Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hearing random ads - Volume Mixer "Name Not Available"


  • This topic is locked This topic is locked
20 replies to this topic

#1 superfresh

superfresh

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 09 January 2014 - 11:42 AM

Beginning last night, I am hearing random ads running in the background with no way of closing them.

 

Volume mixer lists it as "Name Not Available" and I can mute/lower the volume of the ads so that I don't hear them.

 

I experienced a random restart once last night which I am assuming is related.

EDIT: just received the error "Windows must now restart because the DCOM Server Process Launcher service terminated unexpectedly" before a forced restart.

 

I followed the steps and ran dds. I copy/pasted the dds log and attached the attach log.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.45.2
Run by Beat at 11:34:01 on 2014-01-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8117.5313 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\spool\DRIVERS\x64\3\lxdxserv.exe
C:\Windows\system32\lxdxcoms.exe
D:\PROGRAMZ\Malwarebytes' Anti-Malware\mbamscheduler.exe
D:\PROGRAMZ\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\PROGRAMZ\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\AsScrPro.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Beat\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SndVol.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
uProxyOverride = <local>
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Akamai NetSession Interface] "C:\Users\Beat\AppData\Local\Akamai\netsession_win.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
StartupFolder: C:\Users\Beat\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Beat\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: NameServer = 192.168.2.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\57B697564657 : DHCPNameServer = 128.163.37.132 128.163.1.11
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\96E637967686477796669643535353 : DHCPNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\96E63796768647F577966696F536133693 : DHCPNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\A33336 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\B4C45524026393 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\C6F6C6775747 : DHCPNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{3A7CF9C7-F5CD-40AD-9CDE-026CD3D135BA} : DHCPNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - 
x64-Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [lxdxmon.exe] "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\
FF - component: C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\extensions\firesheep@codebutler.com\platform\WINNT_x86-msvc\components\mozpopen.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Beat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Beat\AppData\Roaming\raidcall\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: !HIDDEN! 2012-01-11 21:43; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-3-27 379520]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-4 203776]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 lxdx_device;lxdx_device;C:\Windows\System32\lxdxcoms.exe -service --> C:\Windows\System32\lxdxcoms.exe -service [?]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxdxserv.exe [2010-10-14 29184]
R2 MBAMScheduler;MBAMScheduler;D:\PROGRAMZ\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-9 418376]
R2 MBAMService;MBAMService;D:\PROGRAMZ\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-9 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-8-6 13784]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-3-27 2314240]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-3-27 56344]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-9-4 62464]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-9 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-21 44032]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-6-30 52264]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-3-27 35104]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-3-27 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-3-27 79360]
S3 easytether;easytether;C:\Windows\System32\drivers\easytthr.sys [2010-12-25 21072]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-2 1432400]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-8-6 61288]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-4-28 704872]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-6 118672]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-12 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-01-09 05:09:12 -------- d-----w- C:\Users\Beat\AppData\Roaming\Malwarebytes
2014-01-09 05:08:50 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-09 05:08:44 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-09 03:42:09 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-09 03:42:09 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD9697D2-7BDD-481D-92CB-347377963623}\gapaengine.dll
2014-01-09 03:41:28 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CE8D877B-7A0F-4CB1-9CF6-9245B1CBF9A4}\mpengine.dll
2014-01-09 03:38:52 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-01-09 03:38:45 -------- d-----w- C:\Program Files\Microsoft Security Client
2014-01-09 03:06:04 -------- d-----w- C:\FRST
2014-01-03 01:32:34 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FAABC106-B2D8-4815-A4D8-A218556E1869}\offreg.dll
.
==================== Find3M  ====================
.
2013-12-11 02:07:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 02:07:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 11:35:26.29 ===============

Attached Files


Edited by superfresh, 09 January 2014 - 11:48 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:52 AM

Posted 14 January 2014 - 10:33 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#3 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 14 January 2014 - 11:37 AM

Hello nasdaq,

 

I successfully completed all the steps listed and here are the resulting logs:

 

AdwCleaner log from the 2nd scan:

 
# AdwCleaner v3.017 - Report created 14/01/2014 at 11:01:43
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Beat - LOLWUT
# Running from : C:\Users\Beat\Desktop\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Users\Beat\AppData\Local\apn
Folder Deleted : C:\Users\Beat\AppData\Local\Conduit
Folder Deleted : C:\Users\Beat\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Beat\AppData\Local\Temp\pccustubinstaller
Folder Deleted : C:\Users\Beat\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Beat\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Beat\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\Extensions\engine@conduit.com
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\invalidprefs.js
File Deleted : C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\searchplugins\daemon-search.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASUS_Notebook_G73
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355004FF-980F-4D70-9D1D-2DD6A9359EBB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB72FA5E-C670-4CE7-8779-6E3DAB064F66}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Beat\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8395 octets] - [14/01/2014 10:57:15]
AdwCleaner[R1].txt - [8455 octets] - [14/01/2014 10:59:54]
AdwCleaner[S0].txt - [7364 octets] - [14/01/2014 11:01:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7424 octets] ##########
 
 
 
JRT.txt:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Beat on Tue 01/14/2014 at 11:05:03.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Beat\appdata\local\cre"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Beat\AppData\Roaming\mozilla\firefox\profiles\ivw0b7yp.default\minidumps [79 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/14/2014 at 11:13:16.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
ComboFix log:
 
ComboFix 14-01-13.01 - Beat 01/14/2014  11:18:21.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8117.5998 [GMT -5:00]
Running from: c:\users\Beat\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\32122199911
c:\programdata\SPL2FAA.tmp
c:\programdata\SPL4AB8.tmp
c:\programdata\SPL65F2.tmp
c:\programdata\SPL6C1A.tmp
c:\programdata\SPL78B7.tmp
c:\programdata\SPL85F1.tmp
c:\programdata\SPL863F.tmp
c:\programdata\SPL87F3.tmp
c:\programdata\SPL9A1C.tmp
c:\programdata\SPL9C9C.tmp
c:\programdata\SPLCEE5.tmp
c:\programdata\SPLDB44.tmp
c:\programdata\SPLDC1C.tmp
c:\programdata\SPLF604.tmp
c:\users\Beat\AppData\Roaming\mIRC\logs\status.log
c:\windows\msvcr71.dll
D:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-14 to 2014-01-14  )))))))))))))))))))))))))))))))
.
.
2014-01-14 16:26 . 2014-01-14 16:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-14 15:57 . 2014-01-14 16:02 -------- d-----w- C:\AdwCleaner
2014-01-09 05:09 . 2014-01-09 05:09 -------- d-----w- c:\users\Beat\AppData\Roaming\Malwarebytes
2014-01-09 05:08 . 2014-01-09 05:08 -------- d-----w- c:\programdata\Malwarebytes
2014-01-09 03:06 . 2014-01-09 03:06 -------- d-----w- C:\FRST
2014-01-05 23:20 . 2014-01-05 23:20 -------- d-----w- c:\users\Public\Recorded TV
2014-01-03 01:32 . 2014-01-07 16:42 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FAABC106-B2D8-4815-A4D8-A218556E1869}\offreg.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 02:07 . 2012-04-13 15:36 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 02:07 . 2011-06-29 21:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[7] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[-] 2010-11-20 . 629FFC64EBD7B6321117821D24A102D9 . 512512 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-01-03 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-01-03 815512]
.
c:\users\Beat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Beat\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys;c:\windows\SYSNATIVE\DRIVERS\easytthr.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe;c:\windows\SYSNATIVE\lxdxcoms.exe [x]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxdxserv.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 02:37 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 02:07]
.
2014-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 18:24]
.
2014-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 18:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Beat\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"lxdxmon.exe"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe" [2010-02-04 672424]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://asus.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\57B697564657: DhcpNameServer = 128.163.37.132 128.163.1.11
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\96E63796768647F577966696F536133693: DhcpNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\B4C45524026393: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{217D38A5-BB1B-4DDC-A1CB-DA9CDDCFFC6E}\C6F6C6775747: DhcpNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
FF - ProfilePath - c:\users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\
FF - ExtSQL: !HIDDEN! 2012-01-11 21:43; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Beat\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-ASUS WebStorage - c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-733799777-3005971330-2849637145-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:48,6e,a6,0b,1c,e8,de,4a,05,5b,91,46,dc,d3,8c,23,7c,eb,23,a1,23,22,b1,
   a8,fc,6c,d4,12,5e,fa,1a,6e,4f,c5,3f,bc,a4,db,63,54,a4,42,d1,4d,1c,d1,9b,5c,\
"??"=hex:e1,04,91,fb,bb,f0,a9,65,a9,e5,c8,4a,70,6a,ed,ff
.
[HKEY_USERS\S-1-5-21-733799777-3005971330-2849637145-1000\Software\SecuROM\License information*]
"datasecu"=hex:fb,fe,82,c1,f1,4f,b5,05,2e,ae,72,96,b3,81,48,a7,f1,35,83,29,4c,
   e7,a5,df,ba,1d,25,b0,82,d7,34,1d,2e,be,22,be,55,ca,7e,ec,03,66,09,ed,2e,7a,\
"rkeysecu"=hex:ac,e1,30,a9,7f,eb,cd,e4,d7,0a,3b,7b,b4,d0,16,a7
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-14  11:29:51
ComboFix-quarantined-files.txt  2014-01-14 16:29
.
Pre-Run: 26,703,990,784 bytes free
Post-Run: 27,718,184,960 bytes free
.
- - End Of File - - 608135A8D368239CF6964FA773FD3DA5
5C616939100B85E558DA92B899A0FC36
 
 
 
 

It seems that the problem persists.

 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:52 AM

Posted 14 January 2014 - 11:57 AM

Quoted from this page.
http://productforums.google.com/forum/#!topic/chrome/cBPLATwhBok

If you go to uninstall programs and you see gigaclicks crawler, uninstall it!


Can this be your solution?

If not what unknown Chrome Extension do you have.
Let me know and will check it out.

#5 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 14 January 2014 - 12:01 PM

The only Chrome Extension I have is AdBlock 2.6.16

 

In the volume control it is not listed as a Chrome window but as a blank window with no icon or name (simply "Name Not Available" in italics).



#6 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 14 January 2014 - 12:06 PM

It is also not showing that I have any program called "gigaclicks crawler" installed on my machine



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:52 AM

Posted 14 January 2014 - 01:52 PM

I would remove Chrome using the Add/Remove Programs.
Restart the computer normally.
Re-install Chrome.

Save your Bookmarks before proceeding.
https://support.google.com/chrome/answer/96816?hl=en

You can import the Bookmarks when the installation is completed
===

#8 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 14 January 2014 - 02:10 PM

I uninstalled chrome from Add/Remove Programs and restarted my computer.

 

before I could even open up firefox to re-install chrome, the problem began again. I did re-install chrome now, though.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:52 AM

Posted 14 January 2014 - 02:25 PM

If Chrome is OK, the do the same with Firefox.

Remove Firefox using the Add/Remove Programs.
Restart the computer normally
Reinstall the browser.

I suggest you save your bookmarks before remove Firefox.
Restore bookmarks from backup or move them to another computer
https://support.mozilla.org/en-US/kb/restore-bookmarks-from-backup-or-move-them
<<<>>>

#10 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 14 January 2014 - 02:34 PM

done. problem persists.



#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:52 AM

Posted 15 January 2014 - 08:43 AM


There are many ways to skin a cat.

Lets look deeper.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#12 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 15 January 2014 - 12:22 PM

12:14:51.0355 5868  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:14:58.0842 5868  ============================================================
12:14:58.0842 5868  Current date / time: 2014/01/15 12:14:58.0842
12:14:58.0842 5868  SystemInfo:
12:14:58.0842 5868  
12:14:58.0842 5868  OS Version: 6.1.7601 ServicePack: 1.0
12:14:58.0842 5868  Product type: Workstation
12:14:58.0842 5868  ComputerName: LOLWUT
12:14:58.0843 5868  UserName: Beat
12:14:58.0843 5868  Windows directory: C:\Windows
12:14:58.0843 5868  System windows directory: C:\Windows
12:14:58.0843 5868  Running under WOW64
12:14:58.0843 5868  Processor architecture: Intel x64
12:14:58.0843 5868  Number of processors: 8
12:14:58.0843 5868  Page size: 0x1000
12:14:58.0843 5868  Boot type: Normal boot
12:14:58.0843 5868  ============================================================
12:15:01.0414 5868  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:15:01.0423 5868  ============================================================
12:15:01.0423 5868  \Device\Harddisk0\DR0:
12:15:01.0423 5868  MBR partitions:
12:15:01.0423 5868  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE8E0360
12:15:01.0439 5868  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF1A15, BlocksNum 0x2939322C
12:15:01.0439 5868  ============================================================
12:15:01.0463 5868  C: <-> \Device\Harddisk0\DR0\Partition1
12:15:01.0510 5868  D: <-> \Device\Harddisk0\DR0\Partition2
12:15:01.0510 5868  ============================================================
12:15:01.0510 5868  Initialize success
12:15:01.0510 5868  ============================================================
12:15:13.0804 1260  ============================================================
12:15:13.0804 1260  Scan started
12:15:13.0804 1260  Mode: Manual; SigCheck; TDLFS; 
12:15:13.0804 1260  ============================================================
12:15:14.0912 1260  ================ Scan system memory ========================
12:15:14.0913 1260  System memory - ok
12:15:14.0913 1260  ================ Scan services =============================
12:15:15.0113 1260  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:15:15.0229 1260  1394ohci - ok
12:15:15.0257 1260  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:15:15.0276 1260  ACPI - ok
12:15:15.0286 1260  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:15:15.0357 1260  AcpiPmi - ok
12:15:15.0551 1260  [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:15:15.0567 1260  AdobeFlashPlayerUpdateSvc - ok
12:15:15.0622 1260  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:15:15.0645 1260  adp94xx - ok
12:15:15.0681 1260  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:15:15.0700 1260  adpahci - ok
12:15:15.0712 1260  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:15:15.0727 1260  adpu320 - ok
12:15:15.0761 1260  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:15:15.0899 1260  AeLookupSvc - ok
12:15:15.0950 1260  [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent        C:\Windows\system32\FBAgent.exe
12:15:15.0974 1260  AFBAgent - ok
12:15:16.0053 1260  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:15:16.0111 1260  AFD - ok
12:15:16.0143 1260  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:15:16.0156 1260  agp440 - ok
12:15:16.0175 1260  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:15:16.0235 1260  ALG - ok
12:15:16.0260 1260  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:15:16.0273 1260  aliide - ok
12:15:16.0314 1260  [ 11276158EEEEADF3EB154061BFC80A19 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:15:16.0387 1260  AMD External Events Utility - ok
12:15:16.0405 1260  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:15:16.0418 1260  amdide - ok
12:15:16.0443 1260  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:15:16.0498 1260  AmdK8 - ok
12:15:16.0669 1260  [ DF943A113060D3ABFDA4730AE4163D6F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:15:16.0914 1260  amdkmdag - ok
12:15:16.0961 1260  [ 4003B34B4A83DE29CD1C88EB6C869E58 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:15:16.0990 1260  amdkmdap - ok
12:15:17.0011 1260  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:15:17.0054 1260  AmdPPM - ok
12:15:17.0095 1260  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:15:17.0110 1260  amdsata - ok
12:15:17.0144 1260  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:15:17.0160 1260  amdsbs - ok
12:15:17.0172 1260  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:15:17.0185 1260  amdxata - ok
12:15:17.0239 1260  [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
12:15:17.0277 1260  AmUStor - ok
12:15:17.0328 1260  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:15:17.0506 1260  AppID - ok
12:15:17.0537 1260  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:15:17.0585 1260  AppIDSvc - ok
12:15:17.0628 1260  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
12:15:17.0679 1260  Appinfo - ok
12:15:17.0834 1260  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:15:17.0845 1260  Apple Mobile Device - ok
12:15:17.0910 1260  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:15:17.0924 1260  arc - ok
12:15:17.0964 1260  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:15:17.0978 1260  arcsas - ok
12:15:18.0032 1260  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:15:18.0044 1260  ASLDRService - ok
12:15:18.0058 1260  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:15:18.0067 1260  ASMMAP64 - ok
12:15:18.0185 1260  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:15:18.0220 1260  aspnet_state - ok
12:15:18.0240 1260  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:15:18.0294 1260  AsyncMac - ok
12:15:18.0344 1260  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:15:18.0355 1260  atapi - ok
12:15:18.0406 1260  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:15:18.0496 1260  athr - ok
12:15:18.0520 1260  [ D481083348138B4933ACFE95812DB71C ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
12:15:18.0531 1260  AtiHdmiService - ok
12:15:18.0673 1260  [ DF943A113060D3ABFDA4730AE4163D6F ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:15:18.0772 1260  atikmdag - ok
12:15:18.0793 1260  [ 63F1212FFE13E62CA1E8D8EE19ABD9A7 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:15:18.0805 1260  ATKGFNEXSrv - ok
12:15:18.0874 1260  [ 54494B93BB5AD74C807100144EC30D64 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
12:15:18.0889 1260  atksgt - ok
12:15:18.0947 1260  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:15:19.0020 1260  AudioEndpointBuilder - ok
12:15:19.0046 1260  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:15:19.0085 1260  AudioSrv - ok
12:15:19.0171 1260  [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
12:15:19.0183 1260  Autodesk Content Service - ok
12:15:19.0227 1260  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:15:19.0301 1260  AxInstSV - ok
12:15:19.0346 1260  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:15:19.0385 1260  b06bdrv - ok
12:15:19.0417 1260  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:15:19.0465 1260  b57nd60a - ok
12:15:19.0534 1260  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:15:19.0565 1260  BDESVC - ok
12:15:19.0579 1260  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:15:19.0643 1260  Beep - ok
12:15:19.0704 1260  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:15:19.0773 1260  BFE - ok
12:15:19.0803 1260  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
12:15:19.0891 1260  BITS - ok
12:15:19.0918 1260  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:15:19.0932 1260  blbdrive - ok
12:15:19.0973 1260  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:15:20.0007 1260  bowser - ok
12:15:20.0022 1260  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:15:20.0073 1260  BrFiltLo - ok
12:15:20.0098 1260  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:15:20.0131 1260  BrFiltUp - ok
12:15:20.0170 1260  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:15:20.0218 1260  BridgeMP - ok
12:15:20.0253 1260  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:15:20.0307 1260  Browser - ok
12:15:20.0324 1260  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:15:20.0368 1260  Brserid - ok
12:15:20.0377 1260  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:15:20.0412 1260  BrSerWdm - ok
12:15:20.0442 1260  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:15:20.0483 1260  BrUsbMdm - ok
12:15:20.0503 1260  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:15:20.0517 1260  BrUsbSer - ok
12:15:20.0569 1260  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
12:15:20.0622 1260  BthEnum - ok
12:15:20.0633 1260  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:15:20.0655 1260  BTHMODEM - ok
12:15:20.0671 1260  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:15:20.0693 1260  BthPan - ok
12:15:20.0711 1260  [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
12:15:20.0762 1260  BTHPORT - ok
12:15:20.0811 1260  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:15:20.0856 1260  bthserv - ok
12:15:20.0869 1260  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
12:15:20.0900 1260  BTHUSB - ok
12:15:20.0923 1260  [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
12:15:20.0934 1260  btusbflt - ok
12:15:20.0966 1260  [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:15:20.0978 1260  btwaudio - ok
12:15:20.0994 1260  [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:15:21.0008 1260  btwavdt - ok
12:15:21.0139 1260  [ 1E08DC82525282E34AD66FFBA0782565 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:15:21.0163 1260  btwdins - ok
12:15:21.0174 1260  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
12:15:21.0184 1260  btwl2cap - ok
12:15:21.0190 1260  [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:15:21.0200 1260  btwrchid - ok
12:15:21.0227 1260  catchme - ok
12:15:21.0255 1260  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:15:21.0301 1260  cdfs - ok
12:15:21.0351 1260  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:15:21.0377 1260  cdrom - ok
12:15:21.0420 1260  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:15:21.0475 1260  CertPropSvc - ok
12:15:21.0504 1260  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:15:21.0532 1260  circlass - ok
12:15:21.0570 1260  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:15:21.0588 1260  CLFS - ok
12:15:21.0652 1260  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:15:21.0665 1260  clr_optimization_v2.0.50727_32 - ok
12:15:21.0711 1260  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:15:21.0724 1260  clr_optimization_v2.0.50727_64 - ok
12:15:21.0801 1260  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:15:21.0913 1260  clr_optimization_v4.0.30319_32 - ok
12:15:21.0948 1260  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:15:21.0964 1260  clr_optimization_v4.0.30319_64 - ok
12:15:21.0983 1260  clwvd - ok
12:15:22.0022 1260  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:15:22.0052 1260  CmBatt - ok
12:15:22.0071 1260  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:15:22.0083 1260  cmdide - ok
12:15:22.0128 1260  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
12:15:22.0158 1260  CNG - ok
12:15:22.0181 1260  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:15:22.0194 1260  Compbatt - ok
12:15:22.0230 1260  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:15:22.0268 1260  CompositeBus - ok
12:15:22.0282 1260  COMSysApp - ok
12:15:22.0293 1260  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:15:22.0307 1260  crcdisk - ok
12:15:22.0355 1260  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
12:15:22.0377 1260  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:15:22.0377 1260  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:15:22.0397 1260  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:15:22.0414 1260  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:15:22.0414 1260  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:15:22.0444 1260  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:15:22.0488 1260  CryptSvc - ok
12:15:22.0529 1260  [ 629FFC64EBD7B6321117821D24A102D9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:15:22.0548 1260  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
12:15:22.0549 1260  DcomLaunch - detected UnsignedFile.Multi.Generic (1)
12:15:22.0585 1260  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:15:22.0640 1260  defragsvc - ok
12:15:22.0670 1260  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:15:22.0705 1260  DfsC - ok
12:15:22.0742 1260  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:15:22.0793 1260  Dhcp - ok
12:15:22.0826 1260  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:15:22.0881 1260  discache - ok
12:15:22.0935 1260  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:15:22.0948 1260  Disk - ok
12:15:23.0003 1260  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:15:23.0024 1260  Dnscache - ok
12:15:23.0057 1260  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:15:23.0096 1260  dot3svc - ok
12:15:23.0146 1260  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:15:23.0175 1260  Dot4 - ok
12:15:23.0202 1260  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:15:23.0233 1260  Dot4Print - ok
12:15:23.0250 1260  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:15:23.0273 1260  dot4usb - ok
12:15:23.0307 1260  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:15:23.0361 1260  DPS - ok
12:15:23.0400 1260  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:15:23.0424 1260  drmkaud - ok
12:15:23.0466 1260  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:15:23.0491 1260  DXGKrnl - ok
12:15:23.0514 1260  EagleX64 - ok
12:15:23.0550 1260  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:15:23.0600 1260  EapHost - ok
12:15:23.0665 1260  [ 1D69A83033930C20583D608C622CA56B ] easytether      C:\Windows\system32\DRIVERS\easytthr.sys
12:15:23.0677 1260  easytether - ok
12:15:23.0740 1260  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:15:23.0839 1260  ebdrv - ok
12:15:23.0875 1260  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
12:15:23.0917 1260  EFS - ok
12:15:24.0058 1260  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:15:24.0140 1260  ehRecvr - ok
12:15:24.0169 1260  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:15:24.0203 1260  ehSched - ok
12:15:24.0263 1260  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:15:24.0287 1260  elxstor - ok
12:15:24.0318 1260  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:15:24.0348 1260  ErrDev - ok
12:15:24.0395 1260  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:15:24.0449 1260  EventSystem - ok
12:15:24.0486 1260  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:15:24.0548 1260  exfat - ok
12:15:24.0563 1260  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:15:24.0623 1260  fastfat - ok
12:15:24.0678 1260  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:15:24.0728 1260  Fax - ok
12:15:24.0741 1260  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:15:24.0778 1260  fdc - ok
12:15:24.0808 1260  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:15:24.0854 1260  fdPHost - ok
12:15:24.0872 1260  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:15:24.0928 1260  FDResPub - ok
12:15:24.0945 1260  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:15:24.0959 1260  FileInfo - ok
12:15:24.0969 1260  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:15:25.0034 1260  Filetrace - ok
12:15:25.0101 1260  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:15:25.0131 1260  FLEXnet Licensing Service - ok
12:15:25.0246 1260  [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:15:25.0296 1260  FLEXnet Licensing Service 64 - ok
12:15:25.0350 1260  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:15:25.0382 1260  flpydisk - ok
12:15:25.0514 1260  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:15:25.0533 1260  FltMgr - ok
12:15:25.0587 1260  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
12:15:25.0666 1260  FontCache - ok
12:15:25.0729 1260  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:15:25.0742 1260  FontCache3.0.0.0 - ok
12:15:25.0761 1260  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:15:25.0775 1260  FsDepends - ok
12:15:25.0820 1260  [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
12:15:25.0830 1260  fssfltr - ok
12:15:25.0945 1260  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:15:25.0974 1260  fsssvc - ok
12:15:26.0014 1260  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:15:26.0030 1260  Fs_Rec - ok
12:15:26.0073 1260  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:15:26.0094 1260  fvevol - ok
12:15:26.0141 1260  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:15:26.0155 1260  gagp30kx - ok
12:15:26.0209 1260  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:15:26.0217 1260  GEARAspiWDM - ok
12:15:26.0261 1260  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:15:26.0331 1260  gpsvc - ok
12:15:26.0439 1260  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:15:26.0451 1260  gupdate - ok
12:15:26.0474 1260  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:15:26.0484 1260  gupdatem - ok
12:15:26.0521 1260  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:15:26.0533 1260  gusvc - ok
12:15:26.0559 1260  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
12:15:26.0569 1260  hamachi - ok
12:15:26.0788 1260  [ E24E88736B13BC54CA93E7F86A0F4FCF ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:15:26.0879 1260  Hamachi2Svc - ok
12:15:26.0920 1260  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:15:26.0964 1260  hcw85cir - ok
12:15:27.0013 1260  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:15:27.0062 1260  HdAudAddService - ok
12:15:27.0103 1260  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:15:27.0139 1260  HDAudBus - ok
12:15:27.0159 1260  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:15:27.0168 1260  HECIx64 - ok
12:15:27.0181 1260  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:15:27.0205 1260  HidBatt - ok
12:15:27.0218 1260  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:15:27.0250 1260  HidBth - ok
12:15:27.0267 1260  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:15:27.0285 1260  HidIr - ok
12:15:27.0314 1260  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
12:15:27.0352 1260  hidserv - ok
12:15:27.0396 1260  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:15:27.0421 1260  HidUsb - ok
12:15:27.0455 1260  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:15:27.0512 1260  hkmsvc - ok
12:15:27.0539 1260  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:15:27.0579 1260  HomeGroupListener - ok
12:15:27.0623 1260  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:15:27.0639 1260  HomeGroupProvider - ok
12:15:27.0779 1260  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:15:27.0789 1260  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:15:27.0789 1260  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
12:15:27.0830 1260  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:15:27.0845 1260  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:15:27.0845 1260  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
12:15:27.0859 1260  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:15:27.0873 1260  HpSAMD - ok
12:15:27.0904 1260  [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:15:27.0942 1260  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
12:15:27.0942 1260  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
12:15:27.0978 1260  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:15:28.0042 1260  HTTP - ok
12:15:28.0096 1260  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:15:28.0108 1260  hwpolicy - ok
12:15:28.0209 1260  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:15:28.0224 1260  i8042prt - ok
12:15:28.0273 1260  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:15:28.0288 1260  iaStor - ok
12:15:28.0306 1260  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:15:28.0327 1260  iaStorV - ok
12:15:28.0359 1260  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:15:28.0395 1260  idsvc - ok
12:15:28.0432 1260  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:15:28.0445 1260  iirsp - ok
12:15:28.0483 1260  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:15:28.0556 1260  IKEEXT - ok
12:15:28.0654 1260  [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:15:28.0697 1260  IntcAzAudAddService - ok
12:15:28.0726 1260  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:15:28.0740 1260  intelide - ok
12:15:28.0799 1260  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:15:28.0840 1260  intelppm - ok
12:15:28.0920 1260  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:15:28.0957 1260  IPBusEnum - ok
12:15:28.0991 1260  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:15:29.0039 1260  IpFilterDriver - ok
12:15:29.0076 1260  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:15:29.0134 1260  iphlpsvc - ok
12:15:29.0179 1260  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:15:29.0204 1260  IPMIDRV - ok
12:15:29.0231 1260  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:15:29.0272 1260  IPNAT - ok
12:15:29.0356 1260  [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:15:29.0395 1260  iPod Service - ok
12:15:29.0417 1260  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:15:29.0435 1260  IRENUM - ok
12:15:29.0449 1260  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:15:29.0462 1260  isapnp - ok
12:15:29.0481 1260  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:15:29.0499 1260  iScsiPrt - ok
12:15:29.0537 1260  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:15:29.0548 1260  kbdclass - ok
12:15:29.0565 1260  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:15:29.0581 1260  kbdhid - ok
12:15:29.0619 1260  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
12:15:29.0628 1260  kbfiltr - ok
12:15:29.0651 1260  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
12:15:29.0665 1260  KeyIso - ok
12:15:29.0698 1260  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:15:29.0714 1260  KSecDD - ok
12:15:29.0752 1260  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:15:29.0769 1260  KSecPkg - ok
12:15:29.0797 1260  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:15:29.0835 1260  ksthunk - ok
12:15:29.0985 1260  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:15:30.0065 1260  KtmRm - ok
12:15:30.0114 1260  [ B4A3A05B0F9C81D098B96AB6AA915042 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
12:15:30.0147 1260  L1C - ok
12:15:30.0201 1260  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:15:30.0252 1260  LanmanServer - ok
12:15:30.0305 1260  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:15:30.0354 1260  LanmanWorkstation - ok
12:15:30.0418 1260  [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
12:15:30.0429 1260  lirsgt - ok
12:15:30.0465 1260  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:15:30.0512 1260  lltdio - ok
12:15:30.0557 1260  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:15:30.0603 1260  lltdsvc - ok
12:15:30.0613 1260  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:15:30.0649 1260  lmhosts - ok
12:15:30.0730 1260  [ 02468469C450CD16FB66A56FAB70138B ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:15:30.0746 1260  LMIGuardianSvc - ok
12:15:30.0822 1260  [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:15:30.0847 1260  LMS ( UnsignedFile.Multi.Generic ) - warning
12:15:30.0847 1260  LMS - detected UnsignedFile.Multi.Generic (1)
12:15:30.0908 1260  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:15:30.0922 1260  LSI_FC - ok
12:15:30.0934 1260  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:15:30.0947 1260  LSI_SAS - ok
12:15:30.0955 1260  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:15:30.0968 1260  LSI_SAS2 - ok
12:15:30.0979 1260  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:15:30.0992 1260  LSI_SCSI - ok
12:15:31.0008 1260  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:15:31.0063 1260  luafv - ok
12:15:31.0169 1260  [ 4208B958E35F0E596AA241EFB664636B ] lxdxCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe
12:15:31.0238 1260  lxdxCATSCustConnectService - ok
12:15:31.0262 1260  lxdx_device - ok
12:15:31.0289 1260  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:15:31.0305 1260  Mcx2Svc - ok
12:15:31.0320 1260  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:15:31.0333 1260  megasas - ok
12:15:31.0351 1260  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:15:31.0369 1260  MegaSR - ok
12:15:31.0398 1260  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:15:31.0451 1260  MMCSS - ok
12:15:31.0463 1260  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:15:31.0512 1260  Modem - ok
12:15:31.0528 1260  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:15:31.0542 1260  monitor - ok
12:15:31.0568 1260  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:15:31.0582 1260  mouclass - ok
12:15:31.0609 1260  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:15:31.0632 1260  mouhid - ok
12:15:31.0678 1260  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:15:31.0694 1260  mountmgr - ok
12:15:31.0711 1260  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:15:31.0728 1260  mpio - ok
12:15:31.0741 1260  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:15:31.0795 1260  mpsdrv - ok
12:15:31.0858 1260  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:15:31.0936 1260  MpsSvc - ok
12:15:31.0982 1260  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:15:32.0035 1260  MRxDAV - ok
12:15:32.0069 1260  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:15:32.0100 1260  mrxsmb - ok
12:15:32.0131 1260  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:15:32.0147 1260  mrxsmb10 - ok
12:15:32.0163 1260  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:15:32.0193 1260  mrxsmb20 - ok
12:15:32.0221 1260  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:15:32.0234 1260  msahci - ok
12:15:32.0266 1260  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:15:32.0283 1260  msdsm - ok
12:15:32.0296 1260  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:15:32.0339 1260  MSDTC - ok
12:15:32.0374 1260  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:15:32.0440 1260  Msfs - ok
12:15:32.0474 1260  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:15:32.0528 1260  mshidkmdf - ok
12:15:32.0583 1260  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:15:32.0597 1260  msisadrv - ok
12:15:32.0630 1260  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:15:32.0685 1260  MSiSCSI - ok
12:15:32.0689 1260  msiserver - ok
12:15:32.0721 1260  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:15:32.0779 1260  MSKSSRV - ok
12:15:32.0792 1260  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:15:32.0846 1260  MSPCLOCK - ok
12:15:32.0856 1260  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:15:32.0907 1260  MSPQM - ok
12:15:32.0949 1260  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:15:32.0971 1260  MsRPC - ok
12:15:32.0985 1260  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:15:32.0997 1260  mssmbios - ok
12:15:33.0047 1260  MSSQL$SQLEXPRESS - ok
12:15:33.0164 1260  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
12:15:33.0177 1260  MSSQLServerADHelper100 - ok
12:15:33.0223 1260  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:15:33.0271 1260  MSTEE - ok
12:15:33.0291 1260  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:15:33.0322 1260  MTConfig - ok
12:15:33.0365 1260  [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
12:15:33.0735 1260  MTsensor - ok
12:15:33.0778 1260  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:15:33.0796 1260  Mup - ok
12:15:33.0829 1260  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:15:33.0899 1260  napagent - ok
12:15:33.0936 1260  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:15:33.0994 1260  NativeWifiP - ok
12:15:34.0035 1260  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:15:34.0077 1260  NDIS - ok
12:15:34.0099 1260  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:15:34.0135 1260  NdisCap - ok
12:15:34.0156 1260  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:15:34.0192 1260  NdisTapi - ok
12:15:34.0237 1260  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:15:34.0288 1260  Ndisuio - ok
12:15:34.0319 1260  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:15:34.0375 1260  NdisWan - ok
12:15:34.0426 1260  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:15:34.0466 1260  NDProxy - ok
12:15:34.0515 1260  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:15:34.0526 1260  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:15:34.0527 1260  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:15:34.0537 1260  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:15:34.0585 1260  NetBIOS - ok
12:15:34.0630 1260  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:15:34.0681 1260  NetBT - ok
12:15:34.0692 1260  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
12:15:34.0707 1260  Netlogon - ok
12:15:34.0751 1260  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:15:34.0805 1260  Netman - ok
12:15:34.0855 1260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:15:34.0886 1260  NetMsmqActivator - ok
12:15:34.0891 1260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:15:34.0901 1260  NetPipeActivator - ok
12:15:34.0927 1260  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:15:34.0972 1260  netprofm - ok
12:15:34.0976 1260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:15:34.0988 1260  NetTcpActivator - ok
12:15:34.0992 1260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:15:35.0004 1260  NetTcpPortSharing - ok
12:15:35.0050 1260  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:15:35.0064 1260  nfrd960 - ok
12:15:35.0110 1260  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:15:35.0165 1260  NlaSvc - ok
12:15:35.0223 1260  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
12:15:35.0232 1260  NPF - ok
12:15:35.0243 1260  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:15:35.0280 1260  Npfs - ok
12:15:35.0297 1260  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:15:35.0340 1260  nsi - ok
12:15:35.0363 1260  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:15:35.0399 1260  nsiproxy - ok
12:15:35.0435 1260  [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:15:35.0502 1260  Ntfs - ok
12:15:35.0533 1260  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:15:35.0576 1260  Null - ok
12:15:35.0610 1260  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:15:35.0625 1260  nvraid - ok
12:15:35.0641 1260  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:15:35.0658 1260  nvstor - ok
12:15:35.0681 1260  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:15:35.0696 1260  nv_agp - ok
12:15:35.0794 1260  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:15:35.0830 1260  odserv - ok
12:15:35.0863 1260  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:15:35.0891 1260  ohci1394 - ok
12:15:35.0938 1260  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:35.0951 1260  ose - ok
12:15:35.0985 1260  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:15:36.0029 1260  p2pimsvc - ok
12:15:36.0078 1260  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:15:36.0128 1260  p2psvc - ok
12:15:36.0160 1260  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:15:36.0185 1260  Parport - ok
12:15:36.0217 1260  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:15:36.0232 1260  partmgr - ok
12:15:36.0262 1260  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:15:36.0298 1260  PcaSvc - ok
12:15:36.0328 1260  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:15:36.0344 1260  pci - ok
12:15:36.0357 1260  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:15:36.0370 1260  pciide - ok
12:15:36.0387 1260  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:15:36.0405 1260  pcmcia - ok
12:15:36.0415 1260  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:15:36.0430 1260  pcw - ok
12:15:36.0446 1260  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:15:36.0504 1260  PEAUTH - ok
12:15:36.0634 1260  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:15:36.0658 1260  PerfHost - ok
12:15:36.0723 1260  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:15:36.0791 1260  pla - ok
12:15:36.0841 1260  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:15:36.0884 1260  PlugPlay - ok
12:15:36.0928 1260  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:15:36.0934 1260  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0934 1260  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:15:36.0974 1260  PnkBstrA - ok
12:15:36.0991 1260  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:15:37.0011 1260  PNRPAutoReg - ok
12:15:37.0032 1260  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:15:37.0049 1260  PNRPsvc - ok
12:15:37.0086 1260  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:15:37.0140 1260  PolicyAgent - ok
12:15:37.0177 1260  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:15:37.0216 1260  Power - ok
12:15:37.0262 1260  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:15:37.0307 1260  PptpMiniport - ok
12:15:37.0329 1260  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:15:37.0342 1260  Processor - ok
12:15:37.0360 1260  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
12:15:37.0400 1260  ProfSvc - ok
12:15:37.0415 1260  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:15:37.0429 1260  ProtectedStorage - ok
12:15:37.0459 1260  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:15:37.0508 1260  Psched - ok
12:15:37.0545 1260  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:15:37.0602 1260  ql2300 - ok
12:15:37.0633 1260  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:15:37.0648 1260  ql40xx - ok
12:15:37.0695 1260  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:15:37.0717 1260  QWAVE - ok
12:15:37.0729 1260  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:15:37.0763 1260  QWAVEdrv - ok
12:15:37.0782 1260  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:15:37.0831 1260  RasAcd - ok
12:15:37.0859 1260  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:15:37.0895 1260  RasAgileVpn - ok
12:15:37.0915 1260  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:15:37.0952 1260  RasAuto - ok
12:15:37.0981 1260  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:15:38.0020 1260  Rasl2tp - ok
12:15:38.0055 1260  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:15:38.0104 1260  RasMan - ok
12:15:38.0117 1260  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:15:38.0158 1260  RasPppoe - ok
12:15:38.0165 1260  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:15:38.0211 1260  RasSstp - ok
12:15:38.0234 1260  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:15:38.0278 1260  rdbss - ok
12:15:38.0294 1260  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:15:38.0339 1260  rdpbus - ok
12:15:38.0352 1260  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:15:38.0400 1260  RDPCDD - ok
12:15:38.0421 1260  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:15:38.0470 1260  RDPENCDD - ok
12:15:38.0490 1260  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:15:38.0544 1260  RDPREFMP - ok
12:15:38.0584 1260  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:15:38.0625 1260  RDPWD - ok
12:15:38.0673 1260  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:15:38.0691 1260  rdyboost - ok
12:15:38.0721 1260  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:15:38.0765 1260  RemoteAccess - ok
12:15:38.0813 1260  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:15:38.0877 1260  RemoteRegistry - ok
12:15:38.0915 1260  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:15:38.0942 1260  RFCOMM - ok
12:15:38.0952 1260  RimUsb - ok
12:15:38.0991 1260  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:15:39.0030 1260  RimVSerPort - ok
12:15:39.0038 1260  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
12:15:39.0074 1260  ROOTMODEM - ok
12:15:39.0101 1260  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
12:15:39.0113 1260  rpcapd - ok
12:15:39.0120 1260  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:15:39.0166 1260  RpcEptMapper - ok
12:15:39.0215 1260  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:15:39.0229 1260  RpcLocator - ok
12:15:39.0267 1260  [ 629FFC64EBD7B6321117821D24A102D9 ] RpcSs           C:\Windows\system32\rpcss.dll
12:15:39.0278 1260  RpcSs ( UnsignedFile.Multi.Generic ) - warning
12:15:39.0278 1260  RpcSs - detected UnsignedFile.Multi.Generic (1)
12:15:39.0338 1260  [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
12:15:39.0365 1260  RsFx0103 - ok
12:15:39.0380 1260  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:15:39.0441 1260  rspndr - ok
12:15:39.0489 1260  [ 483C537E69FA97C77F7FE0E2E1C1F102 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:15:39.0505 1260  RTHDMIAzAudService - ok
12:15:39.0519 1260  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
12:15:39.0532 1260  SamSs - ok
12:15:39.0578 1260  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:15:39.0594 1260  sbp2port - ok
12:15:39.0627 1260  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:15:39.0669 1260  SCardSvr - ok
12:15:39.0717 1260  [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
12:15:39.0729 1260  SCDEmu - ok
12:15:39.0759 1260  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:15:39.0798 1260  scfilter - ok
12:15:39.0912 1260  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:15:39.0981 1260  Schedule - ok
12:15:40.0026 1260  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:15:40.0063 1260  SCPolicySvc - ok
12:15:40.0082 1260  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:15:40.0130 1260  SDRSVC - ok
12:15:40.0167 1260  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:15:40.0222 1260  secdrv - ok
12:15:40.0261 1260  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:15:40.0296 1260  seclogon - ok
12:15:40.0341 1260  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
12:15:40.0389 1260  SENS - ok
12:15:40.0401 1260  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:15:40.0421 1260  SensrSvc - ok
12:15:40.0436 1260  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:15:40.0449 1260  Serenum - ok
12:15:40.0473 1260  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:15:40.0501 1260  Serial - ok
12:15:40.0544 1260  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:15:40.0573 1260  sermouse - ok
12:15:40.0604 1260  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:15:40.0655 1260  SessionEnv - ok
12:15:40.0667 1260  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:15:40.0695 1260  sffdisk - ok
12:15:40.0709 1260  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:15:40.0725 1260  sffp_mmc - ok
12:15:40.0734 1260  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:15:40.0750 1260  sffp_sd - ok
12:15:40.0756 1260  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:15:40.0770 1260  sfloppy - ok
12:15:40.0807 1260  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:15:40.0873 1260  SharedAccess - ok
12:15:40.0923 1260  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:15:40.0981 1260  ShellHWDetection - ok
12:15:40.0999 1260  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
12:15:41.0029 1260  SiSGbeLH - ok
12:15:41.0057 1260  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:15:41.0070 1260  SiSRaid2 - ok
12:15:41.0083 1260  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:15:41.0097 1260  SiSRaid4 - ok
12:15:41.0156 1260  [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:15:41.0173 1260  SkypeUpdate - ok
12:15:41.0188 1260  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:15:41.0225 1260  Smb - ok
12:15:41.0277 1260  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:15:41.0310 1260  SNMPTRAP - ok
12:15:41.0366 1260  [ 7AEC460DBDD193680F0E77724E40E7B6 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
12:15:41.0401 1260  SNP2UVC - ok
12:15:41.0415 1260  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:15:41.0428 1260  spldr - ok
12:15:41.0486 1260  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
12:15:41.0539 1260  Spooler - ok
12:15:41.0621 1260  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:15:41.0729 1260  sppsvc - ok
12:15:41.0739 1260  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:15:41.0788 1260  sppuinotify - ok
12:15:41.0840 1260  [ C1F1E964D5FA733F7A4E641F07D6C8B5 ] sptd            C:\Windows\system32\Drivers\sptd.sys
12:15:41.0840 1260  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: C1F1E964D5FA733F7A4E641F07D6C8B5
12:15:41.0841 1260  sptd ( LockedFile.Multi.Generic ) - warning
12:15:41.0841 1260  sptd - detected LockedFile.Multi.Generic (1)
12:15:41.0938 1260  [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
12:15:41.0957 1260  SQLAgent$SQLEXPRESS - ok
12:15:42.0005 1260  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:15:42.0020 1260  SQLBrowser - ok
12:15:42.0053 1260  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:15:42.0065 1260  SQLWriter - ok
12:15:42.0108 1260  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:15:42.0146 1260  srv - ok
12:15:42.0169 1260  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:15:42.0202 1260  srv2 - ok
12:15:42.0217 1260  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:15:42.0245 1260  srvnet - ok
12:15:42.0292 1260  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:15:42.0347 1260  SSDPSRV - ok
12:15:42.0362 1260  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:15:42.0399 1260  SstpSvc - ok
12:15:42.0515 1260  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
12:15:42.0534 1260  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
12:15:42.0534 1260  StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
12:15:42.0605 1260  [ A87A39F9B42D82F5D60D36BB1D3CC9D3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:15:42.0635 1260  Steam Client Service - ok
12:15:42.0665 1260  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:15:42.0677 1260  stexstor - ok
12:15:42.0717 1260  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:15:42.0772 1260  stisvc - ok
12:15:42.0791 1260  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:15:42.0802 1260  swenum - ok
12:15:42.0882 1260  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:15:42.0914 1260  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:15:42.0914 1260  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:15:42.0953 1260  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:15:42.0997 1260  swprv - ok
12:15:43.0018 1260  [ 2F827BB08CC7F1A17DF2EAD7B424D731 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:15:43.0032 1260  SynTP - ok
12:15:43.0087 1260  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:15:43.0150 1260  SysMain - ok
12:15:43.0184 1260  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:15:43.0219 1260  TabletInputService - ok
12:15:43.0240 1260  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:15:43.0281 1260  TapiSrv - ok
12:15:43.0296 1260  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:15:43.0345 1260  TBS - ok
12:15:43.0417 1260  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:15:43.0478 1260  Tcpip - ok
12:15:43.0531 1260  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:15:43.0569 1260  TCPIP6 - ok
12:15:43.0602 1260  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:15:43.0644 1260  tcpipreg - ok
12:15:43.0680 1260  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:15:43.0722 1260  TDPIPE - ok
12:15:43.0753 1260  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:15:43.0767 1260  TDTCP - ok
12:15:43.0795 1260  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:15:43.0848 1260  tdx - ok
12:15:43.0876 1260  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:15:43.0888 1260  TermDD - ok
12:15:43.0908 1260  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:15:43.0976 1260  TermService - ok
12:15:44.0001 1260  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:15:44.0024 1260  Themes - ok
12:15:44.0071 1260  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:15:44.0108 1260  THREADORDER - ok
12:15:44.0135 1260  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:15:44.0193 1260  TrkWks - ok
12:15:44.0246 1260  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:15:44.0293 1260  TrustedInstaller - ok
12:15:44.0324 1260  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:15:44.0375 1260  tssecsrv - ok
12:15:44.0429 1260  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:15:44.0472 1260  TsUsbFlt - ok
12:15:44.0518 1260  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:15:44.0569 1260  tunnel - ok
12:15:44.0597 1260  [ C45A3E051C65106A28982CAED125F855 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
12:15:44.0607 1260  TurboB - ok
12:15:44.0647 1260  [ BAEF86EBEAECE76573FA822DEA256F6C ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:15:44.0659 1260  TurboBoost - ok
12:15:44.0693 1260  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:15:44.0707 1260  uagp35 - ok
12:15:44.0729 1260  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:15:44.0770 1260  udfs - ok
12:15:44.0803 1260  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:15:44.0834 1260  UI0Detect - ok
12:15:44.0860 1260  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:15:44.0873 1260  uliagpkx - ok
12:15:44.0925 1260  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
12:15:44.0939 1260  umbus - ok
12:15:44.0960 1260  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:15:44.0974 1260  UmPass - ok
12:15:45.0079 1260  [ 41118D920B2B268C0ADC36421248CDCF ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:15:45.0153 1260  UNS ( UnsignedFile.Multi.Generic ) - warning
12:15:45.0153 1260  UNS - detected UnsignedFile.Multi.Generic (1)
12:15:45.0184 1260  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:15:45.0239 1260  upnphost - ok
12:15:45.0283 1260  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:15:45.0301 1260  USBAAPL64 - ok
12:15:45.0346 1260  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:15:45.0371 1260  usbaudio - ok
12:15:45.0405 1260  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:15:45.0426 1260  usbccgp - ok
12:15:45.0450 1260  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:15:45.0466 1260  usbcir - ok
12:15:45.0481 1260  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:15:45.0495 1260  usbehci - ok
12:15:45.0517 1260  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
12:15:45.0547 1260  usbhub - ok
12:15:45.0566 1260  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:15:45.0587 1260  usbohci - ok
12:15:45.0630 1260  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:15:45.0654 1260  usbprint - ok
12:15:45.0692 1260  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:15:45.0709 1260  usbscan - ok
12:15:45.0720 1260  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:15:45.0735 1260  USBSTOR - ok
12:15:45.0749 1260  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:15:45.0779 1260  usbuhci - ok
12:15:45.0805 1260  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:15:45.0841 1260  usbvideo - ok
12:15:45.0880 1260  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:15:45.0926 1260  UxSms - ok
12:15:45.0947 1260  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:15:45.0961 1260  VaultSvc - ok
12:15:45.0972 1260  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:15:45.0985 1260  vdrvroot - ok
12:15:46.0025 1260  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:15:46.0079 1260  vds - ok
12:15:46.0117 1260  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:15:46.0142 1260  vga - ok
12:15:46.0154 1260  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:15:46.0199 1260  VgaSave - ok
12:15:46.0230 1260  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:15:46.0246 1260  vhdmp - ok
12:15:46.0254 1260  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:15:46.0267 1260  viaide - ok
12:15:46.0277 1260  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:15:46.0291 1260  volmgr - ok
12:15:46.0330 1260  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:15:46.0349 1260  volmgrx - ok
12:15:46.0367 1260  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:15:46.0385 1260  volsnap - ok
12:15:46.0410 1260  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:15:46.0426 1260  vsmraid - ok
12:15:46.0485 1260  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:15:46.0573 1260  VSS - ok
12:15:46.0587 1260  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:15:46.0614 1260  vwifibus - ok
12:15:46.0632 1260  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:15:46.0658 1260  vwififlt - ok
12:15:46.0699 1260  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:15:46.0742 1260  W32Time - ok
12:15:46.0759 1260  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:15:46.0788 1260  WacomPen - ok
12:15:46.0832 1260  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:15:46.0875 1260  WANARP - ok
12:15:46.0883 1260  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:15:46.0923 1260  Wanarpv6 - ok
12:15:46.0991 1260  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:15:47.0038 1260  WatAdminSvc - ok
12:15:47.0092 1260  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:15:47.0171 1260  wbengine - ok
12:15:47.0188 1260  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:15:47.0219 1260  WbioSrvc - ok
12:15:47.0251 1260  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:15:47.0290 1260  wcncsvc - ok
12:15:47.0305 1260  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:15:47.0353 1260  WcsPlugInService - ok
12:15:47.0379 1260  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:15:47.0392 1260  Wd - ok
12:15:47.0410 1260  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:15:47.0436 1260  Wdf01000 - ok
12:15:47.0452 1260  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:15:47.0525 1260  WdiServiceHost - ok
12:15:47.0529 1260  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:15:47.0548 1260  WdiSystemHost - ok
12:15:47.0580 1260  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
12:15:47.0609 1260  WebClient - ok
12:15:47.0623 1260  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:15:47.0677 1260  Wecsvc - ok
12:15:47.0691 1260  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:15:47.0730 1260  wercplsupport - ok
12:15:47.0755 1260  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:15:47.0809 1260  WerSvc - ok
12:15:47.0835 1260  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:15:47.0871 1260  WfpLwf - ok
12:15:47.0901 1260  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
12:15:47.0917 1260  WimFltr - ok
12:15:47.0947 1260  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:15:47.0960 1260  WIMMount - ok
12:15:47.0983 1260  WinDefend - ok
12:15:47.0989 1260  WinHttpAutoProxySvc - ok
12:15:48.0056 1260  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:15:48.0112 1260  Winmgmt - ok
12:15:48.0163 1260  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:15:48.0247 1260  WinRM - ok
12:15:48.0298 1260  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:15:48.0314 1260  WinUsb - ok
12:15:48.0354 1260  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:15:48.0406 1260  Wlansvc - ok
12:15:48.0525 1260  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:15:48.0595 1260  wlidsvc - ok
12:15:48.0609 1260  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:15:48.0635 1260  WmiAcpi - ok
12:15:48.0670 1260  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:15:48.0696 1260  wmiApSrv - ok
12:15:48.0733 1260  WMPNetworkSvc - ok
12:15:48.0748 1260  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:15:48.0774 1260  WPCSvc - ok
12:15:48.0802 1260  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:15:48.0820 1260  WPDBusEnum - ok
12:15:48.0848 1260  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:15:48.0895 1260  ws2ifsl - ok
12:15:48.0913 1260  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
12:15:48.0953 1260  wscsvc - ok
12:15:48.0956 1260  WSearch - ok
12:15:49.0016 1260  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:15:49.0089 1260  wuauserv - ok
12:15:49.0123 1260  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:15:49.0159 1260  WudfPf - ok
12:15:49.0174 1260  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:15:49.0209 1260  WUDFRd - ok
12:15:49.0242 1260  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:15:49.0275 1260  wudfsvc - ok
12:15:49.0294 1260  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:15:49.0325 1260  WwanSvc - ok
12:15:49.0359 1260  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
12:15:49.0394 1260  xnacc - ok
12:15:49.0431 1260  [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
12:15:49.0441 1260  xusb21 - ok
12:15:49.0476 1260  ================ Scan global ===============================
12:15:49.0506 1260  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:15:49.0545 1260  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:15:49.0555 1260  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:15:49.0591 1260  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:15:49.0627 1260  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:15:49.0633 1260  [Global] - ok
12:15:49.0634 1260  ================ Scan MBR ==================================
12:15:49.0643 1260  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:15:50.0120 1260  \Device\Harddisk0\DR0 - ok
12:15:50.0120 1260  ================ Scan VBR ==================================
12:15:50.0122 1260  [ 5BB84F61EA4CCC4C888039CBD350FEAC ] \Device\Harddisk0\DR0\Partition1
12:15:50.0124 1260  \Device\Harddisk0\DR0\Partition1 - ok
12:15:50.0127 1260  [ BC1F9114AB3E498CE855A54F9CB81FE9 ] \Device\Harddisk0\DR0\Partition2
12:15:50.0130 1260  \Device\Harddisk0\DR0\Partition2 - ok
12:15:50.0130 1260  ============================================================
12:15:50.0130 1260  Scan finished
12:15:50.0130 1260  ============================================================
12:15:50.0139 4304  Detected object count: 14
12:15:50.0139 4304  Actual detected object count: 14
12:16:53.0197 4304  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0197 4304  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0198 4304  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0198 4304  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0198 4304  DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0199 4304  DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0199 4304  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0199 4304  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0200 4304  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0201 4304  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0202 4304  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0202 4304  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0203 4304  LMS ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0203 4304  LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0205 4304  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0205 4304  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0205 4304  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0205 4304  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0206 4304  RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0206 4304  RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0207 4304  sptd ( LockedFile.Multi.Generic ) - skipped by user
12:16:53.0207 4304  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0208 4304  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0208 4304  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0209 4304  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0209 4304  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:16:53.0210 4304  UNS ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:53.0210 4304  UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
 
 
 
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-15 12:18:38
-----------------------------
12:18:38.612    OS Version: Windows x64 6.1.7601 Service Pack 1
12:18:38.612    Number of processors: 8 586 0x1E05
12:18:38.613    ComputerName: LOLWUT  UserName: Beat
12:18:41.619    Initialize success
12:18:53.497    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:18:53.501    Disk 0 Vendor: ST950042 0002 Size: 476940MB BusType: 3
12:18:53.762    Disk 0 MBR read successfully
12:18:53.766    Disk 0 MBR scan
12:18:53.769    Disk 0 Windows VISTA default MBR code
12:18:53.785    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    20001 MB offset 2048
12:18:53.798    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       119232 MB offset 40965750
12:18:53.802    Disk 0 Partition - 00     0F Extended LBA            337702 MB offset 285153750
12:18:53.844    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       337702 MB offset 285153813
12:18:53.922    Disk 0 scanning C:\Windows\system32\drivers
12:19:09.713    Service scanning
12:19:24.721    Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
12:19:29.664    Modules scanning
12:19:29.677    Disk 0 trace - called modules:
12:19:29.693    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys sptd.sys hal.dll 
12:19:29.699    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e4b790]
12:19:29.707    3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8007bf6550]
12:19:29.715    5 ACPI.sys[fffff88000ee57a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007bfb050]
12:19:29.722    Scan finished successfully
12:19:40.239    Disk 0 MBR has been saved successfully to "C:\Users\Beat\Desktop\logs\MBR.dat"
12:19:40.246    The log file has been saved successfully to "C:\Users\Beat\Desktop\logs\aswMBR.txt"
 
 
 

Attached Files

  • Attached File  MBR.zip   569bytes   0 downloads


#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:52 AM

Posted 15 January 2014 - 02:36 PM

The Master Boot Record is good.

===

Did you install this extension?
FF - component: C:\Users\Beat\AppData\Roaming\Mozilla\Firefox\Profiles\ivw0b7yp.default\extensions\firesheep@codebutler.com\platform\WINNT_x86-msvc\components\mozpopen.dll

Information: http://www.systemlookup.com/FF_Extensions/1317-Firesheep.html
===

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.mydigitallife.info/2007/02/17/how-to-open-elevated-command-prompt-with-administrator-privileges-in-windows-vista/
<<<>>>

If still no joy and you are connected via a router it just might be that it's corrupted.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html

Keep me posted.

#14 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 15 January 2014 - 02:57 PM

I don't remember installing that extension for firefox, but its possible that I did long ago.

 

I never re-installed firefox after you asked me to uninstall it because I figured that I exclusively use chrome, and I always have IE as a backup.

 

Are you saying that I should reset my router if I was unable to complete the Command Prompt tasks? I completed them with no problem but have not reset my router yet. 



#15 superfresh

superfresh
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 15 January 2014 - 03:05 PM

i decided to go ahead and reset my router anyways. So now I've completed all the steps in your previous post.

 

edit: the problem persists.


Edited by superfresh, 15 January 2014 - 03:06 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users