Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32:Sirefef-BTT [Trj], Win64:Sirefef-A [Trj], Win32:Malware-gen


  • This topic is locked This topic is locked
19 replies to this topic

#1 punkin.potpie

punkin.potpie

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 10 September 2013 - 07:23 AM

I seemed to have picked this up last night. So far all I've done is when my anti-virus detects it, I've been moving it to anti-virus chest. When I ran the full scan though, it said it doesn't detect anything. Any help would be greatly appreciated.

 

 

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 1.6.0_30
Run by Toni at 7:09:16 on 2013-09-10
Microsoft Windows 7 Starter   6.1.7600.0.1252.63.1033.18.2048.392 [GMT -5:00]
.
AV: avast! antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeaserv.exe
C:\Windows\system32\lxeacoms.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\USTechSupport\SchedulerService\SchedulerService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\Toni\Downloads\FRST.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3277370&octid=CT3277370&SearchSource=61&CUI=UN29435907571628224&UM=2&UP=SPCCEF001D-1642-469A-9FD0-E9B5CAA6F506
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\7.6\ytdToolbarIE.dll
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.6\iobitappsToolbarIE.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll
dURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.6\iobitappsToolbarIE.dll
dURLSearchHooks: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - <orphaned>
dURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.6\iobitappsToolbarIE.dll
BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins

\ie\rndlbrowserrecordplugin.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - c:\program files\wondershare\video converter ultimate\SVRIEPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare 6\browerprotect

\ASCPlugin_Protection.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll
BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - c:\program files\lexmark printable web\bho.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\7.6\ytdToolbarIE.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - c:\program files\utorrentbar\tbuTo1.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngin0.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\7.6\ytdToolbarIE.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.6\iobitappsToolbarIE.dll
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [KiesTrayAgent] c:\program files\samsung\kies\kiestrayagent.exe
uRun: [KiesHelper] c:\program files\samsung\kies\kieshelper.exe /s
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\lws.exe" /hide
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EzPrint] c:\program files\lexmark s300-s400 series\ezprint.exe
mRun: [lxeamon.exe] c:\program files\lexmark s300-s400 series\lxeamon.exe
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Wondershare Helper Compact.exe] c:\program files\common files\wondershare\wondershare helper compact\WSHelper.exe
mRun: [BrowserPlugInHelper] c:\program files\wondershare\video converter ultimate\BrowserPlugInHelper.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
dRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.0.1 205.171.2.25 192.168.1.1
TCP: Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A} : DHCPNameServer = 192.168.0.1 205.171.2.25 192.168.1.1
TCP: Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A}\1425D4F4C444 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A}\14D4059402D4547414D414C4C4 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A}\34F6D666F62747F5355796475637 : DHCPNameServer = 24.116.2.50 24.116.2.34
TCP: Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A}\35D4F5D4567616D616C6C6F564275656F575966496 : DHCPNameServer = 202.57.32.1 202.57.32.2
TCP: Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B4A8D165-1FC1-4954-864A-0B97A4AF62E4} : DHCPNameServer = 192.168.0.1 205.171.2.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\toni\appdata\roaming\mozilla\firefox\profiles\9zo8qbpz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-08-22 11:39; {8D150B8F-EFE8-45a3-A4A3-053020F48FAC}; c:\program files\wondershare\video converter ultimate\SVRFirefoxExt
FF - ExtSQL: 2013-08-30 21:46; {badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}; c:\users\toni\appdata\roaming\mozilla\firefox\profiles\9zo8qbpz.default\extensions\{badea1ae-

72ed-4f6a-8c37-4db9a4ac7bc9}
FF - ExtSQL: 2013-09-07 07:23; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
.
---- FIREFOX POLICIES ----
# Mozilla User Preferences
/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 * For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs
 */
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1296437451
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1296437489
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1296437872
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1295843103
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1296437972
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1296437977
FF - user.js: browser.download.lastDir - c:\\users\\toni\\Desktop
FF - user.js: browser.feeds.showFirstRunUI - false
FF - user.js: browser.history_expire_days.mirror - 180
FF - user.js: browser.migration.version - 1
FF - user.js: browser.open.lastDir - c:\\program files\\QuickTime
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.defaultengine - Ask.com
FF - user.js: browser.search.defaultenginename - Ask.com
FF - user.js: browser.search.order.1 - Ask.com
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.search.useDBForOrder - true
FF - user.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - user.js: browser.startup.homepage_override.mstone - rv:1.9.2.13
FF - user.js: extensions.enabledItems - {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0022-

ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - user.js: extensions.lastAppVersion - 3.6.13
FF - user.js: extensions.smxtra.notice - 1
FF - user.js: extensions.update.notifyUser - false
FF - user.js: greasemonkey.version - 0.8.20100408.6
FF - user.js: idle.lastDailyNotification - 1295115927
FF - user.js: intl.charsetmenu.browser.cache - windows-1252, ISO-8859-1, UTF-8, windows-1251, windows-874
FF - user.js: lightweightThemes.isThemeSelected - false
FF - user.js: lightweightThemes.persisted.footerURL - true
FF - user.js: lightweightThemes.persisted.headerURL - true
FF - user.js: lightweightThemes.usedThemes - [{\id\:\278516\,\name\:\bleach_chibi_1\,\headerurl\:\hxxp://getpersonas-

cdn.mozilla.net/static/1/6/278516/bleachchibiheader.jpg?1281548959\,\footerurl\:\http://getpersonas-cdn.mozilla.net/static/1/6/278516/bleachchibifooter.jpg?

1281548959\,\textcolor\:\#ffffff\,\iconurl\:\http://getpersonas-cdn.mozilla.net/static/1/6/278516/preview_small.jpg?1281548959\,\previewurl\:\http://getpersonas-

cdn.mozilla.net/static/1/6/278516/preview.jpg?1281548959\,\author\:\mprincess\,\description\:\abarai, bleach, byakuya, ichigo, kenpachi, kuchiki, kurosaki, kusajishi,

renji, rukia, shinigami, vizard, yachiru, zaraki\,\updateurl\:\https://www.getpersonas.com/en-us/update_check/278516\},{\id\:\249987\,\name\:\sweet home\,\headerurl\:

\http://getpersonas-cdn.mozilla.net/static/8/7/249987/l9-n1-header.jpg?1284319264\,\footerurl\:\http://getpersonas-cdn.mozilla.net/static/8/7/249987/l9-n1-footer.jpg?

1284319264\,\iconurl\:\http://getpersonas-cdn.mozilla.net/static/8/7/249987/preview_small.jpg?1284319264\,\previewurl\:\http://getpersonas-

cdn.mozilla.net/static/8/7/249987/preview.jpg?1284319264\,\author\:\lucky9\,\description\:\welcome to sweet home.\,\updateurl\:\https://www.getpersonas.com/en-

us/update_check/249987\,\version\:\1284319264\},{\id\:\111153\,\name\:\south park characters\,\headerurl\:\http://getpersonas-

cdn.mozilla.net/static/5/3/111153/southpark.jpg?1266954721\,\footerurl\:\http://getpersonas-cdn.mozilla.net/static/5/3/111153/southpark-copy.jpg?1266954721\

\textcolor\:\#000000\,\accentcolor\:\#737373\,\iconurl\:\http://getpersonas-cdn.mozilla.net/static/5/3/111153/preview_small.jpg?1266954721\,\previewurl\:

\http://getpersonas-cdn.mozilla.net/static/5/3/111153/preview.jpg?1266954721\,\author\:\billysha\,\description\:\butters, kyle, cartman, stan and kenny\,\updateurl\:

\https://www.getpersonas.com/en-us/update_check/111153\},{\id\:\114665\,\name\:\bikini bottom - spongebob\,\headerurl\:\http://getpersonas-

cdn.mozilla.net/static/6/5/114665/header7.jpg?1267355153\,\footerurl\:\http://getpersonas-cdn.mozilla.net/static/6/5/114665/footer2.jpg?1267355153\,\textcolor\:

\#ffffff\,\accentcolor\:\#cfcfcf\,\iconurl\:\http://getpersonas-cdn.mozilla.net/static/6/5/114665/preview_small.jpg?1267355153\,\previewurl\:\http://getpersonas-

cdn.mozilla.net/static/6/5/114665/preview.jpg?1267355153\,\author\:\thejawsthatbite\,\description\:\bikini bottom featuring the krusty krab, gary and spongebob. enjoy

:)\,\updateurl\:\https://www.getpersonas.com/en-us/update_check/114665\},{\id\:\73038\,\name\:\pulp fiction cartoon\,\headerurl\:\http://getpersonas-

cdn.mozilla.net/static/3/8/73038/pulpfictionbig.jpg?1260925626\,\footerurl\:\http://getpersonas-cdn.mozilla.net/static/3/8/73038/bottombig.jpg?1260925626\,\textcolor

\:\#cfcdcd\,\iconurl\:\http://getpersonas-cdn.mozilla.net/static/3/8/73038/preview_small.jpg?1260925626\,\previewurl\:\http://getpersonas-

cdn.mozilla.net/static/3/8/73038/preview.jpg?1260925626\,\author\:\yory\,\description\:\pulp fiction cartoonized\,\updateurl\:\https://www.getpersonas.com/en-

us/update_check/73038\},{\id\:\91481\,\name\:\floral_gold\,\headerurl\:\http://getpersonas-cdn.mozilla.net/static/8/1/91481/floral3_1.jpg?1264882590\,\footerurl\:

\http://getpersonas-cdn.mozilla.net/static/8/1/91481/floral3_11.jpg?1264882590\,\textcolor\:\#5e3d07\,\accentcolor\:\#876c0c\,\iconurl\:\http://getpersonas-

cdn.mozilla.net/static/8/1/91481/preview_small.jpg?1264882590\,\previewurl\:\http://getpersonas-cdn.mozilla.net/static/8/1/91481/preview.jpg?1264882590\,\author\:

\pixel shader\,\description\:\golden flowers\,\updateurl\:\https://www.getpersonas.com/en-us/update_check/91481\},{\id\:\52817\,\name\:\cherry hotmail skin\,

\headerurl\:\http://getpersonas-cdn.mozilla.net/static/1/7/52817/cherryblossomheaderii.png?1260925626\,\footerurl\:\http://getpersonas-

cdn.mozilla.net/static/1/7/52817/cherryblossomfooter.png?1260925626\,\textcolor\:\#0a7a87\,\accentcolor\:\#dbd40b\,\iconurl\:\http://getpersonas-

cdn.mozilla.net/static/1/7/52817/preview_small.jpg?1260925626\,\previewurl\:\http://getpersonas-cdn.mozilla.net/static/1/7/52817/preview.jpg?1260925626\,\author\:

\lina_ho\,\description\:\pink cherry blossom\,\updateurl\:\https://www.getpersonas.com/en-us/update_check/52817\}]
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: places.last_vacuum - 1292081824
FF - user.js: pref.browser.homepage.disable_button.current_page - false
FF - user.js: pref.privacy.disable_button.view_passwords - false
FF - user.js: privacy.cpd.downloads - false
FF - user.js: privacy.cpd.formdata - false
FF - user.js: privacy.cpd.history - false
FF - user.js: privacy.cpd.sessions - false
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: privacy.sanitize.timeSpan - 0
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1296437705
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
FF - user.js: browser.search.defaultenginename - Yahoo
FF - user.js: browser.search.selectedEngine - Yahoo
FF - user.js: keyword.URL - hxxp://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - user.js: browser.search.param.yahoo-fr - chr-greentree_ff&type=685749
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extentions.y2layers.installId - 158071a0-5433-442d-a11b-abb65e9c1f67
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
FF - user.js: extentions.y2layers.installId - 158071a0-5433-442d-a11b-abb65e9c1f67
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
FF - user.js: extentions.y2layers.installId - 158071a0-5433-442d-a11b-abb65e9c1f67
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2013-8-15 15672]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-8-5 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-7-11 574272]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-17 176128]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-9-2 807800]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-8-5 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-8-5 53328]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2011-4-6 138680]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-8-8 233472]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-8-6 335168]
R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2012-4-4 193192]
R2 PfFilter;PfFilter;c:\program files\iobit\protected folder\pffilter.sys [2011-8-28 32672]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2010-8-5 2320920]
R2 USTSScheduler;US Tech Support Scheduling Service;c:\program files\ustechsupport\schedulerservice\SchedulerService.exe [2012-7-12 736648]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2011-4-6 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2011-4-6 352920]
R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\FileMonitor.sys [2013-6-8 21480]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-8-8 36608]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\RegFilter.sys [2013-6-8 31752]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-9 394856]
R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\UrlFilter.sys [2013-6-8 20944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2012-10-23 84832]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-8-5 29736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-11-24 80184]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2010-3-18 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2010-3-18 10448]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2012-3-6 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2012-3-6 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2012-3-6 123648]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-11-24 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [2011-11-24 181432]
.
=============== Created Last 30 ================
.
2013-09-10 11:53:34    --------    d-----w-    C:\FRST
2013-09-10 10:18:22    60872    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{b0448f31-7a52-42ca-b332-544074132e9c}\offreg.dll
2013-09-10 10:16:27    7166848    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{b0448f31-7a52-42ca-b332-544074132e9c}\mpengine.dll
2013-09-10 02:09:09    --------    d-----w-    c:\users\toni\appdata\roaming\Odef
2013-09-10 02:09:09    --------    d-----w-    c:\users\toni\appdata\roaming\Efhaor
2013-09-07 12:25:06    --------    d-----w-    c:\users\toni\appdata\roaming\RealNetworks
2013-09-07 12:23:46    --------    d-----w-    c:\programdata\RealNetworks
2013-09-07 12:23:46    --------    d-----w-    c:\program files\RealNetworks
2013-09-07 12:22:54    --------    d-----w-    c:\program files\common files\xing shared
2013-09-07 00:55:50    --------    d-----w-    c:\program files\IObit Apps Toolbar
2013-09-06 00:50:53    --------    d-----w-    c:\program files\YTD Toolbar
2013-08-22 16:42:33    --------    d-----w-    c:\programdata\xml_param
2013-08-22 16:41:25    --------    d-----w-    c:\users\toni\appdata\roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2013-08-22 16:39:57    339784    ----a-w-    c:\windows\system32\WPShellExt32.dll
2013-08-22 16:39:52    --------    d-----w-    c:\programdata\Wondershare Player
2013-08-22 16:39:46    --------    d-----w-    c:\users\toni\appdata\local\Wondershare
2013-08-22 16:39:45    --------    d-----w-    c:\program files\common files\Wondershare
2013-08-22 16:39:21    727952    ----a-w-    c:\windows\system32\WSCM64.dll
2013-08-22 16:39:21    153088    ----a-w-    c:\windows\system32\WSCM32.dll
2013-08-22 16:38:58    --------    d-----w-    c:\programdata\Wondershare Video Converter Ultimate
2013-08-22 16:38:38    --------    d-----w-    c:\program files\Wondershare
2013-08-19 16:39:35    --------    d-----w-    c:\program files\iPod
2013-08-19 16:39:26    --------    d-----w-    c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-19 16:39:26    --------    d-----w-    c:\program files\iTunes
2013-08-15 13:04:19    15672    ----a-w-    c:\windows\system32\drivers\SmartDefragDriver.sys
.
==================== Find3M  ====================
.
2013-08-20 18:05:05    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-08-20 18:05:04    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH:  7:09:59.20 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 10 September 2013 - 04:46 PM

Good evening. :)

 

Download TDSSKiller.zip from Kaspersky from here and save it to your Desktop.
 

  • You will then need to extract the file(s) from the zipped folder.
     
  • To do this: Right-click on the zipped folder and from the menu that appears, click on Extract All...
    In the Extraction Wizard window that opens, click on Extract and the contents should appear in a new window.

     
  • Please close all open programs as this may result in a reboot being necessary.
  • Double click TDSSKiller.exe to begin.
  • Click Change parameters and check the two boxes under Additional Options and then click OK.
  • Click Start scan and allow the tool to do just that.
  • One the scan has completed, if the tool has identified anything allow it to carry out it's default action(s) - you'll need to click Continue where appropriate.
  • Finally, if it prompts you to reboot your machine, please click Reboot Now and ensure that your machine does so.
  • The log that the tool creates will be located at the root of you hard drive as C:\TDSSKiller.Version_Date_Time_log.txt. - i'd like a copy of the contents in your next reply.

    Please check that you get the one with the right date and time. :)

 

 


So long, and thanks for all the fish.

 

 


#3 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 10 September 2013 - 05:44 PM

Thank you so much for your reply. Here is the copy of the log. The default action was to skip and it didn't ask me to reboot so I didn't. I hope that's alright.

 

17:39:55.0231 11048  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:39:56.0061 11048  ============================================================
17:39:56.0061 11048  Current date / time: 2013/09/10 17:39:56.0061
17:39:56.0061 11048  SystemInfo:
17:39:56.0061 11048  
17:39:56.0061 11048  OS Version: 6.1.7600 ServicePack: 0.0
17:39:56.0061 11048  Product type: Workstation
17:39:56.0061 11048  ComputerName: TONI-PC
17:39:56.0061 11048  UserName: Toni
17:39:56.0061 11048  Windows directory: C:\Windows
17:39:56.0061 11048  System windows directory: C:\Windows
17:39:56.0061 11048  Processor architecture: Intel x86
17:39:56.0061 11048  Number of processors: 4
17:39:56.0061 11048  Page size: 0x1000
17:39:56.0061 11048  Boot type: Normal boot
17:39:56.0061 11048  ============================================================
17:39:57.0961 11048  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:39:57.0991 11048  ============================================================
17:39:57.0991 11048  \Device\Harddisk0\DR0:
17:39:57.0991 11048  MBR partitions:
17:39:57.0991 11048  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:39:57.0991 11048  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE85000
17:39:57.0991 11048  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xEEB7800, BlocksNum 0x16576800
17:39:57.0991 11048  ============================================================
17:39:58.0021 11048  C: <-> \Device\Harddisk0\DR0\Partition2
17:39:58.0061 11048  D: <-> \Device\Harddisk0\DR0\Partition3
17:39:58.0061 11048  ============================================================
17:39:58.0061 11048  Initialize success
17:39:58.0061 11048  ============================================================
17:40:29.0245 11368  ============================================================
17:40:29.0245 11368  Scan started
17:40:29.0245 11368  Mode: Manual; SigCheck; TDLFS;
17:40:29.0245 11368  ============================================================
17:40:30.0095 11368  ================ Scan system memory ========================
17:40:30.0095 11368  System memory - ok
17:40:30.0095 11368  ================ Scan services =============================
17:40:30.0175 11368  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:40:30.0275 11368  !SASCORE ( UnsignedFile.Multi.Generic ) - warning
17:40:30.0275 11368  !SASCORE - detected UnsignedFile.Multi.Generic (1)
17:40:30.0505 11368  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:40:30.0595 11368  1394ohci - ok
17:40:30.0615 11368  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
17:40:30.0635 11368  ACPI - ok
17:40:30.0655 11368  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
17:40:30.0715 11368  AcpiPmi - ok
17:40:30.0795 11368  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:40:30.0815 11368  AdobeARMservice - ok
17:40:30.0875 11368  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:40:30.0895 11368  AdobeFlashPlayerUpdateSvc - ok
17:40:30.0935 11368  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:40:30.0955 11368  adp94xx - ok
17:40:30.0985 11368  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:40:31.0005 11368  adpahci - ok
17:40:31.0015 11368  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:40:31.0035 11368  adpu320 - ok
17:40:31.0125 11368  [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
17:40:31.0165 11368  AdvancedSystemCareService6 - ok
17:40:31.0205 11368  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:40:31.0275 11368  AeLookupSvc - ok
17:40:31.0305 11368  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
17:40:31.0375 11368  AFD - ok
17:40:31.0405 11368  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
17:40:31.0435 11368  agp440 - ok
17:40:31.0495 11368  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:40:31.0515 11368  aic78xx - ok
17:40:31.0545 11368  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
17:40:31.0615 11368  ALG - ok
17:40:31.0645 11368  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
17:40:31.0665 11368  aliide - ok
17:40:31.0715 11368  [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:40:31.0915 11368  AMD External Events Utility - ok
17:40:31.0935 11368  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
17:40:31.0965 11368  amdagp - ok
17:40:31.0975 11368  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
17:40:31.0995 11368  amdide - ok
17:40:32.0015 11368  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:40:32.0035 11368  AmdK8 - ok
17:40:32.0045 11368  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:40:32.0115 11368  AmdPPM - ok
17:40:32.0135 11368  [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:40:32.0155 11368  amdsata - ok
17:40:32.0165 11368  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:40:32.0185 11368  amdsbs - ok
17:40:32.0205 11368  [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:40:32.0225 11368  amdxata - ok
17:40:32.0255 11368  [ 656CDA7EDAF6F24831D54EB4B519E2FD ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
17:40:32.0345 11368  ApfiltrService - ok
17:40:32.0385 11368  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
17:40:32.0485 11368  AppID - ok
17:40:32.0515 11368  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:40:32.0645 11368  AppIDSvc - ok
17:40:32.0665 11368  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
17:40:32.0725 11368  Appinfo - ok
17:40:32.0775 11368  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:40:32.0795 11368  Apple Mobile Device - ok
17:40:32.0875 11368  [ 72116413CF0092A6DFB4BF7775EF7E0F ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
17:40:32.0915 11368  Application Updater - ok
17:40:32.0935 11368  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:40:32.0955 11368  arc - ok
17:40:32.0975 11368  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:40:32.0985 11368  arcsas - ok
17:40:33.0015 11368  [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI            C:\Windows\System32\DRIVERS\ASPI32.sys
17:40:33.0045 11368  ASPI ( UnsignedFile.Multi.Generic ) - warning
17:40:33.0045 11368  ASPI - detected UnsignedFile.Multi.Generic (1)
17:40:33.0075 11368  [ B4079A98F294A3E262872CB76F4849F0 ] aswFsBlk        C:\Windows\system32\DRIVERS\aswFsBlk.sys
17:40:33.0095 11368  aswFsBlk - ok
17:40:33.0125 11368  [ E2851CB7DBB831888EAEA46C55C05E44 ] aswMonFlt       C:\Windows\system32\DRIVERS\aswMonFlt.sys
17:40:33.0145 11368  aswMonFlt - ok
17:40:33.0155 11368  [ 8080D683489C99CBACE813F6FA4069CC ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
17:40:33.0175 11368  aswRdr - ok
17:40:33.0195 11368  [ 2E5A2AD5004B55DF39B7606130A88142 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:40:33.0205 11368  aswSP - ok
17:40:33.0215 11368  [ D4C83A37EFADFA2C398362E0776E3773 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
17:40:33.0235 11368  aswTdi - ok
17:40:33.0285 11368  [ 5DEBC3519D489411073FA7E56FFB4A93 ] aswUpdSv        C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
17:40:33.0295 11368  aswUpdSv - ok
17:40:33.0315 11368  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:40:33.0375 11368  AsyncMac - ok
17:40:33.0395 11368  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
17:40:33.0415 11368  atapi - ok
17:40:33.0565 11368  [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:40:33.0755 11368  atikmdag - ok
17:40:33.0805 11368  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:40:33.0935 11368  AudioEndpointBuilder - ok
17:40:33.0945 11368  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:40:33.0985 11368  Audiosrv - ok
17:40:34.0025 11368  [ 0AAF6B848185899CF76AE04E62EAB3D2 ] avast! Antivirus C:\Program Files\Alwil Software\Avast4\ashServ.exe
17:40:34.0045 11368  avast! Antivirus - ok
17:40:34.0065 11368  [ B2F564DC59B67763C73269E1A9DA7F18 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
17:40:34.0085 11368  avast! Mail Scanner - ok
17:40:34.0135 11368  [ D86010C96ABADDA75356834D6113D37D ] avast! Web Scanner C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
17:40:34.0165 11368  avast! Web Scanner - ok
17:40:34.0185 11368  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:40:34.0275 11368  AxInstSV - ok
17:40:34.0315 11368  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:40:34.0375 11368  b06bdrv - ok
17:40:34.0406 11368  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:40:34.0446 11368  b57nd60x - ok
17:40:34.0546 11368  [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
17:40:34.0626 11368  BCM43XX - ok
17:40:34.0656 11368  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:40:34.0706 11368  BDESVC - ok
17:40:34.0716 11368  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:40:34.0766 11368  Beep - ok
17:40:34.0816 11368  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
17:40:34.0886 11368  BFE - ok
17:40:34.0936 11368  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
17:40:35.0016 11368  BITS - ok
17:40:35.0056 11368  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:40:35.0096 11368  blbdrive - ok
17:40:35.0166 11368  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:40:35.0186 11368  Bonjour Service - ok
17:40:35.0226 11368  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:40:35.0296 11368  bowser - ok
17:40:35.0306 11368  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:40:35.0356 11368  BrFiltLo - ok
17:40:35.0386 11368  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:40:35.0437 11368  BrFiltUp - ok
17:40:35.0467 11368  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
17:40:35.0507 11368  Browser - ok
17:40:35.0527 11368  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:40:35.0567 11368  Brserid - ok
17:40:35.0587 11368  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:40:35.0627 11368  BrSerWdm - ok
17:40:35.0647 11368  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:40:35.0677 11368  BrUsbMdm - ok
17:40:35.0697 11368  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:40:35.0737 11368  BrUsbSer - ok
17:40:35.0777 11368  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
17:40:35.0827 11368  BthEnum - ok
17:40:35.0847 11368  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:40:35.0887 11368  BTHMODEM - ok
17:40:35.0927 11368  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:40:35.0987 11368  BthPan - ok
17:40:36.0007 11368  [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
17:40:36.0037 11368  BTHPORT - ok
17:40:36.0067 11368  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
17:40:36.0167 11368  bthserv - ok
17:40:36.0197 11368  [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
17:40:36.0227 11368  BTHUSB - ok
17:40:36.0257 11368  [ 489727EA3DCEBA3BAC3215F94BFBCAA1 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
17:40:36.0277 11368  btwaudio - ok
17:40:36.0297 11368  [ DEAD0E02E2EFDB03209C9237E93A619C ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
17:40:36.0317 11368  btwavdt - ok
17:40:36.0397 11368  [ F950152B6B0A0093B9A270D2FC89A78A ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:40:36.0437 11368  btwdins - ok
17:40:36.0457 11368  [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
17:40:36.0477 11368  btwl2cap - ok
17:40:36.0507 11368  [ 280E088046DCAC249BB08505E296DB86 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
17:40:36.0527 11368  btwrchid - ok
17:40:36.0557 11368  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:40:36.0617 11368  cdfs - ok
17:40:36.0647 11368  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:40:36.0687 11368  cdrom - ok
17:40:36.0727 11368  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:40:36.0797 11368  CertPropSvc - ok
17:40:36.0837 11368  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:40:36.0857 11368  circlass - ok
17:40:36.0897 11368  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
17:40:36.0957 11368  CLFS - ok
17:40:37.0037 11368  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:40:37.0057 11368  clr_optimization_v2.0.50727_32 - ok
17:40:37.0117 11368  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:40:37.0147 11368  clr_optimization_v4.0.30319_32 - ok
17:40:37.0167 11368  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:40:37.0187 11368  CmBatt - ok
17:40:37.0207 11368  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
17:40:37.0217 11368  cmdide - ok
17:40:37.0247 11368  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:40:37.0277 11368  CNG - ok
17:40:37.0297 11368  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:40:37.0317 11368  Compbatt - ok
17:40:37.0347 11368  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:40:37.0407 11368  CompositeBus - ok
17:40:37.0407 11368  COMSysApp - ok
17:40:37.0487 11368  cpuz132 - ok
17:40:37.0527 11368  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:40:37.0557 11368  crcdisk - ok
17:40:37.0587 11368  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:40:37.0657 11368  CryptSvc - ok
17:40:37.0707 11368  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:40:37.0767 11368  DcomLaunch - ok
17:40:37.0807 11368  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:40:37.0867 11368  defragsvc - ok
17:40:37.0897 11368  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:40:37.0957 11368  DfsC - ok
17:40:37.0987 11368  [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:40:38.0007 11368  dg_ssudbus - ok
17:40:38.0047 11368  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:40:38.0157 11368  Dhcp - ok
17:40:38.0177 11368  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
17:40:38.0237 11368  discache - ok
17:40:38.0277 11368  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:40:38.0297 11368  Disk - ok
17:40:38.0317 11368  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:40:38.0367 11368  Dnscache - ok
17:40:38.0397 11368  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:40:38.0467 11368  dot3svc - ok
17:40:38.0497 11368  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
17:40:38.0557 11368  DPS - ok
17:40:38.0587 11368  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:40:38.0627 11368  drmkaud - ok
17:40:38.0667 11368  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:40:38.0707 11368  DXGKrnl - ok
17:40:38.0727 11368  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
17:40:38.0787 11368  EapHost - ok
17:40:38.0907 11368  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:40:39.0007 11368  ebdrv - ok
17:40:39.0047 11368  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
17:40:39.0127 11368  EFS - ok
17:40:39.0157 11368  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:40:39.0187 11368  elxstor - ok
17:40:39.0227 11368  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
17:40:39.0267 11368  ErrDev - ok
17:40:39.0327 11368  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
17:40:39.0397 11368  EventSystem - ok
17:40:39.0418 11368  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
17:40:39.0458 11368  exfat - ok
17:40:39.0478 11368  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:40:39.0538 11368  fastfat - ok
17:40:39.0588 11368  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
17:40:39.0658 11368  Fax - ok
17:40:39.0688 11368  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:40:39.0718 11368  fdc - ok
17:40:39.0748 11368  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
17:40:39.0808 11368  fdPHost - ok
17:40:39.0828 11368  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
17:40:39.0868 11368  FDResPub - ok
17:40:39.0888 11368  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:40:39.0908 11368  FileInfo - ok
17:40:40.0008 11368  [ F5DBCF84176C62B4BEDF22DB56444CBD ] FileMonitor     C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
17:40:40.0028 11368  FileMonitor - ok
17:40:40.0048 11368  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:40:40.0078 11368  Filetrace - ok
17:40:40.0098 11368  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:40:40.0128 11368  flpydisk - ok
17:40:40.0168 11368  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:40:40.0188 11368  FltMgr - ok
17:40:40.0248 11368  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\Windows\system32\FntCache.dll
17:40:40.0318 11368  FontCache - ok
17:40:40.0388 11368  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:40:40.0408 11368  FontCache3.0.0.0 - ok
17:40:40.0438 11368  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:40:40.0468 11368  FsDepends - ok
17:40:40.0508 11368  [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
17:40:40.0518 11368  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
17:40:40.0518 11368  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
17:40:40.0538 11368  [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
17:40:40.0568 11368  FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
17:40:40.0568 11368  FsUsbExService - detected UnsignedFile.Multi.Generic (1)
17:40:40.0598 11368  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:40:40.0618 11368  Fs_Rec - ok
17:40:40.0658 11368  [ 4732E596BB1C50D9F9188C5074EE7782 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:40:40.0688 11368  fvevol - ok
17:40:40.0718 11368  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:40:40.0738 11368  gagp30kx - ok
17:40:40.0768 11368  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:40:40.0778 11368  GEARAspiWDM - ok
17:40:40.0828 11368  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
17:40:40.0898 11368  gpsvc - ok
17:40:40.0988 11368  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:40:41.0018 11368  gupdate - ok
17:40:41.0028 11368  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:40:41.0038 11368  gupdatem - ok
17:40:41.0058 11368  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:40:41.0128 11368  hcw85cir - ok
17:40:41.0168 11368  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:40:41.0208 11368  HdAudAddService - ok
17:40:41.0238 11368  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:40:41.0278 11368  HDAudBus - ok
17:40:41.0318 11368  [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
17:40:41.0388 11368  HECI - ok
17:40:41.0418 11368  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:40:41.0459 11368  HidBatt - ok
17:40:41.0489 11368  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:40:41.0529 11368  HidBth - ok
17:40:41.0559 11368  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:40:41.0589 11368  HidIr - ok
17:40:41.0629 11368  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
17:40:41.0689 11368  hidserv - ok
17:40:41.0709 11368  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:40:41.0749 11368  HidUsb - ok
17:40:41.0779 11368  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:40:41.0859 11368  hkmsvc - ok
17:40:41.0889 11368  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:40:41.0959 11368  HomeGroupListener - ok
17:40:41.0999 11368  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:40:42.0049 11368  HomeGroupProvider - ok
17:40:42.0089 11368  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
17:40:42.0109 11368  HpSAMD - ok
17:40:42.0149 11368  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:40:42.0219 11368  HTTP - ok
17:40:42.0229 11368  hwdatacard - ok
17:40:42.0249 11368  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:40:42.0269 11368  hwpolicy - ok
17:40:42.0279 11368  hwusbdev - ok
17:40:42.0289 11368  hwusbfake - ok
17:40:42.0309 11368  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:40:42.0349 11368  i8042prt - ok
17:40:42.0369 11368  [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:40:42.0399 11368  iaStorV - ok
17:40:42.0459 11368  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:40:42.0519 11368  idsvc - ok
17:40:42.0549 11368  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:40:42.0559 11368  iirsp - ok
17:40:42.0599 11368  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:40:42.0649 11368  IKEEXT - ok
17:40:42.0719 11368  [ 24EA4E2F76E216CE70353736E3556585 ] IMFservice      C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
17:40:42.0749 11368  IMFservice - ok
17:40:42.0779 11368  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
17:40:42.0789 11368  intelide - ok
17:40:42.0819 11368  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:40:42.0839 11368  intelppm - ok
17:40:42.0859 11368  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:40:42.0919 11368  IPBusEnum - ok
17:40:42.0939 11368  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:40:42.0979 11368  IpFilterDriver - ok
17:40:43.0029 11368  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:40:43.0089 11368  iphlpsvc - ok
17:40:43.0109 11368  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:40:43.0139 11368  IPMIDRV - ok
17:40:43.0169 11368  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:40:43.0229 11368  IPNAT - ok
17:40:43.0339 11368  [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:40:43.0379 11368  iPod Service - ok
17:40:43.0399 11368  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:40:43.0419 11368  IRENUM - ok
17:40:43.0440 11368  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
17:40:43.0450 11368  isapnp - ok
17:40:43.0490 11368  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:40:43.0510 11368  iScsiPrt - ok
17:40:43.0530 11368  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:40:43.0550 11368  kbdclass - ok
17:40:43.0580 11368  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:40:43.0620 11368  kbdhid - ok
17:40:43.0640 11368  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
17:40:43.0660 11368  KeyIso - ok
17:40:43.0700 11368  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:40:43.0740 11368  KSecDD - ok
17:40:43.0770 11368  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:40:43.0790 11368  KSecPkg - ok
17:40:43.0830 11368  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:40:43.0870 11368  KtmRm - ok
17:40:43.0900 11368  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:40:43.0940 11368  LanmanServer - ok
17:40:43.0970 11368  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:40:44.0040 11368  LanmanWorkstation - ok
17:40:44.0130 11368  [ AB097D0F93B30A6D79D430422AC6A7E8 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:40:44.0170 11368  LBTServ - ok
17:40:44.0200 11368  [ ED8F9311CAE12C41A58DAE2EA6D6C849 ] LEqdUsb         C:\Windows\system32\Drivers\LEqdUsb.Sys
17:40:44.0210 11368  LEqdUsb - ok
17:40:44.0240 11368  [ 9943F10C60EAF714C7010B37025A5AC5 ] LHidEqd         C:\Windows\system32\Drivers\LHidEqd.Sys
17:40:44.0250 11368  LHidEqd - ok
17:40:44.0260 11368  [ B68309F25C5787385DA842EB5B496958 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:40:44.0270 11368  LHidFilt - ok
17:40:44.0310 11368  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:40:44.0370 11368  lltdio - ok
17:40:44.0410 11368  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:40:44.0450 11368  lltdsvc - ok
17:40:44.0490 11368  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:40:44.0550 11368  lmhosts - ok
17:40:44.0550 11368  [ 63D3B1D3CD267FCC186A0146B80D453B ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:40:44.0570 11368  LMouFilt - ok
17:40:44.0640 11368  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:40:44.0670 11368  LMS - ok
17:40:44.0700 11368  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:40:44.0710 11368  LSI_FC - ok
17:40:44.0730 11368  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:40:44.0750 11368  LSI_SAS - ok
17:40:44.0770 11368  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:40:44.0780 11368  LSI_SAS2 - ok
17:40:44.0800 11368  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:40:44.0820 11368  LSI_SCSI - ok
17:40:44.0850 11368  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
17:40:44.0900 11368  luafv - ok
17:40:44.0950 11368  [ 0C62957912D4DF1E4BA9795E6BE3ED38 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
17:40:44.0960 11368  LUsbFilt - ok
17:40:44.0990 11368  [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
17:40:45.0010 11368  LVPr2Mon - ok
17:40:45.0060 11368  [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:40:45.0090 11368  LVPrcSrv - ok
17:40:45.0120 11368  [ 87ECCE893D8AEC5A9337B917742D339C ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
17:40:45.0150 11368  LVRS - ok
17:40:45.0180 11368  [ 23F8EF78BB9553E465A476F3CEE5CA18 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
17:40:45.0190 11368  LVUSBSta - ok
17:40:45.0270 11368  [ 2349335A8033FD9834D1C401EAE1C9BF ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
17:40:45.0300 11368  lxeaCATSCustConnectService - ok
17:40:45.0310 11368  lxea_device - ok
17:40:45.0340 11368  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:40:45.0350 11368  megasas - ok
17:40:45.0370 11368  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:40:45.0390 11368  MegaSR - ok
17:40:45.0470 11368  Microsoft SharePoint Workspace Audit Service - ok
17:40:45.0520 11368  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
17:40:45.0570 11368  MMCSS - ok
17:40:45.0600 11368  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
17:40:45.0660 11368  Modem - ok
17:40:45.0690 11368  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:40:45.0720 11368  monitor - ok
17:40:45.0750 11368  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:40:45.0760 11368  mouclass - ok
17:40:45.0800 11368  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:40:45.0840 11368  mouhid - ok
17:40:45.0860 11368  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:40:45.0880 11368  mountmgr - ok
17:40:45.0920 11368  [ E6DB6C61739E18906DC2C4191F6EDEA2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:40:45.0940 11368  MozillaMaintenance - ok
17:40:45.0960 11368  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
17:40:45.0980 11368  mpio - ok
17:40:46.0010 11368  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:40:46.0060 11368  mpsdrv - ok
17:40:46.0120 11368  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:40:46.0170 11368  MpsSvc - ok
17:40:46.0210 11368  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:40:46.0240 11368  MRxDAV - ok
17:40:46.0270 11368  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:40:46.0330 11368  mrxsmb - ok
17:40:46.0370 11368  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:40:46.0390 11368  mrxsmb10 - ok
17:40:46.0440 11368  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:40:46.0500 11368  mrxsmb20 - ok
17:40:46.0530 11368  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
17:40:46.0550 11368  msahci - ok
17:40:46.0580 11368  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
17:40:46.0610 11368  msdsm - ok
17:40:46.0640 11368  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
17:40:46.0680 11368  MSDTC - ok
17:40:46.0730 11368  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:40:46.0770 11368  Msfs - ok
17:40:46.0800 11368  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:40:46.0850 11368  mshidkmdf - ok
17:40:46.0880 11368  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
17:40:46.0890 11368  msisadrv - ok
17:40:46.0920 11368  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:40:47.0000 11368  MSiSCSI - ok
17:40:47.0010 11368  msiserver - ok
17:40:47.0040 11368  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:40:47.0080 11368  MSKSSRV - ok
17:40:47.0100 11368  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:40:47.0150 11368  MSPCLOCK - ok
17:40:47.0160 11368  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:40:47.0190 11368  MSPQM - ok
17:40:47.0220 11368  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:40:47.0240 11368  MsRPC - ok
17:40:47.0260 11368  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:40:47.0280 11368  mssmbios - ok
17:40:47.0300 11368  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:40:47.0340 11368  MSTEE - ok
17:40:47.0360 11368  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:40:47.0390 11368  MTConfig - ok
17:40:47.0410 11368  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:40:47.0430 11368  Mup - ok
17:40:47.0470 11368  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
17:40:47.0530 11368  napagent - ok
17:40:47.0560 11368  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:40:47.0600 11368  NativeWifiP - ok
17:40:47.0650 11368  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:40:47.0690 11368  NDIS - ok
17:40:47.0720 11368  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:40:47.0760 11368  NdisCap - ok
17:40:47.0780 11368  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:40:47.0830 11368  NdisTapi - ok
17:40:47.0850 11368  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:40:47.0890 11368  Ndisuio - ok
17:40:47.0900 11368  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:40:47.0940 11368  NdisWan - ok
17:40:47.0960 11368  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:40:47.0990 11368  NDProxy - ok
17:40:48.0010 11368  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:40:48.0050 11368  NetBIOS - ok
17:40:48.0060 11368  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:40:48.0130 11368  NetBT - ok
17:40:48.0150 11368  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
17:40:48.0170 11368  Netlogon - ok
17:40:48.0200 11368  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
17:40:48.0240 11368  Netman - ok
17:40:48.0250 11368  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
17:40:48.0320 11368  netprofm - ok
17:40:48.0350 11368  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:40:48.0380 11368  NetTcpPortSharing - ok
17:40:48.0420 11368  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:40:48.0440 11368  nfrd960 - ok
17:40:48.0480 11368  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:40:48.0520 11368  NlaSvc - ok
17:40:48.0550 11368  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:40:48.0590 11368  Npfs - ok
17:40:48.0590 11368  npggsvc - ok
17:40:48.0630 11368  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
17:40:48.0670 11368  nsi - ok
17:40:48.0680 11368  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:40:48.0730 11368  nsiproxy - ok
17:40:48.0800 11368  [ A8F59428E9F361C7AC42A94AC1560BC9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:40:48.0850 11368  Ntfs - ok
17:40:48.0860 11368  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
17:40:48.0910 11368  Null - ok
17:40:48.0940 11368  [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:40:48.0960 11368  nvraid - ok
17:40:48.0980 11368  [ 4520B63899E867F354EE012D34E11536 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:40:49.0000 11368  nvstor - ok
17:40:49.0030 11368  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
17:40:49.0040 11368  nv_agp - ok
17:40:49.0060 11368  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
17:40:49.0080 11368  ohci1394 - ok
17:40:49.0130 11368  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:40:49.0150 11368  ose - ok
17:40:49.0320 11368  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:40:49.0530 11368  osppsvc - ok
17:40:49.0570 11368  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:40:49.0610 11368  p2pimsvc - ok
17:40:49.0630 11368  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:40:49.0680 11368  p2psvc - ok
17:40:49.0730 11368  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:40:49.0790 11368  Parport - ok
17:40:49.0830 11368  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:40:49.0850 11368  partmgr - ok
17:40:49.0870 11368  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:40:49.0890 11368  Parvdm - ok
17:40:49.0910 11368  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:40:49.0930 11368  PcaSvc - ok
17:40:49.0970 11368  [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
17:40:50.0010 11368  pccsmcfd - ok
17:40:50.0030 11368  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
17:40:50.0060 11368  pci - ok
17:40:50.0070 11368  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
17:40:50.0090 11368  pciide - ok
17:40:50.0120 11368  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:40:50.0150 11368  pcmcia - ok
17:40:50.0180 11368  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
17:40:50.0190 11368  pcw - ok
17:40:50.0230 11368  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:40:50.0290 11368  PEAUTH - ok
17:40:50.0340 11368  [ B20F958B207E6AAAC5F70D04DD2C30D8 ] pepifilter      C:\Windows\system32\DRIVERS\lv302af.sys
17:40:50.0370 11368  pepifilter - ok
17:40:50.0440 11368  [ 5C597766414D5D4EECF7503E8EDDD636 ] PfFilter        C:\Program Files\IObit\Protected Folder\pffilter.sys
17:40:50.0460 11368  PfFilter - ok
17:40:50.0560 11368  [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V32.SYS
17:40:50.0640 11368  PID_PEPI - ok
17:40:50.0720 11368  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
17:40:50.0810 11368  pla - ok
17:40:50.0850 11368  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:40:50.0920 11368  PlugPlay - ok
17:40:50.0950 11368  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:40:50.0990 11368  PNRPAutoReg - ok
17:40:51.0030 11368  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:40:51.0050 11368  PNRPsvc - ok
17:40:51.0090 11368  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:40:51.0130 11368  PolicyAgent - ok
17:40:51.0190 11368  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
17:40:51.0230 11368  Power - ok
17:40:51.0270 11368  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:40:51.0330 11368  PptpMiniport - ok
17:40:51.0360 11368  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:40:51.0400 11368  Processor - ok
17:40:51.0430 11368  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll
17:40:51.0500 11368  ProfSvc - ok
17:40:51.0530 11368  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:40:51.0540 11368  ProtectedStorage - ok
17:40:51.0560 11368  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:40:51.0620 11368  Psched - ok
17:40:51.0690 11368  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:40:51.0740 11368  ql2300 - ok
17:40:51.0760 11368  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:40:51.0780 11368  ql40xx - ok
17:40:51.0820 11368  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
17:40:51.0860 11368  QWAVE - ok
17:40:51.0890 11368  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:40:51.0930 11368  QWAVEdrv - ok
17:40:51.0950 11368  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:40:52.0020 11368  RasAcd - ok
17:40:52.0060 11368  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:40:52.0120 11368  RasAgileVpn - ok
17:40:52.0140 11368  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
17:40:52.0180 11368  RasAuto - ok
17:40:52.0210 11368  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:40:52.0260 11368  Rasl2tp - ok
17:40:52.0310 11368  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
17:40:52.0350 11368  RasMan - ok
17:40:52.0360 11368  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:40:52.0420 11368  RasPppoe - ok
17:40:52.0460 11368  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:40:52.0500 11368  RasSstp - ok
17:40:52.0520 11368  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:40:52.0560 11368  rdbss - ok
17:40:52.0590 11368  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:40:52.0610 11368  rdpbus - ok
17:40:52.0640 11368  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:40:52.0690 11368  RDPCDD - ok
17:40:52.0720 11368  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:40:52.0750 11368  RDPENCDD - ok
17:40:52.0770 11368  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:40:52.0820 11368  RDPREFMP - ok
17:40:52.0860 11368  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:40:52.0910 11368  RDPWD - ok
17:40:52.0940 11368  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:40:52.0960 11368  rdyboost - ok
17:40:53.0050 11368  [ 96EFEC24346A8EB1157E80523079ADDC ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
17:40:53.0070 11368  RealNetworks Downloader Resolver Service - ok
17:40:53.0120 11368  [ B56C68DB46DF55A657C5C4A4DF16E082 ] RegFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
17:40:53.0150 11368  RegFilter - ok
17:40:53.0190 11368  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:40:53.0250 11368  RemoteAccess - ok
17:40:53.0290 11368  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:40:53.0350 11368  RemoteRegistry - ok
17:40:53.0390 11368  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:40:53.0430 11368  RFCOMM - ok
17:40:53.0460 11368  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:40:53.0500 11368  RpcEptMapper - ok
17:40:53.0530 11368  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
17:40:53.0570 11368  RpcLocator - ok
17:40:53.0620 11368  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
17:40:53.0660 11368  RpcSs - ok
17:40:53.0700 11368  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:40:53.0770 11368  rspndr - ok
17:40:53.0810 11368  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
17:40:53.0830 11368  RTL8167 - ok
17:40:53.0860 11368  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
17:40:53.0880 11368  SamSs - ok
17:40:53.0950 11368  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:40:53.0960 11368  SASDIFSV - ok
17:40:53.0990 11368  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:40:54.0010 11368  SASKUTIL - ok
17:40:54.0040 11368  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
17:40:54.0060 11368  sbp2port - ok
17:40:54.0100 11368  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:40:54.0160 11368  SCardSvr - ok
17:40:54.0190 11368  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:40:54.0230 11368  scfilter - ok
17:40:54.0260 11368  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
17:40:54.0290 11368  Schedule - ok
17:40:54.0350 11368  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:40:54.0380 11368  SCPolicySvc - ok
17:40:54.0400 11368  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:40:54.0460 11368  SDRSVC - ok
17:40:54.0510 11368  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:40:54.0580 11368  secdrv - ok
17:40:54.0620 11368  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
17:40:54.0680 11368  seclogon - ok
17:40:54.0710 11368  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
17:40:54.0770 11368  SENS - ok
17:40:54.0790 11368  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:40:54.0810 11368  Serenum - ok
17:40:54.0850 11368  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:40:54.0890 11368  Serial - ok
17:40:54.0930 11368  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:40:54.0970 11368  sermouse - ok
17:40:55.0050 11368  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
17:40:55.0110 11368  SessionEnv - ok
17:40:55.0150 11368  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:40:55.0230 11368  sffdisk - ok
17:40:55.0250 11368  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:40:55.0290 11368  sffp_mmc - ok
17:40:55.0320 11368  [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:40:55.0360 11368  sffp_sd - ok
17:40:55.0400 11368  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:40:55.0440 11368  sfloppy - ok
17:40:55.0520 11368  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:40:55.0570 11368  SharedAccess - ok
17:40:55.0630 11368  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:40:55.0700 11368  ShellHWDetection - ok
17:40:55.0740 11368  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
17:40:55.0760 11368  sisagp - ok
17:40:55.0780 11368  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:40:55.0790 11368  SiSRaid2 - ok
17:40:55.0820 11368  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:40:55.0840 11368  SiSRaid4 - ok
17:40:55.0890 11368  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:40:55.0920 11368  SkypeUpdate - ok
17:40:55.0980 11368  [ BF302072DC8374CF4E118FD88AA817A2 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:40:56.0000 11368  SmartDefragDriver - ok
17:40:56.0020 11368  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:40:56.0080 11368  Smb - ok
17:40:56.0140 11368  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:40:56.0180 11368  SNMPTRAP - ok
17:40:56.0200 11368  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:40:56.0220 11368  spldr - ok
17:40:56.0260 11368  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe
17:40:56.0330 11368  Spooler - ok
17:40:56.0440 11368  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
17:40:56.0520 11368  sppsvc - ok
17:40:56.0530 11368  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:40:56.0570 11368  sppuinotify - ok
17:40:56.0620 11368  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:40:56.0670 11368  srv - ok
17:40:56.0700 11368  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:40:56.0780 11368  srv2 - ok
17:40:56.0810 11368  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:40:56.0860 11368  srvnet - ok
17:40:56.0910 11368  [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
17:40:56.0940 11368  sscdbus - ok
17:40:56.0970 11368  [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:40:56.0990 11368  sscdmdfl - ok
17:40:57.0010 11368  [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
17:40:57.0030 11368  sscdmdm - ok
17:40:57.0050 11368  [ 6C239402A3303C66016F5F915E0E8698 ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
17:40:57.0070 11368  sscdserd - ok
17:40:57.0120 11368  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:40:57.0160 11368  SSDPSRV - ok
17:40:57.0200 11368  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:40:57.0260 11368  SstpSvc - ok
17:40:57.0290 11368  [ 8F299012EF58246F1C98DE7B7E48DBF0 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:40:57.0310 11368  ssudmdm - ok
17:40:57.0360 11368  [ 741B3BED19AADAF2625C937955EA659B ] ssudobex        C:\Windows\system32\DRIVERS\ssudobex.sys
17:40:57.0390 11368  ssudobex - ok
17:40:57.0430 11368  [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
17:40:57.0440 11368  ss_bbus - ok
17:40:57.0481 11368  [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
17:40:57.0501 11368  ss_bmdfl - ok
17:40:57.0521 11368  [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
17:40:57.0541 11368  ss_bmdm - ok
17:40:57.0581 11368  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:40:57.0601 11368  stexstor - ok
17:40:57.0651 11368  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:40:57.0691 11368  StiSvc - ok
17:40:57.0721 11368  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:40:57.0741 11368  swenum - ok
17:40:57.0791 11368  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
17:40:57.0851 11368  swprv - ok
17:40:57.0931 11368  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
17:40:57.0991 11368  SysMain - ok
17:40:58.0021 11368  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:40:58.0051 11368  TabletInputService - ok
17:40:58.0071 11368  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:40:58.0111 11368  TapiSrv - ok
17:40:58.0161 11368  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
17:40:58.0221 11368  TBS - ok
17:40:58.0281 11368  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:40:58.0331 11368  Tcpip - ok
17:40:58.0361 11368  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:40:58.0391 11368  TCPIP6 - ok
17:40:58.0451 11368  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:40:58.0511 11368  tcpipreg - ok
17:40:58.0541 11368  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:40:58.0591 11368  TDPIPE - ok
17:40:58.0631 11368  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:40:58.0671 11368  TDTCP - ok
17:40:58.0701 11368  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:40:58.0781 11368  tdx - ok
17:40:58.0801 11368  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:40:58.0821 11368  TermDD - ok
17:40:58.0871 11368  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
17:40:58.0941 11368  TermService - ok
17:40:58.0981 11368  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
17:40:59.0031 11368  Themes - ok
17:40:59.0061 11368  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:40:59.0101 11368  THREADORDER - ok
17:40:59.0121 11368  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
17:40:59.0181 11368  TrkWks - ok
17:40:59.0251 11368  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:40:59.0301 11368  TrustedInstaller - ok
17:40:59.0331 11368  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:40:59.0401 11368  tssecsrv - ok
17:40:59.0441 11368  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:40:59.0481 11368  tunnel - ok
17:40:59.0521 11368  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:40:59.0541 11368  uagp35 - ok
17:40:59.0571 11368  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:40:59.0611 11368  udfs - ok
17:40:59.0681 11368  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:40:59.0701 11368  UI0Detect - ok
17:40:59.0721 11368  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
17:40:59.0741 11368  uliagpkx - ok
17:40:59.0761 11368  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:40:59.0781 11368  umbus - ok
17:40:59.0801 11368  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:40:59.0831 11368  UmPass - ok
17:40:59.0991 11368  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:41:00.0061 11368  UNS - ok
17:41:00.0101 11368  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
17:41:00.0141 11368  upnphost - ok
17:41:00.0191 11368  [ 795BE722AACDDAE782F495C7FDAE6BA0 ] UrlFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
17:41:00.0211 11368  UrlFilter - ok
17:41:00.0241 11368  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
17:41:00.0281 11368  USBAAPL - ok
17:41:00.0321 11368  [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:41:00.0361 11368  usbaudio - ok
17:41:00.0391 11368  [ C31AE588E403042632DC796CF09E30B0 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:41:00.0461 11368  usbccgp - ok
17:41:00.0491 11368  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
17:41:00.0531 11368  usbcir - ok
17:41:00.0571 11368  [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:41:00.0611 11368  usbehci - ok
17:41:00.0651 11368  [ BDCD7156EC37448F08633FD899823620 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:41:00.0671 11368  usbhub - ok
17:41:00.0691 11368  [ EB2D819A639015253C871CDA09D91D58 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:41:00.0711 11368  usbohci - ok
17:41:00.0751 11368  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:41:00.0791 11368  usbprint - ok
17:41:00.0831 11368  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:41:00.0851 11368  usbscan - ok
17:41:00.0881 11368  [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:41:00.0901 11368  USBSTOR - ok
17:41:00.0931 11368  [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:41:00.0951 11368  usbuhci - ok
17:41:00.0971 11368  [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:41:01.0041 11368  usbvideo - ok
17:41:01.0131 11368  [ 9E20BD6A75E0BD4A62A85D1D37EDE5DD ] USTSScheduler   C:\Program Files\USTechSupport\SchedulerService\SchedulerService.exe
17:41:01.0171 11368  USTSScheduler - ok
17:41:01.0211 11368  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
17:41:01.0251 11368  UxSms - ok
17:41:01.0271 11368  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
17:41:01.0281 11368  VaultSvc - ok
17:41:01.0311 11368  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
17:41:01.0321 11368  vdrvroot - ok
17:41:01.0371 11368  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
17:41:01.0411 11368  vds - ok
17:41:01.0451 11368  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:41:01.0471 11368  vga - ok
17:41:01.0501 11368  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:41:01.0531 11368  VgaSave - ok
17:41:01.0571 11368  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
17:41:01.0591 11368  vhdmp - ok
17:41:01.0621 11368  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
17:41:01.0641 11368  viaagp - ok
17:41:01.0661 11368  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:41:01.0691 11368  ViaC7 - ok
17:41:01.0721 11368  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
17:41:01.0741 11368  viaide - ok
17:41:01.0761 11368  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
17:41:01.0771 11368  volmgr - ok
17:41:01.0801 11368  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:41:01.0821 11368  volmgrx - ok
17:41:01.0871 11368  [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:41:01.0891 11368  volsnap - ok
17:41:01.0911 11368  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:41:01.0931 11368  vsmraid - ok
17:41:01.0991 11368  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
17:41:02.0051 11368  VSS - ok
17:41:02.0091 11368  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:41:02.0141 11368  vwifibus - ok
17:41:02.0181 11368  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:41:02.0211 11368  vwififlt - ok
17:41:02.0241 11368  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:41:02.0261 11368  vwifimp - ok
17:41:02.0311 11368  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
17:41:02.0371 11368  W32Time - ok
17:41:02.0411 11368  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:41:02.0421 11368  WacomPen - ok
17:41:02.0471 11368  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:41:02.0511 11368  WANARP - ok
17:41:02.0521 11368  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:41:02.0561 11368  Wanarpv6 - ok
17:41:02.0621 11368  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
17:41:02.0671 11368  wbengine - ok
17:41:02.0711 11368  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:41:02.0741 11368  WbioSrvc - ok
17:41:02.0811 11368  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:41:02.0881 11368  wcncsvc - ok
17:41:02.0931 11368  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:41:02.0961 11368  WcsPlugInService - ok
17:41:03.0001 11368  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:41:03.0021 11368  Wd - ok
17:41:03.0071 11368  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:41:03.0101 11368  Wdf01000 - ok
17:41:03.0121 11368  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:41:03.0151 11368  WdiServiceHost - ok
17:41:03.0161 11368  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:41:03.0191 11368  WdiSystemHost - ok
17:41:03.0231 11368  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll
17:41:03.0261 11368  WebClient - ok
17:41:03.0291 11368  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:41:03.0331 11368  Wecsvc - ok
17:41:03.0351 11368  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:41:03.0391 11368  wercplsupport - ok
17:41:03.0431 11368  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:41:03.0461 11368  WerSvc - ok
17:41:03.0501 11368  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:41:03.0531 11368  WfpLwf - ok
17:41:03.0561 11368  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:41:03.0571 11368  WIMMount - ok
17:41:03.0651 11368  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:41:03.0701 11368  WinDefend - ok
17:41:03.0721 11368  WinHttpAutoProxySvc - ok
17:41:03.0791 11368  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:41:03.0831 11368  Winmgmt - ok
17:41:03.0891 11368  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:41:03.0971 11368  WinRM - ok
17:41:04.0021 11368  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:41:04.0041 11368  WinUsb - ok
17:41:04.0081 11368  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:41:04.0141 11368  Wlansvc - ok
17:41:04.0181 11368  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:41:04.0221 11368  WmiAcpi - ok
17:41:04.0261 11368  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:41:04.0281 11368  wmiApSrv - ok
17:41:04.0381 11368  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:41:04.0461 11368  WMPNetworkSvc - ok
17:41:04.0511 11368  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:41:04.0541 11368  WPCSvc - ok
17:41:04.0581 11368  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:41:04.0601 11368  WPDBusEnum - ok
17:41:04.0631 11368  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:41:04.0691 11368  ws2ifsl - ok
17:41:04.0721 11368  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\System32\wscsvc.dll
17:41:04.0771 11368  wscsvc - ok
17:41:04.0811 11368  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:41:04.0831 11368  WSDPrintDevice - ok
17:41:04.0841 11368  WSearch - ok
17:41:04.0951 11368  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:41:05.0031 11368  wuauserv - ok
17:41:05.0071 11368  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:41:05.0121 11368  WudfPf - ok
17:41:05.0151 11368  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:41:05.0201 11368  WUDFRd - ok
17:41:05.0231 11368  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:41:05.0271 11368  wudfsvc - ok
17:41:05.0311 11368  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:41:05.0341 11368  WwanSvc - ok
17:41:05.0451 11368  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:41:05.0492 11368  YahooAUService - ok
17:41:05.0522 11368  ================ Scan global ===============================
17:41:05.0572 11368  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
17:41:05.0612 11368  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
17:41:05.0632 11368  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
17:41:05.0662 11368  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:41:05.0702 11368  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:41:05.0712 11368  [Global] - ok
17:41:05.0712 11368  ================ Scan MBR ==================================
17:41:05.0722 11368  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:41:06.0102 11368  \Device\Harddisk0\DR0 - ok
17:41:06.0102 11368  ================ Scan VBR ==================================
17:41:06.0142 11368  [ 5067CA926F2F6A547C0333AE07C2B418 ] \Device\Harddisk0\DR0\Partition1
17:41:06.0142 11368  \Device\Harddisk0\DR0\Partition1 - ok
17:41:06.0152 11368  [ DDFACEAB1F7E7E1F70508DCB88A7CF43 ] \Device\Harddisk0\DR0\Partition2
17:41:06.0162 11368  \Device\Harddisk0\DR0\Partition2 - ok
17:41:06.0182 11368  [ 7BE995BFA9A228EA7B28F14CBFC477F4 ] \Device\Harddisk0\DR0\Partition3
17:41:06.0182 11368  \Device\Harddisk0\DR0\Partition3 - ok
17:41:06.0182 11368  ============================================================
17:41:06.0182 11368  Scan finished
17:41:06.0182 11368  ============================================================
17:41:06.0192 11360  Detected object count: 4
17:41:06.0192 11360  Actual detected object count: 4
17:41:36.0445 11360  !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:36.0445 11360  !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:36.0445 11360  ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:36.0445 11360  ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:36.0445 11360  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:36.0445 11360  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:36.0455 11360  FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:36.0455 11360  FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
 



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 11 September 2013 - 02:18 PM

Good evening. :)

Can you tell me exactly what your anti-virus detects - file names rather than infection names would be helpful.


So long, and thanks for all the fish.

 

 


#5 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 11 September 2013 - 05:57 PM

4 warnings for AV come up everytime. Here a screenshot of them;

 

WarningSS.png

 

 

They're all located in the same folder.


Edited by punkin.potpie, 11 September 2013 - 05:59 PM.


#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 12 September 2013 - 02:21 PM

Good evening. :)

Can you just post the full file names and paths - the screen shot doesn't show them all.


So long, and thanks for all the fish.

 

 


#7 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 12 September 2013 - 06:01 PM

I'm sorry about that, here they are;

 

File Name: C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\U\80000000.@

Malware Name: Win64:Sirefef-A [Trj]

Malware Type: Trojan Horse

 

 

File Name: C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\U\80000032.@

Malware Name: Win32:Sirefef-BTT [Trj]

Malware Type: Trojan Horse

 

 

File Name: C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\U\00000004.@

Malware Name: Win32:Malware-gen

Malware Type: Virus/Worm

 

 

File Name: C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\U\000000cb.@

Malware Name: Win32:Malware-gen

Malware Type: Virus/Worm



#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 13 September 2013 - 02:22 PM

Good evening. :)

Are the interesting characters "❤≸⋙\Ⱒ☠⍨" part of the file path or id the forum just not liking the character set you are using?


So long, and thanks for all the fish.

 

 


#9 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 13 September 2013 - 03:06 PM

It's part of the file path. The last folder is the same name as the first folder in the screen shot.

 

Grrr.png


Edited by punkin.potpie, 13 September 2013 - 04:05 PM.


#10 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 13 September 2013 - 04:00 PM

Good evening. :)

Please download MalwareBytes Anti-Rootkit Scanner from this page and save it to your Desktop - when you run the executable it will create a folder on your Desktop called mbar.

 

If you are prompted about Registry value "AppInit_Dlls", please click No to continue.

Allow the tool to check for updates when prompted, and then click Next when this step has completed.
Click Scan to begin the scan - surprised, huh!
Once the scan has completed, which make take some time, DO NOT click the Cleanup button - simply close the application.

Please post the contents of the log mbar-log-date/time.txt that you should find in the mbar folder.


Edited by Noviciate, 13 September 2013 - 04:02 PM.

So long, and thanks for all the fish.

 

 


#11 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 13 September 2013 - 05:31 PM

Here is the log. Thank you again for replying, I really do appreciate it :grinner:

 

 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org

Database version: v2013.09.13.11

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Toni :: TONI-PC [administrator]

9/13/2013 4:37:59 PM
mbar-log-2013-09-13 (16-37-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 219409
Time elapsed: 17 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE (Rootkit.0Access.ED) -> No action taken.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google Update^‮❤ (Rootkit.0Access.ED) -> Data:  -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 7
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙ (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨ (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛ (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d} (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\L (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\U (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d} (Trojan.0Access) -> No action taken.

Files Detected: 5
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\GoogleUpdate.exe (Rootkit.0Access.ED) -> No action taken.
C:\Users\Toni\AppData\Local\Temp\hmwasftxtpeeeaqsitv.bfg (Rootkit.0Access.ED) -> No action taken.
C:\Users\Toni\AppData\Local\Temp\msimg32.dll (Rootkit.0Access.ED) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\@ (Trojan.0Access) -> No action taken.
C:\Users\Toni\AppData\Local\Google\Desktop\Install\{15c8f017-965f-fe61-2939-07c56465244d}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{15c8f017-965f-fe61-2939-07c56465244d}\U\00000008.@ (Trojan.0Access) -> No action taken.

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 



#12 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 14 September 2013 - 02:10 PM

Good evening. :)

Will you run the app. again and this time let it delete what it finds - make sure you close all open programs as it will probably prompt you to reboot. Once rebooted, will you run it again and ensure that nothing is now detected and, assuming that all is well with MBAR, will you post the log was created when the tool removed the nasties.


So long, and thanks for all the fish.

 

 


#13 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 15 September 2013 - 08:15 AM

Here is the log after the clean up is done. Does this mean I am in the clear?

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org

Database version: v2013.09.14.11

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Toni :: TONI-PC [administrator]

9/14/2013 8:28:50 PM
mbar-log-2013-09-14 (20-28-50).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 219565
Time elapsed: 15 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 



#14 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:19 PM

Posted 15 September 2013 - 01:05 PM

Good evening. :)

Take the PC for a run out, doing what you normally do with it for a day or two and then work through the following:

 

Pay a visit to the ESET Online Scanner.
 

  • Click the Run ESET Online Scanner button.
  • If you are using any other browser than IE, you will be prompted to download and run esetsmartinstaller_enu.exe and the scan will run from within the window that the executable opens.
  • Regardless of which browser you are using, you will be shown some terms and conditions and you will need to accept these to continue.
  • If you are running IE for this scan you will then be prompted to allow an ActiveX component to be downloaded, unless you already have it installed, and the scan will run inside IE.
  • When you see the Computer Scan Settings window, you will need to make the following changes:
    • UNCHECK Remove found threats - this is important.
    • Check Scan archives
    • Click on Advanced settings
    • Check Scan for potentially unsafe applications
  • Once ready, click Start to begin - not a surprise really!
  • The anti-virus definitions will now be downloaded, so don't forget to allow them through your firewall if prompted.
  • The above will take a little time, so now is a good time to fire up the kettle and open the biccies.
  • Once the scan has completed you will be shown the results - assuming that the scanner has found anything.
  • Click List of found threats and then Export to text file... and save the log somewhere convenient.
  • You can then close out the scanner - don't bother uninstalling it as you may need to use it again.
  • Please post the contents of this file in your next reply, or let me know that nothing was identified.

 

 

Also, download OTL by OldTimer from here and save it to your Desktop.
 

  • Double click the tool to run it.
  • Click the Quick Scan button and allow it to do it's thing.
  • Once complete, it should open two Notepad Windows - OTL.Txt and Extras.Txt
  • It should also save copies in the same location as OTL.
  • I want you to copy and paste the contents of OTL.txt that should appear into one reply and Extras.Txt into another.
  • The length of the two logs sometimes results in the end being chopped off if you post both in one reply.

 

 

Will you let me know how the PC is behaving as well. Assuming that the PC is playing nicely and the scan, and your resident security programs, shows nothing, i'd say that you were probably good to go, but i'll scan the logs for any leftover junk that can be removed


So long, and thanks for all the fish.

 

 


#15 punkin.potpie

punkin.potpie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:19 AM

Posted 17 September 2013 - 10:06 AM

I'm sorry it took a while for me to reply. Got busy preparing for school. Here is the OTL Text file;
 
OTL logfile created on: 9/17/2013 9:22:18 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Toni\Downloads
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00003409 | Country: Philippines | Language: ENP | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 0.49 Gb Available Physical Memory | 24.33% Memory free
4.00 Gb Paging File | 1.48 Gb Available in Paging File | 37.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.26 Gb Total Space | 53.14 Gb Free Space | 44.56% Space Free | Partition Type: NTFS
Drive D: | 178.73 Gb Total Space | 159.77 Gb Free Space | 89.39% Space Free | Partition Type: NTFS
 
Computer Name: TONI-PC | User Name: Toni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/09/17 09:21:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Downloads\OTL.exe
PRC - [2013/09/11 06:03:17 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
PRC - [2013/09/07 07:21:59 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2013/09/02 13:03:12 | 001,360,192 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/09/02 13:00:36 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2013/08/15 07:01:32 | 005,703,920 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2013/08/14 15:19:58 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/07/31 09:54:56 | 002,554,880 | ---- | M] (Wondershare) -- C:\Program Files\Wondershare\Player\WSPlayer.exe
PRC - [2013/07/30 17:47:36 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/25 17:47:00 | 001,985,824 | ---- | M] (Wondershare) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2013/06/30 10:31:02 | 001,888,576 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2013/06/07 16:11:56 | 001,514,816 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/02 16:01:32 | 002,217,248 | ---- | M] () -- C:\Program Files\Wondershare\Player\WsTaskLoad.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/02/07 12:35:46 | 000,546,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2013/02/07 12:35:40 | 000,579,904 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
PRC - [2013/01/03 21:59:29 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/07/12 07:53:42 | 000,736,648 | ---- | M] (US Tech Support LLC) -- C:\Program Files\USTechSupport\SchedulerService\SchedulerService.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/07/25 00:14:36 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/07/25 00:14:28 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/23 07:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2011/01/23 07:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/04/14 02:45:21 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeacoms.exe
PRC - [2010/04/14 02:45:14 | 000,193,192 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxeaserv.exe
PRC - [2009/11/24 18:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/10/14 00:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 00:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/06 12:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/09/30 07:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 07:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/08/17 13:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/17 13:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/06/02 20:34:50 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/09/13 14:44:32 | 000,115,137 | ---- | M] () -- C:\Users\Toni\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
MOD - [2013/09/11 06:03:16 | 016,177,544 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013/07/30 17:47:53 | 003,534,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/07/29 16:32:00 | 000,512,512 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_Text.dll
MOD - [2013/07/29 16:32:00 | 000,272,896 | ---- | M] () -- C:\Program Files\Wondershare\Player\DVDPlayer.dll
MOD - [2013/07/29 16:32:00 | 000,203,776 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_Log.dll
MOD - [2013/07/29 16:32:00 | 000,115,200 | ---- | M] () -- C:\Program Files\Wondershare\Player\DVD_DEC.dll
MOD - [2013/07/29 16:32:00 | 000,096,768 | ---- | M] () -- C:\Program Files\Wondershare\Player\MPDecSrc.dll
MOD - [2013/07/29 16:32:00 | 000,096,256 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_AudioCompositor.dll
MOD - [2013/07/29 16:32:00 | 000,065,024 | ---- | M] () -- C:\Program Files\Wondershare\Player\MediaInfo.dll
MOD - [2013/07/29 16:31:58 | 000,257,024 | ---- | M] () -- C:\Program Files\Wondershare\Player\MediaDecoderMgr.dll
MOD - [2013/07/29 16:31:58 | 000,098,816 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_SubPicCompositor.dll
MOD - [2013/07/29 16:31:58 | 000,077,824 | ---- | M] () -- C:\Program Files\Wondershare\Player\WsSimplePlayer.dll
MOD - [2013/07/29 16:31:58 | 000,060,416 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_Utility.dll
MOD - [2013/07/29 16:31:58 | 000,060,416 | ---- | M] () -- C:\Program Files\Wondershare\Player\COMSupport.dll
MOD - [2013/07/29 16:31:56 | 006,755,840 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_ImageProc.dll
MOD - [2013/07/29 16:31:56 | 002,229,248 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_MediaInfoLib.dll
MOD - [2013/07/29 16:31:56 | 001,837,056 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_Image.dll
MOD - [2013/07/29 16:31:56 | 000,281,600 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_DataProcess.dll
MOD - [2013/07/29 16:31:56 | 000,276,480 | ---- | M] () -- C:\Program Files\Wondershare\Player\DVDReader.dll
MOD - [2013/07/29 16:31:56 | 000,194,048 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_ImageDataprocess.dll
MOD - [2013/07/29 16:31:56 | 000,155,648 | ---- | M] () -- C:\Program Files\Wondershare\Player\PlayControl.dll
MOD - [2013/07/29 16:31:56 | 000,125,952 | ---- | M] () -- C:\Program Files\Wondershare\Player\ImageDec.dll
MOD - [2013/07/29 16:31:56 | 000,125,952 | ---- | M] () -- C:\Program Files\Wondershare\Player\ComLoad.dll
MOD - [2013/07/29 16:31:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Wondershare\Player\VideoAdjust.dll
MOD - [2013/07/29 16:31:56 | 000,079,360 | ---- | M] () -- C:\Program Files\Wondershare\Player\StreamPlayer.dll
MOD - [2013/07/29 16:31:56 | 000,050,688 | ---- | M] () -- C:\Program Files\Wondershare\Player\DecoderMgr.dll
MOD - [2013/07/26 14:22:30 | 000,192,512 | ---- | M] () -- C:\Program Files\Wondershare\Player\D3DVideoRender.dll
MOD - [2013/07/24 09:24:52 | 000,137,728 | ---- | M] () -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
MOD - [2013/07/04 08:35:48 | 009,849,856 | ---- | M] () -- C:\Program Files\Wondershare\Player\WSPlayerPro.dll
MOD - [2013/07/02 15:09:08 | 004,788,736 | ---- | M] () -- C:\Program Files\Wondershare\Player\libMPKernal.dll
MOD - [2013/07/02 15:08:54 | 012,305,901 | ---- | M] () -- C:\Program Files\Wondershare\Player\kernaldec.dll
MOD - [2013/06/08 18:14:16 | 000,048,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2013/05/02 16:01:32 | 002,217,248 | ---- | M] () -- C:\Program Files\Wondershare\Player\WsTaskLoad.exe
MOD - [2013/04/26 11:14:24 | 000,187,904 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_MutFileInfo.dll
MOD - [2013/04/23 13:26:42 | 000,216,064 | ---- | M] () -- C:\Program Files\Wondershare\Player\WS_VideoSrc.dll
MOD - [2013/04/23 13:26:00 | 000,158,720 | ---- | M] () -- C:\Program Files\Wondershare\Player\WSPermissionAccess.dll
MOD - [2013/02/14 06:35:10 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\806c4ba7d696ab586ffd774a31f1a66b\System.Windows.Forms.ni.dll
MOD - [2013/02/07 12:35:40 | 000,579,904 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
MOD - [2013/01/09 09:28:50 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\2024a7339aa5ad2712d239d454d3c355\System.Management.ni.dll
MOD - [2013/01/09 09:27:14 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\905d0fe3e43b186b139b93d8ed082208\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 09:27:05 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll
MOD - [2013/01/09 08:59:40 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f28a346ae10e2eec581608f591cf7116\PresentationFramework.ni.dll
MOD - [2013/01/09 08:59:25 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8983c040161b34c64474f195bff5e2de\PresentationCore.ni.dll
MOD - [2013/01/09 08:59:15 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/01/09 08:59:12 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/01/09 08:59:11 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7d6b122bee0977d953ee2409d74c3c25\PresentationFramework.Aero.ni.dll
MOD - [2013/01/09 08:59:09 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5dbabea688adfc665e3453561736699a\WindowsBase.ni.dll
MOD - [2013/01/09 08:59:06 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll
MOD - [2013/01/09 08:59:04 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/01/09 08:58:58 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2011/07/25 00:14:36 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/06/24 09:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 09:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/01/23 07:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
MOD - [2011/01/23 07:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/04/04 16:56:20 | 000,094,359 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2010/04/04 16:56:19 | 000,045,221 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll
MOD - [2010/04/04 16:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/04 16:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010/04/04 16:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll
MOD - [2010/04/04 16:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010/04/04 16:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\eputil.dll
MOD - [2010/04/04 16:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010/03/31 23:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/03/31 23:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2010/03/14 22:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/10/14 00:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 00:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2009/05/26 18:16:50 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll
MOD - [2009/04/07 01:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/09 11:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/01 20:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/20 03:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\System32\LXEAsmr.dll
MOD - [2009/02/20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXEAsm.dll
MOD - [2008/05/21 21:28:17 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll
MOD - [2008/05/21 21:27:17 | 000,372,736 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013/09/13 08:36:06 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/02 13:00:36 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/07/30 17:47:46 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/12 07:53:42 | 000,736,648 | ---- | M] (US Tech Support LLC) [Auto | Running] -- C:\Program Files\USTechSupport\SchedulerService\SchedulerService.exe -- (USTSScheduler)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/10/06 10:49:26 | 003,866,056 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/05/06 04:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/04/14 02:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010/04/14 02:45:14 | 000,193,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/10/06 12:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/30 07:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 07:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/08/17 13:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/02 20:34:50 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Toni\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2013/05/22 18:49:34 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2013/03/26 19:34:32 | 000,020,944 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:34:30 | 000,031,752 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:49:18 | 000,021,480 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/11/24 09:23:16 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2011/11/24 09:23:16 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/11/24 09:23:12 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/20 02:45:58 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2011/07/20 02:45:58 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2011/07/20 02:45:58 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/16 05:59:38 | 000,032,672 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2010/11/11 01:11:46 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/11 01:11:46 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/11/11 01:11:46 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/11/11 01:11:46 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/03/18 04:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010/03/18 04:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 04:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 04:01:44 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2010/03/18 04:01:36 | 000,040,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2009/11/24 18:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 18:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/10/06 12:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/16 23:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/09/16 08:37:36 | 000,224,816 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/09/15 05:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/09/15 05:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/15 05:55:09 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/08/17 14:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/05/17 21:42:12 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/04/30 18:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 17:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2009/04/30 17:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/07/26 02:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/09/17 02:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3277370&octid=CT3277370&SearchSource=61&CUI=UN29435907571628224&UM=2&UP=SPCCEF001D-1642-469A-9FD0-E9B5CAA6F506
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\7.6\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0651E280-1F8D-4310-B3BD-F9027E898541}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0651E280-1F8D-4310-B3BD-F9027E898541}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3277370&CUI=UN29435907571628224&UM=2
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=LMW2&o=16062&src=crm&q={searchTerms}&locale=en_US
IE - HKCU\..\SearchScopes\{556CD886-78CC-4AD0-ABD2-D8DA8EE29E5C}: "URL" = http://www.google.com.ph/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7SKPB_enPH391
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{CF169FBA-E6DE-4D87-A897-F3EE26E6F5C4}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7Bbadea1ae-72ed-4f6a-8c37-4db9a4ac7bc9%7D:1.0
FF - prefs.js..extensions.enabledAddons: iobitapps%40mybrowserbar.com:7.6
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.search.defaultengine: "Ask.com"
FF - user.js..browser.search.defaultenginename: "Ask.com"
FF - user.js..browser.search.order.1: "Ask.com"
FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.search.useDBForOrder: true
FF - user.js..browser.startup.homepage: "http://www.google.com/ig"
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js..browser.search.defaultenginename: "Yahoo"
FF - user.js..browser.search.selectedEngine: "Yahoo"
FF - user.js..keyword.URL: "http://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - user.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/07 07:23:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2013/08/22 11:39:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/07 07:23:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/11 09:03:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/11 09:03:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2010/08/15 14:48:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\Mozilla\Extensions
[2010/08/15 14:48:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2013/09/06 19:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\9zo8qbpz.default\extensions
[2013/08/30 21:46:16 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\9zo8qbpz.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
[2013/07/11 08:55:10 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\9zo8qbpz.default\extensions\ascsurfingprotection@iobit.com
[2013/04/12 11:27:46 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\9zo8qbpz.default\extensions\plugin@yontoo.com
[2010/10/29 20:02:05 | 000,002,427 | ---- | M] () -- C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\9zo8qbpz.default\searchplugins\askcom.xml
[2013/09/06 19:55:52 | 000,000,904 | ---- | M] () -- C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\9zo8qbpz.default\searchplugins\yahoo.xml
[2013/08/09 11:23:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/09 11:23:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/06 19:55:54 | 000,000,000 | ---D | M] (IObit Apps Toolbar) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF
[2013/09/07 07:23:48 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
 
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (Wondershare Video Converter Ultimate) - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\7.6\ytdToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\7.6\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrowserPlugInHelper] C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe ()
O4 - HKLM..\Run: [EzPrint] c:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] c:\program files\logitech\logitech webcam software\lws.exe ()
O4 - HKLM..\Run: [lxeamon.exe] c:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [KiesHelper] c:\program files\samsung\kies\kieshelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] c:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} https://lowes.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab (20-20 3D Viewer for WEB)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86C9A513-331D-4F32-9761-68EFCCE9DC6A}: DhcpNameServer = 192.168.0.1 205.171.2.25 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4A8D165-1FC1-4954-864A-0B97A4AF62E4}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/06/16 12:57:50 | 000,000,000 | -H-D | M] - C:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2011/06/05 23:15:13 | 000,000,000 | -H-D | M] - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0b65a02d-209b-11e0-be9e-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{0b65a02d-209b-11e0-be9e-904ce5d816d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0b65a038-209b-11e0-be9e-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{0b65a038-209b-11e0-be9e-904ce5d816d6}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{2f9850bb-a830-11df-9d9a-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{2f9850bb-a830-11df-9d9a-904ce5d816d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3efe7eb5-a80c-11df-88bb-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{3efe7eb5-a80c-11df-88bb-904ce5d816d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5a9db9ec-e432-11df-95a1-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{5a9db9ec-e432-11df-95a1-904ce5d816d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5baa0302-a78d-11df-9121-70f1a111b5b0}\Shell - "" = AutoRun
O33 - MountPoints2\{5baa0302-a78d-11df-9121-70f1a111b5b0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5baa0310-a78d-11df-9121-70f1a111b5b0}\Shell - "" = AutoRun
O33 - MountPoints2\{5baa0310-a78d-11df-9121-70f1a111b5b0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{70fb6a90-a910-11df-94c9-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{70fb6a90-a910-11df-94c9-904ce5d816d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b2f9a0de-e862-11e1-86c5-b8ac6f5359ef}\Shell - "" = AutoRun
O33 - MountPoints2\{b2f9a0de-e862-11e1-86c5-b8ac6f5359ef}\Shell\AutoRun\command - "" = F:\TLBootstrap_WPP.exe
O33 - MountPoints2\{b3e80717-1faa-11e0-9e1f-b8ac6f5359ef}\Shell - "" = AutoRun
O33 - MountPoints2\{b3e80717-1faa-11e0-9e1f-b8ac6f5359ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b3e80723-1faa-11e0-9e1f-b8ac6f5359ef}\Shell - "" = AutoRun
O33 - MountPoints2\{b3e80723-1faa-11e0-9e1f-b8ac6f5359ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b3e80743-1faa-11e0-9e1f-b8ac6f5359ef}\Shell - "" = AutoRun
O33 - MountPoints2\{b3e80743-1faa-11e0-9e1f-b8ac6f5359ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b3e8074f-1faa-11e0-9e1f-b8ac6f5359ef}\Shell - "" = AutoRun
O33 - MountPoints2\{b3e8074f-1faa-11e0-9e1f-b8ac6f5359ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b3e80759-1faa-11e0-9e1f-b8ac6f5359ef}\Shell - "" = AutoRun
O33 - MountPoints2\{b3e80759-1faa-11e0-9e1f-b8ac6f5359ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{eb0209b4-20cb-11e0-9d72-904ce5d816d6}\Shell - "" = AutoRun
O33 - MountPoints2\{eb0209b4-20cb-11e0-9d72-904ce5d816d6}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/09/17 09:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/09/16 20:54:58 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\Songs
[2013/09/13 16:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/09/13 16:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/09/13 16:36:08 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\mbar
[2013/09/13 16:34:23 | 012,907,592 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Toni\Desktop\mbar-1.07.0.1005.exe
[2013/09/10 17:39:26 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Toni\Desktop\TDSSKiller.exe
[2013/09/10 06:53:34 | 000,000,000 | ---D | C] -- C:\FRST
[2013/09/09 21:09:09 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Odef
[2013/09/09 21:09:09 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Efhaor
[2013/09/07 07:25:06 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\RealNetworks
[2013/09/07 07:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/09/07 07:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/09/07 07:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/09/06 19:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Apps Toolbar
[2013/09/05 19:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\YTD Toolbar
[2013/08/22 11:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\xml_param
[2013/08/22 11:41:26 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\Wondershare Video Converter Ultimate
[2013/08/22 11:41:25 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
[2013/08/22 11:39:57 | 000,339,784 | ---- | C] (Wondershare) -- C:\Windows\System32\WPShellExt32.dll
[2013/08/22 11:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare Player
[2013/08/22 11:39:46 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Wondershare
[2013/08/22 11:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wondershare
[2013/08/22 11:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2013/08/22 11:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/08/22 11:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare Video Converter Ultimate
[2013/08/22 11:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2013/08/22 11:37:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Wondershare
[2013/08/19 11:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/19 11:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/19 11:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/19 11:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
========== Files - Modified Within 30 Days ==========
 
[2013/09/17 09:30:15 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/17 09:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/16 19:30:01 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/14 20:29:07 | 000,011,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/14 20:29:07 | 000,011,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/14 20:21:52 | 000,262,144 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/09/14 20:20:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/14 20:20:02 | 1610,612,736 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/13 16:34:57 | 012,907,592 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Toni\Desktop\mbar-1.07.0.1005.exe
[2013/09/13 15:02:55 | 000,109,714 | ---- | M] () -- C:\Users\Toni\Desktop\Grrr.png
[2013/09/13 14:56:24 | 000,030,981 | ---- | M] () -- C:\Users\Toni\Desktop\Virus.png
[2013/09/11 17:50:04 | 000,103,798 | ---- | M] () -- C:\Users\Toni\Desktop\Warning SS.png
[2013/09/07 15:03:50 | 000,287,830 | ---- | M] () -- C:\Users\Toni\Desktop\truck.jpg
[2013/09/07 07:22:18 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/09/05 19:37:04 | 000,102,739 | ---- | M] () -- C:\Users\Toni\Desktop\download.jpg
[2013/09/01 14:26:08 | 000,628,874 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/01 14:26:08 | 000,111,026 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/22 11:40:06 | 000,001,085 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Wondershare Player.lnk
[2013/08/22 11:39:24 | 000,001,283 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Wondershare Video Converter Ultimate.lnk
[2013/08/22 11:39:09 | 000,000,984 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/08/19 11:41:33 | 000,001,713 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2013/09/14 20:14:26 | 000,262,144 | ---- | C] () -- C:\Windows\System32\Ikeext.etl
[2013/09/13 15:02:55 | 000,109,714 | ---- | C] () -- C:\Users\Toni\Desktop\Grrr.png
[2013/09/13 14:56:24 | 000,030,981 | ---- | C] () -- C:\Users\Toni\Desktop\Virus.png
[2013/09/11 17:50:04 | 000,103,798 | ---- | C] () -- C:\Users\Toni\Desktop\Warning SS.png
[2013/09/07 15:03:46 | 000,287,830 | ---- | C] () -- C:\Users\Toni\Desktop\truck.jpg
[2013/09/05 19:34:11 | 000,102,739 | ---- | C] () -- C:\Users\Toni\Desktop\download.jpg
[2013/08/22 11:40:06 | 000,001,085 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Wondershare Player.lnk
[2013/08/22 11:39:24 | 000,001,283 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Wondershare Video Converter Ultimate.lnk
[2013/08/22 11:39:21 | 000,727,952 | ---- | C] () -- C:\Windows\System32\WSCM64.dll
[2013/08/22 11:39:21 | 000,153,088 | ---- | C] () -- C:\Windows\System32\WSCM32.dll
[2013/08/22 11:39:09 | 000,000,984 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/08/19 11:41:33 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/15 08:04:19 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2012/08/20 11:31:58 | 000,004,608 | ---- | C] () -- C:\Users\Toni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/04 17:50:36 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxeavs.dll
[2012/04/04 17:50:33 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxeacoin.dll
[2012/04/04 17:50:28 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeacui.dll
[2012/04/04 17:50:28 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeacuir.dll
[2012/04/04 17:50:28 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxeagcfg.dll
[2012/04/04 17:48:39 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxearwrd.ini
[2012/04/04 17:48:17 | 000,385,024 | ---- | C] () -- C:\Windows\System32\LXEAinst.dll
[2012/04/04 17:48:17 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxeainpa.dll
[2012/04/04 17:48:17 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEAhcp.dll
[2012/04/04 17:48:16 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxeausb1.dll
[2012/04/04 17:48:16 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeaiesc.dll
[2012/04/04 17:48:14 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxeaserv.dll
[2012/04/04 17:48:14 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxeapmui.dll
[2012/04/04 17:48:14 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxealmpm.dll
[2012/04/04 17:48:14 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxeains.dll
[2012/04/04 17:48:14 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxeainsb.dll
[2012/04/04 17:48:14 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lxeainsr.dll
[2012/04/04 17:48:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxeajswr.dll
[2012/04/04 17:48:13 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxeahbn3.dll
[2012/04/04 17:48:13 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxeaih.exe
[2012/04/04 17:48:13 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeacu.dll
[2012/04/04 17:48:13 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxeagrd.dll
[2012/04/04 17:48:13 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeacub.dll
[2012/04/04 17:48:13 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeacur.dll
[2012/04/04 17:48:12 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeacomc.dll
[2012/04/04 17:48:12 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeacoms.exe
[2012/04/04 17:48:12 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeacfg.exe
[2012/04/04 17:48:12 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeacomm.dll
[2012/04/04 17:45:08 | 000,023,552 | ---- | C] () -- C:\Windows\System32\LXEAsmr.dll
[2012/04/04 17:45:05 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXEAsm.dll
[2011/08/06 08:22:58 | 000,000,017 | ---- | C] () -- C:\Users\Toni\AppData\Local\resmon.resmoncfg
[2011/06/05 08:35:21 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/08/05 04:23:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2011/06/10 08:58:12 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/11/28 08:53:46 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\AnvSoft
[2011/06/18 17:24:36 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/09/09 21:09:55 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\Efhaor
[2010/08/15 10:22:38 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\GetRightToGo
[2011/07/14 03:04:58 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\go
[2012/11/12 08:51:33 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\ImgBurn
[2012/11/10 08:52:11 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\IObit
[2010/08/14 20:43:37 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\Leadertech
[2013/09/09 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\Odef
[2010/08/08 20:26:27 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\PC Suite
[2012/02/16 06:00:55 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\PrimoPDF
[2011/05/31 07:25:46 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\QuickScan
[2012/03/06 01:51:59 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\Samsung
[2010/11/16 10:36:28 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\TK8 Software
[2012/08/28 20:49:50 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\USTechSupport
[2013/09/13 14:08:09 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\uTorrent
[2013/08/22 11:41:25 | 000,000,000 | ---D | M] -- C:\Users\Toni\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
 

Edited by punkin.potpie, 17 September 2013 - 10:10 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users