Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Connecting to my home network and downloading using IE10


  • Please log in to reply
23 replies to this topic

#1 craigr29

craigr29

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 24 September 2013 - 07:03 AM

Hi,

 

(Just been pointed at this forum to check if I am infected).

 

Windows 7 - 64 bit.

 

I am trying to enable my home network but every time I turn on Network Discovery it resets itself to off.

Also, IE will not download any files.  It gives a message of Virus Detected.

 

I've run malwarebytes and Super Anti Spyware to remove previous malware but no luck.

 

 

Can anyone help?

 

 

 

Many thanks

 



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:52 PM

Posted 24 September 2013 - 07:05 AM

Can you post the log for malwarebytes and super anti-spyware?



#3 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 24 September 2013 - 07:06 AM

it's been a while so I'll rerun them both.

 

Thanks



#4 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 24 September 2013 - 02:13 PM

MalwareBytes log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.23.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Craig :: CRAIG-PC [administrator]
 
24/09/2013 19:34:19
mbam-log-2013-09-24 (19-34-19).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211435
Time elapsed: 12 minute(s), 58 second(s)
 
Memory Processes Detected: 2
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> 1632 -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> 3016 -> Delete on reboot.
 
Memory Modules Detected: 2
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.PerformerSoft.A) -> Delete on reboot.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Delete on reboot.
 
Registry Keys Detected: 45
HKLM\SYSTEM\CurrentControlSet\Services\BitGuard (PUP.Optional.PerformerSoft.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Delete on reboot.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\d (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BitGuard.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 9
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?babsrc=HP_ss&mntrId=D4A0E0CB4EC5CF3A&affID=121564&tt=080613_wc1&tsp=4966 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Delete on reboot.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.BabSolution.A) -> Data: C:\Windows\SysWOW64\rundll32.exe  "C:\Users\Craig\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run -> Quarantined and deleted successfully.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\BitGuard|ImagePath (PUP.Optional.BitGuard.A) -> Data: C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.PerformerSoft.A) -> Bad: (c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll) Good: () -> Delete on reboot.
 
Folders Detected: 18
C:\Users\Craig\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Delete on reboot.
C:\Users\Craig\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Delete on reboot.
C:\Program Files (x86)\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\bh (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy\4DA7590105A84D3BB837EC1595F8D13E (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy\FCF70F1F6B7A4BBBAA4B06E539DD4E40 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy\OpenCandy_FCF70F1F6B7A4BBBAA4B06E539DD4E40 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\ProgramData\BitGuard\2.6.1673.238 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BitGuard.A) -> Quarantined and deleted successfully.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BitGuard.A) -> Delete on reboot.
 
Files Detected: 53
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.PerformerSoft.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> Delete on reboot.
C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy\4DA7590105A84D3BB837EC1595F8D13E\DeltaTB.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\EBAA.tmp (PUP.Optional.PerformerSoft.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\ccp.exe (PUP.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\NTRedirect.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Temp\CD6E0785-BAB0-7891-84E3-9A79BA6504D0\Latest\Setup.exe (PUP.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\Delta\sqlite3.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Delete on reboot.
C:\Users\Craig\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\GUninstaller.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy\FCF70F1F6B7A4BBBAA4B06E539DD4E40\driverscannerUK.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Craig\AppData\Roaming\OpenCandy\FCF70F1F6B7A4BBBAA4B06E539DD4E40\driverscannerUKOptOut_p1v5.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BitGuard.A) -> Delete on reboot.
C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BitGuard.A) -> Delete on reboot.
 
(end)


#5 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 24 September 2013 - 02:21 PM

Super anti spy ware:

 

SUPERAntiSpyware Scan Log
 
Generated 09/24/2013 at 07:48 PM
 
Application Version : 5.6.1032
 
Core Rules Database Version : 10788
Trace Rules Database Version: 8600
 
Scan type       : Quick Scan
Total Scan Time : 00:13:49
 
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
 
Memory items scanned      : 766
Memory threats detected   : 0
Registry items scanned    : 60971
Registry threats detected : 7
File items scanned        : 15042
File threats detected     : 128
 
PUP.bProtector
(x86) HKU\S-1-5-21-678122267-2528083027-3194409801-1000\Software\Microsoft\Internet Explorer\Main#bProtector Start Page [ http://www1.delta-search.com/?babsrc=HP_ss&mntrId=D4A0E0CB4EC5CF3A&affID=121564&tt=080613_wc1&tsp=4966 ]
(x86) HKU\S-1-5-21-678122267-2528083027-3194409801-1000\Software\Microsoft\Internet Explorer\SearchScopes#bProtectorDefaultScope [ {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} ]
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#DisplayName
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#UninstallString
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#UninstalLinkPath
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#Publisher
 
Adware.Tracking Cookie
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\ZDPPFMCV.txt [ /ads.pubmatic.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\OVCMK9QI.txt [ /at.atwola.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\WC9Z35YU.txt [ /atdmt.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\AW15FWZ4.txt [ /doubleclick.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\N1WMNU27.txt [ /adinterax.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\3SSM7OEL.txt [ /c1.atdmt.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\8905SELF.txt [ /revsci.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\N55FIBM1.txt [ /ad.yieldmanager.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\EUV1Y3D7.txt [ /uk.sitestat.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\A451O378.txt [ /xiti.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\KCET49K6.txt [ /questionmarket.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\PSJSDS9F.txt [ /adtech.de ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\RH0D2ZWE.txt [ /tradedoubler.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\2X9HXENQ.txt [ /tribalfusion.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\2NQZ832R.txt [ /amazon-adsystem.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\TPQAE8YP.txt [ /accounts.google.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\TGP73VX8.txt [ /virginmedia.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\EA1NZ1XV.txt [ /h.atdmt.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\V6JUAMMM.txt [ /ads.undertone.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\31EFYK3F.txt [ /casalemedia.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\JDW5S03M.txt [ /www.googleadservices.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\34VL8VBM.txt [ /www.googleadservices.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\VD7DKZ7U.txt [ /tracking.onefeed.co.uk ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\BH9MYVHN.txt [ /yieldmanager.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\XCCBK62M.txt [ /media6degrees.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\APYYOJZ7.txt [ /lucidmedia.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\JJI6PEFB.txt [ /specificclick.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\T24698OK.txt [ /fastclick.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\GI9W7IDO.txt [ /apmebf.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\721FH65F.txt [ /statse.webtrendslive.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\LY2UC924.txt [ /advertising.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\IZ5QUQXX.txt [ /uk.sitestat.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\WTRUZA9K.txt [ /imrworldwide.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\P1YOOJX0.txt [ /ads.p161.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\IFO8JC9X.txt [ /ad.360yield.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\YHYP5MAG.txt [ /ad.e-kolay.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\CV7181LU.txt [ /adtechus.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\U3R7L558.txt [ /liveperson.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\02OYV7NU.txt [ /invitemedia.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\A8BMI4BX.txt [ /adform.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\J3CGISKE.txt [ /ru4.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\HSKYB0JJ.txt [ /zedo.com ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\X2X9901Q.txt [ /pro-market.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\HYA60BZ9.txt [ /collective-media.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\SUIE0UZW.txt [ /microsoftsto.112.2o7.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\ABIZG065.txt [ /track.adform.net ]
C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Cookies\X5R1ITNY.txt [ /mediaplex.com ]
.imrworldwide.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.uk.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.virginmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.uk.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www4.smartadserver.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www4.smartadserver.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:52 PM

Posted 24 September 2013 - 05:11 PM

Can you please rerun the scans, but this time perform full scans?



#7 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 25 September 2013 - 01:26 AM

Apologies.  Will do



#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:52 PM

Posted 25 September 2013 - 05:26 AM

No problem just take your time.



#9 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 25 September 2013 - 03:25 PM

Malwarebytes - full log

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.23.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Craig :: CRAIG-PC [administrator]
 
25/09/2013 19:12:49
mbam-log-2013-09-25 (19-12-49).txt
 
Scan type: Full scan (C:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 616354
Time elapsed: 1 hour(s), 59 minute(s), 28 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000081 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
 
(end)
 

 

 

 

Super anti spyware - full log

SUPERAntiSpyware Scan Log
 
Generated 09/25/2013 at 08:49 PM
 
Application Version : 5.6.1032
 
Core Rules Database Version : 10788
Trace Rules Database Version: 8600
 
Scan type       : Complete Scan
Total Scan Time : 01:37:14
 
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
 
Memory items scanned      : 908
Memory threats detected   : 0
Registry items scanned    : 74863
Registry threats detected : 0
File items scanned        : 97805
File threats detected     : 128
 
Adware.Tracking Cookie
.imrworldwide.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.virginmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.uk.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www4.smartadserver.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www4.smartadserver.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.uk.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.uk.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.dc-storm.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.dc-storm.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.dc-storm.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.dc-storm.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.net [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.audience2media.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.audience2media.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.audience2media.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\CRAIG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:52 PM

Posted 25 September 2013 - 06:56 PM

Can you download via IE now?



#11 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 26 September 2013 - 01:59 AM

No, this has been going on for quite a while now.  I can download via google chrome though.

 

I still get the pop up, in IE, "... contained a virus and was Deleted".

 

 

 

Thanks



#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:52 PM

Posted 26 September 2013 - 05:31 AM

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
=================================

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

#13 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 27 September 2013 - 01:21 PM

Farbar Service Scanner Version: 13-09-2013
Ran by Craig (administrator) on 27-09-2013 at 19:18:42
Running from "C:\Downloads\Malware removal programs"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
Checking Start type of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
Checking ImagePath of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
Checking ServiceDll of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
 
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Craig (administrator) on 27-09-2013 at 19:19:29
Running from "C:\Downloads\Malware removal programs"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1       localhost
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1       localhost
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
 
There are 46 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Edimax 802.11n Wireless PCI Card = Wireless Network Connection (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Craig-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : HG532.com
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : HG532.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E0-CB-4E-C5-CF-3A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c107:ecb9:ed16:3f8b%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 25 September 2013 21:28:45
   Lease Expires . . . . . . . . . . : 28 September 2013 19:04:56
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 249613134
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-E0-F8-9D-E0-CB-4E-C5-CF-3A
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.HG532.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : HG532.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:8aa:2bb6:a3e9:e96(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::8aa:2bb6:a3e9:e96%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:4009:809::1009
 173.194.41.168
 173.194.41.166
 173.194.41.161
 173.194.41.167
 173.194.41.162
 173.194.41.165
 173.194.41.163
 173.194.41.169
 173.194.41.164
 173.194.41.160
 173.194.41.174
 
 
Pinging google.com [173.194.41.162] with 32 bytes of data:
Reply from 173.194.41.162: bytes=32 time=40ms TTL=56
Reply from 173.194.41.162: bytes=32 time=40ms TTL=56
 
Ping statistics for 173.194.41.162:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 40ms, Average = 40ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=220ms TTL=48
Reply from 206.190.36.45: bytes=32 time=250ms TTL=48
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 220ms, Maximum = 250ms, Average = 235ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...e0 cb 4e c5 cf 3a ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.10     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.10    276
     192.168.1.10  255.255.255.255         On-link      192.168.1.10    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.10    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.10    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.10    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fb:8aa:2bb6:a3e9:e96/128
                                    On-link
 10    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::8aa:2bb6:a3e9:e96/128
                                    On-link
 10    276 fe80::c107:ecb9:ed16:3f8b/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/23/2013 05:15:24 PM) (Source: Microsoft Security Client Setup) (User: Craig-PC)
Description: HRESULT:0x80070643
Description:Cannot complete the Security Essentials Upgrade. Security Essentials is not currently monitoring and helping to protect your computer. Please restart your computer and try again. Error code:0x80070643. Fatal error during installation.
 
Error: (09/23/2013 05:13:33 PM) (Source: MsiInstaller) (User: Craig-PC)
Description: Product: Microsoft Security Client -- Error 1316. A network error occurred while attempting to read from the file: C:\Windows\Installer\epp.msi
 
Error: (09/23/2013 05:13:22 PM) (Source: MsiInstaller) (User: Craig-PC)
Description: Product: Microsoft Security Client -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Microsoft Security Client\MsMpEng.exe.
 
Error: (09/19/2013 04:55:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: maya.exe, version: 2009.7.28.308, time stamp: 0x4a6eb726
Faulting module name: atio6axx.dll, version: 6.14.10.10750, time stamp: 0x4dae452d
Exception code: 0xc0000005
Fault offset: 0x0000000000aec55c
Faulting process id: 0x2914
Faulting application start time: 0xmaya.exe0
Faulting application path: maya.exe1
Faulting module path: maya.exe2
Report Id: maya.exe3
 
Error: (09/11/2013 08:06:43 PM) (Source: Application Hang) (User: )
Description: The program maya.exe version 2009.7.28.308 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2afc
 
Start Time: 01cead4d0b241f28
 
Termination Time: 399
 
Application Path: C:\Program Files\Autodesk\Maya2010\bin\maya.exe
 
Report Id:
 
Error: (09/03/2013 11:30:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c70c
Faulting module name: ole32.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
Exception code: 0xc0000005
Fault offset: 0x0000000000031635
Faulting process id: 0x1fd4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (09/02/2013 05:32:10 PM) (Source: Application Hang) (User: )
Description: The program maya.exe version 2009.7.28.308 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 23a8
 
Start Time: 01ce9e9e7236ce05
 
Termination Time: 1524
 
Application Path: C:\Program Files\Autodesk\Maya2010\bin\maya.exe
 
Report Id:
 
Error: (08/24/2013 01:58:26 PM) (Source: System Restore) (User: )
Description: The scheduled restore point could not be created.  Additional information: (0x81000101).
 
Error: (08/24/2013 01:58:26 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x81000101).
 
Error: (08/23/2013 05:42:17 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume Maxtor (M:) was not defragmented because an error was encountered: The request could not be performed because of an I/O device error. (0x8007045D)
 
 
System errors:
=============
Error: (09/26/2013 08:02:39 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR7.
 
Error: (09/25/2013 11:39:01 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR7.
 
Error: (09/25/2013 09:29:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SCDEmu
 
Error: (09/25/2013 09:28:52 PM) (Source: Service Control Manager) (User: )
Description: The Hardlock service failed to start due to the following error: 
%%577
 
Error: (09/25/2013 09:28:40 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error: 
%%5
 
Error: (09/25/2013 09:26:24 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (09/25/2013 06:59:51 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR7.
 
Error: (09/24/2013 09:27:49 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR7.
 
Error: (09/24/2013 08:17:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SCDEmu
 
Error: (09/24/2013 08:17:03 PM) (Source: Service Control Manager) (User: )
Description: The Hardlock service failed to start due to the following error: 
%%577
 
 
Microsoft Office Sessions:
=========================
Error: (09/23/2013 05:15:24 PM) (Source: Microsoft Security Client Setup)(User: Craig-PC)
Description: HRESULT:0x80070643
Description:Cannot complete the Security Essentials Upgrade. Security Essentials is not currently monitoring and helping to protect your computer. Please restart your computer and try again. Error code:0x80070643. Fatal error during installation.
 
Error: (09/23/2013 05:13:33 PM) (Source: MsiInstaller)(User: Craig-PC)
Description: Product: Microsoft Security Client -- Error 1316. A network error occurred while attempting to read from the file: C:\Windows\Installer\epp.msi(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (09/23/2013 05:13:22 PM) (Source: MsiInstaller)(User: Craig-PC)
Description: Product: Microsoft Security Client -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Microsoft Security Client\MsMpEng.exe.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (09/19/2013 04:55:20 PM) (Source: Application Error)(User: )
Description: maya.exe2009.7.28.3084a6eb726atio6axx.dll6.14.10.107504dae452dc00000050000000000aec55c291401ceb4ac27e35f95C:\Program Files\Autodesk\Maya2010\bin\maya.exeC:\Windows\system32\atio6axx.dlle27aa75d-2143-11e3-8365-e0cb4ec5cf3a
 
Error: (09/11/2013 08:06:43 PM) (Source: Application Hang)(User: )
Description: maya.exe2009.7.28.3082afc01cead4d0b241f28399C:\Program Files\Autodesk\Maya2010\bin\maya.exe
 
Error: (09/03/2013 11:30:58 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c70cole32.DLL6.1.7601.175144ce7c92cc000000500000000000316351fd401ce9d0c080beb83C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\ole32.DLL80f50c9b-14e8-11e3-8365-e0cb4ec5cf3a
 
Error: (09/02/2013 05:32:10 PM) (Source: Application Hang)(User: )
Description: maya.exe2009.7.28.30823a801ce9e9e7236ce051524C:\Program Files\Autodesk\Maya2010\bin\maya.exe
 
Error: (08/24/2013 01:58:26 PM) (Source: System Restore)(User: )
Description: 0x81000101
 
Error: (08/24/2013 01:58:26 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x81000101
 
Error: (08/23/2013 05:42:17 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: Maxtor (M:)The request could not be performed because of an I/O device error. (0x8007045D)
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-25 21:28:52.493
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-25 21:28:52.275
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-25 21:28:20.326
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\scdemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-25 21:28:20.123
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\scdemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-24 20:17:03.226
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-24 20:17:03.024
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-24 20:16:30.872
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\scdemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-24 20:16:30.654
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\scdemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-24 19:31:39.706
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-24 19:31:39.441
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29625)
1ClickDownloader (Version: 2.1 Build 26473)
ABC Amber LIT Converter
Adobe AIR (Version: 3.2.0.2070)
Adobe Download Assistant (Version: 1.2.3)
Adobe Download Manager (Version: 1.6.2.90)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader 9.4.5 (Version: 9.4.5)
Adobe Reader 9.5.3 (Version: 9.5.3)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Advertising Center (Version: 0.0.0.2)
Alt.Binz 0.39.4 (Version: 0.39.4)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Apple Application Support (Version: 1.3.1)
Apple Software Update (Version: 2.1.1.116)
ATI AVIVO64 Codecs (Version: 11.1.0.50406)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Autodesk DirectConnect 2.0 (Version: 2006.03.28)
Autodesk Mudbox 2010 (64bit) (Version: 2010.1.0)
BB FlashBack Pro
BB FlashBack Pro (Version: 2.6.3.1205)
CameraHelperMsi (Version: 13.50.854.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Full Existing (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Full New (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Light (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Previews Common (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0406.2133.36843)
Catalyst Control Center HydraVision Full (Version: 2010.0406.2133.36843)
Catalyst Control Center InstallProxy (Version: 2010.0406.2133.36843)
Catalyst Control Center Localization All (Version: 2010.0406.2133.36843)
CCC Help Chinese Standard (Version: 2010.0406.2132.36843)
CCC Help Chinese Traditional (Version: 2010.0406.2132.36843)
CCC Help Czech (Version: 2010.0406.2132.36843)
CCC Help Danish (Version: 2010.0406.2132.36843)
CCC Help Dutch (Version: 2010.0406.2132.36843)
CCC Help English (Version: 2010.0406.2132.36843)
CCC Help Finnish (Version: 2010.0406.2132.36843)
CCC Help French (Version: 2010.0406.2132.36843)
CCC Help German (Version: 2010.0406.2132.36843)
CCC Help Greek (Version: 2010.0406.2132.36843)
CCC Help Hungarian (Version: 2010.0406.2132.36843)
CCC Help Italian (Version: 2010.0406.2132.36843)
CCC Help Japanese (Version: 2010.0406.2132.36843)
CCC Help Korean (Version: 2010.0406.2132.36843)
CCC Help Norwegian (Version: 2010.0406.2132.36843)
CCC Help Polish (Version: 2010.0406.2132.36843)
CCC Help Portuguese (Version: 2010.0406.2132.36843)
CCC Help Russian (Version: 2010.0406.2132.36843)
CCC Help Spanish (Version: 2010.0406.2132.36843)
CCC Help Swedish (Version: 2010.0406.2132.36843)
CCC Help Thai (Version: 2010.0406.2132.36843)
CCC Help Turkish (Version: 2010.0406.2132.36843)
ccc-core-static (Version: 2010.0406.2133.36843)
ccc-utility64 (Version: 2010.0406.2133.36843)
CCleaner (Version: 3.24)
ContentSAFER for Wizmax
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.0.0)
Crystal Reports for Visual Studio (Version: 12.51.0.240)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeGo Video Converter version 2.1.4.165 (Version: 2.1.4.165)
DevExpress DXperience 12.2 (Version: 12.2.7)
DivX Setup (Version: 2.5.0.8)
Dotfuscator Software Services - Community Edition (Version: 5.0.2500.0)
EmoDio (Version: 1.0)
EPSON Printer Software
erLT (Version: 1.20.138.34)
ffdshow [rev 610] [2006-12-01] (Version: 1.0)
Free YouTube Download version 3.0.16.923
Free YouTube to MP3 Converter version 3.12.9.725 (Version: 3.12.9.725)
FreeUndelete 2.1.36867.1 (Version: 2.1.36867.1)
GDR 1617 for SQL Server 2008 R2 (KB2494088) (64-bit) (Version: 10.50.1617.0)
Google Chrome (Version: 29.0.1547.76)
Google Update Helper (Version: 1.3.21.153)
HydraVision (Version: 4.2.148.0)
ImagXpress (Version: 7.0.74.0)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java™ 6 Update 37 (Version: 6.0.370)
K-Lite Mega Codec Pack 6.2.0 (Version: 6.2.0)
Lame ACM MP3 Codec
Logitech Solar App 1.0 (Version: 1.00.46)
Logitech Vid HD (Version: 7.2 (7240))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Maya 2010 (64-bit) (Version: 11.00.0000)
Menu Templates - Starter Kit (Version: 9.4.6.0)
Microsoft .NET Compact Framework 1.0 SP3 Developer (Version: 1.0.4292)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 2.0 SDK (x64) - ENU
Microsoft .NET Framework 2.0 SDK (x64) - ENU (Version: 2.0.50727)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (Version: 9.0.21022)
Microsoft Device Emulator version 1.0 - ENU (Version: 1.0.50727.42)
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005 (Version: 8.0.50727.42)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft SQL Server 2000 Sample Database Scripts (Version: 1.0.0)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (Version: 3.0.0.0)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1617.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1617.0)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 for Devices ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.2 (Version: 1.2.0.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219)
Microsoft Virtual PC 2007 (Version: 6.0.156.0)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (Version: 10.0.40219)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (Version: 8.0.50727.42)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (Version: 8.0.50727.42)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31010)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Tools (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (Version: 6.1.5288.17011)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Movie Templates - Starter Kit (Version: 9.4.6.0)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0.21022)
MSVC80_x64 (Version: 1.0.1.0)
MSVC80_x86 (Version: 1.0.1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 9 Essentials
Nero BurnRights (Version: 3.4.13.100)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.12.100)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero Disc Copy Gadget (Version: 2.4.34.0)
Nero Disc Copy Gadget Help (Version: 2.4.34.0)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.27.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero Rescue Agent (Version: 2.4.14.100)
Nero RescueAgent Help (Version: 2.4.4.100)
Nero ShowTime (Version: 5.4.0.100)
Nero ShowTime (Version: 5.4.21.100)
Nero StartSmart (Version: 9.4.19.100)
Nero StartSmart Help (Version: 9.4.19.100)
Nero Vision (Version: 6.4.16.100)
Nero Vision Help (Version: 6.4.15.100)
NeroExpress (Version: 9.4.27.100)
neroxml (Version: 1.0.0)
OMP Index Reference Increment (64-bit) (Version: 1.0.0)
OpenAL
PC Connectivity Solution (Version: 8.47.7.0)
PDF Settings CS6 (Version: 11.0)
PowerDVD (Version: 7.2.2414.0)
PowerISO
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.67.75.0)
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
Sandboxie 4.04 (64-bit) (Version: 4.04)
ScanSoft PDF Converter 3.0 (Version: 3.00.0000)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.9.4.169.gc0399df6)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
SUPERAntiSpyware (Version: 5.6.1012)
Tablet Driver With Macrokey Manager (Version: 4.13)
TeamViewer 8 (Version: 8.0.16642)
TVersity Codec Pack 1.7 (Version: 1.7)
TVersity Media Server 1.9.7 (Version: 1.9.7)
UFO Aftermath (Version: 1.4)
UFO Aftershock (Version: 1.0)
Uninstall 1.0.0.1
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
uTorrentControl_v6 Toolbar (Version: 6.11.2.6)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VeryPDF PDF2Word v3.0
VideoLAN VLC media player 0.8.6f (Version: 0.8.6f)
ViewSonic Windows 7 x64 Signed Files
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio .NET Prerequisites - English (Version: 9.0.21022)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
Web Deployment Tool (Version: 1.1.0618)
Wheel Mouse Software 4.0
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
WinRAR archiver
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 41%
Total physical RAM: 4095.18 MB
Available physical RAM: 2402.54 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 4643.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.62 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:315.25 GB) NTFS
4 Drive f: (Internal 500GB) (Fixed) (Total:465.76 GB) (Free:190.2 GB) NTFS
9 Drive k: (SAMSUNG) (Fixed) (Total:931.5 GB) (Free:698.57 GB) NTFS
10 Drive m: (Maxtor) (Fixed) (Total:465.76 GB) (Free:237.17 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\CRAIG-PC
 
Administrator            Craig                    Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****


#14 craigr29

craigr29
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 27 September 2013 - 01:22 PM

19:20:02.0854 2276  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:20:03.0266 2276  ============================================================
19:20:03.0267 2276  Current date / time: 2013/09/27 19:20:03.0266
19:20:03.0267 2276  SystemInfo:
19:20:03.0267 2276  
19:20:03.0267 2276  OS Version: 6.1.7601 ServicePack: 1.0
19:20:03.0267 2276  Product type: Workstation
19:20:03.0267 2276  ComputerName: CRAIG-PC
19:20:03.0267 2276  UserName: Craig
19:20:03.0267 2276  Windows directory: C:\Windows
19:20:03.0267 2276  System windows directory: C:\Windows
19:20:03.0267 2276  Running under WOW64
19:20:03.0267 2276  Processor architecture: Intel x64
19:20:03.0268 2276  Number of processors: 4
19:20:03.0268 2276  Page size: 0x1000
19:20:03.0268 2276  Boot type: Normal boot
19:20:03.0268 2276  ============================================================
19:20:04.0027 2276  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:20:04.0041 2276  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:20:04.0051 2276  Drive \Device\Harddisk2\DR2 - Size: 0xE8E03B6000 (931.50 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:20:07.0151 2276  Drive \Device\Harddisk7\DR7 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:20:07.0171 2276  ============================================================
19:20:07.0171 2276  \Device\Harddisk0\DR0:
19:20:07.0171 2276  MBR partitions:
19:20:07.0171 2276  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:20:07.0171 2276  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
19:20:07.0171 2276  \Device\Harddisk1\DR1:
19:20:07.0171 2276  MBR partitions:
19:20:07.0171 2276  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
19:20:07.0172 2276  \Device\Harddisk2\DR2:
19:20:07.0173 2276  MBR partitions:
19:20:07.0173 2276  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x74701AC0
19:20:07.0173 2276  \Device\Harddisk7\DR7:
19:20:07.0174 2276  MBR partitions:
19:20:07.0174 2276  \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
19:20:07.0174 2276  ============================================================
19:20:07.0204 2276  C: <-> \Device\Harddisk0\DR0\Partition2
19:20:07.0228 2276  F: <-> \Device\Harddisk1\DR1\Partition1
19:20:07.0259 2276  K: <-> \Device\Harddisk2\DR2\Partition1
19:20:07.0278 2276  M: <-> \Device\Harddisk7\DR7\Partition1
19:20:07.0278 2276  ============================================================
19:20:07.0278 2276  Initialize success
19:20:07.0278 2276  ============================================================
19:20:14.0181 5444  ============================================================
19:20:14.0181 5444  Scan started
19:20:14.0181 5444  Mode: Manual; 
19:20:14.0181 5444  ============================================================
19:20:15.0261 5444  ================ Scan system memory ========================
19:20:15.0261 5444  System memory - ok
19:20:15.0262 5444  ================ Scan services =============================
19:20:15.0322 5444  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:20:15.0324 5444  !SASCORE - ok
19:20:15.0447 5444  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:20:15.0452 5444  1394ohci - ok
19:20:15.0484 5444  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:20:15.0488 5444  ACPI - ok
19:20:15.0497 5444  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:20:15.0498 5444  AcpiPmi - ok
19:20:15.0509 5444  ACRUSBTM - ok
19:20:15.0736 5444  [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:20:15.0740 5444  AdobeFlashPlayerUpdateSvc - ok
19:20:15.0782 5444  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:20:15.0792 5444  adp94xx - ok
19:20:15.0813 5444  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:20:15.0817 5444  adpahci - ok
19:20:15.0827 5444  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:20:15.0829 5444  adpu320 - ok
19:20:15.0849 5444  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:20:15.0850 5444  AeLookupSvc - ok
19:20:15.0874 5444  aevuknlv - ok
19:20:15.0915 5444  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:20:15.0919 5444  AFD - ok
19:20:15.0960 5444  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:20:15.0962 5444  agp440 - ok
19:20:15.0970 5444  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:20:15.0971 5444  ALG - ok
19:20:15.0999 5444  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:20:16.0000 5444  aliide - ok
19:20:16.0040 5444  [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:20:16.0042 5444  AMD External Events Utility - ok
19:20:16.0057 5444  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:20:16.0058 5444  amdide - ok
19:20:16.0079 5444  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:20:16.0081 5444  AmdK8 - ok
19:20:16.0248 5444  [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:20:16.0403 5444  amdkmdag - ok
19:20:16.0420 5444  [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:20:16.0423 5444  amdkmdap - ok
19:20:16.0441 5444  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:20:16.0442 5444  AmdPPM - ok
19:20:16.0480 5444  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:20:16.0482 5444  amdsata - ok
19:20:16.0497 5444  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:20:16.0502 5444  amdsbs - ok
19:20:16.0517 5444  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:20:16.0518 5444  amdxata - ok
19:20:16.0562 5444  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:20:16.0564 5444  AppID - ok
19:20:16.0584 5444  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:20:16.0586 5444  AppIDSvc - ok
19:20:16.0613 5444  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:20:16.0615 5444  Appinfo - ok
19:20:16.0624 5444  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:20:16.0626 5444  arc - ok
19:20:16.0634 5444  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:20:16.0636 5444  arcsas - ok
19:20:16.0733 5444  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:20:16.0736 5444  aspnet_state - ok
19:20:16.0749 5444  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:20:16.0750 5444  AsyncMac - ok
19:20:16.0783 5444  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:20:16.0783 5444  atapi - ok
19:20:16.0833 5444  [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
19:20:16.0837 5444  AtiHdmiService - ok
19:20:16.0890 5444  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:20:16.0903 5444  AudioEndpointBuilder - ok
19:20:16.0918 5444  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:20:16.0922 5444  AudioSrv - ok
19:20:16.0967 5444  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:20:16.0969 5444  AxInstSV - ok
19:20:17.0008 5444  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:20:17.0018 5444  b06bdrv - ok
19:20:17.0046 5444  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:20:17.0050 5444  b57nd60a - ok
19:20:17.0091 5444  [ 849EA7A204F9F77E7B2ADB8699F7BFC8 ] bbcap           C:\Windows\system32\DRIVERS\bbcap.sys
19:20:17.0093 5444  bbcap - ok
19:20:17.0124 5444  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:20:17.0128 5444  BDESVC - ok
19:20:17.0145 5444  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:20:17.0146 5444  Beep - ok
19:20:17.0198 5444  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:20:17.0202 5444  BFE - ok
19:20:17.0222 5444  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:20:17.0229 5444  BITS - ok
19:20:17.0242 5444  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:20:17.0243 5444  blbdrive - ok
19:20:17.0287 5444  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:20:17.0289 5444  bowser - ok
19:20:17.0299 5444  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:20:17.0300 5444  BrFiltLo - ok
19:20:17.0312 5444  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:20:17.0313 5444  BrFiltUp - ok
19:20:17.0341 5444  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:20:17.0343 5444  Browser - ok
19:20:17.0355 5444  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:20:17.0359 5444  Brserid - ok
19:20:17.0374 5444  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:20:17.0375 5444  BrSerWdm - ok
19:20:17.0388 5444  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:20:17.0389 5444  BrUsbMdm - ok
19:20:17.0400 5444  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:20:17.0401 5444  BrUsbSer - ok
19:20:17.0411 5444  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:20:17.0412 5444  BTHMODEM - ok
19:20:17.0432 5444  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:20:17.0434 5444  bthserv - ok
19:20:17.0456 5444  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:20:17.0457 5444  cdfs - ok
19:20:17.0496 5444  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:20:17.0498 5444  cdrom - ok
19:20:17.0538 5444  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:20:17.0539 5444  CertPropSvc - ok
19:20:17.0548 5444  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:20:17.0551 5444  circlass - ok
19:20:17.0577 5444  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:20:17.0584 5444  CLFS - ok
19:20:17.0637 5444  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:17.0642 5444  clr_optimization_v2.0.50727_32 - ok
19:20:17.0688 5444  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:20:17.0704 5444  clr_optimization_v2.0.50727_64 - ok
19:20:17.0755 5444  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:20:17.0759 5444  clr_optimization_v4.0.30319_32 - ok
19:20:17.0773 5444  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:20:17.0776 5444  clr_optimization_v4.0.30319_64 - ok
19:20:17.0792 5444  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:20:17.0794 5444  CmBatt - ok
19:20:17.0807 5444  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:20:17.0808 5444  cmdide - ok
19:20:17.0841 5444  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:20:17.0849 5444  CNG - ok
19:20:17.0862 5444  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:20:17.0864 5444  Compbatt - ok
19:20:17.0907 5444  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:20:17.0910 5444  CompositeBus - ok
19:20:17.0923 5444  COMSysApp - ok
19:20:17.0982 5444  cpuz132 - ok
19:20:17.0998 5444  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:20:18.0000 5444  crcdisk - ok
19:20:18.0049 5444  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:20:18.0050 5444  CryptSvc - ok
19:20:18.0093 5444  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:20:18.0103 5444  DcomLaunch - ok
19:20:18.0138 5444  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:20:18.0141 5444  defragsvc - ok
19:20:18.0173 5444  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:20:18.0176 5444  DfsC - ok
19:20:18.0201 5444  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:20:18.0205 5444  dg_ssudbus - ok
19:20:18.0244 5444  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:20:18.0250 5444  Dhcp - ok
19:20:18.0271 5444  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:20:18.0272 5444  discache - ok
19:20:18.0293 5444  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:20:18.0295 5444  Disk - ok
19:20:18.0335 5444  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:20:18.0336 5444  Dnscache - ok
19:20:18.0365 5444  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:20:18.0368 5444  dot3svc - ok
19:20:18.0413 5444  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:20:18.0417 5444  DPS - ok
19:20:18.0446 5444  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:20:18.0448 5444  drmkaud - ok
19:20:18.0491 5444  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:20:18.0502 5444  DXGKrnl - ok
19:20:18.0527 5444  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:20:18.0528 5444  EapHost - ok
19:20:18.0594 5444  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:20:18.0660 5444  ebdrv - ok
19:20:18.0686 5444  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:20:18.0687 5444  EFS - ok
19:20:18.0752 5444  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:20:18.0766 5444  ehRecvr - ok
19:20:18.0800 5444  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:20:18.0804 5444  ehSched - ok
19:20:18.0835 5444  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:20:18.0846 5444  elxstor - ok
19:20:18.0886 5444  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:20:18.0888 5444  ErrDev - ok
19:20:18.0923 5444  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:20:18.0927 5444  EventSystem - ok
19:20:18.0940 5444  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:20:18.0943 5444  exfat - ok
19:20:18.0959 5444  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:20:18.0961 5444  fastfat - ok
19:20:19.0009 5444  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:20:19.0015 5444  Fax - ok
19:20:19.0027 5444  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:20:19.0028 5444  fdc - ok
19:20:19.0040 5444  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:20:19.0040 5444  fdPHost - ok
19:20:19.0046 5444  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:20:19.0047 5444  FDResPub - ok
19:20:19.0063 5444  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:20:19.0064 5444  FileInfo - ok
19:20:19.0069 5444  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:20:19.0070 5444  Filetrace - ok
19:20:19.0153 5444  [ F1A9C61436E12A637A647870DD6D9EEF ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:20:19.0160 5444  FLEXnet Licensing Service 64 - ok
19:20:19.0176 5444  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:20:19.0177 5444  flpydisk - ok
19:20:19.0207 5444  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:20:19.0209 5444  FltMgr - ok
19:20:19.0265 5444  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:20:19.0285 5444  FontCache - ok
19:20:19.0314 5444  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:20:19.0316 5444  FsDepends - ok
19:20:19.0354 5444  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:20:19.0356 5444  Fs_Rec - ok
19:20:19.0389 5444  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:20:19.0394 5444  fvevol - ok
19:20:19.0414 5444  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:20:19.0415 5444  gagp30kx - ok
19:20:19.0461 5444  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:20:19.0467 5444  gpsvc - ok
19:20:19.0554 5444  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:20:19.0557 5444  gupdate - ok
19:20:19.0569 5444  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:20:19.0571 5444  gupdatem - ok
19:20:19.0622 5444  [ 091582DA724F54830012E3FAAF2F1D1A ] Hardlock        C:\Windows\system32\drivers\hardlock.sys
19:20:19.0628 5444  Hardlock - ok
19:20:19.0651 5444  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:20:19.0653 5444  hcw85cir - ok
19:20:19.0694 5444  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:20:19.0701 5444  HdAudAddService - ok
19:20:19.0727 5444  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:20:19.0730 5444  HDAudBus - ok
19:20:19.0743 5444  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:20:19.0744 5444  HidBatt - ok
19:20:19.0758 5444  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:20:19.0760 5444  HidBth - ok
19:20:19.0775 5444  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:20:19.0777 5444  HidIr - ok
19:20:19.0796 5444  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:20:19.0797 5444  hidserv - ok
19:20:19.0823 5444  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:20:19.0825 5444  HidUsb - ok
19:20:19.0859 5444  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:20:19.0862 5444  hkmsvc - ok
19:20:19.0888 5444  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:20:19.0890 5444  HomeGroupListener - ok
19:20:19.0919 5444  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:20:19.0922 5444  HomeGroupProvider - ok
19:20:19.0944 5444  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:20:19.0946 5444  HpSAMD - ok
19:20:19.0989 5444  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:20:19.0997 5444  HTTP - ok
19:20:20.0027 5444  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:20:20.0028 5444  hwpolicy - ok
19:20:20.0054 5444  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:20:20.0056 5444  i8042prt - ok
19:20:20.0081 5444  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:20:20.0086 5444  iaStorV - ok
19:20:20.0111 5444  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:20:20.0112 5444  iirsp - ok
19:20:20.0136 5444  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:20:20.0142 5444  IKEEXT - ok
19:20:20.0167 5444  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:20:20.0168 5444  intelide - ok
19:20:20.0196 5444  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:20:20.0199 5444  intelppm - ok
19:20:20.0226 5444  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:20:20.0231 5444  IPBusEnum - ok
19:20:20.0264 5444  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:20:20.0267 5444  IpFilterDriver - ok
19:20:20.0326 5444  [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll
19:20:20.0336 5444  IpHlpSvc - ok
19:20:20.0380 5444  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:20:20.0383 5444  IPMIDRV - ok
19:20:20.0415 5444  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:20:20.0419 5444  IPNAT - ok
19:20:20.0442 5444  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:20:20.0444 5444  IRENUM - ok
19:20:20.0461 5444  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:20:20.0462 5444  isapnp - ok
19:20:20.0480 5444  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:20:20.0484 5444  iScsiPrt - ok
19:20:20.0496 5444  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:20:20.0497 5444  kbdclass - ok
19:20:20.0512 5444  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:20:20.0513 5444  kbdhid - ok
19:20:20.0527 5444  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:20:20.0528 5444  KeyIso - ok
19:20:20.0554 5444  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:20:20.0556 5444  KSecDD - ok
19:20:20.0582 5444  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:20:20.0584 5444  KSecPkg - ok
19:20:20.0592 5444  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:20:20.0593 5444  ksthunk - ok
19:20:20.0625 5444  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:20:20.0631 5444  KtmRm - ok
19:20:20.0722 5444  [ CAEAA16039485B2D3BB069C1107442A5 ] L4301_Solar     C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
19:20:20.0728 5444  L4301_Solar - ok
19:20:20.0768 5444  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:20:20.0774 5444  LanmanServer - ok
19:20:20.0816 5444  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:20:20.0821 5444  LanmanWorkstation - ok
19:20:20.0844 5444  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:20:20.0846 5444  lltdio - ok
19:20:20.0884 5444  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:20:20.0888 5444  lltdsvc - ok
19:20:20.0905 5444  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:20:20.0907 5444  lmhosts - ok
19:20:20.0929 5444  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:20:20.0931 5444  LSI_FC - ok
19:20:20.0947 5444  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:20:20.0949 5444  LSI_SAS - ok
19:20:20.0964 5444  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:20:20.0966 5444  LSI_SAS2 - ok
19:20:20.0982 5444  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:20:20.0984 5444  LSI_SCSI - ok
19:20:20.0999 5444  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:20:21.0001 5444  luafv - ok
19:20:21.0042 5444  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:20:21.0044 5444  LVPr2M64 - ok
19:20:21.0047 5444  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:20:21.0048 5444  LVPr2Mon - ok
19:20:21.0082 5444  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
19:20:21.0088 5444  LVRS64 - ok
19:20:21.0210 5444  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
19:20:21.0305 5444  LVUVC64 - ok
19:20:21.0347 5444  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:20:21.0347 5444  MBAMProtector - ok
19:20:21.0405 5444  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:20:21.0411 5444  MBAMScheduler - ok
19:20:21.0445 5444  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:20:21.0456 5444  MBAMService - ok
19:20:21.0474 5444  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:20:21.0477 5444  megasas - ok
19:20:21.0513 5444  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:20:21.0520 5444  MegaSR - ok
19:20:21.0572 5444  Microsoft SharePoint Workspace Audit Service - ok
19:20:21.0595 5444  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:20:21.0598 5444  MMCSS - ok
19:20:21.0616 5444  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:20:21.0618 5444  Modem - ok
19:20:21.0650 5444  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:20:21.0651 5444  monitor - ok
19:20:21.0689 5444  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:20:21.0691 5444  mouclass - ok
19:20:21.0717 5444  [ 21B7ACEA1BB49C3371DD5427BF309D6A ] moufiltr        C:\Windows\system32\DRIVERS\moufiltr.sys
19:20:21.0718 5444  moufiltr - ok
19:20:21.0731 5444  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:20:21.0733 5444  mouhid - ok
19:20:21.0770 5444  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:20:21.0771 5444  mountmgr - ok
19:20:21.0791 5444  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:20:21.0796 5444  mpio - ok
19:20:21.0815 5444  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:20:21.0817 5444  mpsdrv - ok
19:20:21.0862 5444  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:20:21.0868 5444  MpsSvc - ok
19:20:21.0898 5444  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:20:21.0900 5444  MRxDAV - ok
19:20:21.0931 5444  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:20:21.0933 5444  mrxsmb - ok
19:20:21.0962 5444  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:20:21.0966 5444  mrxsmb10 - ok
19:20:21.0981 5444  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:20:21.0983 5444  mrxsmb20 - ok
19:20:22.0014 5444  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:20:22.0015 5444  msahci - ok
19:20:22.0054 5444  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:20:22.0058 5444  msdsm - ok
19:20:22.0088 5444  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:20:22.0093 5444  MSDTC - ok
19:20:22.0128 5444  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:20:22.0130 5444  Msfs - ok
19:20:22.0143 5444  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:20:22.0146 5444  mshidkmdf - ok
19:20:22.0162 5444  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:20:22.0163 5444  msisadrv - ok
19:20:22.0180 5444  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:20:22.0183 5444  MSiSCSI - ok
19:20:22.0187 5444  msiserver - ok
19:20:22.0209 5444  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:20:22.0211 5444  MSKSSRV - ok
19:20:22.0247 5444  MsMpSvc - ok
19:20:22.0261 5444  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:20:22.0263 5444  MSPCLOCK - ok
19:20:22.0277 5444  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:20:22.0278 5444  MSPQM - ok
19:20:22.0308 5444  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:20:22.0313 5444  MsRPC - ok
19:20:22.0343 5444  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:20:22.0344 5444  mssmbios - ok
19:20:22.0406 5444  MSSQL$SQLEXPRESS - ok
19:20:22.0450 5444  [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:20:22.0453 5444  MSSQLServerADHelper100 - ok
19:20:22.0475 5444  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:20:22.0477 5444  MSTEE - ok
19:20:22.0619 5444  [ 95DC808A9A177F575DE9FD49F7D97312 ] msvsmon80       C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe
19:20:22.0685 5444  msvsmon80 - ok
19:20:22.0712 5444  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:20:22.0713 5444  MTConfig - ok
19:20:22.0737 5444  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
19:20:22.0739 5444  MTsensor - ok
19:20:22.0761 5444  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:20:22.0764 5444  Mup - ok
19:20:22.0804 5444  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:20:22.0816 5444  napagent - ok
19:20:22.0844 5444  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:20:22.0851 5444  NativeWifiP - ok
19:20:22.0887 5444  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:20:22.0897 5444  NDIS - ok
19:20:22.0912 5444  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:20:22.0913 5444  NdisCap - ok
19:20:22.0924 5444  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:22.0925 5444  NdisTapi - ok
19:20:22.0953 5444  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:20:22.0955 5444  Ndisuio - ok
19:20:22.0986 5444  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:22.0989 5444  NdisWan - ok
19:20:23.0014 5444  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:20:23.0016 5444  NDProxy - ok
19:20:23.0104 5444  [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:20:23.0119 5444  Nero BackItUp Scheduler 4.0 - ok
19:20:23.0132 5444  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:20:23.0132 5444  NetBIOS - ok
19:20:23.0166 5444  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:20:23.0169 5444  NetBT - ok
19:20:23.0183 5444  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:20:23.0184 5444  Netlogon - ok
19:20:23.0226 5444  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:20:23.0231 5444  Netman - ok
19:20:23.0322 5444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:23.0326 5444  NetMsmqActivator - ok
19:20:23.0335 5444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:23.0338 5444  NetPipeActivator - ok
19:20:23.0368 5444  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:20:23.0377 5444  netprofm - ok
19:20:23.0423 5444  [ D66596DB0A0739A89C25B590CE36D628 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
19:20:23.0431 5444  netr28x - ok
19:20:23.0437 5444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:23.0438 5444  NetTcpActivator - ok
19:20:23.0443 5444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:23.0444 5444  NetTcpPortSharing - ok
19:20:23.0468 5444  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:20:23.0469 5444  nfrd960 - ok
19:20:23.0518 5444  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:20:23.0521 5444  NisDrv - ok
19:20:23.0547 5444  NisSrv - ok
19:20:23.0593 5444  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:20:23.0601 5444  NlaSvc - ok
19:20:23.0645 5444  [ EF7A048FE8E3F102C78C9BD7C448BB6C ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
19:20:23.0648 5444  nosGetPlusHelper - ok
19:20:23.0674 5444  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:20:23.0675 5444  Npfs - ok
19:20:23.0694 5444  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:20:23.0697 5444  nsi - ok
19:20:23.0715 5444  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:20:23.0716 5444  nsiproxy - ok
19:20:23.0775 5444  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:20:23.0807 5444  Ntfs - ok
19:20:23.0818 5444  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:20:23.0819 5444  Null - ok
19:20:23.0837 5444  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:20:23.0839 5444  nvraid - ok
19:20:23.0867 5444  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:20:23.0870 5444  nvstor - ok
19:20:23.0886 5444  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:20:23.0890 5444  nv_agp - ok
19:20:23.0906 5444  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:20:23.0909 5444  ohci1394 - ok
19:20:23.0964 5444  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:23.0968 5444  ose - ok
19:20:24.0124 5444  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:20:24.0188 5444  osppsvc - ok
19:20:24.0216 5444  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:20:24.0220 5444  p2pimsvc - ok
19:20:24.0235 5444  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:20:24.0240 5444  p2psvc - ok
19:20:24.0259 5444  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:20:24.0261 5444  Parport - ok
19:20:24.0290 5444  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:20:24.0291 5444  partmgr - ok
19:20:24.0306 5444  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:20:24.0309 5444  PcaSvc - ok
19:20:24.0357 5444  [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:20:24.0360 5444  pccsmcfd - ok
19:20:24.0383 5444  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:20:24.0387 5444  pci - ok
19:20:24.0417 5444  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:20:24.0417 5444  pciide - ok
19:20:24.0434 5444  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:20:24.0437 5444  pcmcia - ok
19:20:24.0453 5444  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:20:24.0453 5444  pcw - ok
19:20:24.0473 5444  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:20:24.0481 5444  PEAUTH - ok
19:20:24.0531 5444  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:20:24.0534 5444  PerfHost - ok
19:20:24.0590 5444  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:20:24.0616 5444  pla - ok
19:20:24.0666 5444  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:20:24.0676 5444  PlugPlay - ok
19:20:24.0706 5444  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:20:24.0708 5444  PNRPAutoReg - ok
19:20:24.0724 5444  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:20:24.0727 5444  PNRPsvc - ok
19:20:24.0740 5444  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:20:24.0744 5444  Power - ok
19:20:24.0783 5444  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:20:24.0785 5444  PptpMiniport - ok
19:20:24.0798 5444  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:20:24.0800 5444  Processor - ok
19:20:24.0837 5444  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:20:24.0842 5444  ProfSvc - ok
19:20:24.0864 5444  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:20:24.0867 5444  ProtectedStorage - ok
19:20:24.0904 5444  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:20:24.0908 5444  Psched - ok
19:20:24.0929 5444  punjhpym - ok
19:20:24.0940 5444  qgqehtmj - ok
19:20:24.0986 5444  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:20:25.0012 5444  ql2300 - ok
19:20:25.0027 5444  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:20:25.0030 5444  ql40xx - ok
19:20:25.0043 5444  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:20:25.0047 5444  QWAVE - ok
19:20:25.0058 5444  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:20:25.0058 5444  QWAVEdrv - ok
19:20:25.0072 5444  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:20:25.0073 5444  RasAcd - ok
19:20:25.0106 5444  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:20:25.0109 5444  RasAgileVpn - ok
19:20:25.0127 5444  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:20:25.0132 5444  RasAuto - ok
19:20:25.0170 5444  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:20:25.0174 5444  Rasl2tp - ok
19:20:25.0194 5444  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:20:25.0204 5444  RasMan - ok
19:20:25.0219 5444  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:20:25.0223 5444  RasPppoe - ok
19:20:25.0231 5444  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:20:25.0234 5444  RasSstp - ok
19:20:25.0247 5444  rbykmolu - ok
19:20:25.0266 5444  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:20:25.0270 5444  rdbss - ok
19:20:25.0283 5444  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:20:25.0284 5444  rdpbus - ok
19:20:25.0299 5444  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:20:25.0300 5444  RDPCDD - ok
19:20:25.0314 5444  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:20:25.0315 5444  RDPENCDD - ok
19:20:25.0335 5444  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:20:25.0336 5444  RDPREFMP - ok
19:20:25.0378 5444  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:20:25.0383 5444  RDPWD - ok
19:20:25.0404 5444  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:20:25.0409 5444  rdyboost - ok
19:20:25.0442 5444  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:20:25.0447 5444  RemoteAccess - ok
19:20:25.0464 5444  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:20:25.0468 5444  RemoteRegistry - ok
19:20:25.0535 5444  [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
19:20:25.0538 5444  RichVideo - ok
19:20:25.0570 5444  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:20:25.0575 5444  RpcEptMapper - ok
19:20:25.0597 5444  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:20:25.0600 5444  RpcLocator - ok
19:20:25.0644 5444  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:20:25.0654 5444  RpcSs - ok
19:20:25.0680 5444  [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150        C:\Windows\system32\DRIVERS\RsFx0150.sys
19:20:25.0687 5444  RsFx0150 - ok
19:20:25.0723 5444  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:20:25.0726 5444  rspndr - ok
19:20:25.0771 5444  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:20:25.0782 5444  RTL8167 - ok
19:20:25.0797 5444  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:20:25.0798 5444  SamSs - ok
19:20:25.0830 5444  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:20:25.0831 5444  SASDIFSV - ok
19:20:25.0850 5444  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:20:25.0851 5444  SASKUTIL - ok
19:20:25.0908 5444  [ 53E618640032FF0511901551D7F77424 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
19:20:25.0912 5444  SbieDrv - ok
19:20:25.0933 5444  [ DD78D286FF9032D9E0938F815928C2FD ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
19:20:25.0937 5444  SbieSvc - ok
19:20:25.0971 5444  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:20:25.0973 5444  sbp2port - ok
19:20:25.0995 5444  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:20:26.0002 5444  SCardSvr - ok
19:20:26.0054 5444  [ 75039B4A72C6D808E66EEA82B259B26F ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
19:20:26.0055 5444  SCDEmu - ok
19:20:26.0080 5444  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:20:26.0082 5444  scfilter - ok
19:20:26.0125 5444  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:20:26.0135 5444  Schedule - ok
19:20:26.0163 5444  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:20:26.0164 5444  SCPolicySvc - ok
19:20:26.0179 5444  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:20:26.0181 5444  SDRSVC - ok
19:20:26.0206 5444  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:20:26.0208 5444  secdrv - ok
19:20:26.0220 5444  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:20:26.0222 5444  seclogon - ok
19:20:26.0247 5444  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:20:26.0249 5444  SENS - ok
19:20:26.0258 5444  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:20:26.0260 5444  SensrSvc - ok
19:20:26.0280 5444  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:20:26.0281 5444  Serenum - ok
19:20:26.0297 5444  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:20:26.0299 5444  Serial - ok
19:20:26.0332 5444  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:20:26.0333 5444  sermouse - ok
19:20:26.0378 5444  [ 3EC8DE67B1C78C31E54C0F030E6BD7D5 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:20:26.0390 5444  ServiceLayer - ok
19:20:26.0443 5444  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:20:26.0446 5444  SessionEnv - ok
19:20:26.0459 5444  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:20:26.0461 5444  sffdisk - ok
19:20:26.0477 5444  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:20:26.0479 5444  sffp_mmc - ok
19:20:26.0488 5444  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:20:26.0490 5444  sffp_sd - ok
19:20:26.0501 5444  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:20:26.0502 5444  sfloppy - ok
19:20:26.0524 5444  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:20:26.0529 5444  SharedAccess - ok
19:20:26.0561 5444  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:20:26.0564 5444  ShellHWDetection - ok
19:20:26.0580 5444  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:20:26.0582 5444  SiSRaid2 - ok
19:20:26.0598 5444  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:20:26.0600 5444  SiSRaid4 - ok
19:20:26.0639 5444  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:20:26.0641 5444  SkypeUpdate - ok
19:20:26.0653 5444  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:20:26.0655 5444  Smb - ok
19:20:26.0674 5444  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:20:26.0676 5444  SNMPTRAP - ok
19:20:26.0690 5444  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:20:26.0690 5444  spldr - ok
19:20:26.0791 5444  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:20:26.0802 5444  Spooler - ok
19:20:26.0931 5444  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:20:27.0006 5444  sppsvc - ok
19:20:27.0021 5444  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:20:27.0023 5444  sppuinotify - ok
19:20:27.0079 5444  [ 602884696850C86434530790B110E8EB ] sptd            C:\Windows\system32\Drivers\sptd.sys
19:20:27.0079 5444  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
19:20:27.0081 5444  sptd ( LockedFile.Multi.Generic ) - warning
19:20:27.0081 5444  sptd - detected LockedFile.Multi.Generic (1)
19:20:27.0157 5444  [ 70F05E8ECE922C20E785A46224E12183 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:20:27.0166 5444  SQLAgent$SQLEXPRESS - ok
19:20:27.0235 5444  [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:20:27.0242 5444  SQLBrowser - ok
19:20:27.0274 5444  [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:20:27.0277 5444  SQLWriter - ok
19:20:27.0325 5444  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:20:27.0335 5444  srv - ok
19:20:27.0360 5444  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:20:27.0369 5444  srv2 - ok
19:20:27.0384 5444  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:20:27.0387 5444  srvnet - ok
19:20:27.0409 5444  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:20:27.0413 5444  SSDPSRV - ok
19:20:27.0422 5444  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:20:27.0425 5444  SstpSvc - ok
19:20:27.0456 5444  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:20:27.0459 5444  ssudmdm - ok
19:20:27.0482 5444  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:20:27.0484 5444  stexstor - ok
19:20:27.0523 5444  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:20:27.0531 5444  stisvc - ok
19:20:27.0564 5444  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:20:27.0566 5444  swenum - ok
19:20:27.0644 5444  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:20:27.0650 5444  SwitchBoard - ok
19:20:27.0688 5444  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:20:27.0700 5444  swprv - ok
19:20:27.0770 5444  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:20:27.0789 5444  SysMain - ok
19:20:27.0823 5444  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:27.0826 5444  TabletInputService - ok
19:20:27.0842 5444  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:20:27.0847 5444  TapiSrv - ok
19:20:27.0861 5444  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:20:27.0864 5444  TBS - ok
19:20:27.0907 5444  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:20:27.0920 5444  Tcpip - ok
19:20:27.0953 5444  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:20:27.0961 5444  TCPIP6 - ok
19:20:27.0982 5444  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:20:27.0983 5444  tcpipreg - ok
19:20:28.0004 5444  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:20:28.0005 5444  TDPIPE - ok
19:20:28.0039 5444  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:20:28.0040 5444  TDTCP - ok
19:20:28.0076 5444  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:20:28.0078 5444  tdx - ok
19:20:28.0198 5444  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:20:28.0253 5444  TeamViewer8 - ok
19:20:28.0275 5444  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:20:28.0276 5444  TermDD - ok
19:20:28.0290 5444  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:20:28.0297 5444  TermService - ok
19:20:28.0312 5444  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:20:28.0313 5444  Themes - ok
19:20:28.0325 5444  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:20:28.0326 5444  THREADORDER - ok
19:20:28.0333 5444  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:20:28.0335 5444  TrkWks - ok
19:20:28.0388 5444  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:28.0392 5444  TrustedInstaller - ok
19:20:28.0426 5444  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:28.0428 5444  tssecsrv - ok
19:20:28.0476 5444  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:20:28.0478 5444  TsUsbFlt - ok
19:20:28.0522 5444  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:20:28.0525 5444  tunnel - ok
19:20:28.0643 5444  [ 06BCCB3BF0D06ADCCC4EBC8EF682DD59 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe
19:20:28.0662 5444  TVersityMediaServer - ok
19:20:28.0688 5444  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:20:28.0689 5444  uagp35 - ok
19:20:28.0717 5444  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:20:28.0721 5444  udfs - ok
19:20:28.0746 5444  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:20:28.0748 5444  UI0Detect - ok
19:20:28.0779 5444  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:20:28.0781 5444  uliagpkx - ok
19:20:28.0798 5444  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:20:28.0799 5444  umbus - ok
19:20:28.0820 5444  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:20:28.0821 5444  UmPass - ok
19:20:28.0924 5444  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:20:28.0930 5444  UMVPFSrv - ok
19:20:28.0969 5444  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:20:28.0974 5444  upnphost - ok
19:20:29.0005 5444  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:20:29.0007 5444  usbaudio - ok
19:20:29.0017 5444  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:20:29.0019 5444  usbccgp - ok
19:20:29.0035 5444  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:20:29.0037 5444  usbcir - ok
19:20:29.0046 5444  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:20:29.0047 5444  usbehci - ok
19:20:29.0072 5444  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:20:29.0076 5444  usbhub - ok
19:20:29.0081 5444  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:20:29.0082 5444  usbohci - ok
19:20:29.0100 5444  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:20:29.0102 5444  usbprint - ok
19:20:29.0129 5444  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:20:29.0130 5444  usbscan - ok
19:20:29.0139 5444  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:29.0141 5444  USBSTOR - ok
19:20:29.0154 5444  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:20:29.0155 5444  usbuhci - ok
19:20:29.0175 5444  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:20:29.0177 5444  UxSms - ok
19:20:29.0185 5444  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:20:29.0186 5444  VaultSvc - ok
19:20:29.0200 5444  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:20:29.0201 5444  vdrvroot - ok
19:20:29.0238 5444  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:20:29.0243 5444  vds - ok
19:20:29.0255 5444  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:29.0256 5444  vga - ok
19:20:29.0264 5444  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:20:29.0265 5444  VgaSave - ok
19:20:29.0275 5444  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:20:29.0277 5444  vhdmp - ok
19:20:29.0300 5444  [ C2C95D62C90CA809240112B41C1765F2 ] vhidmini        C:\Windows\system32\DRIVERS\walvhid.sys
19:20:29.0301 5444  vhidmini - ok
19:20:29.0325 5444  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:20:29.0326 5444  viaide - ok
19:20:29.0352 5444  [ 091E009EF749C9D65CF9ADFAD316D251 ] vmm             C:\Windows\system32\Drivers\vmm.sys
19:20:29.0355 5444  vmm - ok
19:20:29.0368 5444  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:20:29.0371 5444  volmgr - ok
19:20:29.0405 5444  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:20:29.0412 5444  volmgrx - ok
19:20:29.0435 5444  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:20:29.0441 5444  volsnap - ok
19:20:29.0493 5444  [ BC2EA40B98B5E866D9A4F98AFB66B682 ] VPCNetS2        C:\Windows\system32\DRIVERS\VMNetSrv.sys
19:20:29.0496 5444  VPCNetS2 - ok
19:20:29.0524 5444  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:20:29.0528 5444  vsmraid - ok
19:20:29.0597 5444  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:20:29.0623 5444  VSS - ok
19:20:29.0659 5444  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:20:29.0660 5444  vwifibus - ok
19:20:29.0676 5444  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:20:29.0679 5444  vwififlt - ok
19:20:29.0703 5444  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:20:29.0705 5444  vwifimp - ok
19:20:29.0714 5444  vxbhtsdv - ok
19:20:29.0749 5444  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:20:29.0755 5444  W32Time - ok
19:20:29.0772 5444  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:20:29.0773 5444  WacomPen - ok
19:20:29.0810 5444  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:20:29.0812 5444  WANARP - ok
19:20:29.0816 5444  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:20:29.0817 5444  Wanarpv6 - ok
19:20:29.0866 5444  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:20:29.0892 5444  WatAdminSvc - ok
19:20:29.0937 5444  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:20:29.0963 5444  wbengine - ok
19:20:29.0989 5444  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:20:29.0993 5444  WbioSrvc - ok
19:20:30.0008 5444  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:20:30.0013 5444  wcncsvc - ok
19:20:30.0022 5444  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:20:30.0025 5444  WcsPlugInService - ok
19:20:30.0050 5444  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:20:30.0052 5444  Wd - ok
19:20:30.0096 5444  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:20:30.0111 5444  Wdf01000 - ok
19:20:30.0126 5444  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:20:30.0128 5444  WdiServiceHost - ok
19:20:30.0133 5444  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:20:30.0135 5444  WdiSystemHost - ok
19:20:30.0168 5444  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:20:30.0172 5444  WebClient - ok
19:20:30.0182 5444  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:20:30.0187 5444  Wecsvc - ok
19:20:30.0197 5444  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:20:30.0199 5444  wercplsupport - ok
19:20:30.0211 5444  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:20:30.0214 5444  WerSvc - ok
19:20:30.0234 5444  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:20:30.0236 5444  WfpLwf - ok
19:20:30.0248 5444  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:20:30.0250 5444  WIMMount - ok
19:20:30.0299 5444  WinDefend - ok
19:20:30.0316 5444  WinHttpAutoProxySvc - ok
19:20:30.0362 5444  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:20:30.0366 5444  Winmgmt - ok
19:20:30.0447 5444  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:20:30.0480 5444  WinRM - ok
19:20:30.0527 5444  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:20:30.0528 5444  WinUsb - ok
19:20:30.0561 5444  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:20:30.0568 5444  Wlansvc - ok
19:20:30.0582 5444  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:20:30.0583 5444  WmiAcpi - ok
19:20:30.0606 5444  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:20:30.0609 5444  wmiApSrv - ok
19:20:30.0630 5444  WMPNetworkSvc - ok
19:20:30.0644 5444  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:20:30.0647 5444  WPCSvc - ok
19:20:30.0679 5444  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:20:30.0681 5444  WPDBusEnum - ok
19:20:30.0694 5444  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:20:30.0696 5444  ws2ifsl - ok
19:20:30.0735 5444  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:20:30.0740 5444  wscsvc - ok
19:20:30.0748 5444  WSearch - ok
19:20:30.0771 5444  WTService - ok
19:20:30.0836 5444  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:20:30.0854 5444  wuauserv - ok
19:20:30.0896 5444  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:20:30.0899 5444  WudfPf - ok
19:20:30.0923 5444  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:30.0928 5444  WUDFRd - ok
19:20:30.0963 5444  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:20:30.0968 5444  wudfsvc - ok
19:20:31.0007 5444  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:20:31.0016 5444  WwanSvc - ok
19:20:31.0125 5444  [ B8D9BE4059FDBF868B4009B5449F33CB ] {95808DC4-FA4A-4c74-92FE-5B863F82066B} C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
19:20:31.0127 5444  {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
19:20:31.0128 5444  ================ Scan global ===============================
19:20:31.0152 5444  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:20:31.0194 5444  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
19:20:31.0209 5444  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
19:20:31.0230 5444  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:20:31.0250 5444  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:20:31.0257 5444  [Global] - ok
19:20:31.0257 5444  ================ Scan MBR ==================================
19:20:31.0266 5444  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:20:31.0442 5444  \Device\Harddisk0\DR0 - ok
19:20:31.0447 5444  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
19:20:31.0450 5444  \Device\Harddisk1\DR1 - ok
19:20:31.0455 5444  [ 180DBDE3AF7EA48B3DB3AC27B1DDF401 ] \Device\Harddisk2\DR2
19:20:31.0951 5444  \Device\Harddisk2\DR2 - ok
19:20:31.0960 5444  [ A4A15D6782E6FE1DCE41A606CB3AFFE3 ] \Device\Harddisk7\DR7
19:20:32.0180 5444  \Device\Harddisk7\DR7 - ok
19:20:32.0180 5444  ================ Scan VBR ==================================
19:20:32.0188 5444  [ 8703127B2140298245B700154EFF4097 ] \Device\Harddisk0\DR0\Partition1
19:20:32.0190 5444  \Device\Harddisk0\DR0\Partition1 - ok
19:20:32.0202 5444  [ 672FB46A60A34BE5B28803F434182828 ] \Device\Harddisk0\DR0\Partition2
19:20:32.0203 5444  \Device\Harddisk0\DR0\Partition2 - ok
19:20:32.0205 5444  [ 28DF3DC8BD58A67086735456CA4D431B ] \Device\Harddisk1\DR1\Partition1
19:20:32.0206 5444  \Device\Harddisk1\DR1\Partition1 - ok
19:20:32.0210 5444  [ 4D962508BDD02A108D640F1FD79B6830 ] \Device\Harddisk2\DR2\Partition1
19:20:32.0213 5444  \Device\Harddisk2\DR2\Partition1 - ok
19:20:32.0217 5444  [ A8DDEDCEF4424D2A6FF6396B6AA1CC81 ] \Device\Harddisk7\DR7\Partition1
19:20:32.0220 5444  \Device\Harddisk7\DR7\Partition1 - ok
19:20:32.0220 5444  ============================================================
19:20:32.0220 5444  Scan finished
19:20:32.0220 5444  ============================================================
19:20:32.0229 6924  Detected object count: 1
19:20:32.0229 6924  Actual detected object count: 1
19:21:24.0808 6924  sptd ( LockedFile.Multi.Generic ) - skipped by user
19:21:24.0808 6924  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
19:21:44.0332 6444  Deinitialize success


#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:52 PM

Posted 27 September 2013 - 06:38 PM

GMER does not work in 64bit Mode!!!!!!
 
Please download GMER from one of the following locations and save it to your desktop:
This version will download a randomly named file (Recommended)
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
  •  
    gmer_zip.gif
     
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
  • -- If you encounter any problems, try running GMER in safe mode.
    -- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users