38.0203 3044  Rdbss - ok
09:03:38.0218 3044  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:03:38.0218 3044  RDPCDD - ok
09:03:38.0234 3044  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:03:38.0234 3044  rdpdr - ok
09:03:38.0281 3044  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
09:03:38.0296 3044  RDPWD - ok
09:03:38.0343 3044  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
09:03:38.0343 3044  RDSessMgr - ok
09:03:38.0375 3044  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
09:03:38.0390 3044  redbook - ok
09:03:38.0453 3044  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:03:38.0468 3044  RemoteAccess - ok
09:03:38.0484 3044  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:03:38.0500 3044  RemoteRegistry - ok
09:03:38.0500 3044  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:03:38.0500 3044  RpcLocator - ok
09:03:38.0546 3044  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
09:03:38.0546 3044  RpcSs - ok
09:03:38.0562 3044  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
09:03:38.0578 3044  RSVP - ok
09:03:38.0593 3044  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:03:38.0593 3044  SamSs - ok
09:03:38.0609 3044  SBRE - ok
09:03:38.0640 3044  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
09:03:38.0640 3044  SCardSvr - ok
09:03:38.0671 3044  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:03:38.0718 3044  Schedule - ok
09:03:38.0765 3044  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:03:38.0765 3044  Secdrv - ok
09:03:38.0796 3044  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
09:03:38.0796 3044  seclogon - ok
09:03:38.0812 3044  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
09:03:38.0812 3044  SENS - ok
09:03:38.0828 3044  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
09:03:38.0843 3044  serenum - ok
09:03:38.0875 3044  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
09:03:38.0890 3044  Serial - ok
09:03:38.0953 3044  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
09:03:38.0953 3044  Sfloppy - ok
09:03:39.0000 3044  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:03:39.0015 3044  SharedAccess - ok
09:03:39.0031 3044  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:03:39.0046 3044  ShellHWDetection - ok
09:03:39.0046 3044  Simbad - ok
09:03:39.0218 3044  [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:03:39.0296 3044  Skype C2C Service - ok
09:03:39.0390 3044  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:03:39.0406 3044  SkypeUpdate - ok
09:03:39.0437 3044  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:03:39.0453 3044  SLIP - ok
09:03:39.0500 3044  [ 86D17B6760DD2B09E932FF101714E0DC ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
09:03:39.0546 3044  smwdm - ok
09:03:39.0609 3044  [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
09:03:39.0718 3044  SoundMAX Agent Service (default) - ok
09:03:39.0718 3044  Sparrow - ok
09:03:39.0750 3044  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
09:03:39.0765 3044  splitter - ok
09:03:39.0796 3044  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
09:03:39.0796 3044  Spooler - ok
09:03:39.0828 3044  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
09:03:39.0843 3044  sr - ok
09:03:39.0859 3044  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
09:03:39.0875 3044  srservice - ok
09:03:39.0906 3044  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:03:39.0906 3044  Srv - ok
09:03:39.0953 3044  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:03:39.0953 3044  SSDPSRV - ok
09:03:40.0000 3044  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
09:03:40.0015 3044  stisvc - ok
09:03:40.0031 3044  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:03:40.0046 3044  streamip - ok
09:03:40.0062 3044  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
09:03:40.0062 3044  swenum - ok
09:03:40.0093 3044  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
09:03:40.0093 3044  swmidi - ok
09:03:40.0109 3044  SwPrv - ok
09:03:40.0109 3044  symc810 - ok
09:03:40.0125 3044  symc8xx - ok
09:03:40.0125 3044  sym_hi - ok
09:03:40.0140 3044  sym_u3 - ok
09:03:40.0156 3044  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
09:03:40.0171 3044  sysaudio - ok
09:03:40.0187 3044  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
09:03:40.0187 3044  SysmonLog - ok
09:03:40.0250 3044  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:03:40.0265 3044  TapiSrv - ok
09:03:40.0312 3044  [ D9F19E78F98834CB411D6AD3C68D181A ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:03:40.0328 3044  Tcpip - ok
09:03:40.0359 3044  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
09:03:40.0359 3044  TDPIPE - ok
09:03:40.0390 3044  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
09:03:40.0390 3044  TDTCP - ok
09:03:40.0406 3044  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
09:03:40.0406 3044  TermDD - ok
09:03:40.0453 3044  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
09:03:40.0468 3044  TermService - ok
09:03:40.0484 3044  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
09:03:40.0484 3044  Themes - ok
09:03:40.0515 3044  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
09:03:40.0531 3044  TlntSvr - ok
09:03:40.0531 3044  TosIde - ok
09:03:40.0562 3044  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
09:03:40.0578 3044  TrkWks - ok
09:03:40.0609 3044  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
09:03:40.0609 3044  Udfs - ok
09:03:40.0609 3044  ultra - ok
09:03:40.0656 3044  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
09:03:40.0671 3044  Update - ok
09:03:40.0718 3044  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:03:40.0734 3044  upnphost - ok
09:03:40.0765 3044  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
09:03:40.0765 3044  UPS - ok
09:03:40.0781 3044  USBAAPL - ok
09:03:40.0812 3044  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
09:03:40.0812 3044  usbaudio - ok
09:03:40.0843 3044  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:03:40.0859 3044  usbccgp - ok
09:03:40.0890 3044  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:03:40.0890 3044  usbehci - ok
09:03:40.0906 3044  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:03:40.0906 3044  usbhub - ok
09:03:40.0937 3044  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:03:40.0953 3044  usbprint - ok
09:03:41.0000 3044  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:03:41.0000 3044  usbscan - ok
09:03:41.0046 3044  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:03:41.0046 3044  USBSTOR - ok
09:03:41.0078 3044  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:03:41.0093 3044  usbuhci - ok
09:03:41.0125 3044  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
09:03:41.0125 3044  usbvideo - ok
09:03:41.0171 3044  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
09:03:41.0171 3044  VgaSave - ok
09:03:41.0171 3044  ViaIde - ok
09:03:41.0187 3044  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
09:03:41.0203 3044  VolSnap - ok
09:03:41.0234 3044  [ B96ECAE46A68F57862BACF59EEC24FEF ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
09:03:41.0265 3044  Vsdatant - ok
09:03:41.0296 3044  vsmon - ok
09:03:41.0328 3044  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
09:03:41.0359 3044  VSS - ok
09:03:41.0375 3044  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
09:03:41.0406 3044  W32Time - ok
09:03:41.0437 3044  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:03:41.0437 3044  Wanarp - ok
09:03:41.0437 3044  WDICA - ok
09:03:41.0484 3044  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
09:03:41.0484 3044  wdmaud - ok
09:03:41.0515 3044  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:03:41.0515 3044  WebClient - ok
09:03:41.0656 3044  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:03:41.0671 3044  winmgmt - ok
09:03:41.0718 3044  WinRing0_1_2_0 - ok
09:03:41.0765 3044  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
09:03:41.0765 3044  WmdmPmSN - ok
09:03:41.0812 3044  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
09:03:41.0859 3044  Wmi - ok
09:03:41.0890 3044  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:03:41.0890 3044  WmiAcpi - ok
09:03:41.0906 3044  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:03:41.0921 3044  WmiApSrv - ok
09:03:42.0000 3044  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
09:03:42.0046 3044  WMPNetworkSvc - ok
09:03:42.0140 3044  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:03:42.0187 3044  WPFFontCache_v0400 - ok
09:03:42.0218 3044  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:03:42.0218 3044  WS2IFSL - ok
09:03:42.0250 3044  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
09:03:42.0265 3044  wscsvc - ok
09:03:42.0281 3044  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:03:42.0281 3044  WSTCODEC - ok
09:03:42.0312 3044  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
09:03:42.0343 3044  wuauserv - ok
09:03:42.0375 3044  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:03:42.0375 3044  WudfPf - ok
09:03:42.0390 3044  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:03:42.0390 3044  WudfRd - ok
09:03:42.0421 3044  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
09:03:42.0421 3044  WudfSvc - ok
09:03:42.0453 3044  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
09:03:42.0484 3044  WZCSVC - ok
09:03:42.0500 3044  XDva401 - ok
09:03:42.0531 3044  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
09:03:42.0562 3044  xmlprov - ok
09:03:42.0578 3044  ================ Scan global ===============================
09:03:42.0750 3044  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:03:42.0828 3044  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:03:42.0843 3044  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:03:42.0859 3044  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:03:42.0875 3044  [Global] - ok
09:03:42.0875 3044  ================ Scan MBR ==================================
09:03:42.0890 3044  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:03:43.0156 3044  \Device\Harddisk0\DR0 - ok
09:03:43.0156 3044  ================ Scan VBR ==================================
09:03:43.0171 3044  [ 1BF9B3E81185E0859ED47DF9B54A15B8 ] \Device\Harddisk0\DR0\Partition1
09:03:43.0234 3044  \Device\Harddisk0\DR0\Partition1 - ok
09:03:43.0234 3044  ============================================================
09:03:43.0234 3044  Scan finished
09:03:43.0234 3044  ============================================================
09:03:43.0250 3820  Detected object count: 0
09:03:43.0250 3820  Actual detected object count: 0
09:03:58.0812 3972  ============================================================
09:03:58.0812 3972  Scan started
09:03:58.0812 3972  Mode: Manual; TDLFS;
09:03:58.0812 3972  ============================================================
09:04:00.0421 3972  ================ Scan system memory ========================
09:04:00.0437 3972  System memory - ok
09:04:00.0437 3972  ================ Scan services =============================
09:04:01.0109 3972  Abiosdsk - ok
09:04:01.0109 3972  abp480n5 - ok
09:04:01.0187 3972  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:04:01.0203 3972  ACPI - ok
09:04:01.0234 3972  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
09:04:01.0234 3972  ACPIEC - ok
09:04:01.0296 3972  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:04:01.0328 3972  AdobeFlashPlayerUpdateSvc - ok
09:04:01.0328 3972  adpu160m - ok
09:04:01.0359 3972  [ 3CB6AE5435987B1F8C83FD2730479878 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys
09:04:01.0390 3972  aeaudio - ok
09:04:01.0437 3972  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
09:04:01.0453 3972  aec - ok
09:04:01.0515 3972  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
09:04:01.0515 3972  AFD - ok
09:04:01.0515 3972  Aha154x - ok
09:04:01.0531 3972  aic78u2 - ok
09:04:01.0531 3972  aic78xx - ok
09:04:01.0593 3972  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
09:04:01.0609 3972  Alerter - ok
09:04:01.0640 3972  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
09:04:01.0671 3972  ALG - ok
09:04:01.0671 3972  AliIde - ok
09:04:01.0687 3972  amsint - ok
09:04:01.0734 3972  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:04:01.0781 3972  AppMgmt - ok
09:04:01.0781 3972  asc - ok
09:04:01.0781 3972  asc3350p - ok
09:04:01.0796 3972  asc3550 - ok
09:04:02.0328 3972  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:04:02.0328 3972  aspnet_state - ok
09:04:02.0375 3972  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:04:02.0406 3972  aswFsBlk - ok
09:04:02.0453 3972  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:04:02.0484 3972  aswMonFlt - ok
09:04:02.0500 3972  [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
09:04:02.0515 3972  AswRdr - ok
09:04:02.0531 3972  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
09:04:02.0546 3972  aswRvrt - ok
09:04:02.0640 3972  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
09:04:02.0718 3972  aswSnx - ok
09:04:02.0765 3972  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
09:04:02.0796 3972  aswSP - ok
09:04:02.0828 3972  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
09:04:02.0843 3972  aswTdi - ok
09:04:02.0859 3972  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
09:04:02.0906 3972  aswVmm - ok
09:04:02.0953 3972  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:04:02.0968 3972  AsyncMac - ok
09:04:02.0968 3972  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
09:04:03.0000 3972  atapi - ok
09:04:03.0000 3972  Atdisk - ok
09:04:03.0015 3972  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:04:03.0031 3972  Atmarpc - ok
09:04:03.0062 3972  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
09:04:03.0078 3972  AudioSrv - ok
09:04:03.0109 3972  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
09:04:03.0125 3972  audstub - ok
09:04:03.0250 3972  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:04:03.0265 3972  avast! Antivirus - ok
09:04:03.0296 3972  [ 5175E788BCD1CB7345AB21F3E14369D2 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:04:03.0343 3972  b57w2k - ok
09:04:03.0390 3972  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:04:03.0390 3972  Beep - ok
09:04:03.0531 3972  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
09:04:03.0578 3972  BITS - ok
09:04:03.0609 3972  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
09:04:03.0625 3972  Browser - ok
09:04:03.0671 3972  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:04:03.0671 3972  BVRPMPR5 - ok
09:04:03.0812 3972  catchme - ok
09:04:03.0843 3972  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
09:04:03.0843 3972  cbidf2k - ok
09:04:03.0875 3972  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:04:03.0875 3972  CCDECODE - ok
09:04:03.0890 3972  cd20xrnt - ok
09:04:03.0906 3972  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
09:04:03.0921 3972  Cdaudio - ok
09:04:04.0046 3972  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
09:04:04.0062 3972  Cdfs - ok
09:04:04.0125 3972  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:04:04.0140 3972  Cdrom - ok
09:04:04.0156 3972  Changer - ok
09:04:04.0234 3972  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
09:04:04.0250 3972  CiSvc - ok
09:04:04.0281 3972  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
09:04:04.0296 3972  ClipSrv - ok
09:04:04.0890 3972  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:04:05.0062 3972  clr_optimization_v2.0.50727_32 - ok
09:04:05.0156 3972  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:04:05.0156 3972  clr_optimization_v4.0.30319_32 - ok
09:04:05.0171 3972  CmdIde - ok
09:04:05.0171 3972  COMSysApp - ok
09:04:05.0187 3972  Cpqarray - ok
09:04:05.0234 3972  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
09:04:05.0234 3972  CryptSvc - ok
09:04:05.0250 3972  dac2w2k - ok
09:04:05.0250 3972  dac960nt - ok
09:04:05.0328 3972  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:04:05.0343 3972  DcomLaunch - ok
09:04:05.0390 3972  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
09:04:05.0390 3972  Dhcp - ok
09:04:05.0437 3972  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
09:04:05.0437 3972  Disk - ok
09:04:05.0437 3972  dmadmin - ok
09:04:05.0531 3972  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
09:04:05.0609 3972  dmboot - ok
09:04:05.0625 3972  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
09:04:05.0765 3972  dmio - ok
09:04:05.0828 3972  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
09:04:06.0015 3972  dmload - ok
09:04:06.0062 3972  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
09:04:06.0078 3972  dmserver - ok
09:04:06.0171 3972  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
09:04:06.0203 3972  DMusic - ok
09:04:06.0265 3972  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:04:06.0281 3972  Dnscache - ok
09:04:06.0843 3972  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:04:06.0921 3972  Dot3svc - ok
09:04:06.0921 3972  dpti2o - ok
09:04:06.0984 3972  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
09:04:07.0000 3972  drmkaud - ok
09:04:07.0031 3972  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:04:07.0046 3972  EapHost - ok
09:04:07.0093 3972  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
09:04:07.0109 3972  ERSvc - ok
09:04:07.0156 3972  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
09:04:07.0156 3972  Eventlog - ok
09:04:07.0203 3972  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
09:04:07.0265 3972  EventSystem - ok
09:04:07.0281 3972  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
09:04:07.0312 3972  Fastfat - ok
09:04:07.0375 3972  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:04:07.0390 3972  FastUserSwitchingCompatibility - ok
09:04:07.0421 3972  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
09:04:07.0421 3972  Fdc - ok
09:04:07.0437 3972  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
09:04:07.0453 3972  Fips - ok
09:04:07.0468 3972  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:04:07.0500 3972  Flpydisk - ok
09:04:07.0562 3972  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:04:07.0578 3972  FltMgr - ok
09:04:07.0656 3972  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:04:07.0671 3972  FontCache3.0.0.0 - ok
09:04:07.0703 3972  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:04:07.0703 3972  Fs_Rec - ok
09:04:07.0718 3972  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:04:07.0718 3972  Ftdisk - ok
09:04:07.0765 3972  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:04:07.0765 3972  Gpc - ok
09:04:07.0828 3972  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:04:07.0828 3972  gupdate - ok
09:04:07.0828 3972  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:04:07.0843 3972  gupdatem - ok
09:04:07.0921 3972  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:04:07.0921 3972  helpsvc - ok
09:04:07.0937 3972  HidServ - ok
09:04:07.0953 3972  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:04:07.0953 3972  hidusb - ok
09:04:07.0984 3972  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
09:04:08.0000 3972  hkmsvc - ok
09:04:08.0000 3972  hpn - ok
09:04:08.0046 3972  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
09:04:08.0125 3972  HTTP - ok
09:04:08.0156 3972  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
09:04:08.0171 3972  HTTPFilter - ok
09:04:08.0187 3972  i2omgmt - ok
09:04:08.0187 3972  i2omp - ok
09:04:08.0218 3972  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:04:08.0218 3972  i8042prt - ok
09:04:08.0578 3972  [ 2AAE7BE67911F4AEC9AD28E9CFB9096F ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:04:09.0171 3972  ialm - ok
09:04:09.0250 3972  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:04:09.0343 3972  idsvc - ok
09:04:09.0359 3972  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
09:04:09.0359 3972  Imapi - ok
09:04:09.0406 3972  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
09:04:09.0421 3972  ImapiService - ok
09:04:09.0437 3972  ini910u - ok
09:04:09.0484 3972  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
09:04:09.0484 3972  IntelIde - ok
09:04:09.0515 3972  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:04:09.0515 3972  intelppm - ok
09:04:09.0546 3972  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
09:04:09.0546 3972  Ip6Fw - ok
09:04:09.0578 3972  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:04:09.0593 3972  IpFilterDriver - ok
09:04:09.0609 3972  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:04:09.0625 3972  IpInIp - ok
09:04:09.0687 3972  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:04:09.0718 3972  IpNat - ok
09:04:09.0750 3972  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:04:09.0765 3972  IPSec - ok
09:04:09.0796 3972  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
09:04:09.0796 3972  IRENUM - ok
09:04:09.0812 3972  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:04:09.0828 3972  isapnp - ok
09:04:09.0906 3972  [ 724A6A9AB5E1807665C5DB71C30BFC5F ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
09:04:09.0906 3972  ISWKL - ok
09:04:09.0968 3972  [ 57FE873B8246DEF1372503CBC57A7499 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
09:04:10.0046 3972  IswSvc - ok
09:04:10.0140 3972  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:04:10.0156 3972  JavaQuickStarterService - ok
09:04:10.0171 3972  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:04:10.0187 3972  Kbdclass - ok
09:04:10.0203 3972  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:04:10.0218 3972  kbdhid - ok
09:04:10.0265 3972  [ 2503B1AAAC2840A4708EC3578CC67928 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
09:04:10.0265 3972  KL1 - ok
09:04:10.0328 3972  [ DC091A2571EE1CB9FEDD7C67BB46C2D2 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
09:04:10.0484 3972  KLIF - ok
09:04:10.0531 3972  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
09:04:10.0546 3972  kmixer - ok
09:04:10.0578 3972  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
09:04:10.0640 3972  KSecDD - ok
09:04:10.0937 3972  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
09:04:10.0953 3972  lanmanserver - ok
09:04:11.0000 3972  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:04:11.0046 3972  lanmanworkstation - ok
09:04:11.0062 3972  lbrtfdc - ok
09:04:11.0125 3972  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
09:04:11.0140 3972  LmHosts - ok
09:04:11.0343 3972  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:04:11.0375 3972  MBAMScheduler - ok
09:04:11.0437 3972  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
09:04:11.0484 3972  Messenger - ok
09:04:11.0984 3972  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
09:04:12.0015 3972  mnmdd - ok
09:04:12.0062 3972  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
09:04:12.0125 3972  mnmsrvc - ok
09:04:12.0234 3972  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
09:04:12.0234 3972  Modem - ok
09:04:12.0296 3972  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:04:12.0312 3972  Mouclass - ok
09:04:12.0375 3972  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:04:12.0406 3972  mouhid - ok
09:04:12.0437 3972  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
09:04:12.0453 3972  MountMgr - ok
09:04:12.0515 3972  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:04:12.0531 3972  MozillaMaintenance - ok
09:04:12.0531 3972  mraid35x - ok
09:04:12.0562 3972  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:04:12.0578 3972  MRxDAV - ok
09:04:12.0640 3972  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:04:12.0640 3972  MRxSmb - ok
09:04:12.0687 3972  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
09:04:12.0687 3972  MSDTC - ok
09:04:12.0703 3972  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:04:12.0703 3972  Msfs - ok
09:04:12.0718 3972  MSIServer - ok
09:04:12.0750 3972  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:04:12.0750 3972  MSKSSRV - ok
09:04:12.0781 3972  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:04:12.0781 3972  MSPCLOCK - ok
09:04:12.0796 3972  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
09:04:12.0796 3972  MSPQM - ok
09:04:12.0812 3972  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:04:12.0812 3972  mssmbios - ok
09:04:12.0843 3972  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
09:04:12.0843 3972  MSTEE - ok
09:04:12.0859 3972  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
09:04:12.0859 3972  Mup - ok
09:04:12.0875 3972  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:04:12.0890 3972  NABTSFEC - ok
09:04:12.0921 3972  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
09:04:12.0937 3972  napagent - ok
09:04:12.0953 3972  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
09:04:12.0953 3972  NDIS - ok
09:04:12.0984 3972  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:04:12.0984 3972  NdisIP - ok
09:04:13.0000 3972  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:04:13.0015 3972  NdisTapi - ok
09:04:13.0046 3972  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:04:13.0046 3972  Ndisuio - ok
09:04:13.0062 3972  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:04:13.0062 3972  NdisWan - ok
09:04:13.0078 3972  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
09:04:13.0078 3972  NDProxy - ok
09:04:13.0093 3972  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
09:04:13.0093 3972  NetBIOS - ok
09:04:13.0125 3972  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:04:13.0125 3972  NetBT - ok
09:04:13.0156 3972  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
09:04:13.0156 3972  NetDDE - ok
09:04:13.0171 3972  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
09:04:13.0171 3972  NetDDEdsdm - ok
09:04:13.0218 3972  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:04:13.0218 3972  Netlogon - ok
09:04:13.0250 3972  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
09:04:13.0265 3972  Netman - ok
09:04:13.0312 3972  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:04:13.0312 3972  NetTcpPortSharing - ok
09:04:13.0343 3972  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
09:04:13.0359 3972  Nla - ok
09:04:13.0375 3972  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:04:13.0375 3972  Npfs - ok
09:04:13.0406 3972  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:04:13.0421 3972  Ntfs - ok
09:04:13.0437 3972  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
09:04:13.0437 3972  NtLmSsp - ok
09:04:13.0484 3972  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
09:04:13.0500 3972  NtmsSvc - ok
09:04:13.0515 3972  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:04:13.0515 3972  Null - ok
09:04:13.0562 3972  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:04:13.0578 3972  NwlnkFlt - ok
09:04:13.0609 3972  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:04:13.0609 3972  NwlnkFwd - ok
09:04:13.0625 3972  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
09:04:13.0640 3972  Parport - ok
09:04:13.0640 3972  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
09:04:13.0640 3972  PartMgr - ok
09:04:13.0671 3972  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
09:04:13.0687 3972  ParVdm - ok
09:04:13.0687 3972  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
09:04:13.0687 3972  PCI - ok
09:04:13.0703 3972  PCIDump - ok
09:04:13.0703 3972  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
09:04:13.0703 3972  PCIIde - ok
09:04:13.0734 3972  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
09:04:13.0734 3972  Pcmcia - ok
09:04:13.0734 3972  PDCOMP - ok
09:04:13.0750 3972  PDFRAME - ok
09:04:13.0750 3972  PDRELI - ok
09:04:13.0765 3972  PDRFRAME - ok
09:04:13.0765 3972  perc2 - ok
09:04:13.0781 3972  perc2hib - ok
09:04:13.0828 3972  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
09:04:13.0828 3972  PlugPlay - ok
09:04:13.0843 3972  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
09:04:13.0843 3972  PolicyAgent - ok
09:04:13.0875 3972  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:04:13.0875 3972  PptpMiniport - ok
09:04:13.0890 3972  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:04:13.0890 3972  ProtectedStorage - ok
09:04:13.0906 3972  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
09:04:13.0906 3972  PSched - ok
09:04:13.0937 3972  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:04:13.0937 3972  Ptilink - ok
09:04:13.0937 3972  ql1080 - ok
09:04:13.0953 3972  Ql10wnt - ok
09:04:13.0953 3972  ql12160 - ok
09:04:13.0953 3972  ql1240 - ok
09:04:13.0968 3972  ql1280 - ok
09:04:13.0968 3972  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:04:13.0984 3972  RasAcd - ok
09:04:14.0000 3972  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:04:14.0000 3972  RasAuto - ok
09:04:14.0015 3972  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:04:14.0031 3972  Rasl2tp - ok
09:04:14.0062 3972  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:04:14.0078 3972  RasMan - ok
09:04:14.0093 3972  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:04:14.0093 3972  RasPppoe - ok
09:04:14.0109 3972  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
09:04:14.0109 3972  Raspti - ok
09:04:14.0125 3972  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:04:14.0125 3972  Rdbss - ok
09:04:14.0140 3972  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:04:14.0140 3972  RDPCDD - ok
09:04:14.0156 3972  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:04:14.0156 3972  rdpdr - ok
09:04:14.0203 3972  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
09:04:14.0203 3972  RDPWD - ok
09:04:14.0218 3972  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
09:04:14.0234 3972  RDSessMgr - ok
09:04:14.0265 3972  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
09:04:14.0265 3972  redbook - ok
09:04:14.0312 3972  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:04:14.0312 3972  RemoteAccess - ok
09:04:14.0359 3972  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:04:14.0359 3972  RemoteRegistry - ok
09:04:14.0359 3972  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:04:14.0375 3972  RpcLocator - ok
09:04:14.0453 3972  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
09:04:14.0468 3972  RpcSs - ok
09:04:14.0484 3972  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
09:04:14.0500 3972  RSVP - ok
09:04:14.0515 3972  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:04:14.0515 3972  SamSs - ok
09:04:14.0531 3972  SBRE - ok
09:04:14.0546 3972  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
09:04:14.0546 3972  SCardSvr - ok
09:04:14.0609 3972  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:04:14.0625 3972  Schedule - ok
09:04:14.0671 3972  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:04:14.0671 3972  Secdrv - ok
09:04:14.0687 3972  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
09:04:14.0687 3972  seclogon - ok
09:04:14.0703 3972  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
09:04:14.0703 3972  SENS - ok
09:04:14.0718 3972  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
09:04:14.0718 3972  serenum - ok
09:04:14.0734 3972  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
09:04:14.0734 3972  Serial - ok
09:04:14.0812 3972  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
09:04:14.0812 3972  Sfloppy - ok
09:04:14.0843 3972  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:04:14.0859 3972  SharedAccess - ok
09:04:14.0875 3972  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:04:14.0890 3972  ShellHWDetection - ok
09:04:14.0906 3972  Simbad - ok
09:04:15.0062 3972  [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:04:15.0156 3972  Skype C2C Service - ok
09:04:15.0218 3972  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:04:15.0234 3972  SkypeUpdate - ok
09:04:15.0250 3972  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:04:15.0265 3972  SLIP - ok
09:04:15.0312 3972  [ 86D17B6760DD2B09E932FF101714E0DC ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
09:04:15.0343 3972  smwdm - ok
09:04:15.0421 3972  [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
09:04:15.0421 3972  SoundMAX Agent Service (default) - ok
09:04:15.0421 3972  Sparrow - ok
09:04:15.0453 3972  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
09:04:15.0453 3972  splitter - ok
09:04:15.0484 3972  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
09:04:15.0500 3972  Spooler - ok
09:04:15.0531 3972  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
09:04:15.0531 3972  sr - ok
09:04:15.0578 3972  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
09:04:15.0578 3972  srservice - ok
09:04:15.0640 3972  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:04:15.0640 3972  Srv - ok
09:04:15.0687 3972  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:04:15.0687 3972  SSDPSRV - ok
09:04:15.0734 3972  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
09:04:15.0734 3972  stisvc - ok
09:04:15.0765 3972  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:04:15.0765 3972  streamip - ok
09:04:15.0781 3972  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
09:04:15.0781 3972  swenum - ok
09:04:15.0812 3972  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
09:04:15.0828 3972  swmidi - ok
09:04:15.0828 3972  SwPrv - ok
09:04:15.0843 3972  symc810 - ok
09:04:15.0843 3972  symc8xx - ok
09:04:15.0843 3972  sym_hi - ok
09:04:15.0859 3972  sym_u3 - ok
09:04:15.0921 3972  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
09:04:15.0921 3972  sysaudio - ok
09:04:15.0953 3972  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
09:04:15.0968 3972  SysmonLog - ok
09:04:16.0015 3972  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:04:16.0031 3972  TapiSrv - ok
09:04:16.0062 3972  [ D9F19E78F98834CB411D6AD3C68D181A ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:04:16.0093 3972  Tcpip - ok
09:04:16.0125 3972  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
09:04:16.0140 3972  TDPIPE - ok
09:04:16.0156 3972  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
09:04:16.0156 3972  TDTCP - ok
09:04:16.0171 3972  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
09:04:16.0187 3972  TermDD - ok
09:04:16.0234 3972  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
09:04:16.0234 3972  TermService - ok
09:04:16.0250 3972  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
09:04:16.0265 3972  Themes - ok
09:04:16.0296 3972  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
09:04:16.0296 3972  TlntSvr - ok
09:04:16.0296 3972  TosIde - ok
09:04:16.0312 3972  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
09:04:16.0312 3972  TrkWks - ok
09:04:16.0328 3972  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
09:04:16.0343 3972  Udfs - ok
09:04:16.0343 3972  ultra - ok
09:04:16.0390 3972  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
09:04:16.0406 3972  Update - ok
09:04:16.0437 3972  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:04:16.0453 3972  upnphost - ok
09:04:16.0484 3972  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
09:04:16.0484 3972  UPS - ok
09:04:16.0500 3972  USBAAPL - ok
09:04:16.0531 3972  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
09:04:16.0531 3972  usbaudio - ok
09:04:16.0578 3972  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:04:16.0578 3972  usbccgp - ok
09:04:16.0609 3972  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:04:16.0609 3972  usbehci - ok
09:04:16.0625 3972  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:04:16.0625 3972  usbhub - ok
09:04:16.0671 3972  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:04:16.0671 3972  usbprint - ok
09:04:16.0703 3972  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:04:16.0703 3972  usbscan - ok
09:04:16.0734 3972  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:04:16.0734 3972  USBSTOR - ok
09:04:16.0781 3972  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:04:16.0781 3972  usbuhci - ok
09:04:16.0796 3972  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
09:04:16.0796 3972  usbvideo - ok
09:04:16.0828 3972  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
09:04:16.0843 3972  VgaSave - ok
09:04:16.0843 3972  ViaIde - ok
09:04:16.0859 3972  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
09:04:16.0859 3972  VolSnap - ok
09:04:16.0906 3972  [ B96ECAE46A68F57862BACF59EEC24FEF ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
09:04:16.0937 3972  Vsdatant - ok
09:04:16.0953 3972  vsmon - ok
09:04:17.0000 3972  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
09:04:17.0031 3972  VSS - ok
09:04:17.0046 3972  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
09:04:17.0062 3972  W32Time - ok
09:04:17.0078 3972  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:04:17.0093 3972  Wanarp - ok
09:04:17.0093 3972  WDICA - ok
09:04:17.0125 3972  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
09:04:17.0140 3972  wdmaud - ok
09:04:17.0171 3972  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:04:17.0171 3972  WebClient - ok
09:04:17.0250 3972  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:04:17.0250 3972  winmgmt - ok
09:04:17.0312 3972  WinRing0_1_2_0 - ok
09:04:17.0343 3972  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
09:04:17.0359 3972  WmdmPmSN - ok
09:04:17.0453 3972  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
09:04:17.0468 3972  Wmi - ok
09:04:17.0500 3972  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:04:17.0500 3972  WmiAcpi - ok
09:04:17.0531 3972  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:04:17.0531 3972  WmiApSrv - ok
09:04:17.0609 3972  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
09:04:17.0656 3972  WMPNetworkSvc - ok
09:04:17.0750 3972  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:04:17.0765 3972  WPFFontCache_v0400 - ok
09:04:17.0812 3972  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:04:17.0812 3972  WS2IFSL - ok
09:04:17.0859 3972  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
09:04:17.0859 3972  wscsvc - ok
09:04:17.0906 3972  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:04:17.0906 3972  WSTCODEC - ok
09:04:17.0937 3972  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
09:04:17.0953 3972  wuauserv - ok
09:04:17.0968 3972  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:04:17.0984 3972  WudfPf - ok
09:04:17.0984 3972  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:04:18.0000 3972  WudfRd - ok
09:04:18.0015 3972  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
09:04:18.0031 3972  WudfSvc - ok
09:04:18.0062 3972  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
09:04:18.0093 3972  WZCSVC - ok
09:04:18.0093 3972  XDva401 - ok
09:04:18.0125 3972  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
09:04:18.0140 3972  xmlprov - ok
09:04:18.0156 3972  ================ Scan global ===============================
09:04:18.0187 3972  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:04:18.0218 3972  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:04:18.0234 3972  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:04:18.0250 3972  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:04:18.0250 3972  [Global] - ok
09:04:18.0250 3972  ================ Scan MBR ==================================
09:04:18.0265 3972  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:04:18.0468 3972  \Device\Harddisk0\DR0 - ok
09:04:18.0468 3972  ================ Scan VBR ==================================
09:04:18.0468 3972  [ 1BF9B3E81185E0859ED47DF9B54A15B8 ] \Device\Harddisk0\DR0\Partition1
09:04:18.0468 3972  \Device\Harddisk0\DR0\Partition1 - ok
09:04:18.0468 3972  ============================================================
09:04:18.0468 3972  Scan finished
09:04:18.0468 3972  ============================================================
09:04:18.0484 4060  Detected object count: 0
09:04:18.0484 4060  Actual detected object count: 0
09:04:47.0468 1260  Deinitialize success
 

C:\Documents and Settings\USER\Downloads\cbsidlm-tr1_7-Driver_Magician_Lite-10521270.exe    Win32/DownloadAdmin.D application    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader545.0124_enu_Setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader602.0413_enu_Setup(1).exe    a variant of Win32/Bundled.Toolbar.Ask.D application    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader602.0413_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask.D application    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader603.0524_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask.D application    cleaned by deleting - quarantined
 

# AdwCleaner v2.306 - Logfile created 08/10/2013 at 09:05:14
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : USER - USER-9AE4383ECF
# Boot Mode : Normal
# Running from : C:\Documents and Settings\USER\My Documents\Downloads\AdwCleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\USER\Application Data\blekko
Folder Deleted : C:\Documents and Settings\USER\Application Data\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vid-Saver
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\dfm8594y.default\prefs.js

C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\dfm8594y.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\USER Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2659 octets] - [10/08/2013 09:05:14]

########## EOF - C:\AdwCleaner[S1].txt - [2719 octets] ##########
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:09 PM

Posted 11 August 2013 - 07:46 PM

Hello, did you get ESET to run?
You have 2 Antivirus' running ...avast and ZA.. You need to uninstall one and reboot.
They will conflict and cause slowness.

How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 queensfull

queensfull
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 11 August 2013 - 08:51 PM

Sorry, I thought I posted the eset scan.  I have the antivirus disabled on zone alarm, I only use their firewall.  I am still very slugish though.

 

C:\Documents and Settings\USER\Downloads\cbsidlm-tr1_7-Driver_Magician_Lite-10521270.exe    Win32/DownloadAdmin.D application    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader545.0124_enu_Setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader602.0413_enu_Setup(1).exe    a variant of Win32/Bundled.Toolbar.Ask.D application    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader602.0413_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask.D application    cleaned by deleting - quarantined
C:\Documents and Settings\USER\My Documents\Downloads\FoxitReader603.0524_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask.D application    cleaned by deleting - quarantined
 


Edited by queensfull, 11 August 2013 - 08:53 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:09 PM

Posted 11 August 2013 - 09:06 PM

Ok, we will do 3 more that should get junk off.
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation. For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.
  • )
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
    • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
    • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
    • Click the Scan your computer... button.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
    • Click the View Scan Logs button at the bottom.
    • This will open the Scanner Logs Window.
    • Click on the log to highlight it and then click on View Selected Log to open it.
    • Copy and paste the scan log results in your next reply.
    -- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
     
     
     
     
     
    Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
    • Go to Start > Programs > Accessories > System Tools and click "System Restore".
    • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
    • Then use Disk Cleanup
    • to remove all but the most recently created Restore Point.
    • Go to Start > Run and type: Cleanmgr
    • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
    • Click the "More Options" tab, then click the "Clean up" button under System Restore.
    • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
    • Click Yes, then click Ok.
    • Click Yes again when prompted with "Are you sure you want to perform these actions?"
    • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
    • Create a New Restore Point in Vista
    • Create a New Restore Point in Windows 7 (alternate method)
    • Disk Cleanup in Vista
    • Disk Cleanup in Windows 7
    • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 queensfull

queensfull
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 14 August 2013 - 07:58 PM

I followed all the steps above.  I think all the bad stuff was removed.  Here are the logs.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.4 (08.12.2013:1)
OS: Microsoft Windows XP x86
Ran by USER on Mon 08/12/2013 at 18:59:00.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-343818398-484061587-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\USER\appdata\locallow\fast free converter"



~~~ FireFox

Emptied folder: C:\Documents and Settings\USER\Application Data\mozilla\firefox\profiles\dfm8594y.default\minidumps [13 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/12/2013 at 19:07:40.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/12/2013 at 07:42 PM

Application Version : 5.6.1020

Core Rules Database Version : 10685
Trace Rules Database Version: 8497

Scan type       : Complete Scan
Total Scan Time : 00:26:55

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned      : 442
Memory threats detected   : 0
Registry items scanned    : 36004
Registry threats detected : 0
File items scanned        : 31310
File threats detected     : 1

Trojan.Agent/Gen-Nullo[Short]
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{8612A512-3749-4C5F-A751-8C0772DE192E}\RP263\A0066123.EXE
 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/14/2013 at 05:03 AM

Application Version : 5.6.1020

Core Rules Database Version : 10685
Trace Rules Database Version: 8497

Scan type       : Complete Scan
Total Scan Time : 00:37:00

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned      : 499
Memory threats detected   : 0
Registry items scanned    : 36013
Registry threats detected : 0
File items scanned        : 29914
File threats detected     : 0
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:09 PM

Posted 14 August 2013 - 09:37 PM

Looks good to me. Thanks for visiting!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 queensfull

queensfull
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 15 August 2013 - 08:28 PM

Thank you very much for all your help and quick replies.  You saved my computer.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:09 PM

Posted 15 August 2013 - 09:24 PM

:thumbup2:  You're welcome from us all !!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users