Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cyber Defender Infections


  • Please log in to reply
19 replies to this topic

#1 plumm

plumm

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 25 August 2013 - 01:35 PM

Ok I got this laptop (a stock Dell Inspiron 1440, Win7hp) for someone who has been deceived into getting the crap from Cyber defender. The 3 programs I seen were

Cyber Defender

PC Optimizer

MaxMySpeed PC

 

I am pretty sure these are evil. But, my personal feelings aside, I have ran numerous scans with different programs from this site to eradicate these and I think i finally got them under control. There dont seem to be any registry keys that point any of them, there are no program folders left, and all scans seem to come up clean. It has went from over 5 minute startup time, to just over 1 minute restart to ready time. All of the sweetpak and conduit hijacks are gone and it is running smooth as silk...

 

One problem though. In add/remove programs, there is still an entry for MaxMySpeed PC Optimizer. And when I try to uninstall it gives me the error... Windows cannot find 'C:\Program Files (x86)\CyberDefender\PC Optimizer\unins000.exe'. Make sure you typed the name correctly, and then try again.

This happened to be the same error I would get when I first seen them in the  list and tried to get rid of them before running all the scans.

So is this nightmare over with? Or am I gonna give this back to him, and in a few days it will be as bad as it was before? (if you were to know me and my notoriously deplorable bad luck, there is a good chance at the second option happening here lol)

I know these have been covered before, but in my searching I couldnt find a clear cut way to tell if these are able to cleaned from a system other than doing a system restore.

Thanks for any help!



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:06 AM

Posted 25 August 2013 - 01:55 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so. 
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text. 
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.   
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.  
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 25 August 2013 - 03:39 PM

Thanks for the directions, dev. I am in and  out of the house all day so it may be later on before i can get to all of these.



#4 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 25 August 2013 - 03:50 PM

No change from my first post, things are running fine.
Here is step 1 results:
And I just noticed that I didnt have a Cure option so I just closed it. And i think i accidentally hit the copy to quarantine button when it ran... my bad..
 
16:44:46.0587 0x0f04  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
16:44:47.0218 0x0f04  ============================================================
16:44:47.0218 0x0f04  Current date / time: 2013/08/25 16:44:47.0218
16:44:47.0218 0x0f04  SystemInfo:
16:44:47.0218 0x0f04  
16:44:47.0218 0x0f04  OS Version: 6.1.7601 ServicePack: 1.0
16:44:47.0218 0x0f04  Product type: Workstation
16:44:47.0218 0x0f04  ComputerName: OWNER-PC
16:44:47.0219 0x0f04  UserName: Owner
16:44:47.0219 0x0f04  Windows directory: C:\Windows
16:44:47.0219 0x0f04  System windows directory: C:\Windows
16:44:47.0219 0x0f04  Running under WOW64
16:44:47.0219 0x0f04  Processor architecture: Intel x64
16:44:47.0219 0x0f04  Number of processors: 2
16:44:47.0219 0x0f04  Page size: 0x1000
16:44:47.0219 0x0f04  Boot type: Normal boot
16:44:47.0219 0x0f04  ============================================================
16:44:48.0490 0x0f04  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:44:48.0496 0x0f04  ============================================================
16:44:48.0496 0x0f04  \Device\Harddisk0\DR0:
16:44:48.0496 0x0f04  MBR partitions:
16:44:48.0496 0x0f04  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
16:44:48.0496 0x0f04  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
16:44:48.0496 0x0f04  ============================================================
16:44:48.0522 0x0f04  C: <-> \Device\Harddisk0\DR0\Partition2
16:44:48.0523 0x0f04  ============================================================
16:44:48.0523 0x0f04  Initialize success
16:44:48.0523 0x0f04  ============================================================
16:45:48.0996 0x0c84  ============================================================
16:45:48.0996 0x0c84  Scan started
16:45:48.0996 0x0c84  Mode: Manual; SigCheck; TDLFS; 
16:45:48.0996 0x0c84  ============================================================
16:45:49.0637 0x0c84  ================ Scan system memory ========================
16:45:49.0637 0x0c84  System memory - ok
16:45:49.0637 0x0c84  ================ Scan services =============================
16:45:51.0720 0x0c84  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:45:51.0908 0x0c84  1394ohci - ok
16:45:52.0027 0x0c84  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:45:52.0084 0x0c84  ACPI - ok
16:45:52.0150 0x0c84  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:45:52.0494 0x0c84  AcpiPmi - ok
16:45:54.0166 0x0c84  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:45:54.0190 0x0c84  AdobeFlashPlayerUpdateSvc - ok
16:45:54.0293 0x0c84  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:45:54.0346 0x0c84  adp94xx - ok
16:45:54.0421 0x0c84  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:45:54.0456 0x0c84  adpahci - ok
16:45:54.0490 0x0c84  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:45:54.0508 0x0c84  adpu320 - ok
16:45:54.0543 0x0c84  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:45:54.0683 0x0c84  AeLookupSvc - ok
16:45:54.0772 0x0c84  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
16:45:54.0842 0x0c84  AESTFilters - ok
16:45:54.0903 0x0c84  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:45:54.0978 0x0c84  AFD - ok
16:45:55.0024 0x0c84  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:45:55.0039 0x0c84  agp440 - ok
16:45:55.0066 0x0c84  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:45:55.0205 0x0c84  ALG - ok
16:45:55.0238 0x0c84  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:45:55.0259 0x0c84  aliide - ok
16:45:55.0272 0x0c84  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:45:55.0288 0x0c84  amdide - ok
16:45:55.0329 0x0c84  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:45:55.0394 0x0c84  AmdK8 - ok
16:45:55.0411 0x0c84  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:45:55.0495 0x0c84  AmdPPM - ok
16:45:55.0549 0x0c84  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:45:55.0564 0x0c84  amdsata - ok
16:45:55.0598 0x0c84  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:45:55.0615 0x0c84  amdsbs - ok
16:45:55.0639 0x0c84  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:45:55.0659 0x0c84  amdxata - ok
16:45:55.0761 0x0c84  [ 3CC4531F11648A6081A7BA3AA4924D04 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
16:45:55.0789 0x0c84  ApfiltrService - ok
16:45:55.0864 0x0c84  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:45:56.0042 0x0c84  AppID - ok
16:45:56.0072 0x0c84  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:45:56.0126 0x0c84  AppIDSvc - ok
16:45:56.0165 0x0c84  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:45:56.0216 0x0c84  Appinfo - ok
16:45:56.0267 0x0c84  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:45:56.0283 0x0c84  arc - ok
16:45:56.0305 0x0c84  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:45:56.0322 0x0c84  arcsas - ok
16:45:56.0348 0x0c84  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:56.0406 0x0c84  AsyncMac - ok
16:45:56.0444 0x0c84  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:45:56.0457 0x0c84  atapi - ok
16:45:56.0504 0x0c84  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:45:56.0602 0x0c84  AudioEndpointBuilder - ok
16:45:56.0615 0x0c84  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:45:56.0664 0x0c84  AudioSrv - ok
16:45:56.0715 0x0c84  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:45:56.0810 0x0c84  AxInstSV - ok
16:45:56.0858 0x0c84  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:45:56.0921 0x0c84  b06bdrv - ok
16:45:56.0951 0x0c84  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:56.0995 0x0c84  b57nd60a - ok
16:45:57.0113 0x0c84  [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:45:57.0131 0x0c84  BBSvc - ok
16:45:57.0165 0x0c84  [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
16:45:57.0177 0x0c84  BCM42RLY - ok
16:45:57.0260 0x0c84  [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
16:45:57.0352 0x0c84  BCM43XX - ok
16:45:57.0408 0x0c84  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:45:57.0464 0x0c84  BDESVC - ok
16:45:57.0501 0x0c84  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:45:57.0563 0x0c84  Beep - ok
16:45:57.0634 0x0c84  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:45:57.0717 0x0c84  BFE - ok
16:45:57.0764 0x0c84  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:45:57.0864 0x0c84  BITS - ok
16:45:57.0879 0x0c84  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:45:57.0916 0x0c84  blbdrive - ok
16:45:57.0974 0x0c84  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:45:58.0026 0x0c84  bowser - ok
16:45:58.0082 0x0c84  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:45:58.0218 0x0c84  BrFiltLo - ok
16:45:58.0246 0x0c84  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:45:58.0265 0x0c84  BrFiltUp - ok
16:45:58.0288 0x0c84  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:45:58.0386 0x0c84  BridgeMP - ok
16:45:58.0417 0x0c84  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:45:58.0472 0x0c84  Browser - ok
16:45:58.0541 0x0c84  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:45:58.0621 0x0c84  Brserid - ok
16:45:58.0643 0x0c84  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:58.0676 0x0c84  BrSerWdm - ok
16:45:58.0699 0x0c84  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:58.0734 0x0c84  BrUsbMdm - ok
16:45:58.0752 0x0c84  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:58.0779 0x0c84  BrUsbSer - ok
16:45:58.0805 0x0c84  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:45:58.0846 0x0c84  BTHMODEM - ok
16:45:58.0886 0x0c84  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:45:58.0947 0x0c84  bthserv - ok
16:45:59.0007 0x0c84  [ 298C0D6ED9F1FDE16E506E6859B59A7D ] CDAVFS          C:\Windows\system32\DRIVERS\CDAVFS.sys
16:45:59.0020 0x0c84  CDAVFS - ok
16:45:59.0055 0x0c84  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:45:59.0125 0x0c84  cdfs - ok
16:45:59.0174 0x0c84  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:45:59.0219 0x0c84  cdrom - ok
16:45:59.0256 0x0c84  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:45:59.0331 0x0c84  CertPropSvc - ok
16:45:59.0365 0x0c84  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:45:59.0389 0x0c84  circlass - ok
16:45:59.0424 0x0c84  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:45:59.0450 0x0c84  CLFS - ok
16:45:59.0520 0x0c84  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:45:59.0543 0x0c84  clr_optimization_v2.0.50727_32 - ok
16:45:59.0610 0x0c84  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:45:59.0628 0x0c84  clr_optimization_v2.0.50727_64 - ok
16:45:59.0763 0x0c84  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:45:59.0784 0x0c84  clr_optimization_v4.0.30319_32 - ok
16:45:59.0876 0x0c84  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:45:59.0896 0x0c84  clr_optimization_v4.0.30319_64 - ok
16:45:59.0923 0x0c84  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:45:59.0963 0x0c84  CmBatt - ok
16:45:59.0993 0x0c84  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:46:00.0010 0x0c84  cmdide - ok
16:46:00.0057 0x0c84  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
16:46:00.0087 0x0c84  CNG - ok
16:46:00.0148 0x0c84  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:46:00.0179 0x0c84  Compbatt - ok
16:46:00.0215 0x0c84  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:46:00.0270 0x0c84  CompositeBus - ok
16:46:00.0292 0x0c84  COMSysApp - ok
16:46:00.0463 0x0c84  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:46:00.0508 0x0c84  crcdisk - ok
16:46:00.0667 0x0c84  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:46:00.0729 0x0c84  CryptSvc - ok
16:46:00.0790 0x0c84  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:46:00.0842 0x0c84  CtClsFlt - ok
16:46:00.0897 0x0c84  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:46:00.0971 0x0c84  DcomLaunch - ok
16:46:01.0004 0x0c84  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:46:01.0077 0x0c84  defragsvc - ok
16:46:01.0113 0x0c84  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:46:01.0201 0x0c84  DfsC - ok
16:46:01.0239 0x0c84  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:46:01.0308 0x0c84  Dhcp - ok
16:46:01.0335 0x0c84  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:46:01.0385 0x0c84  discache - ok
16:46:01.0418 0x0c84  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:46:01.0440 0x0c84  Disk - ok
16:46:01.0482 0x0c84  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:46:01.0546 0x0c84  Dnscache - ok
16:46:01.0630 0x0c84  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:46:01.0665 0x0c84  DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:46:01.0665 0x0c84  DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:46:01.0728 0x0c84  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:46:01.0799 0x0c84  dot3svc - ok
16:46:01.0853 0x0c84  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
16:46:01.0903 0x0c84  Dot4 - ok
16:46:01.0943 0x0c84  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
16:46:01.0965 0x0c84  Dot4Print - ok
16:46:01.0997 0x0c84  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
16:46:02.0032 0x0c84  dot4usb - ok
16:46:02.0063 0x0c84  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:46:02.0116 0x0c84  DPS - ok
16:46:02.0155 0x0c84  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:46:02.0203 0x0c84  drmkaud - ok
16:46:02.0269 0x0c84  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:46:02.0322 0x0c84  DXGKrnl - ok
16:46:02.0355 0x0c84  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:46:02.0409 0x0c84  EapHost - ok
16:46:02.0603 0x0c84  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:46:02.0758 0x0c84  ebdrv - ok
16:46:02.0798 0x0c84  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:46:02.0850 0x0c84  EFS - ok
16:46:02.0935 0x0c84  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:46:03.0016 0x0c84  ehRecvr - ok
16:46:03.0051 0x0c84  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:46:03.0109 0x0c84  ehSched - ok
16:46:03.0159 0x0c84  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:46:03.0184 0x0c84  elxstor - ok
16:46:03.0209 0x0c84  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:46:03.0238 0x0c84  ErrDev - ok
16:46:03.0290 0x0c84  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:46:03.0370 0x0c84  EventSystem - ok
16:46:03.0393 0x0c84  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:46:03.0481 0x0c84  exfat - ok
16:46:03.0500 0x0c84  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:46:03.0541 0x0c84  fastfat - ok
16:46:03.0594 0x0c84  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:46:03.0688 0x0c84  Fax - ok
16:46:03.0715 0x0c84  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:46:03.0752 0x0c84  fdc - ok
16:46:03.0788 0x0c84  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:46:03.0860 0x0c84  fdPHost - ok
16:46:03.0885 0x0c84  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:46:03.0942 0x0c84  FDResPub - ok
16:46:03.0964 0x0c84  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:46:03.0984 0x0c84  FileInfo - ok
16:46:04.0022 0x0c84  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:46:04.0082 0x0c84  Filetrace - ok
16:46:04.0106 0x0c84  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:46:04.0126 0x0c84  flpydisk - ok
16:46:04.0157 0x0c84  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:46:04.0181 0x0c84  FltMgr - ok
16:46:04.0228 0x0c84  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:46:04.0312 0x0c84  FontCache - ok
16:46:04.0368 0x0c84  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:46:04.0383 0x0c84  FontCache3.0.0.0 - ok
16:46:04.0411 0x0c84  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:46:04.0426 0x0c84  FsDepends - ok
16:46:04.0477 0x0c84  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:46:04.0497 0x0c84  fssfltr - ok
16:46:04.0599 0x0c84  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:46:04.0671 0x0c84  fsssvc - ok
16:46:04.0697 0x0c84  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:46:04.0710 0x0c84  Fs_Rec - ok
16:46:04.0760 0x0c84  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:46:04.0790 0x0c84  fvevol - ok
16:46:04.0830 0x0c84  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:46:04.0845 0x0c84  gagp30kx - ok
16:46:04.0981 0x0c84  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:46:05.0076 0x0c84  gpsvc - ok
16:46:05.0180 0x0c84  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:05.0193 0x0c84  gupdate - ok
16:46:05.0246 0x0c84  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:05.0258 0x0c84  gupdatem - ok
16:46:05.0288 0x0c84  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:46:05.0361 0x0c84  hcw85cir - ok
16:46:05.0402 0x0c84  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:46:05.0441 0x0c84  HdAudAddService - ok
16:46:05.0482 0x0c84  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:46:05.0512 0x0c84  HDAudBus - ok
16:46:05.0541 0x0c84  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:46:05.0557 0x0c84  HidBatt - ok
16:46:05.0575 0x0c84  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:46:05.0612 0x0c84  HidBth - ok
16:46:05.0644 0x0c84  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:46:05.0672 0x0c84  HidIr - ok
16:46:05.0708 0x0c84  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:46:05.0781 0x0c84  hidserv - ok
16:46:05.0827 0x0c84  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:46:05.0847 0x0c84  HidUsb - ok
16:46:05.0869 0x0c84  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:46:05.0945 0x0c84  hkmsvc - ok
16:46:05.0984 0x0c84  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:46:06.0037 0x0c84  HomeGroupListener - ok
16:46:06.0065 0x0c84  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:46:06.0101 0x0c84  HomeGroupProvider - ok
16:46:06.0259 0x0c84  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:46:06.0279 0x0c84  hpqcxs08 - ok
16:46:06.0303 0x0c84  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:46:06.0315 0x0c84  hpqddsvc - ok
16:46:06.0345 0x0c84  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:46:06.0360 0x0c84  HpSAMD - ok
16:46:06.0418 0x0c84  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:46:06.0510 0x0c84  HTTP - ok
16:46:06.0549 0x0c84  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:46:06.0568 0x0c84  hwpolicy - ok
16:46:06.0601 0x0c84  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:46:06.0622 0x0c84  i8042prt - ok
16:46:06.0663 0x0c84  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:46:06.0697 0x0c84  iaStorV - ok
16:46:06.0763 0x0c84  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:46:06.0820 0x0c84  idsvc - ok
16:46:07.0059 0x0c84  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:46:07.0454 0x0c84  igfx - ok
16:46:07.0486 0x0c84  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:46:07.0502 0x0c84  iirsp - ok
16:46:07.0565 0x0c84  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:46:07.0649 0x0c84  IKEEXT - ok
16:46:07.0672 0x0c84  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:46:07.0687 0x0c84  intelide - ok
16:46:07.0717 0x0c84  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:46:07.0745 0x0c84  intelppm - ok
16:46:07.0774 0x0c84  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:46:07.0827 0x0c84  IPBusEnum - ok
16:46:07.0874 0x0c84  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:07.0930 0x0c84  IpFilterDriver - ok
16:46:07.0976 0x0c84  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:46:08.0041 0x0c84  iphlpsvc - ok
16:46:08.0069 0x0c84  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:46:08.0107 0x0c84  IPMIDRV - ok
16:46:08.0163 0x0c84  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:46:08.0249 0x0c84  IPNAT - ok
16:46:08.0292 0x0c84  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:46:08.0350 0x0c84  IRENUM - ok
16:46:08.0399 0x0c84  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:46:08.0419 0x0c84  isapnp - ok
16:46:08.0453 0x0c84  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:46:08.0473 0x0c84  iScsiPrt - ok
16:46:08.0497 0x0c84  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:46:08.0513 0x0c84  kbdclass - ok
16:46:08.0547 0x0c84  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:46:08.0583 0x0c84  kbdhid - ok
16:46:08.0597 0x0c84  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:46:08.0615 0x0c84  KeyIso - ok
16:46:08.0638 0x0c84  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:46:08.0654 0x0c84  KSecDD - ok
16:46:08.0665 0x0c84  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:46:08.0682 0x0c84  KSecPkg - ok
16:46:08.0719 0x0c84  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:46:08.0779 0x0c84  ksthunk - ok
16:46:08.0824 0x0c84  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:46:08.0884 0x0c84  KtmRm - ok
16:46:08.0925 0x0c84  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:46:08.0988 0x0c84  LanmanServer - ok
16:46:09.0018 0x0c84  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:46:09.0077 0x0c84  LanmanWorkstation - ok
16:46:09.0115 0x0c84  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:46:09.0172 0x0c84  lltdio - ok
16:46:09.0209 0x0c84  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:46:09.0265 0x0c84  lltdsvc - ok
16:46:09.0287 0x0c84  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:46:09.0330 0x0c84  lmhosts - ok
16:46:09.0364 0x0c84  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:46:09.0379 0x0c84  LSI_FC - ok
16:46:09.0395 0x0c84  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:46:09.0410 0x0c84  LSI_SAS - ok
16:46:09.0435 0x0c84  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:46:09.0450 0x0c84  LSI_SAS2 - ok
16:46:09.0478 0x0c84  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:46:09.0497 0x0c84  LSI_SCSI - ok
16:46:09.0510 0x0c84  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:46:09.0563 0x0c84  luafv - ok
16:46:09.0607 0x0c84  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:46:09.0622 0x0c84  MBAMProtector - ok
16:46:09.0648 0x0c84  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:46:09.0669 0x0c84  MBAMScheduler - ok
16:46:09.0710 0x0c84  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:46:09.0728 0x0c84  MBAMService - ok
16:46:09.0761 0x0c84  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:46:09.0779 0x0c84  Mcx2Svc - ok
16:46:09.0810 0x0c84  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:46:09.0824 0x0c84  megasas - ok
16:46:09.0845 0x0c84  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:46:09.0866 0x0c84  MegaSR - ok
16:46:09.0887 0x0c84  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:46:09.0947 0x0c84  MMCSS - ok
16:46:09.0969 0x0c84  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:46:10.0022 0x0c84  Modem - ok
16:46:10.0050 0x0c84  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:46:10.0069 0x0c84  monitor - ok
16:46:10.0083 0x0c84  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:46:10.0098 0x0c84  mouclass - ok
16:46:10.0123 0x0c84  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:46:10.0150 0x0c84  mouhid - ok
16:46:10.0183 0x0c84  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:46:10.0199 0x0c84  mountmgr - ok
16:46:10.0274 0x0c84  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:46:10.0297 0x0c84  MpFilter - ok
16:46:10.0314 0x0c84  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:46:10.0332 0x0c84  mpio - ok
16:46:10.0359 0x0c84  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:46:10.0402 0x0c84  mpsdrv - ok
16:46:10.0444 0x0c84  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:46:10.0524 0x0c84  MpsSvc - ok
16:46:10.0563 0x0c84  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:46:10.0616 0x0c84  MRxDAV - ok
16:46:10.0646 0x0c84  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:10.0693 0x0c84  mrxsmb - ok
16:46:10.0725 0x0c84  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:10.0765 0x0c84  mrxsmb10 - ok
16:46:10.0801 0x0c84  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:10.0819 0x0c84  mrxsmb20 - ok
16:46:10.0842 0x0c84  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:46:10.0857 0x0c84  msahci - ok
16:46:10.0881 0x0c84  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:46:10.0899 0x0c84  msdsm - ok
16:46:10.0914 0x0c84  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:46:10.0954 0x0c84  MSDTC - ok
16:46:11.0003 0x0c84  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:46:11.0053 0x0c84  Msfs - ok
16:46:11.0085 0x0c84  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:46:11.0142 0x0c84  mshidkmdf - ok
16:46:11.0161 0x0c84  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:46:11.0177 0x0c84  msisadrv - ok
16:46:11.0207 0x0c84  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:46:11.0270 0x0c84  MSiSCSI - ok
16:46:11.0281 0x0c84  msiserver - ok
16:46:11.0322 0x0c84  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:46:11.0377 0x0c84  MSKSSRV - ok
16:46:11.0480 0x0c84  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:46:11.0496 0x0c84  MsMpSvc - ok
16:46:11.0521 0x0c84  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:11.0577 0x0c84  MSPCLOCK - ok
16:46:11.0605 0x0c84  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:46:11.0654 0x0c84  MSPQM - ok
16:46:11.0691 0x0c84  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:46:11.0712 0x0c84  MsRPC - ok
16:46:11.0758 0x0c84  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:46:11.0771 0x0c84  mssmbios - ok
16:46:11.0787 0x0c84  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:46:11.0847 0x0c84  MSTEE - ok
16:46:11.0868 0x0c84  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:46:11.0904 0x0c84  MTConfig - ok
16:46:11.0943 0x0c84  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:46:11.0959 0x0c84  Mup - ok
16:46:11.0998 0x0c84  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:46:12.0060 0x0c84  napagent - ok
16:46:12.0107 0x0c84  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:46:12.0145 0x0c84  NativeWifiP - ok
16:46:12.0216 0x0c84  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:46:12.0278 0x0c84  NDIS - ok
16:46:12.0324 0x0c84  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:12.0423 0x0c84  NdisCap - ok
16:46:12.0510 0x0c84  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:12.0550 0x0c84  NdisTapi - ok
16:46:12.0576 0x0c84  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:12.0618 0x0c84  Ndisuio - ok
16:46:12.0643 0x0c84  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:12.0693 0x0c84  NdisWan - ok
16:46:12.0731 0x0c84  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:46:12.0787 0x0c84  NDProxy - ok
16:46:12.0856 0x0c84  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:46:12.0865 0x0c84  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:46:12.0865 0x0c84  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:46:12.0899 0x0c84  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:46:12.0952 0x0c84  NetBIOS - ok
16:46:12.0995 0x0c84  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:46:13.0081 0x0c84  NetBT - ok
16:46:13.0131 0x0c84  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:46:13.0154 0x0c84  Netlogon - ok
16:46:13.0274 0x0c84  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:46:13.0364 0x0c84  Netman - ok
16:46:13.0410 0x0c84  [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:13.0425 0x0c84  NetMsmqActivator - ok
16:46:13.0430 0x0c84  [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:13.0442 0x0c84  NetPipeActivator - ok
16:46:13.0468 0x0c84  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:46:13.0545 0x0c84  netprofm - ok
16:46:13.0553 0x0c84  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:13.0566 0x0c84  NetTcpActivator - ok
16:46:13.0571 0x0c84  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:13.0584 0x0c84  NetTcpPortSharing - ok
16:46:13.0623 0x0c84  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:46:13.0639 0x0c84  nfrd960 - ok
16:46:13.0664 0x0c84  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:46:13.0684 0x0c84  NisDrv - ok
16:46:13.0742 0x0c84  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:46:13.0768 0x0c84  NisSrv - ok
16:46:13.0800 0x0c84  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:46:13.0840 0x0c84  NlaSvc - ok
16:46:13.0866 0x0c84  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:46:13.0908 0x0c84  Npfs - ok
16:46:13.0935 0x0c84  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:46:13.0994 0x0c84  nsi - ok
16:46:14.0022 0x0c84  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:46:14.0080 0x0c84  nsiproxy - ok
16:46:14.0145 0x0c84  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:46:14.0212 0x0c84  Ntfs - ok
16:46:14.0223 0x0c84  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:46:14.0265 0x0c84  Null - ok
16:46:14.0304 0x0c84  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:46:14.0321 0x0c84  nvraid - ok
16:46:14.0343 0x0c84  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:46:14.0361 0x0c84  nvstor - ok
16:46:14.0381 0x0c84  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:46:14.0398 0x0c84  nv_agp - ok
16:46:14.0421 0x0c84  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:46:14.0439 0x0c84  ohci1394 - ok
16:46:14.0469 0x0c84  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:46:14.0524 0x0c84  p2pimsvc - ok
16:46:14.0548 0x0c84  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:46:14.0591 0x0c84  p2psvc - ok
16:46:14.0621 0x0c84  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:46:14.0639 0x0c84  Parport - ok
16:46:14.0701 0x0c84  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:46:14.0716 0x0c84  partmgr - ok
16:46:14.0728 0x0c84  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:46:14.0771 0x0c84  PcaSvc - ok
16:46:14.0806 0x0c84  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:46:14.0823 0x0c84  pci - ok
16:46:14.0843 0x0c84  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:46:14.0858 0x0c84  pciide - ok
16:46:14.0872 0x0c84  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:46:14.0891 0x0c84  pcmcia - ok
16:46:14.0908 0x0c84  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:46:14.0924 0x0c84  pcw - ok
16:46:14.0951 0x0c84  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:46:15.0028 0x0c84  PEAUTH - ok
16:46:15.0094 0x0c84  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:46:15.0127 0x0c84  PerfHost - ok
16:46:15.0198 0x0c84  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:46:15.0295 0x0c84  pla - ok
16:46:15.0348 0x0c84  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:46:15.0410 0x0c84  PlugPlay - ok
16:46:15.0471 0x0c84  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:46:15.0479 0x0c84  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:46:15.0479 0x0c84  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:46:15.0495 0x0c84  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:46:15.0514 0x0c84  PNRPAutoReg - ok
16:46:15.0535 0x0c84  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:46:15.0557 0x0c84  PNRPsvc - ok
16:46:15.0604 0x0c84  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:46:15.0666 0x0c84  PolicyAgent - ok
16:46:15.0704 0x0c84  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:46:15.0762 0x0c84  Power - ok
16:46:15.0797 0x0c84  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:46:15.0846 0x0c84  PptpMiniport - ok
16:46:15.0875 0x0c84  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:46:15.0905 0x0c84  Processor - ok
16:46:15.0931 0x0c84  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:46:15.0983 0x0c84  ProfSvc - ok
16:46:16.0001 0x0c84  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:16.0017 0x0c84  ProtectedStorage - ok
16:46:16.0053 0x0c84  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:46:16.0112 0x0c84  Psched - ok
16:46:16.0144 0x0c84  [ 0C7946849036C39475C01BA23D10630B ] PTUMWBus        C:\Windows\system32\DRIVERS\PTUMWBus.sys
16:46:16.0157 0x0c84  PTUMWBus - ok
16:46:16.0196 0x0c84  [ DF37600BE6498A66D9B9F667421AAD10 ] PTUMWCSP        C:\Windows\system32\DRIVERS\PTUMWCSP.sys
16:46:16.0211 0x0c84  PTUMWCSP - ok
16:46:16.0225 0x0c84  [ 8F9AEC3337A540C7EEC11A72211AA9A7 ] PTUMWFLT        C:\Windows\system32\DRIVERS\PTUMWFLT.sys
16:46:16.0237 0x0c84  PTUMWFLT - ok
16:46:16.0252 0x0c84  [ 7895EBE76F58A31DE972A700456C75FF ] PTUMWMdm        C:\Windows\system32\DRIVERS\PTUMWMdm.sys
16:46:16.0268 0x0c84  PTUMWMdm - ok
16:46:16.0300 0x0c84  [ 60650B5F460C9CE695082EBBA50C3C20 ] PTUMWNET        C:\Windows\system32\DRIVERS\PTUMWNET.sys
16:46:16.0315 0x0c84  PTUMWNET - ok
16:46:16.0333 0x0c84  [ 91E16446E94B1A7BD46E17FC961754E2 ] PTUMWNSP        C:\Windows\system32\DRIVERS\PTUMWNSP.sys
16:46:16.0347 0x0c84  PTUMWNSP - ok
16:46:16.0364 0x0c84  [ 5E11F5F77545A1A08C2C12C41F251DBA ] PTUMWVsp        C:\Windows\system32\DRIVERS\PTUMWVsp.sys
16:46:16.0380 0x0c84  PTUMWVsp - ok
16:46:16.0402 0x0c84  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:46:16.0416 0x0c84  PxHlpa64 - ok
16:46:16.0468 0x0c84  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:46:16.0536 0x0c84  ql2300 - ok
16:46:16.0583 0x0c84  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:46:16.0599 0x0c84  ql40xx - ok
16:46:16.0641 0x0c84  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:46:16.0668 0x0c84  QWAVE - ok
16:46:16.0707 0x0c84  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:46:16.0756 0x0c84  QWAVEdrv - ok
16:46:16.0779 0x0c84  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:46:16.0837 0x0c84  RasAcd - ok
16:46:16.0884 0x0c84  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:16.0924 0x0c84  RasAgileVpn - ok
16:46:16.0972 0x0c84  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:46:17.0028 0x0c84  RasAuto - ok
16:46:17.0060 0x0c84  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:17.0117 0x0c84  Rasl2tp - ok
16:46:17.0158 0x0c84  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:46:17.0205 0x0c84  RasMan - ok
16:46:17.0223 0x0c84  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:17.0279 0x0c84  RasPppoe - ok
16:46:17.0295 0x0c84  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:46:17.0351 0x0c84  RasSstp - ok
16:46:17.0393 0x0c84  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:46:17.0456 0x0c84  rdbss - ok
16:46:17.0479 0x0c84  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:46:17.0518 0x0c84  rdpbus - ok
16:46:17.0554 0x0c84  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:17.0613 0x0c84  RDPCDD - ok
16:46:17.0639 0x0c84  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:46:17.0693 0x0c84  RDPENCDD - ok
16:46:17.0723 0x0c84  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:46:17.0759 0x0c84  RDPREFMP - ok
16:46:17.0816 0x0c84  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:46:17.0913 0x0c84  RDPWD - ok
16:46:17.0964 0x0c84  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:46:17.0985 0x0c84  rdyboost - ok
16:46:18.0011 0x0c84  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:46:18.0054 0x0c84  RemoteAccess - ok
16:46:18.0075 0x0c84  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:46:18.0131 0x0c84  RemoteRegistry - ok
16:46:18.0147 0x0c84  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:46:18.0202 0x0c84  RpcEptMapper - ok
16:46:18.0221 0x0c84  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:46:18.0248 0x0c84  RpcLocator - ok
16:46:18.0283 0x0c84  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:46:18.0332 0x0c84  RpcSs - ok
16:46:18.0365 0x0c84  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:46:18.0424 0x0c84  rspndr - ok
16:46:18.0464 0x0c84  [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
16:46:18.0493 0x0c84  RSUSBSTOR - ok
16:46:18.0544 0x0c84  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:46:18.0567 0x0c84  RTL8167 - ok
16:46:18.0588 0x0c84  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:46:18.0605 0x0c84  SamSs - ok
16:46:18.0635 0x0c84  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:46:18.0655 0x0c84  sbp2port - ok
16:46:18.0718 0x0c84  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:46:18.0762 0x0c84  SCardSvr - ok
16:46:18.0790 0x0c84  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:46:18.0845 0x0c84  scfilter - ok
16:46:18.0893 0x0c84  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:46:18.0975 0x0c84  Schedule - ok
16:46:19.0007 0x0c84  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:46:19.0045 0x0c84  SCPolicySvc - ok
16:46:19.0110 0x0c84  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:46:19.0215 0x0c84  SDRSVC - ok
16:46:19.0368 0x0c84  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:46:19.0396 0x0c84  SeaPort - ok
16:46:19.0472 0x0c84  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:46:19.0537 0x0c84  secdrv - ok
16:46:19.0572 0x0c84  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:46:19.0620 0x0c84  seclogon - ok
16:46:19.0637 0x0c84  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:46:19.0695 0x0c84  SENS - ok
16:46:19.0712 0x0c84  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:46:19.0747 0x0c84  SensrSvc - ok
16:46:19.0776 0x0c84  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:46:19.0853 0x0c84  Serenum - ok
16:46:19.0894 0x0c84  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:46:19.0914 0x0c84  Serial - ok
16:46:19.0932 0x0c84  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:46:19.0953 0x0c84  sermouse - ok
16:46:20.0010 0x0c84  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:46:20.0073 0x0c84  SessionEnv - ok
16:46:20.0111 0x0c84  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:46:20.0165 0x0c84  sffdisk - ok
16:46:20.0179 0x0c84  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:46:20.0209 0x0c84  sffp_mmc - ok
16:46:20.0215 0x0c84  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:46:20.0251 0x0c84  sffp_sd - ok
16:46:20.0278 0x0c84  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:46:20.0320 0x0c84  sfloppy - ok
16:46:20.0356 0x0c84  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:46:20.0428 0x0c84  SharedAccess - ok
16:46:20.0469 0x0c84  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:20.0523 0x0c84  ShellHWDetection - ok
16:46:20.0557 0x0c84  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:46:20.0579 0x0c84  SiSRaid2 - ok
16:46:20.0607 0x0c84  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:46:20.0622 0x0c84  SiSRaid4 - ok
16:46:20.0654 0x0c84  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:46:20.0705 0x0c84  Smb - ok
16:46:20.0749 0x0c84  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:46:20.0797 0x0c84  SNMPTRAP - ok
16:46:20.0820 0x0c84  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:46:20.0834 0x0c84  spldr - ok
16:46:20.0871 0x0c84  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:46:20.0930 0x0c84  Spooler - ok
16:46:21.0031 0x0c84  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:46:21.0229 0x0c84  sppsvc - ok
16:46:21.0280 0x0c84  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:46:21.0355 0x0c84  sppuinotify - ok
16:46:21.0388 0x0c84  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:46:21.0443 0x0c84  srv - ok
16:46:21.0480 0x0c84  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:46:21.0532 0x0c84  srv2 - ok
16:46:21.0561 0x0c84  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:46:21.0588 0x0c84  srvnet - ok
16:46:21.0622 0x0c84  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:46:21.0692 0x0c84  SSDPSRV - ok
16:46:21.0714 0x0c84  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:46:21.0754 0x0c84  SstpSvc - ok
16:46:21.0830 0x0c84  [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
16:46:21.0870 0x0c84  STacSV - ok
16:46:21.0912 0x0c84  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:46:21.0935 0x0c84  stexstor - ok
16:46:21.0972 0x0c84  [ 02E784FA49032F84964DB90A3ED81890 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
16:46:22.0021 0x0c84  STHDA - ok
16:46:22.0064 0x0c84  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:46:22.0141 0x0c84  stisvc - ok
16:46:22.0165 0x0c84  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:46:22.0179 0x0c84  swenum - ok
16:46:22.0276 0x0c84  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:46:22.0369 0x0c84  swprv - ok
16:46:22.0440 0x0c84  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:46:22.0555 0x0c84  SysMain - ok
16:46:22.0702 0x0c84  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:22.0788 0x0c84  TabletInputService - ok
16:46:22.0811 0x0c84  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:46:22.0869 0x0c84  TapiSrv - ok
16:46:22.0897 0x0c84  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:46:22.0949 0x0c84  TBS - ok
16:46:23.0019 0x0c84  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:46:23.0100 0x0c84  Tcpip - ok
16:46:23.0173 0x0c84  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:46:23.0216 0x0c84  TCPIP6 - ok
16:46:23.0243 0x0c84  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:46:23.0281 0x0c84  tcpipreg - ok
16:46:23.0332 0x0c84  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:46:23.0381 0x0c84  TDPIPE - ok
16:46:23.0400 0x0c84  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:46:23.0439 0x0c84  TDTCP - ok
16:46:23.0476 0x0c84  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:46:23.0524 0x0c84  tdx - ok
16:46:23.0552 0x0c84  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:46:23.0569 0x0c84  TermDD - ok
16:46:23.0599 0x0c84  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:46:23.0701 0x0c84  TermService - ok
16:46:23.0731 0x0c84  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:46:23.0775 0x0c84  Themes - ok
16:46:23.0795 0x0c84  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:46:23.0834 0x0c84  THREADORDER - ok
16:46:23.0851 0x0c84  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:46:23.0907 0x0c84  TrkWks - ok
16:46:23.0958 0x0c84  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:24.0029 0x0c84  TrustedInstaller - ok
16:46:24.0072 0x0c84  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:24.0125 0x0c84  tssecsrv - ok
16:46:24.0179 0x0c84  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:46:24.0222 0x0c84  TsUsbFlt - ok
16:46:24.0275 0x0c84  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:46:24.0329 0x0c84  tunnel - ok
16:46:24.0367 0x0c84  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:46:24.0389 0x0c84  uagp35 - ok
16:46:24.0436 0x0c84  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:46:24.0488 0x0c84  udfs - ok
16:46:24.0516 0x0c84  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:46:24.0534 0x0c84  UI0Detect - ok
16:46:24.0560 0x0c84  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:46:24.0575 0x0c84  uliagpkx - ok
16:46:24.0610 0x0c84  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:46:24.0638 0x0c84  umbus - ok
16:46:24.0675 0x0c84  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:46:24.0715 0x0c84  UmPass - ok
16:46:24.0747 0x0c84  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:46:24.0807 0x0c84  upnphost - ok
16:46:24.0836 0x0c84  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:24.0893 0x0c84  usbccgp - ok
16:46:24.0926 0x0c84  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:46:24.0958 0x0c84  usbcir - ok
16:46:24.0980 0x0c84  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:46:25.0015 0x0c84  usbehci - ok
16:46:25.0053 0x0c84  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:46:25.0089 0x0c84  usbhub - ok
16:46:25.0107 0x0c84  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:46:25.0138 0x0c84  usbohci - ok
16:46:25.0180 0x0c84  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:46:25.0227 0x0c84  usbprint - ok
16:46:25.0262 0x0c84  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:25.0313 0x0c84  USBSTOR - ok
16:46:25.0349 0x0c84  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:46:25.0392 0x0c84  usbuhci - ok
16:46:25.0456 0x0c84  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:46:25.0487 0x0c84  usbvideo - ok
16:46:25.0512 0x0c84  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:46:25.0560 0x0c84  UxSms - ok
16:46:25.0576 0x0c84  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:46:25.0590 0x0c84  VaultSvc - ok
16:46:25.0615 0x0c84  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:46:25.0630 0x0c84  vdrvroot - ok
16:46:25.0677 0x0c84  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:46:25.0768 0x0c84  vds - ok
16:46:25.0804 0x0c84  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:25.0829 0x0c84  vga - ok
16:46:25.0849 0x0c84  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:46:25.0915 0x0c84  VgaSave - ok
16:46:25.0941 0x0c84  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:46:25.0958 0x0c84  vhdmp - ok
16:46:25.0983 0x0c84  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:46:25.0996 0x0c84  viaide - ok
16:46:26.0012 0x0c84  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:46:26.0027 0x0c84  volmgr - ok
16:46:26.0054 0x0c84  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:46:26.0074 0x0c84  volmgrx - ok
16:46:26.0098 0x0c84  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:46:26.0117 0x0c84  volsnap - ok
16:46:26.0193 0x0c84  [ A4356F3FC228B905F8960B975D2A8FF1 ] vseamps         C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
16:46:26.0309 0x0c84  vseamps - ok
16:46:26.0357 0x0c84  [ 19D181CC6CD3C835919124F9A72D3FEF ] vsedsps         C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
16:46:26.0426 0x0c84  vsedsps - ok
16:46:26.0462 0x0c84  [ 1EE3CDAC118C06A3C771B1B35C85B739 ] vseqrts         C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
16:46:26.0533 0x0c84  vseqrts - ok
16:46:26.0576 0x0c84  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:46:26.0602 0x0c84  vsmraid - ok
16:46:26.0669 0x0c84  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:46:26.0782 0x0c84  VSS - ok
16:46:26.0804 0x0c84  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:46:26.0840 0x0c84  vwifibus - ok
16:46:26.0873 0x0c84  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:26.0928 0x0c84  vwififlt - ok
16:46:26.0972 0x0c84  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:46:27.0034 0x0c84  W32Time - ok
16:46:27.0059 0x0c84  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:46:27.0076 0x0c84  WacomPen - ok
16:46:27.0117 0x0c84  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:46:27.0184 0x0c84  WANARP - ok
16:46:27.0189 0x0c84  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:46:27.0226 0x0c84  Wanarpv6 - ok
16:46:27.0284 0x0c84  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:27.0349 0x0c84  WatAdminSvc - ok
16:46:27.0417 0x0c84  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:46:27.0511 0x0c84  wbengine - ok
16:46:27.0537 0x0c84  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:46:27.0563 0x0c84  WbioSrvc - ok
16:46:27.0593 0x0c84  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:46:27.0640 0x0c84  wcncsvc - ok
16:46:27.0664 0x0c84  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:27.0716 0x0c84  WcsPlugInService - ok
16:46:27.0745 0x0c84  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:46:27.0759 0x0c84  Wd - ok
16:46:27.0811 0x0c84  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:46:27.0885 0x0c84  Wdf01000 - ok
16:46:27.0908 0x0c84  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:46:28.0070 0x0c84  WdiServiceHost - ok
16:46:28.0077 0x0c84  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:46:28.0105 0x0c84  WdiSystemHost - ok
16:46:28.0139 0x0c84  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:46:28.0195 0x0c84  WebClient - ok
16:46:28.0237 0x0c84  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:46:28.0294 0x0c84  Wecsvc - ok
16:46:28.0310 0x0c84  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:46:28.0351 0x0c84  wercplsupport - ok
16:46:28.0369 0x0c84  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:46:28.0436 0x0c84  WerSvc - ok
16:46:28.0469 0x0c84  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:28.0507 0x0c84  WfpLwf - ok
16:46:28.0551 0x0c84  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:46:28.0575 0x0c84  WimFltr - ok
16:46:28.0611 0x0c84  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:46:28.0625 0x0c84  WIMMount - ok
16:46:28.0649 0x0c84  WinDefend - ok
16:46:28.0656 0x0c84  WinHttpAutoProxySvc - ok
16:46:28.0709 0x0c84  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:46:28.0774 0x0c84  Winmgmt - ok
16:46:28.0857 0x0c84  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:46:28.0985 0x0c84  WinRM - ok
16:46:29.0054 0x0c84  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:46:29.0134 0x0c84  Wlansvc - ok
16:46:29.0182 0x0c84  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:46:29.0201 0x0c84  wlcrasvc - ok
16:46:29.0329 0x0c84  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:46:29.0365 0x0c84  wlidsvc - ok
16:46:29.0409 0x0c84  [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
16:46:29.0466 0x0c84  wltrysvc ( UnsignedFile.Multi.Generic ) - warning
16:46:29.0466 0x0c84  wltrysvc - detected UnsignedFile.Multi.Generic (1)
16:46:29.0505 0x0c84  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:46:29.0548 0x0c84  WmiAcpi - ok
16:46:29.0582 0x0c84  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:46:29.0629 0x0c84  wmiApSrv - ok
16:46:29.0657 0x0c84  WMPNetworkSvc - ok
16:46:29.0682 0x0c84  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:46:29.0725 0x0c84  WPCSvc - ok
16:46:29.0761 0x0c84  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:46:29.0812 0x0c84  WPDBusEnum - ok
16:46:29.0837 0x0c84  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:46:29.0874 0x0c84  ws2ifsl - ok
16:46:29.0896 0x0c84  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:46:29.0947 0x0c84  wscsvc - ok
16:46:29.0955 0x0c84  WSearch - ok
16:46:30.0045 0x0c84  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:46:30.0144 0x0c84  wuauserv - ok
16:46:30.0173 0x0c84  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:46:30.0221 0x0c84  WudfPf - ok
16:46:30.0258 0x0c84  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:30.0288 0x0c84  WUDFRd - ok
16:46:30.0321 0x0c84  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:46:30.0362 0x0c84  wudfsvc - ok
16:46:30.0409 0x0c84  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:46:30.0464 0x0c84  WwanSvc - ok
16:46:30.0520 0x0c84  ================ Scan global ===============================
16:46:30.0553 0x0c84  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:46:30.0591 0x0c84  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:46:30.0608 0x0c84  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:46:30.0639 0x0c84  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:46:30.0657 0x0c84  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:46:30.0666 0x0c84  [Global] - ok
16:46:30.0667 0x0c84  ================ Scan MBR ==================================
16:46:30.0688 0x0c84  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:46:31.0078 0x0c84  \Device\Harddisk0\DR0 - ok
16:46:31.0079 0x0c84  ================ Scan VBR ==================================
16:46:31.0083 0x0c84  [ 844C807994E1622088C74B59ACA5FB41 ] \Device\Harddisk0\DR0\Partition1
16:46:31.0086 0x0c84  \Device\Harddisk0\DR0\Partition1 - ok
16:46:31.0128 0x0c84  [ 1346231EF6CE9544B0E0DD49F0AA655A ] \Device\Harddisk0\DR0\Partition2
16:46:31.0131 0x0c84  \Device\Harddisk0\DR0\Partition2 - ok
16:46:31.0132 0x0c84  ============================================================
16:46:31.0132 0x0c84  Scan finished
16:46:31.0132 0x0c84  ============================================================
16:46:31.0149 0x0c7c  Detected object count: 4
16:46:31.0150 0x0c7c  Actual detected object count: 4
16:47:10.0188 0x0c7c  C:\Program Files\Dell\DellDock\DockLogin.exe - copied to quarantine
16:47:10.0280 0x0c7c  DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
16:47:10.0298 0x0c7c  C:\Windows\system32\HPZinw12.dll - copied to quarantine
16:47:10.0341 0x0c7c  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
16:47:10.0369 0x0c7c  C:\Windows\system32\HPZipm12.dll - copied to quarantine
16:47:10.0411 0x0c7c  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
16:47:10.0432 0x0c7c  C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE - copied to quarantine
16:47:10.0455 0x0c7c  wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

Edited by plumm, 25 August 2013 - 08:45 PM.


#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:06 AM

Posted 26 August 2013 - 02:59 AM

Please post the logs from the other three tools also.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 26 August 2013 - 12:11 PM

# AdwCleaner v3.001 - Report created 26/08/2013 at 13:05:09
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Windows\System32\roboot64.exe
Folder Found C:\Program Files (x86)\Zynga
Folder Found C:\Program Files (x86)\Zynga
Folder Found C:\Program Files\DomaIQ Uninstaller
Folder Found C:\ProgramData\apn
Folder Found C:\Users\Owner\AppData\Local\cre
Folder Found C:\Users\Owner\AppData\Local\SwvUpdater
Folder Found C:\Users\Owner\AppData\LocalLow\PriceGong
Folder Found C:\Users\Owner\AppData\Roaming\SearchProtect
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Zynga
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Found : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Found : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B08724F6-ECFE-4EB7-95CC-B1E0540C7D1C}
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B08724F6-ECFE-4EB7-95CC-B1E0540C7D1C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Zynga
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Google Chrome v28.0.1500.95
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8964 octets] - [26/08/2013 13:05:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9024 octets] ##########

 

 

 

Farbar Service Scanner Version: 18-08-2013
Ran by Owner (administrator) on 26-08-2013 at 13:11:01
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:06 AM

Posted 26 August 2013 - 12:25 PM

And post the log from Minitoolbox also please


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 26 August 2013 - 12:28 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 26-08-2013 at 13:27:37
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
   Physical Address. . . . . . . . . : 70-1A-04-DB-12-CF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cdc2:76e4:c465:827%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 25, 2013 9:44:56 PM
   Lease Expires . . . . . . . . . . : Tuesday, August 27, 2013 9:45:03 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 242227716
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-EE-31-53-A4-BA-DB-A0-D1-07
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
                                       209.55.27.13
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : A4-BA-DB-A0-D1-07
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{4C64E412-7E80-4273-908F-2F86A5FCC11F}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:38a7:38cc:3f57:fe96(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38a7:38cc:3f57:fe96%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2607:f8b0:4002:c01::64
 74.125.137.139
 74.125.137.113
 74.125.137.100
 74.125.137.102
 74.125.137.101
 74.125.137.138
 
 
Pinging google.com [74.125.137.139] with 32 bytes of data:
Reply from 74.125.137.139: bytes=32 time=19ms TTL=47
Reply from 74.125.137.139: bytes=32 time=18ms TTL=47
 
Ping statistics for 74.125.137.139:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 19ms, Average = 18ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=129ms TTL=49
Reply from 98.138.253.109: bytes=32 time=125ms TTL=50
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 125ms, Maximum = 129ms, Average = 127ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
 11...70 1a 04 db 12 cf ......Dell Wireless 1397 WLAN Mini-Card
 10...a4 ba db a0 d1 07 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.105     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.105    281
    192.168.1.105  255.255.255.255         On-link     192.168.1.105    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.105    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.105    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.105    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:4137:9e76:38a7:38cc:3f57:fe96/128
                                    On-link
 11    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::38a7:38cc:3f57:fe96/128
                                    On-link
 11    281 fe80::cdc2:76e4:c465:827/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/25/2013 01:20:33 PM) (Source: Application Hang) (User: )
Description: The program AcroRd32.exe version 9.1.0.163 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: fa8
 
Start Time: 01cea1b7405daf08
 
Termination Time: 32
 
Application Path: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
 
Report Id: 9d070a76-0daa-11e3-bb69-a4badba0d107
 
Error: (08/24/2013 09:11:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/24/2013 05:50:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: MSHTML.dll, version: 10.0.9200.16660, time stamp: 0x51f1cfae
Exception code: 0xc0000005
Fault offset: 0x000000000064f93e
Faulting process id: 0xd00
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/24/2013 05:38:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: MSHTML.dll, version: 10.0.9200.16660, time stamp: 0x51f1cfae
Exception code: 0xc0000005
Fault offset: 0x000000000064f93e
Faulting process id: 0x6d8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/24/2013 05:14:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000040006
Faulting process id: 0xf94
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/23/2013 11:53:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000040
Faulting process id: 0x634
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/23/2013 11:37:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x3dc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/23/2013 10:28:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000040
Faulting process id: 0xc14
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/23/2013 08:34:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000052fc6
Faulting process id: 0xe98
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (08/23/2013 08:28:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: MSHTML.dll, version: 10.0.9200.16660, time stamp: 0x51f1cfae
Exception code: 0xc0000005
Fault offset: 0x000000000064f93e
Faulting process id: 0x740
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
 
System errors:
=============
Error: (08/24/2013 10:04:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2862966).
 
Error: (08/24/2013 10:04:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Intel Corporation - Display - Mobile Intel® 4 Series Express Chipset Family.
 
Error: (08/24/2013 10:04:31 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (08/24/2013 10:03:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286).
 
Error: (08/24/2013 10:03:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2863058).
 
Error: (08/24/2013 10:03:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Microsoft Security Essentials - 4.3.215.0 (KB2855265).
 
Error: (08/24/2013 10:03:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2803821).
 
Error: (08/24/2013 10:03:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2849470).
 
Error: (08/24/2013 10:03:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706be: Security Update for Microsoft Works 9 (KB2754670).
 
Error: (08/24/2013 09:58:16 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (08/25/2013 01:20:33 PM) (Source: Application Hang)(User: )
Description: AcroRd32.exe9.1.0.163fa801cea1b7405daf0832C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe9d070a76-0daa-11e3-bb69-a4badba0d107
 
Error: (08/24/2013 09:11:18 PM) (Source: SideBySide)(User: )
Description: c:\programdata\Adobe\aih.8762e49a6b90c4ea53f41cc687ce99a6ade92d54\install_flash_player_ax.exec:\programdata\Adobe\aih.8762e49a6b90c4ea53f41cc687ce99a6ade92d54\install_flash_player_ax.exe0
 
Error: (08/24/2013 05:50:25 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1MSHTML.dll10.0.9200.1666051f1cfaec0000005000000000064f93ed0001cea1136df10e14C:\Windows\system32\svchost.exeC:\Windows\system32\MSHTML.dll2e77ca32-0d07-11e3-972f-a4badba0d107
 
Error: (08/24/2013 05:38:21 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1MSHTML.dll10.0.9200.1666051f1cfaec0000005000000000064f93e6d801cea1118e7960deC:\Windows\system32\svchost.exeC:\Windows\system32\MSHTML.dll7ecd61a3-0d05-11e3-972f-a4badba0d107
 
Error: (08/24/2013 05:14:33 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c00000050000000000040006f9401cea10d7fc23b38C:\Windows\system32\svchost.exeunknown2bd3eab5-0d02-11e3-972f-a4badba0d107
 
Error: (08/23/2013 11:53:10 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c0000005000000000000004063401cea07bcb98324aC:\Windows\System32\svchost.exeunknownb0ca54a6-0c70-11e3-972f-a4badba0d107
 
Error: (08/23/2013 11:37:10 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c000000500000000000000003dc01cea07b0a7daa59C:\Windows\system32\svchost.exeunknown74b695fa-0c6e-11e3-972f-a4badba0d107
 
Error: (08/23/2013 10:28:29 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c00000050000000000000040c1401cea07042af5538C:\Windows\system32\svchost.exeunknowndbe062c4-0c64-11e3-a1da-a4badba0d107
 
Error: (08/23/2013 08:34:18 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.177254ec4aa8ec00000050000000000052fc6e9801cea061900d06a5C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlle8a15acf-0c54-11e3-a1da-a4badba0d107
 
Error: (08/23/2013 08:28:03 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1MSHTML.dll10.0.9200.1666051f1cfaec0000005000000000064f93e74001cea05fde96cfaeC:\Windows\system32\svchost.exeC:\Windows\system32\MSHTML.dll09437e8e-0c54-11e3-a1da-a4badba0d107
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-24 20:15:47.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 19:34:51.854
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 19:21:24.355
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 18:50:39.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 18:42:42.032
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 18:19:19.443
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 17:47:03.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-24 17:04:18.915
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-23 23:36:30.875
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-23 23:27:46.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Reader 9.1.2 (Version: 9.1.2)
Advanced Audio FX Engine (Version: 1.12.05)
AVSDK5 (Version: 5.2.9)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
BufferChm (Version: 140.0.212.000)
CCleaner (Version: 3.22)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Coupon Printer for Windows (Version: 5.0.0.0)
D1600 (Version: 140.0.690.000)
D3DX10 (Version: 15.4.2368.0902)
DCC Risk-Needs Assessments
Deer Drive
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 7.104.102.104)
Dell Webcam Central (Version: 1.40.05)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
DeviceDiscovery (Version: 140.0.212.000)
DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000)
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
GPBaseService2 (Version: 140.0.211.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
IDT Audio (Version: 1.0.6217.0)
Intel® Graphics Media Accelerator Driver
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
JWSHODN
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 140.0.212.000)
MaxMySpeed PC Optimizer (Version: 2.0.648.12931)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Pacific Heroes 2
PANTECH USB Modem V2 (Version: 1.2.7000.720)
PowerDVD DX (Version: 8.3.5424)
Quickset64 (Version: 9.6.6)
Roxio Burn (Version: 1.01)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Status (Version: 140.0.212.000)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Verizon Wireless UM190 Firmware Updates (Version: 1.0.3)
VZAccess Manager (Version: 7.3.15.0)
WebReg (Version: 140.0.212.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zynga Toolbar (Version: )
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 45%
Total physical RAM: 4058.36 MB
Available physical RAM: 2226.23 MB
Total Pagefile: 8114.91 MB
Available Pagefile: 5944.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.19 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:236.49 GB) NTFS
3 Drive e: () (Fixed) (Total:931.51 GB) (Free:343.32 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\OWNER-PC
 
Administrator            Guest                    Owner                    
 
========================= Minidump Files ==================================
 
========================= Restore Points ==================================
 
18-08-2013 15:52:54 Removed CyberDefender Framework
18-08-2013 15:56:14 Removed Microsoft Office PowerPoint Viewer 2007 (English)
18-08-2013 18:29:28 Removed CyberDefender Framework
18-08-2013 19:06:13 Restore Operation
19-08-2013 22:45:52 Windows Update
23-08-2013 22:45:46 Removed CyberDefender Framework
24-08-2013 03:54:57 Removed Dell DataSafe Local Backup - Support Software
24-08-2013 21:04:40 Removed Dell DataSafe Local Backup
24-08-2013 21:07:12 Removed Dell DataSafe Online.
24-08-2013 21:11:37 Removed Dell Getting Started Guide.
24-08-2013 21:15:21 Removed Dell Support Center
24-08-2013 21:21:01 Removed Extreme Flash Player
24-08-2013 21:24:42 Removed CyberDefender Framework
24-08-2013 21:33:23 Removed HP Update.
24-08-2013 21:37:44 Removed Microsoft Office File Validation Add-In
24-08-2013 21:39:11 Removed Microsoft Office Suite Activation Assistant
24-08-2013 21:41:43 Removed Microsoft Office Home and Student 2007
24-08-2013 21:50:47 Removed Microsoft Office PowerPoint Viewer 2007 (English)
24-08-2013 22:25:46 Removed Compatibility Pack for the 2007 Office system
25-08-2013 02:00:21 Windows Update
 
**** End of log ****


#9 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 26 August 2013 - 12:30 PM

Computer is still running as though it is not infected. But my amateur eyes tell me there as still obvious traces left behind...



#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:06 AM

Posted 26 August 2013 - 12:57 PM

Hi

Please do the following next:

:step1:

Backup Your Registry with ERUNT
 

  • Please use the following link and scroll down to ERUNT and download it.
    http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
  • Right click on Erunt.exe and click "Run as Adminstrator" (use the shortcut on your desktop if you used the installer).
  • If you get a message box with the title "Welcome", click on "OK"
  • Follow the subsequent prompts, leaving the values at default, and click on "OK"
  • If you get asked whether to create a folder please click "Yes".


:step2:



  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


:step3:



  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step4:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.



  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

 

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 27 August 2013 - 05:46 AM

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.26.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Owner :: OWNER-PC [administrator]
 
Protection: Enabled
 
8/26/2013 2:27:04 PM
mbam-log-2013-08-26 (14-27-04).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 345998
Time elapsed: 49 minute(s), 24 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5456FACC-AB9A-11E2-B548-7A8020000200} -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

Eset said that it did not find any threats, and there was no way to export a log file.

Sorry for the delay, work schedule...



#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:06 AM

Posted 27 August 2013 - 08:34 AM

Please post the AdwCleaner "Clean" log also


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 27 August 2013 - 10:41 AM

# AdwCleaner v3.001 - Report created 26/08/2013 at 14:16:16
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Program Files (x86)\Zynga
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Users\Owner\AppData\Local\cre
Folder Deleted : C:\Users\Owner\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Owner\AppData\Roaming\SearchProtect
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B08724F6-ECFE-4EB7-95CC-B1E0540C7D1C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B08724F6-ECFE-4EB7-95CC-B1E0540C7D1C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Zynga
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Zynga
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Google Chrome v28.0.1500.95
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [9188 octets] - [26/08/2013 13:05:09]
AdwCleaner[R1].txt - [9246 octets] - [26/08/2013 14:15:07]
AdwCleaner[S0].txt - [6771 octets] - [26/08/2013 14:16:16]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6831 octets] ##########


#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:06 AM

Posted 27 August 2013 - 06:18 PM

How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 plumm

plumm
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 27 August 2013 - 11:14 PM

It seems to be running fine. I hit it pretty hard a few times before with malwarebytes and hitman pro and Eset and Ccleaner, There may have been something else, cant remember exactly. Then I did all that you told me to do. 

The only sign of infection now is that leftover program in the programs list. All of the browser hijacks are cleared and all scans seem to come up clean. I would just feel better if it was 100%  gone.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users