malwarebytes not finding malware, issues with running scan and bluescreen

Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
okay, I just copied all that down since I have to close everything to complete it, will return with the results..
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
I think you only requested the last 2 logs but I am posting them all in case of any errors.. I didnt realize I still had an iTunes window open until after I clicked the Combo-fix.. I don't think it harmed anything but here are the logs, also there was 2 Combofix logs but I only see 1, maybe it was supposed to delete the other? or maybe they are both in the one file.. not sure but I'm sure you know why, lol...
Combofix:
ComboFix 13-01-29.01 - Michelle 01/29/2013 10:18:26.2.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3998.1648 [GMT -5:00]
Running from: c:\users\Michelle\Desktop\Combo-fix.exe
Command switches used :: c:\users\Michelle\Desktop\CFscript.txt
AV: Webroot SecureAnywhere *Disabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Webroot SecureAnywhere *Disabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Michelle\AppData\Local\Temp\DNS.exe"
"c:\users\Michelle\AppData\Local\Temp\Runner.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michelle\AppData\Local\visi_coupon
c:\users\Michelle\AppData\Local\visi_coupon\merchants.dat2
.
.
((((((((((((((((((((((((( Files Created from 2012-12-28 to 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 15:48 . 2013-01-29 15:48 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2013-01-29 15:48 . 2013-01-29 15:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-29 07:08 . 2013-01-29 07:08 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E2D4AC6A-B684-481F-8D1C-0F2E5881F17A}\offreg.dll
2013-01-29 06:46 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E2D4AC6A-B684-481F-8D1C-0F2E5881F17A}\mpengine.dll
2013-01-28 22:02 . 2013-01-28 22:02 -------- d-----w- c:\users\Michelle\AppData\Roaming\CyberLink
2013-01-28 22:02 . 2013-01-28 22:02 -------- d-----w- c:\users\Public\CyberLink
2013-01-28 19:17 . 2013-01-28 19:17 -------- d-----w- C:\FRST
2013-01-27 02:51 . 2013-01-27 02:51 -------- d-----w- c:\users\Michelle\AppData\Roaming\Malwarebytes
2013-01-27 02:51 . 2013-01-27 02:51 -------- d-----w- c:\programdata\Malwarebytes
2013-01-27 02:51 . 2013-01-27 02:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-27 02:51 . 2012-12-14 21:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-27 00:29 . 2013-01-27 23:10 -------- d-----w- c:\users\Michelle\AppData\Roaming\QuickScan
2013-01-25 18:30 . 2013-01-25 18:30 -------- d-----w- c:\users\Michelle\AppData\Roaming\SUPERAntiSpyware.com
2013-01-25 18:28 . 2013-01-25 18:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-01-25 18:28 . 2013-01-25 18:28 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-01-25 04:29 . 2013-01-25 04:28 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-01-25 04:29 . 2013-01-25 04:28 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-09 14:05 . 2012-11-20 04:21 253952 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 14:05 . 2012-11-20 04:22 204288 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 14:04 . 2012-11-23 01:54 2770432 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 14:04 . 2012-11-02 10:47 1869824 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 14:04 . 2012-11-02 10:47 1794560 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 14:04 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 14:04 . 2012-11-02 10:19 1248768 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 14:02 . 2012-11-22 04:22 456192 ----a-w- c:\windows\system32\shlwapi.dll
2013-01-03 01:37 . 2013-01-03 01:37 -------- d-----w- c:\users\Michelle\AppData\Local\IsolatedStorage
2012-12-30 21:54 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-30 21:41 . 2012-12-16 13:31 48128 ----a-w- c:\windows\system32\atmlib.dll
2012-12-30 21:41 . 2012-12-16 13:12 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-30 21:41 . 2012-12-16 11:08 368128 ----a-w- c:\windows\system32\atmfd.dll
2012-12-30 21:41 . 2012-12-16 10:50 293376 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-30 21:04 . 2012-12-30 21:04 49872 ----a-w- c:\windows\system32\drivers\bmepmwfm.sys
2012-12-30 16:32 . 2012-12-30 16:46 -------- d-----w- C:\Temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-25 04:28 . 2011-07-09 15:02 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-25 04:12 . 2012-06-21 18:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-25 04:12 . 2011-05-19 13:57 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-24 03:16 . 2006-11-02 12:35 67599240 ----a-w- c:\windows\system32\mrt.exe
2012-12-19 23:59 . 2012-04-03 21:22 151880 ----a-w- c:\windows\SysWow64\WRusr.dll
2012-12-19 23:59 . 2012-04-03 21:22 111776 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2012-12-19 23:59 . 2012-04-03 21:22 105024 ----a-w- c:\windows\system32\WRusr.dll
2012-11-14 18:43 . 2012-11-14 18:43 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-14 18:43 . 2012-11-14 18:43 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-14 18:43 . 2012-11-14 18:43 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-14 18:43 . 2012-11-14 18:43 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-14 18:43 . 2012-11-14 18:43 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-14 18:43 . 2012-11-14 18:43 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-14 18:43 . 2012-11-14 18:43 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-14 18:43 . 2012-11-14 18:43 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-14 18:43 . 2012-11-14 18:43 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-14 18:42 . 2012-11-14 18:42 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-14 18:42 . 2012-11-14 18:42 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-14 18:42 . 2012-11-14 18:42 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-14 18:42 . 2012-11-14 18:42 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-14 18:42 . 2012-11-14 18:42 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-14 18:42 . 2012-11-14 18:42 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-14 18:42 . 2012-11-14 18:42 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-14 18:42 . 2012-11-14 18:42 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-14 18:42 . 2012-11-14 18:42 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-14 18:42 . 2012-11-14 18:42 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-14 18:42 . 2012-11-14 18:42 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-14 18:42 . 2012-11-14 18:42 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-14 18:42 . 2012-11-14 18:42 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-14 18:42 . 2012-11-14 18:42 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-14 18:42 . 2012-11-14 18:42 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-14 18:42 . 2012-11-14 18:42 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-14 18:42 . 2012-11-14 18:42 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-14 18:42 . 2012-11-14 18:42 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-14 18:42 . 2012-11-14 18:42 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-14 18:42 . 2012-11-14 18:42 448512 ----a-w- c:\windows\system32\html.iec
2012-11-14 18:42 . 2012-11-14 18:42 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-11-14 18:42 . 2012-11-14 18:42 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-14 18:42 . 2012-11-14 18:42 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-14 18:42 . 2012-11-14 18:42 136192 ----a-w- c:\windows\system32\advpack.dll
2012-11-14 18:42 . 2012-11-14 18:42 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-14 18:42 . 2012-11-14 18:42 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-14 18:42 . 2012-11-14 18:42 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-14 18:42 . 2012-11-14 18:42 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-14 18:42 . 2012-11-14 18:42 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-14 18:42 . 2012-11-14 18:42 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-14 18:42 . 2012-11-14 18:42 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-14 18:42 . 2012-11-14 18:42 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-11-14 18:42 . 2012-11-14 18:42 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-11-14 18:42 . 2012-11-14 18:42 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-11-14 18:42 . 2012-11-14 18:42 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-14 18:42 . 2012-11-14 18:42 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-14 18:42 . 2012-11-14 18:42 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-11-14 18:42 . 2012-11-14 18:42 160256 ----a-w- c:\windows\system32\wextract.exe
2012-11-14 18:42 . 2012-11-14 18:42 103936 ----a-w- c:\windows\system32\inseng.dll
2012-11-14 18:42 . 2012-11-14 18:42 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-14 18:42 . 2012-11-14 18:42 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-13 01:45 . 2012-12-12 09:07 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-13 01:29 . 2012-12-12 09:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 10:45 . 2012-12-13 06:59 477696 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 10:45 . 2012-12-13 06:59 68096 ----a-w- c:\windows\system32\dpnathlp.dll
2012-11-02 10:18 . 2012-12-13 06:59 376320 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-11-02 08:59 . 2012-12-13 06:59 26112 ----a-w- c:\windows\system32\dpnsvr.exe
2012-11-02 08:26 . 2012-12-13 06:59 23040 ----a-w- c:\windows\SysWow64\dpnsvr.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-11-26 1525088]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"HPAdvisor"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-09-30 972080]
"Facebook Update"="c:\users\Michelle\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-09-26 1152296]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-26 189736]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-08-24 887976]
"WRSVC"="c:\program files (x86)\Webroot\WRSA.exe" [2012-12-19 733808]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe [2008-06-27 89088]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-25 04:40 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3488472860-609737526-646370250-1000Core.job
- c:\users\Michelle\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-29 20:46]
.
2013-01-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3488472860-609737526-646370250-1000UA.job
- c:\users\Michelle\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-29 20:46]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-29 21:14]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-29 21:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-25 153624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-25 225816]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-25 199704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1533736]
"SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
"lxdumon.exe"="c:\program files (x86)\Lexmark 5600-6600 Series\lxdumon.exe" [2008-09-10 676520]
"lxduamon"="c:\program files (x86)\Lexmark 5600-6600 Series\lxduamon.exe" [2008-09-10 16040]
"SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [BU]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\
FF - prefs.js: browser.startup.homepage - www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-30 11:26; plugin@selectionlinks.com; c:\users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\plugin@selectionlinks.com
FF - ExtSQL: 2012-12-30 16:02; {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}; c:\program files (x86)\Mozilla Firefox\extensions\{40D65E82-75AC-47CA-8A73-1CEDC2668EFF}
FF - ExtSQL: 2013-01-24 18:59; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - ExtSQL: 2013-01-26 22:03; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{300BEC06-B743-4D19-86B9-11DC711D7FFB} - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{1E61ED7C-7CB8-49D6-B9E9-AB4C880C8414}"=hex:51,66,7a,6c,4c,1d,38,12,12,ee,72,
1a,8a,32,b8,0c,c6,ff,e8,0c,8d,52,c0,00
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}"=hex:51,66,7a,6c,4c,1d,38,12,7e,e6,d6,
d6,5f,f0,a2,07,e0,77,a7,b9,3c,59,c0,60
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:3f,a5,87,e6,1b,ca,cd,01
.
[HKEY_USERS\S-1-5-21-3488472860-609737526-646370250-1000\È a*Ä*_*w*a*r*e*\Webroot\Log]
"WRFrame.exe_lflast"=dword:0000000c
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2013-01-29 10:50:06
ComboFix-quarantined-files.txt 2013-01-29 15:50
ComboFix2.txt 2013-01-28 21:37
.
Pre-Run: 411,508,326,400 bytes free
Post-Run: 411,483,148,288 bytes free
.
- - End Of File - - 2244CC97D89D8568B2CDC3DF007E832B

Adware:

# AdwCleaner v2.109 - Logfile created 01/29/2013 at 10:59:51
# Updated 26/01/2013 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# User : Michelle - MICHELLE-PC
# Boot Mode : Normal
# Running from : C:\Users\Michelle\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Ask.com
Deleted on reboot : C:\ProgramData\Ask
Deleted on reboot : C:\Users\Michelle\AppData\Local\Conduit
Deleted on reboot : C:\Users\Michelle\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\Michelle\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Michelle\AppData\LocalLow\PriceGong
Deleted on reboot : C:\Users\Michelle\AppData\LocalLow\Toolbar4
Deleted on reboot : C:\Users\Michelle\AppData\Roaming\iWin
Deleted on reboot : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F42D4712-298F-4502-8668-7B9940C3FB00}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3018509
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\prefs.js

C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\user.js ... Deleted !

Deleted : user_pref("extensions.wajam.affiliate_id", "5922");
Deleted : user_pref("extensions.wajam.firstrun", "false");
Deleted : user_pref("extensions.wajam.log_send_info", "false");
Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\[...]
Deleted : user_pref("extensions.wajam.no_trace", "false");
Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
Deleted : user_pref("extensions.wajam.trace_log", "1356884951654 - processSiteLookup - Error Message: can't ac[...]
Deleted : user_pref("extensions.wajam.unique_id", "E9F44ADF8FEC2D56D096FE41A16EB66B");
Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Deleted : user_pref("extensions.wajam.version", "1.26");

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [10520 octets] - [29/01/2013 10:59:51]

########## EOF - C:\AdwCleaner[S1].txt - [10581 octets] ##########

TDSS log 1:

11:08:50.0712 4972 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:08:51.0012 4972 ============================================================
11:08:51.0012 4972 Current date / time: 2013/01/29 11:08:51.0012
11:08:51.0012 4972 SystemInfo:
11:08:51.0012 4972
11:08:51.0012 4972 OS Version: 6.0.6002 ServicePack: 2.0
11:08:51.0012 4972 Product type: Workstation
11:08:51.0012 4972 ComputerName: MICHELLE-PC
11:08:51.0012 4972 UserName: Michelle
11:08:51.0012 4972 Windows directory: C:\Windows
11:08:51.0012 4972 System windows directory: C:\Windows
11:08:51.0012 4972 Running under WOW64
11:08:51.0012 4972 Processor architecture: Intel x64
11:08:51.0012 4972 Number of processors: 2
11:08:51.0012 4972 Page size: 0x1000
11:08:51.0012 4972 Boot type: Normal boot
11:08:51.0012 4972 ============================================================
11:08:53.0917 4972 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:08:53.0925 4972 ============================================================
11:08:53.0925 4972 \Device\Harddisk0\DR0:
11:08:53.0951 4972 MBR partitions:
11:08:53.0951 4972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38A92FC1
11:08:53.0951 4972 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38A93000, BlocksNum 0x18F1800
11:08:53.0951 4972 ============================================================
11:08:54.0118 4972 C: <-> \Device\Harddisk0\DR0\Partition1
11:08:55.0113 4972 D: <-> \Device\Harddisk0\DR0\Partition2
11:08:55.0114 4972 ============================================================
11:08:55.0114 4972 Initialize success
11:08:55.0114 4972 ============================================================
11:10:21.0238 3172 Deinitialize success

TDSS Log 2:
11:13:43.0298 0384 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:13:43.0844 0384 ============================================================
11:13:43.0844 0384 Current date / time: 2013/01/29 11:13:43.0844
11:13:43.0844 0384 SystemInfo:
11:13:43.0844 0384
11:13:43.0844 0384 OS Version: 6.0.6002 ServicePack: 2.0
11:13:43.0844 0384 Product type: Workstation
11:13:43.0844 0384 ComputerName: MICHELLE-PC
11:13:43.0844 0384 UserName: Michelle
11:13:43.0844 0384 Windows directory: C:\Windows
11:13:43.0844 0384 System windows directory: C:\Windows
11:13:43.0844 0384 Running under WOW64
11:13:43.0844 0384 Processor architecture: Intel x64
11:13:43.0844 0384 Number of processors: 2
11:13:43.0844 0384 Page size: 0x1000
11:13:43.0844 0384 Boot type: Normal boot
11:13:43.0844 0384 ============================================================
11:13:47.0229 0384 BG loaded
11:13:48.0992 0384 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:13:49.0007 0384 ============================================================
11:13:49.0007 0384 \Device\Harddisk0\DR0:
11:13:49.0007 0384 MBR partitions:
11:13:49.0007 0384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38A92FC1
11:13:49.0007 0384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38A93000, BlocksNum 0x18F1800
11:13:49.0007 0384 ============================================================
11:13:49.0272 0384 C: <-> \Device\Harddisk0\DR0\Partition1
11:13:49.0616 0384 D: <-> \Device\Harddisk0\DR0\Partition2
11:13:49.0616 0384 ============================================================
11:13:49.0616 0384 Initialize success
11:13:49.0616 0384 ============================================================
11:14:18.0659 4008 ============================================================
11:14:18.0659 4008 Scan started
11:14:18.0659 4008 Mode: Manual; SigCheck; TDLFS;
11:14:18.0659 4008 ============================================================
11:14:20.0904 4008 ================ Scan system memory ========================
11:14:20.0904 4008 System memory - ok
11:14:20.0910 4008 ================ Scan services =============================
11:14:21.0439 4008 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:14:21.0592 4008 !SASCORE - ok
11:14:22.0539 4008 [ 60FBB29CCCE48B4C3A6517CAF42C3496 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
11:14:22.0558 4008 Accelerometer - ok
11:14:22.0769 4008 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:14:22.0819 4008 ACPI - ok
11:14:23.0138 4008 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:14:23.0156 4008 AdobeARMservice - ok
11:14:23.0400 4008 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:14:23.0463 4008 adp94xx - ok
11:14:23.0741 4008 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:14:23.0789 4008 adpahci - ok
11:14:23.0830 4008 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:14:23.0863 4008 adpu160m - ok
11:14:23.0874 4008 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:14:23.0913 4008 adpu320 - ok
11:14:24.0031 4008 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:14:24.0801 4008 AeLookupSvc - ok
11:14:25.0048 4008 [ 7F66523A27754AFCFECAE2F5EB643A4A ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
11:14:25.0185 4008 AESTFilters - ok
11:14:25.0355 4008 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
11:14:25.0505 4008 AFD - ok
11:14:25.0603 4008 [ 8B0D8B5BAFD4C9D57B41426BC68B32F9 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
11:14:25.0753 4008 AgereModemAudio - ok
11:14:25.0871 4008 [ 3627A62B10284FFBF862BFD49928EDF4 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
11:14:25.0942 4008 AgereSoftModem - ok
11:14:26.0018 4008 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:14:26.0050 4008 agp440 - ok
11:14:26.0090 4008 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:14:26.0122 4008 aic78xx - ok
11:14:26.0183 4008 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
11:14:26.0775 4008 ALG - ok
11:14:26.0842 4008 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
11:14:26.0873 4008 aliide - ok
11:14:26.0879 4008 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
11:14:26.0911 4008 amdide - ok
11:14:26.0956 4008 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:14:27.0058 4008 AmdK8 - ok
11:14:27.0146 4008 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
11:14:27.0235 4008 Appinfo - ok
11:14:28.0118 4008 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:14:28.0131 4008 Apple Mobile Device - ok
11:14:28.0214 4008 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
11:14:28.0248 4008 arc - ok
11:14:28.0316 4008 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:14:28.0357 4008 arcsas - ok
11:14:28.0386 4008 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:14:28.0455 4008 AsyncMac - ok
11:14:28.0508 4008 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
11:14:28.0526 4008 atapi - ok
11:14:28.0674 4008 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:14:28.0832 4008 AudioEndpointBuilder - ok
11:14:28.0905 4008 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:14:28.0960 4008 AudioSrv - ok
11:14:29.0046 4008 [ A4815907B039121D8D9221695CDC35F7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:14:29.0123 4008 BCM43XX - ok
11:14:29.0130 4008 Beep - ok
11:14:29.0226 4008 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
11:14:29.0334 4008 BFE - ok
11:14:29.0452 4008 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
11:14:29.0578 4008 BITS - ok
11:14:29.0659 4008 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:14:29.0883 4008 blbdrive - ok
11:14:29.0979 4008 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:14:30.0008 4008 Bonjour Service - ok
11:14:30.0109 4008 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:14:30.0280 4008 bowser - ok
11:14:30.0365 4008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:14:30.0447 4008 BrFiltLo - ok
11:14:30.0469 4008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:14:30.0546 4008 BrFiltUp - ok
11:14:30.0621 4008 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
11:14:30.0712 4008 Browser - ok
11:14:30.0755 4008 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
11:14:31.0077 4008 Brserid - ok
11:14:31.0132 4008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:14:31.0333 4008 BrSerWdm - ok
11:14:31.0423 4008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:14:31.0584 4008 BrUsbMdm - ok
11:14:31.0609 4008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:14:31.0714 4008 BrUsbSer - ok
11:14:31.0766 4008 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:14:31.0843 4008 BTHMODEM - ok
11:14:31.0858 4008 catchme - ok
11:14:31.0876 4008 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:14:31.0941 4008 cdfs - ok
11:14:31.0981 4008 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:14:32.0082 4008 cdrom - ok
11:14:32.0178 4008 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
11:14:32.0242 4008 CertPropSvc - ok
11:14:32.0287 4008 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:14:32.0373 4008 circlass - ok
11:14:32.0444 4008 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
11:14:32.0476 4008 CLFS - ok
11:14:32.0657 4008 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:14:32.0671 4008 clr_optimization_v2.0.50727_32 - ok
11:14:32.0705 4008 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:14:32.0719 4008 clr_optimization_v2.0.50727_64 - ok
11:14:32.0847 4008 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:14:33.0438 4008 clr_optimization_v4.0.30319_32 - ok
11:14:33.0518 4008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:14:33.0625 4008 clr_optimization_v4.0.30319_64 - ok
11:14:33.0673 4008 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:14:33.0763 4008 CmBatt - ok
11:14:33.0779 4008 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:14:33.0794 4008 cmdide - ok
11:14:33.0885 4008 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:14:33.0897 4008 Com4QLBEx - ok
11:14:33.0917 4008 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:14:33.0931 4008 Compbatt - ok
11:14:33.0937 4008 COMSysApp - ok
11:14:33.0965 4008 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:14:33.0979 4008 crcdisk - ok
11:14:34.0038 4008 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:14:34.0139 4008 CryptSvc - ok
11:14:34.0290 4008 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:14:34.0397 4008 DcomLaunch - ok
11:14:34.0435 4008 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:14:34.0532 4008 DfsC - ok
11:14:35.0111 4008 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
11:14:35.0959 4008 DFSR - ok
11:14:36.0085 4008 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:14:36.0146 4008 Dhcp - ok
11:14:36.0481 4008 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
11:14:36.0501 4008 disk - ok
11:14:36.0554 4008 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:14:36.0610 4008 Dnscache - ok
11:14:36.0653 4008 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
11:14:36.0711 4008 dot3svc - ok
11:14:36.0814 4008 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
11:14:36.0881 4008 DPS - ok
11:14:36.0945 4008 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:14:36.0994 4008 drmkaud - ok
11:14:37.0374 4008 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:14:37.0431 4008 DXGKrnl - ok
11:14:37.0688 4008 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
11:14:37.0761 4008 E1G60 - ok
11:14:37.0821 4008 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
11:14:37.0875 4008 EapHost - ok
11:14:37.0932 4008 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
11:14:37.0957 4008 Ecache - ok
11:14:38.0092 4008 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:14:38.0212 4008 ehRecvr - ok
11:14:38.0623 4008 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
11:14:38.0796 4008 ehSched - ok
11:14:39.0016 4008 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
11:14:39.0095 4008 ehstart - ok
11:14:39.0207 4008 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:14:39.0263 4008 elxstor - ok
11:14:39.0389 4008 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:14:39.0530 4008 EMDMgmt - ok
11:14:39.0586 4008 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
11:14:39.0727 4008 enecir - ok
11:14:39.0800 4008 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:14:39.0899 4008 ErrDev - ok
11:14:40.0032 4008 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
11:14:40.0151 4008 EventSystem - ok
11:14:40.0245 4008 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
11:14:40.0320 4008 exfat - ok
11:14:40.0375 4008 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:14:40.0501 4008 fastfat - ok
11:14:40.0583 4008 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:14:40.0663 4008 fdc - ok
11:14:40.0721 4008 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
11:14:40.0818 4008 fdPHost - ok
11:14:40.0835 4008 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
11:14:40.0946 4008 FDResPub - ok
11:14:40.0977 4008 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:14:41.0012 4008 FileInfo - ok
11:14:41.0032 4008 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:14:41.0078 4008 Filetrace - ok
11:14:41.0158 4008 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:14:41.0228 4008 flpydisk - ok
11:14:41.0327 4008 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:14:41.0349 4008 FltMgr - ok
11:14:41.0672 4008 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
11:14:41.0767 4008 FontCache - ok
11:14:41.0920 4008 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:14:41.0938 4008 FontCache3.0.0.0 - ok
11:14:42.0079 4008 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:14:42.0143 4008 Fs_Rec - ok
11:14:42.0162 4008 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:14:42.0177 4008 gagp30kx - ok
11:14:42.0275 4008 [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
11:14:42.0291 4008 GameConsoleService - ok
11:14:42.0382 4008 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:14:42.0392 4008 GEARAspiWDM - ok
11:14:42.0477 4008 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
11:14:42.0536 4008 gpsvc - ok
11:14:42.0997 4008 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:14:43.0014 4008 gupdate - ok
11:14:43.0033 4008 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:14:43.0050 4008 gupdatem - ok
11:14:43.0138 4008 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:14:43.0411 4008 HdAudAddService - ok
11:14:43.0501 4008 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:14:43.0841 4008 HDAudBus - ok
11:14:43.0874 4008 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:14:44.0003 4008 HidBth - ok
11:14:44.0203 4008 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:14:44.0314 4008 HidIr - ok
11:14:44.0646 4008 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
11:14:44.0703 4008 hidserv - ok
11:14:44.0762 4008 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:14:44.0846 4008 HidUsb - ok
11:14:44.0894 4008 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
11:14:44.0987 4008 hkmsvc - ok
11:14:45.0095 4008 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:14:45.0183 4008 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
11:14:45.0183 4008 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
11:14:45.0233 4008 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:14:45.0259 4008 HpCISSs - ok
11:14:45.0354 4008 [ 4A435CA815A54639CA09DDF75D751EBC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
11:14:45.0374 4008 hpdskflt - ok
11:14:45.0405 4008 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:14:45.0487 4008 HpqKbFiltr - ok
11:14:45.0575 4008 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:14:45.0599 4008 hpqwmiex - ok
11:14:45.0696 4008 [ 6BF024EA61D7894BF4AF0B10A90B546E ] hpsrv C:\Windows\system32\Hpservice.exe
11:14:45.0818 4008 hpsrv - ok
11:14:45.0868 4008 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:14:45.0973 4008 HTTP - ok
11:14:46.0004 4008 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:14:46.0049 4008 i2omp - ok
11:14:46.0087 4008 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:14:46.0169 4008 i8042prt - ok
11:14:46.0231 4008 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:14:46.0286 4008 iaStorV - ok
11:14:46.0433 4008 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:14:46.0535 4008 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:14:46.0535 4008 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:14:47.0097 4008 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:14:47.0176 4008 idsvc - ok
11:14:47.0528 4008 [ CF00559906E45ECC6F035913880BE2FC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:14:47.0874 4008 igfx - ok
11:14:47.0949 4008 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:14:47.0972 4008 iirsp - ok
11:14:48.0091 4008 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
11:14:48.0390 4008 IKEEXT - ok
11:14:48.0469 4008 [ DEA2AB452B4FA773187369C4B6517320 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
11:14:48.0577 4008 IntcHdmiAddService - ok
11:14:48.0651 4008 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
11:14:48.0699 4008 intelide - ok
11:14:48.0747 4008 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:14:48.0847 4008 intelppm - ok
11:14:48.0894 4008 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:14:49.0009 4008 IPBusEnum - ok
11:14:49.0094 4008 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:14:49.0234 4008 IpFilterDriver - ok
11:14:49.0293 4008 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:14:49.0459 4008 iphlpsvc - ok
11:14:49.0466 4008 IpInIp - ok
11:14:49.0529 4008 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:14:49.0598 4008 IPMIDRV - ok
11:14:49.0692 4008 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:14:49.0811 4008 IPNAT - ok
11:14:50.0108 4008 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:14:50.0240 4008 iPod Service - ok
11:14:50.0284 4008 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:14:50.0364 4008 IRENUM - ok
11:14:50.0475 4008 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:14:50.0508 4008 isapnp - ok
11:14:50.0644 4008 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:14:50.0682 4008 iScsiPrt - ok
11:14:50.0739 4008 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:14:50.0759 4008 iteatapi - ok
11:14:50.0795 4008 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:14:50.0815 4008 iteraid - ok
11:14:50.0837 4008 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:14:50.0857 4008 kbdclass - ok
11:14:50.0957 4008 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:14:51.0088 4008 kbdhid - ok
11:14:51.0262 4008 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
11:14:51.0368 4008 KeyIso - ok
11:14:51.0405 4008 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:14:51.0505 4008 KSecDD - ok
11:14:51.0579 4008 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:14:51.0747 4008 ksthunk - ok
11:14:51.0873 4008 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
11:14:51.0952 4008 KtmRm - ok
11:14:52.0028 4008 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:14:52.0184 4008 LanmanServer - ok
11:14:52.0272 4008 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:14:52.0343 4008 LanmanWorkstation - ok
11:14:52.0538 4008 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:14:52.0544 4008 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:14:52.0544 4008 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:14:52.0640 4008 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:14:52.0747 4008 lltdio - ok
11:14:52.0867 4008 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:14:52.0977 4008 lltdsvc - ok
11:14:53.0013 4008 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:14:53.0088 4008 lmhosts - ok
11:14:53.0146 4008 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:14:53.0166 4008 LSI_FC - ok
11:14:53.0181 4008 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:14:53.0200 4008 LSI_SAS - ok
11:14:53.0207 4008 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:14:53.0227 4008 LSI_SCSI - ok
11:14:53.0234 4008 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
11:14:53.0315 4008 luafv - ok
11:14:53.0348 4008 lxdu_device - ok
11:14:53.0381 4008 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:14:53.0397 4008 Mcx2Svc - ok
11:14:53.0419 4008 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
11:14:53.0433 4008 megasas - ok
11:14:53.0458 4008 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:14:53.0486 4008 MegaSR - ok
11:14:53.0522 4008 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
11:14:53.0588 4008 MMCSS - ok
11:14:53.0612 4008 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
11:14:53.0700 4008 Modem - ok
11:14:53.0722 4008 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:14:53.0768 4008 monitor - ok
11:14:53.0780 4008 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:14:53.0822 4008 mouclass - ok
11:14:53.0917 4008 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:14:53.0969 4008 mouhid - ok
11:14:54.0032 4008 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:14:54.0056 4008 MountMgr - ok
11:14:54.0495 4008 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:14:54.0519 4008 MozillaMaintenance - ok
11:14:54.0614 4008 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
11:14:54.0641 4008 mpio - ok
11:14:54.0655 4008 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
can you repost the TDSS killer log? It's cut off. Also, how is your PC running?

Run Eset NOD32 Online AntiVirus

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
  • Click Start
  • Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
    • Scan unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • Re-enable your antivirus software.
  • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
also I just got another popup...
hxxp://nym1.ib.adnxs.com/pop?enc=2SYVjbW_7D_ZJhWNtb_sPwAAAAAAAPA_2SYVjbW_7D_ZJhWNtb_sP8vVnSJlDNcZ8qc8AyIEkFCKAghRAAAAAPRnDQAdAgAAHQIAAAIAAAACK0gAlEECAAAAAQBVU0QAVVNEANACLAEHBAAAd1YAAgQCAQUAAIQA6SDUHQAAAAA.&cnd=!BCWY3wjk_jgQgtagAhgAIJSDCTADOIeICEAESJ0EUPTPNVgAYLoCaABwBnjWJIABBogB1iSQAQGYAQGgAQqoAQCwAQC5Aec4Kwy2v-w_wQHnOCsMtr_sP8kBrRDtCWwO8D_ZAQAAAAAAAPA_4AGEiwI.&udj=uf%28%27a%27%2C+33304%2C+1359479434%29%3Buf%28%27r%27%2C+4729602%2C+1359479434%29%3B&ccd=!iQW8NAjk_jgQgtagAhiUgwkgBA..&vpid=45&apid=117225&creative_click=http%3A%2F%2F5bd2b-thss72qcx1ohv25n9u5r.hop.clickbank.net%2F%3Ftid%3DCPXEARTH&dlo=1

what is causing this?
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
11:13:43.0298 0384 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:13:43.0844 0384 ============================================================
11:13:43.0844 0384 Current date / time: 2013/01/29 11:13:43.0844
11:13:43.0844 0384 SystemInfo:
11:13:43.0844 0384
11:13:43.0844 0384 OS Version: 6.0.6002 ServicePack: 2.0
11:13:43.0844 0384 Product type: Workstation
11:13:43.0844 0384 ComputerName: MICHELLE-PC
11:13:43.0844 0384 UserName: Michelle
11:13:43.0844 0384 Windows directory: C:\Windows
11:13:43.0844 0384 System windows directory: C:\Windows
11:13:43.0844 0384 Running under WOW64
11:13:43.0844 0384 Processor architecture: Intel x64
11:13:43.0844 0384 Number of processors: 2
11:13:43.0844 0384 Page size: 0x1000
11:13:43.0844 0384 Boot type: Normal boot
11:13:43.0844 0384 ============================================================
11:13:47.0229 0384 BG loaded
11:13:48.0992 0384 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:13:49.0007 0384 ============================================================
11:13:49.0007 0384 \Device\Harddisk0\DR0:
11:13:49.0007 0384 MBR partitions:
11:13:49.0007 0384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38A92FC1
11:13:49.0007 0384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38A93000, BlocksNum 0x18F1800
11:13:49.0007 0384 ============================================================
11:13:49.0272 0384 C: <-> \Device\Harddisk0\DR0\Partition1
11:13:49.0616 0384 D: <-> \Device\Harddisk0\DR0\Partition2
11:13:49.0616 0384 ============================================================
11:13:49.0616 0384 Initialize success
11:13:49.0616 0384 ============================================================
11:14:18.0659 4008 ============================================================
11:14:18.0659 4008 Scan started
11:14:18.0659 4008 Mode: Manual; SigCheck; TDLFS;
11:14:18.0659 4008 ============================================================
11:14:20.0904 4008 ================ Scan system memory ========================
11:14:20.0904 4008 System memory - ok
11:14:20.0910 4008 ================ Scan services =============================
11:14:21.0439 4008 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:14:21.0592 4008 !SASCORE - ok
11:14:22.0539 4008 [ 60FBB29CCCE48B4C3A6517CAF42C3496 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
11:14:22.0558 4008 Accelerometer - ok
11:14:22.0769 4008 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:14:22.0819 4008 ACPI - ok
11:14:23.0138 4008 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:14:23.0156 4008 AdobeARMservice - ok
11:14:23.0400 4008 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:14:23.0463 4008 adp94xx - ok
11:14:23.0741 4008 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:14:23.0789 4008 adpahci - ok
11:14:23.0830 4008 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:14:23.0863 4008 adpu160m - ok
11:14:23.0874 4008 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:14:23.0913 4008 adpu320 - ok
11:14:24.0031 4008 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:14:24.0801 4008 AeLookupSvc - ok
11:14:25.0048 4008 [ 7F66523A27754AFCFECAE2F5EB643A4A ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
11:14:25.0185 4008 AESTFilters - ok
11:14:25.0355 4008 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
11:14:25.0505 4008 AFD - ok
11:14:25.0603 4008 [ 8B0D8B5BAFD4C9D57B41426BC68B32F9 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
11:14:25.0753 4008 AgereModemAudio - ok
11:14:25.0871 4008 [ 3627A62B10284FFBF862BFD49928EDF4 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
11:14:25.0942 4008 AgereSoftModem - ok
11:14:26.0018 4008 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:14:26.0050 4008 agp440 - ok
11:14:26.0090 4008 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:14:26.0122 4008 aic78xx - ok
11:14:26.0183 4008 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
11:14:26.0775 4008 ALG - ok
11:14:26.0842 4008 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
11:14:26.0873 4008 aliide - ok
11:14:26.0879 4008 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
11:14:26.0911 4008 amdide - ok
11:14:26.0956 4008 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:14:27.0058 4008 AmdK8 - ok
11:14:27.0146 4008 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
11:14:27.0235 4008 Appinfo - ok
11:14:28.0118 4008 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:14:28.0131 4008 Apple Mobile Device - ok
11:14:28.0214 4008 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
11:14:28.0248 4008 arc - ok
11:14:28.0316 4008 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:14:28.0357 4008 arcsas - ok
11:14:28.0386 4008 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:14:28.0455 4008 AsyncMac - ok
11:14:28.0508 4008 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
11:14:28.0526 4008 atapi - ok
11:14:28.0674 4008 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:14:28.0832 4008 AudioEndpointBuilder - ok
11:14:28.0905 4008 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:14:28.0960 4008 AudioSrv - ok
11:14:29.0046 4008 [ A4815907B039121D8D9221695CDC35F7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:14:29.0123 4008 BCM43XX - ok
11:14:29.0130 4008 Beep - ok
11:14:29.0226 4008 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
11:14:29.0334 4008 BFE - ok
11:14:29.0452 4008 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
11:14:29.0578 4008 BITS - ok
11:14:29.0659 4008 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:14:29.0883 4008 blbdrive - ok
11:14:29.0979 4008 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:14:30.0008 4008 Bonjour Service - ok
11:14:30.0109 4008 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:14:30.0280 4008 bowser - ok
11:14:30.0365 4008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:14:30.0447 4008 BrFiltLo - ok
11:14:30.0469 4008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:14:30.0546 4008 BrFiltUp - ok
11:14:30.0621 4008 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
11:14:30.0712 4008 Browser - ok
11:14:30.0755 4008 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
11:14:31.0077 4008 Brserid - ok
11:14:31.0132 4008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:14:31.0333 4008 BrSerWdm - ok
11:14:31.0423 4008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:14:31.0584 4008 BrUsbMdm - ok
11:14:31.0609 4008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:14:31.0714 4008 BrUsbSer - ok
11:14:31.0766 4008 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:14:31.0843 4008 BTHMODEM - ok
11:14:31.0858 4008 catchme - ok
11:14:31.0876 4008 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:14:31.0941 4008 cdfs - ok
11:14:31.0981 4008 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:14:32.0082 4008 cdrom - ok
11:14:32.0178 4008 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
11:14:32.0242 4008 CertPropSvc - ok
11:14:32.0287 4008 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:14:32.0373 4008 circlass - ok
11:14:32.0444 4008 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
11:14:32.0476 4008 CLFS - ok
11:14:32.0657 4008 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:14:32.0671 4008 clr_optimization_v2.0.50727_32 - ok
11:14:32.0705 4008 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:14:32.0719 4008 clr_optimization_v2.0.50727_64 - ok
11:14:32.0847 4008 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:14:33.0438 4008 clr_optimization_v4.0.30319_32 - ok
11:14:33.0518 4008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:14:33.0625 4008 clr_optimization_v4.0.30319_64 - ok
11:14:33.0673 4008 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:14:33.0763 4008 CmBatt - ok
11:14:33.0779 4008 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:14:33.0794 4008 cmdide - ok
11:14:33.0885 4008 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:14:33.0897 4008 Com4QLBEx - ok
11:14:33.0917 4008 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:14:33.0931 4008 Compbatt - ok
11:14:33.0937 4008 COMSysApp - ok
11:14:33.0965 4008 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:14:33.0979 4008 crcdisk - ok
11:14:34.0038 4008 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:14:34.0139 4008 CryptSvc - ok
11:14:34.0290 4008 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:14:34.0397 4008 DcomLaunch - ok
11:14:34.0435 4008 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:14:34.0532 4008 DfsC - ok
11:14:35.0111 4008 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
11:14:35.0959 4008 DFSR - ok
11:14:36.0085 4008 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:14:36.0146 4008 Dhcp - ok
11:14:36.0481 4008 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
11:14:36.0501 4008 disk - ok
11:14:36.0554 4008 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:14:36.0610 4008 Dnscache - ok
11:14:36.0653 4008 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
11:14:36.0711 4008 dot3svc - ok
11:14:36.0814 4008 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
11:14:36.0881 4008 DPS - ok
11:14:36.0945 4008 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:14:36.0994 4008 drmkaud - ok
11:14:37.0374 4008 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:14:37.0431 4008 DXGKrnl - ok
11:14:37.0688 4008 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
11:14:37.0761 4008 E1G60 - ok
11:14:37.0821 4008 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
11:14:37.0875 4008 EapHost - ok
11:14:37.0932 4008 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
11:14:37.0957 4008 Ecache - ok
11:14:38.0092 4008 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:14:38.0212 4008 ehRecvr - ok
11:14:38.0623 4008 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
11:14:38.0796 4008 ehSched - ok
11:14:39.0016 4008 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
11:14:39.0095 4008 ehstart - ok
11:14:39.0207 4008 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:14:39.0263 4008 elxstor - ok
11:14:39.0389 4008 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:14:39.0530 4008 EMDMgmt - ok
11:14:39.0586 4008 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
11:14:39.0727 4008 enecir - ok
11:14:39.0800 4008 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:14:39.0899 4008 ErrDev - ok
11:14:40.0032 4008 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
11:14:40.0151 4008 EventSystem - ok
11:14:40.0245 4008 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
11:14:40.0320 4008 exfat - ok
11:14:40.0375 4008 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:14:40.0501 4008 fastfat - ok
11:14:40.0583 4008 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:14:40.0663 4008 fdc - ok
11:14:40.0721 4008 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
11:14:40.0818 4008 fdPHost - ok
11:14:40.0835 4008 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
11:14:40.0946 4008 FDResPub - ok
11:14:40.0977 4008 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:14:41.0012 4008 FileInfo - ok
11:14:41.0032 4008 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:14:41.0078 4008 Filetrace - ok
11:14:41.0158 4008 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:14:41.0228 4008 flpydisk - ok
11:14:41.0327 4008 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:14:41.0349 4008 FltMgr - ok
11:14:41.0672 4008 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
11:14:41.0767 4008 FontCache - ok
11:14:41.0920 4008 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:14:41.0938 4008 FontCache3.0.0.0 - ok
11:14:42.0079 4008 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:14:42.0143 4008 Fs_Rec - ok
11:14:42.0162 4008 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:14:42.0177 4008 gagp30kx - ok
11:14:42.0275 4008 [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
11:14:42.0291 4008 GameConsoleService - ok
11:14:42.0382 4008 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:14:42.0392 4008 GEARAspiWDM - ok
11:14:42.0477 4008 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
11:14:42.0536 4008 gpsvc - ok
11:14:42.0997 4008 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:14:43.0014 4008 gupdate - ok
11:14:43.0033 4008 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:14:43.0050 4008 gupdatem - ok
11:14:43.0138 4008 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:14:43.0411 4008 HdAudAddService - ok
11:14:43.0501 4008 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:14:43.0841 4008 HDAudBus - ok
11:14:43.0874 4008 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:14:44.0003 4008 HidBth - ok
11:14:44.0203 4008 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:14:44.0314 4008 HidIr - ok
11:14:44.0646 4008 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
11:14:44.0703 4008 hidserv - ok
11:14:44.0762 4008 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:14:44.0846 4008 HidUsb - ok
11:14:44.0894 4008 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
11:14:44.0987 4008 hkmsvc - ok
11:14:45.0095 4008 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:14:45.0183 4008 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
11:14:45.0183 4008 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
11:14:45.0233 4008 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:14:45.0259 4008 HpCISSs - ok
11:14:45.0354 4008 [ 4A435CA815A54639CA09DDF75D751EBC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
11:14:45.0374 4008 hpdskflt - ok
11:14:45.0405 4008 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:14:45.0487 4008 HpqKbFiltr - ok
11:14:45.0575 4008 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:14:45.0599 4008 hpqwmiex - ok
11:14:45.0696 4008 [ 6BF024EA61D7894BF4AF0B10A90B546E ] hpsrv C:\Windows\system32\Hpservice.exe
11:14:45.0818 4008 hpsrv - ok
11:14:45.0868 4008 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:14:45.0973 4008 HTTP - ok
11:14:46.0004 4008 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:14:46.0049 4008 i2omp - ok
11:14:46.0087 4008 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:14:46.0169 4008 i8042prt - ok
11:14:46.0231 4008 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:14:46.0286 4008 iaStorV - ok
11:14:46.0433 4008 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:14:46.0535 4008 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:14:46.0535 4008 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:14:47.0097 4008 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:14:47.0176 4008 idsvc - ok
11:14:47.0528 4008 [ CF00559906E45ECC6F035913880BE2FC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:14:47.0874 4008 igfx - ok
11:14:47.0949 4008 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:14:47.0972 4008 iirsp - ok
11:14:48.0091 4008 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
11:14:48.0390 4008 IKEEXT - ok
11:14:48.0469 4008 [ DEA2AB452B4FA773187369C4B6517320 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
11:14:48.0577 4008 IntcHdmiAddService - ok
11:14:48.0651 4008 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
11:14:48.0699 4008 intelide - ok
11:14:48.0747 4008 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:14:48.0847 4008 intelppm - ok
11:14:48.0894 4008 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:14:49.0009 4008 IPBusEnum - ok
11:14:49.0094 4008 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:14:49.0234 4008 IpFilterDriver - ok
11:14:49.0293 4008 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:14:49.0459 4008 iphlpsvc - ok
11:14:49.0466 4008 IpInIp - ok
11:14:49.0529 4008 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:14:49.0598 4008 IPMIDRV - ok
11:14:49.0692 4008 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:14:49.0811 4008 IPNAT - ok
11:14:50.0108 4008 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:14:50.0240 4008 iPod Service - ok
11:14:50.0284 4008 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:14:50.0364 4008 IRENUM - ok
11:14:50.0475 4008 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:14:50.0508 4008 isapnp - ok
11:14:50.0644 4008 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:14:50.0682 4008 iScsiPrt - ok
11:14:50.0739 4008 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:14:50.0759 4008 iteatapi - ok
11:14:50.0795 4008 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:14:50.0815 4008 iteraid - ok
11:14:50.0837 4008 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:14:50.0857 4008 kbdclass - ok
11:14:50.0957 4008 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:14:51.0088 4008 kbdhid - ok
11:14:51.0262 4008 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
11:14:51.0368 4008 KeyIso - ok
11:14:51.0405 4008 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:14:51.0505 4008 KSecDD - ok
11:14:51.0579 4008 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:14:51.0747 4008 ksthunk - ok
11:14:51.0873 4008 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
11:14:51.0952 4008 KtmRm - ok
11:14:52.0028 4008 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:14:52.0184 4008 LanmanServer - ok
11:14:52.0272 4008 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:14:52.0343 4008 LanmanWorkstation - ok
11:14:52.0538 4008 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:14:52.0544 4008 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:14:52.0544 4008 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:14:52.0640 4008 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:14:52.0747 4008 lltdio - ok
11:14:52.0867 4008 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:14:52.0977 4008 lltdsvc - ok
11:14:53.0013 4008 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:14:53.0088 4008 lmhosts - ok
11:14:53.0146 4008 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:14:53.0166 4008 LSI_FC - ok
11:14:53.0181 4008 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:14:53.0200 4008 LSI_SAS - ok
11:14:53.0207 4008 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:14:53.0227 4008 LSI_SCSI - ok
11:14:53.0234 4008 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
11:14:53.0315 4008 luafv - ok
11:14:53.0348 4008 lxdu_device - ok
11:14:53.0381 4008 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:14:53.0397 4008 Mcx2Svc - ok
11:14:53.0419 4008 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
11:14:53.0433 4008 megasas - ok
11:14:53.0458 4008 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:14:53.0486 4008 MegaSR - ok
11:14:53.0522 4008 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
11:14:53.0588 4008 MMCSS - ok
11:14:53.0612 4008 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
11:14:53.0700 4008 Modem - ok
11:14:53.0722 4008 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:14:53.0768 4008 monitor - ok
11:14:53.0780 4008 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:14:53.0822 4008 mouclass - ok
11:14:53.0917 4008 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:14:53.0969 4008 mouhid - ok
11:14:54.0032 4008 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:14:54.0056 4008 MountMgr - ok
11:14:54.0495 4008 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:14:54.0519 4008 MozillaMaintenance - ok
11:14:54.0614 4008 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
11:14:54.0641 4008 mpio - ok
11:14:54.0655 4008 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:14:54.0740 4008 mpsdrv - ok
11:14:55.0514 4008 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
11:14:56.0454 4008 MpsSvc - ok
11:14:56.0710 4008 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:14:56.0724 4008 Mraid35x - ok
11:14:56.0840 4008 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:14:57.0013 4008 MRxDAV - ok
11:14:57.0066 4008 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:14:57.0175 4008 mrxsmb - ok
11:14:57.0240 4008 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:14:57.0365 4008 mrxsmb10 - ok
11:14:57.0395 4008 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:14:57.0460 4008 mrxsmb20 - ok
11:14:57.0565 4008 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
11:14:57.0584 4008 msahci - ok
11:14:57.0630 4008 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:14:57.0651 4008 msdsm - ok
11:14:57.0701 4008 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
11:14:57.0831 4008 MSDTC - ok
11:14:58.0625 4008 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:14:58.0796 4008 Msfs - ok
11:14:59.0765 4008 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:14:59.0798 4008 msisadrv - ok
11:14:59.0845 4008 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:14:59.0942 4008 MSiSCSI - ok
11:14:59.0947 4008 msiserver - ok
11:14:59.0998 4008 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:15:00.0152 4008 MSKSSRV - ok
11:15:00.0188 4008 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:15:00.0381 4008 MSPCLOCK - ok
11:15:00.0444 4008 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:15:01.0477 4008 MSPQM - ok
11:15:01.0550 4008 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:15:01.0583 4008 MsRPC - ok
11:15:01.0642 4008 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:15:01.0667 4008 mssmbios - ok
11:15:01.0757 4008 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:15:02.0010 4008 MSTEE - ok
11:15:02.0056 4008 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
11:15:02.0081 4008 Mup - ok
11:15:02.0187 4008 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
11:15:02.0270 4008 napagent - ok
11:15:02.0395 4008 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:15:02.0450 4008 NativeWifiP - ok
11:15:02.0503 4008 NAVENG - ok
11:15:02.0507 4008 NAVEX15 - ok
11:15:02.0668 4008 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:15:02.0720 4008 NDIS - ok
11:15:02.0774 4008 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:15:02.0856 4008 NdisTapi - ok
11:15:02.0876 4008 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:15:02.0950 4008 Ndisuio - ok
11:15:03.0031 4008 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:15:03.0094 4008 NdisWan - ok
11:15:03.0112 4008 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:15:03.0198 4008 NDProxy - ok
11:15:03.0216 4008 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:15:03.0292 4008 NetBIOS - ok
11:15:03.0342 4008 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:15:03.0425 4008 netbt - ok
11:15:03.0439 4008 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
11:15:03.0463 4008 Netlogon - ok
11:15:03.0535 4008 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
11:15:03.0629 4008 Netman - ok
11:15:03.0672 4008 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
11:15:03.0757 4008 netprofm - ok
11:15:03.0831 4008 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:15:03.0854 4008 NetTcpPortSharing - ok
11:15:04.0397 4008 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
11:15:05.0069 4008 NETw3v64 - ok
11:15:05.0110 4008 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:15:05.0132 4008 nfrd960 - ok
11:15:05.0167 4008 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
11:15:05.0254 4008 NlaSvc - ok
11:15:05.0258 4008 Norton Internet Security - ok
11:15:05.0315 4008 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:15:05.0378 4008 Npfs - ok
11:15:05.0415 4008 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
11:15:05.0491 4008 nsi - ok
11:15:05.0536 4008 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:15:05.0604 4008 nsiproxy - ok
11:15:05.0675 4008 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:15:05.0839 4008 Ntfs - ok
11:15:05.0885 4008 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
11:15:05.0958 4008 Null - ok
11:15:05.0997 4008 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:15:06.0015 4008 nvraid - ok
11:15:06.0061 4008 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:15:06.0076 4008 nvstor - ok
11:15:06.0138 4008 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:15:06.0155 4008 nv_agp - ok
11:15:06.0159 4008 NwlnkFlt - ok
11:15:06.0165 4008 NwlnkFwd - ok
11:15:06.0411 4008 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:15:06.0441 4008 odserv - ok
11:15:06.0500 4008 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:15:06.0540 4008 ohci1394 - ok
11:15:07.0063 4008 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:15:07.0087 4008 ose - ok
11:15:07.0171 4008 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:15:07.0301 4008 p2pimsvc - ok
11:15:07.0359 4008 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
11:15:07.0431 4008 p2psvc - ok
11:15:07.0472 4008 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
11:15:07.0603 4008 Parport - ok
11:15:07.0682 4008 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:15:07.0708 4008 partmgr - ok
11:15:07.0738 4008 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
11:15:07.0810 4008 PcaSvc - ok
11:15:07.0856 4008 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
11:15:07.0887 4008 pci - ok
11:15:07.0916 4008 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
11:15:07.0938 4008 pciide - ok
11:15:07.0959 4008 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:15:07.0988 4008 pcmcia - ok
11:15:08.0041 4008 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:15:08.0199 4008 PEAUTH - ok
11:15:08.0409 4008 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:15:08.0509 4008 PerfHost - ok
11:15:08.0702 4008 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
11:15:08.0765 4008 pla - ok
11:15:08.0814 4008 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:15:08.0852 4008 PlugPlay - ok
11:15:08.0947 4008 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:15:08.0983 4008 PNRPAutoReg - ok
11:15:08.0999 4008 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:15:09.0028 4008 PNRPsvc - ok
11:15:09.0153 4008 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:15:09.0211 4008 PolicyAgent - ok
11:15:09.0293 4008 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:15:09.0368 4008 PptpMiniport - ok
11:15:09.0392 4008 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
11:15:09.0463 4008 Processor - ok
11:15:09.0561 4008 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
11:15:09.0637 4008 ProfSvc - ok
11:15:09.0660 4008 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:15:09.0679 4008 ProtectedStorage - ok
11:15:09.0706 4008 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:15:09.0739 4008 PSched - ok
11:15:09.0910 4008 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:15:09.0992 4008 ql2300 - ok
11:15:10.0017 4008 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:15:10.0055 4008 ql40xx - ok
11:15:10.0214 4008 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
11:15:10.0276 4008 QWAVE - ok
11:15:10.0487 4008 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:15:10.0548 4008 QWAVEdrv - ok
11:15:10.0572 4008 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:15:10.0641 4008 RasAcd - ok
11:15:10.0686 4008 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
11:15:10.0729 4008 RasAuto - ok
11:15:10.0759 4008 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:15:10.0818 4008 Rasl2tp - ok
11:15:10.0957 4008 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
11:15:11.0018 4008 RasMan - ok
11:15:11.0070 4008 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:15:11.0129 4008 RasPppoe - ok
11:15:11.0182 4008 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:15:11.0247 4008 RasSstp - ok
11:15:11.0304 4008 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:15:11.0362 4008 rdbss - ok
11:15:11.0420 4008 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:15:11.0488 4008 RDPCDD - ok
11:15:11.0672 4008 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:15:11.0765 4008 rdpdr - ok
11:15:11.0779 4008 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:15:11.0863 4008 RDPENCDD - ok
11:15:11.0960 4008 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:15:12.0021 4008 RDPWD - ok
11:15:12.0552 4008 [ D5F08CC3D19B1C7F49619B9DAD43C0CE ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
11:15:12.0783 4008 Recovery Service for Windows - ok
11:15:12.0956 4008 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:15:13.0058 4008 RemoteAccess - ok
11:15:13.0133 4008 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:15:13.0252 4008 RemoteRegistry - ok
11:15:13.0483 4008 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:15:13.0525 4008 RichVideo ( UnsignedFile.Multi.Generic ) - warning
11:15:13.0525 4008 RichVideo - detected UnsignedFile.Multi.Generic (1)
11:15:13.0602 4008 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
11:15:13.0731 4008 RpcLocator - ok
11:15:13.0899 4008 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
11:15:13.0963 4008 RpcSs - ok
11:15:14.0007 4008 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:15:14.0067 4008 rspndr - ok
11:15:14.0166 4008 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
11:15:14.0261 4008 RTL8169 - ok
11:15:14.0291 4008 [ AA3987386CF7D9005C42BC974634BD56 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
11:15:14.0351 4008 RTSTOR - ok
11:15:14.0371 4008 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
11:15:14.0389 4008 SamSs - ok
11:15:14.0531 4008 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:15:14.0542 4008 SASDIFSV - ok
11:15:14.0549 4008 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:15:14.0560 4008 SASKUTIL - ok
11:15:14.0602 4008 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:15:14.0639 4008 sbp2port - ok
11:15:14.0695 4008 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:15:14.0753 4008 SCardSvr - ok
11:15:14.0796 4008 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
11:15:14.0880 4008 Schedule - ok
11:15:14.0919 4008 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:15:14.0952 4008 SCPolicySvc - ok
11:15:15.0046 4008 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:15:15.0118 4008 sdbus - ok
11:15:15.0148 4008 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:15:15.0264 4008 SDRSVC - ok
11:15:15.0284 4008 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:15:15.0350 4008 secdrv - ok
11:15:15.0460 4008 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
11:15:15.0540 4008 seclogon - ok
11:15:15.0591 4008 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
11:15:15.0680 4008 SENS - ok
11:15:15.0734 4008 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:15:15.0843 4008 Serenum - ok
11:15:15.0857 4008 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
11:15:15.0949 4008 Serial - ok
11:15:15.0994 4008 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:15:16.0063 4008 sermouse - ok
11:15:16.0105 4008 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
11:15:16.0153 4008 SessionEnv - ok
11:15:16.0231 4008 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:15:16.0315 4008 sffdisk - ok
11:15:16.0434 4008 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:15:16.0516 4008 sffp_mmc - ok
11:15:16.0532 4008 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:15:16.0617 4008 sffp_sd - ok
11:15:16.0640 4008 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:15:16.0760 4008 sfloppy - ok
11:15:16.0912 4008 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:15:17.0019 4008 SharedAccess - ok
11:15:17.0118 4008 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:15:17.0203 4008 ShellHWDetection - ok
11:15:17.0262 4008 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:15:17.0286 4008 SiSRaid2 - ok
11:15:17.0322 4008 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:15:17.0348 4008 SiSRaid4 - ok
11:15:17.0800 4008 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
11:15:18.0142 4008 slsvc - ok
11:15:18.0206 4008 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:15:18.0297 4008 SLUINotify - ok
11:15:18.0330 4008 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:15:18.0420 4008 Smb - ok
11:15:18.0466 4008 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:15:18.0515 4008 SNMPTRAP - ok
11:15:18.0583 4008 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
11:15:18.0606 4008 spldr - ok
11:15:18.0655 4008 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
11:15:18.0709 4008 Spooler - ok
11:15:18.0715 4008 SRTSP - ok
11:15:18.0726 4008 SRTSPX - ok
11:15:18.0981 4008 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
11:15:19.0061 4008 srv - ok
11:15:19.0112 4008 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:15:19.0172 4008 srv2 - ok
11:15:19.0187 4008 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:15:19.0255 4008 srvnet - ok
11:15:19.0329 4008 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:15:19.0439 4008 SSDPSRV - ok
11:15:19.0486 4008 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:15:19.0537 4008 SstpSvc - ok
11:15:19.0792 4008 [ 3FB66E86BA667D627A613E1D677469B0 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe
11:15:19.0879 4008 STacSV - ok
11:15:20.0030 4008 [ E01797A54F8A61512B7E590FDE6D1988 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
11:15:20.0085 4008 STHDA - ok
11:15:20.0234 4008 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
11:15:20.0273 4008 stisvc - ok
11:15:20.0323 4008 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:15:20.0343 4008 swenum - ok
11:15:20.0432 4008 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
11:15:20.0517 4008 swprv - ok
11:15:20.0546 4008 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:15:20.0568 4008 Symc8xx - ok
11:15:20.0586 4008 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:15:20.0607 4008 Sym_hi - ok
11:15:20.0627 4008 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:15:20.0649 4008 Sym_u3 - ok
11:15:20.0685 4008 [ C851305E2BCFCE8AAA53342F912DDD7F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:15:20.0706 4008 SynTP - ok
11:15:20.0908 4008 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
11:15:21.0050 4008 SysMain - ok
11:15:21.0162 4008 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:15:21.0224 4008 TabletInputService - ok
11:15:21.0356 4008 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:15:21.0455 4008 TapiSrv - ok
11:15:21.0497 4008 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
11:15:21.0579 4008 TBS - ok
11:15:21.0858 4008 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:15:21.0958 4008 Tcpip - ok
11:15:21.0989 4008 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:15:22.0052 4008 Tcpip6 - ok
11:15:22.0084 4008 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:15:22.0257 4008 tcpipreg - ok
11:15:22.0287 4008 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:15:22.0355 4008 TDPIPE - ok
11:15:22.0387 4008 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:15:22.0452 4008 TDTCP - ok
11:15:22.0491 4008 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:15:22.0558 4008 tdx - ok
11:15:22.0627 4008 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:15:22.0655 4008 TermDD - ok
11:15:22.0754 4008 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
11:15:22.0929 4008 TermService - ok
11:15:23.0040 4008 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
11:15:23.0074 4008 Themes - ok
11:15:23.0164 4008 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
11:15:23.0226 4008 THREADORDER - ok
11:15:23.0416 4008 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
11:15:23.0543 4008 TrkWks - ok
11:15:23.0649 4008 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:15:23.0734 4008 TrustedInstaller - ok
11:15:23.0784 4008 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:15:23.0853 4008 tssecsrv - ok
11:15:23.0889 4008 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:15:23.0945 4008 tunmp - ok
11:15:24.0004 4008 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:15:24.0060 4008 tunnel - ok
11:15:24.0090 4008 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:15:24.0124 4008 uagp35 - ok
11:15:24.0245 4008 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:15:24.0324 4008 udfs - ok
11:15:24.0382 4008 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:15:24.0451 4008 UI0Detect - ok
11:15:24.0493 4008 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:15:24.0526 4008 uliagpkx - ok
11:15:24.0593 4008 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:15:24.0646 4008 uliahci - ok
11:15:24.0709 4008 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:15:24.0743 4008 UlSata - ok
11:15:24.0775 4008 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:15:24.0810 4008 ulsata2 - ok
11:15:24.0819 4008 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:15:24.0887 4008 umbus - ok
11:15:25.0042 4008 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
11:15:25.0158 4008 upnphost - ok
11:15:25.0230 4008 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:15:25.0306 4008 USBAAPL64 - ok
11:15:25.0350 4008 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:15:25.0421 4008 usbccgp - ok
11:15:25.0464 4008 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:15:25.0585 4008 usbcir - ok
11:15:25.0618 4008 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:15:25.0687 4008 usbehci - ok
11:15:25.0722 4008 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:15:25.0818 4008 usbhub - ok
11:15:25.0825 4008 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:15:25.0921 4008 usbohci - ok
11:15:26.0080 4008 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:15:26.0132 4008 usbprint - ok
11:15:26.0192 4008 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:15:26.0250 4008 usbscan - ok
11:15:26.0300 4008 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:15:26.0382 4008 USBSTOR - ok
11:15:26.0415 4008 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:15:26.0467 4008 usbuhci - ok
11:15:26.0530 4008 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:15:26.0616 4008 usbvideo - ok
11:15:26.0646 4008 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
11:15:26.0700 4008 UxSms - ok
11:15:26.0862 4008 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
11:15:26.0955 4008 vds - ok
11:15:27.0019 4008 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:15:27.0088 4008 vga - ok
11:15:27.0102 4008 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:15:27.0203 4008 VgaSave - ok
11:15:27.0230 4008 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
11:15:27.0263 4008 viaide - ok
11:15:27.0287 4008 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:15:27.0323 4008 volmgr - ok
11:15:27.0374 4008 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:15:27.0422 4008 volmgrx - ok
11:15:27.0438 4008 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:15:27.0480 4008 volsnap - ok
11:15:27.0549 4008 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:15:27.0585 4008 vsmraid - ok
11:15:27.0825 4008 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
11:15:27.0912 4008 VSS - ok
11:15:27.0979 4008 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
11:15:28.0134 4008 W32Time - ok
11:15:28.0190 4008 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:15:28.0314 4008 WacomPen - ok
11:15:28.0390 4008 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:15:28.0459 4008 Wanarp - ok
11:15:28.0470 4008 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:15:28.0509 4008 Wanarpv6 - ok
11:15:28.0587 4008 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:15:28.0617 4008 wcncsvc - ok
11:15:28.0924 4008 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:15:28.0983 4008 WcsPlugInService - ok
11:15:29.0025 4008 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
11:15:29.0043 4008 Wd - ok
11:15:29.0068 4008 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:15:29.0106 4008 Wdf01000 - ok
11:15:29.0131 4008 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:15:29.0176 4008 WdiServiceHost - ok
11:15:29.0185 4008 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:15:29.0231 4008 WdiSystemHost - ok
11:15:29.0263 4008 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
11:15:29.0305 4008 WebClient - ok
11:15:29.0350 4008 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:15:29.0410 4008 Wecsvc - ok
11:15:29.0458 4008 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:15:29.0511 4008 wercplsupport - ok
11:15:29.0543 4008 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
11:15:29.0591 4008 WerSvc - ok
11:15:29.0627 4008 WinDefend - ok
11:15:29.0633 4008 WinHttpAutoProxySvc - ok
11:15:29.0750 4008 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:15:29.0805 4008 Winmgmt - ok
11:15:30.0003 4008 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
11:15:30.0067 4008 WinRM - ok
11:15:30.0210 4008 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:15:30.0294 4008 Wlansvc - ok
11:15:30.0377 4008 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:15:30.0450 4008 WmiAcpi - ok
11:15:30.0539 4008 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:15:30.0585 4008 wmiApSrv - ok
11:15:30.0663 4008 WMPNetworkSvc - ok
11:15:30.0756 4008 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:15:30.0834 4008 WPCSvc - ok
11:15:30.0910 4008 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:15:30.0989 4008 WPDBusEnum - ok
11:15:31.0063 4008 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:15:31.0087 4008 WpdUsb - ok
11:15:31.0486 4008 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:15:31.0564 4008 WPFFontCache_v0400 - ok
11:15:31.0651 4008 [ 19D2776AFA947239F7FD2E903BBBC1D7 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
11:15:31.0677 4008 WRkrn - ok
11:15:31.0777 4008 [ 0CCECF60739BE286DE82F6A5CFCE0A21 ] WRSVC C:\Program Files (x86)\Webroot\WRSA.exe
11:15:31.0811 4008 WRSVC - ok
11:15:31.0880 4008 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:15:31.0955 4008 ws2ifsl - ok
11:15:32.0057 4008 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll
11:15:32.0079 4008 wscsvc - ok
11:15:32.0086 4008 WSearch - ok
11:15:32.0552 4008 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:15:32.0944 4008 wuauserv - ok
11:15:33.0055 4008 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:15:33.0147 4008 WudfPf - ok
11:15:33.0253 4008 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:15:33.0310 4008 WUDFRd - ok
11:15:33.0335 4008 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:15:33.0457 4008 wudfsvc - ok
11:15:34.0928 4008 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:15:34.0961 4008 YahooAUService - ok
11:15:35.0389 4008 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
11:15:35.0508 4008 yukonx64 - ok
11:15:36.0055 4008 [ 15CC7077D2DC28776CD430ECABBFFD66 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
11:15:36.0072 4008 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
11:15:36.0073 4008 ================ Scan global ===============================
11:15:36.0250 4008 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
11:15:36.0375 4008 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
11:15:36.0392 4008 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
11:15:36.0528 4008 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
11:15:36.0533 4008 [Global] - ok
11:15:36.0534 4008 ================ Scan MBR ==================================
11:15:36.0582 4008 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
11:15:37.0885 4008 \Device\Harddisk0\DR0 - ok
11:15:37.0885 4008 ================ Scan VBR ==================================
11:15:37.0927 4008 [ 41258C01E2200FF2A83587FC776C2994 ] \Device\Harddisk0\DR0\Partition1
11:15:37.0930 4008 \Device\Harddisk0\DR0\Partition1 - ok
11:15:37.0965 4008 [ 3DF99B82D88360E5CA4439BB6489F8FF ] \Device\Harddisk0\DR0\Partition2
11:15:37.0970 4008 \Device\Harddisk0\DR0\Partition2 - ok
11:15:37.0970 4008 ================ Scan active images ========================
11:15:37.0974 4008 [ 4F4E1093ADFBAE48544DA6E7CCF09FE4 ] C:\WINDOWS\System32\drivers\crashdmp.sys
11:15:37.0974 4008 C:\WINDOWS\System32\drivers\crashdmp.sys - ok
11:15:37.0982 4008 [ 7E7270D67964C9EDDE6BFDAAC07B7999 ] C:\WINDOWS\System32\drivers\Dumpata.sys
11:15:37.0982 4008 C:\WINDOWS\System32\drivers\Dumpata.sys - ok
11:15:37.0990 4008 [ AA459F2AB3AB603C357FF117CAE3D818 ] C:\WINDOWS\System32\drivers\msahci.sys
11:15:37.0990 4008 C:\WINDOWS\System32\drivers\msahci.sys - ok
11:15:37.0997 4008 [ 89EC74A9E602D16A75A4170511029B3C ] C:\WINDOWS\System32\drivers\TUNMP.SYS
11:15:37.0997 4008 C:\WINDOWS\System32\drivers\TUNMP.SYS - ok
11:15:38.0006 4008 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] C:\WINDOWS\System32\drivers\tunnel.sys
11:15:38.0006 4008 C:\WINDOWS\System32\drivers\tunnel.sys - ok
11:15:38.0013 4008 [ B52D9A14CE4101577900A364BA86F3DF ] C:\WINDOWS\System32\drivers\CmBatt.sys
11:15:38.0013 4008 C:\WINDOWS\System32\drivers\CmBatt.sys - ok
11:15:38.0021 4008 [ BFD84AF32FA1BAD6231C4585CB469630 ] C:\WINDOWS\System32\drivers\intelppm.sys
11:15:38.0021 4008 C:\WINDOWS\System32\drivers\intelppm.sys - ok
11:15:38.0028 4008 [ CF00559906E45ECC6F035913880BE2FC ] C:\WINDOWS\System32\drivers\igdkmd64.sys
11:15:38.0028 4008 C:\WINDOWS\System32\drivers\igdkmd64.sys - ok
11:15:38.0037 4008 [ B8E554E502D5123BC111F99D6A2181B4 ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:15:38.0037 4008 C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
11:15:38.0044 4008 [ 2F956EA22FCCE4C9F15C64175C891A1E ] C:\WINDOWS\System32\drivers\watchdog.sys
11:15:38.0044 4008 C:\WINDOWS\System32\drivers\watchdog.sys - ok
11:15:38.0052 4008 [ A60FDA63F3901AE49C244FF988427A9C ] C:\WINDOWS\System32\drivers\usbport.sys
11:15:38.0052 4008 C:\WINDOWS\System32\drivers\usbport.sys - ok
11:15:38.0059 4008 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] C:\WINDOWS\System32\drivers\usbuhci.sys
11:15:38.0060 4008 C:\WINDOWS\System32\drivers\usbuhci.sys - ok
11:15:38.0067 4008 [ 827E44DE934A736EA31E91D353EB126F ] C:\WINDOWS\System32\drivers\usbehci.sys
11:15:38.0068 4008 C:\WINDOWS\System32\drivers\usbehci.sys - ok
11:15:38.0075 4008 [ F942C5820205F2FB453243EDFEC82A3D ] C:\WINDOWS\System32\drivers\hdaudbus.sys
11:15:38.0075 4008 C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
11:15:38.0084 4008 [ A4815907B039121D8D9221695CDC35F7 ] C:\WINDOWS\System32\drivers\BCMWL664.SYS
11:15:38.0084 4008 C:\WINDOWS\System32\drivers\BCMWL664.SYS - ok
11:15:38.0091 4008 [ 8B91737DA75ADD21CB1554B38089196A ] C:\WINDOWS\System32\drivers\Rtlh64.sys
11:15:38.0091 4008 C:\WINDOWS\System32\drivers\Rtlh64.sys - ok
11:15:38.0096 4008 [ 0ECC54FD34D6A089C300846B011E81D6 ] C:\WINDOWS\System32\drivers\HpqKbFiltr.sys
11:15:38.0096 4008 C:\WINDOWS\System32\drivers\HpqKbFiltr.sys - ok
11:15:38.0104 4008 [ CBB597659A2713CE0C9CC20C88C7591F ] C:\WINDOWS\System32\drivers\i8042prt.sys
11:15:38.0104 4008 C:\WINDOWS\System32\drivers\i8042prt.sys - ok
11:15:38.0112 4008 [ 423696F3BA6472DD17699209B933BC26 ] C:\WINDOWS\System32\drivers\kbdclass.sys
11:15:38.0112 4008 C:\WINDOWS\System32\drivers\kbdclass.sys - ok
11:15:38.0120 4008 [ C851305E2BCFCE8AAA53342F912DDD7F ] C:\WINDOWS\System32\drivers\SynTP.sys
11:15:38.0120 4008 C:\WINDOWS\System32\drivers\SynTP.sys - ok
11:15:38.0128 4008 [ 4C01941132AF4405D43668302CC59D2F ] C:\WINDOWS\System32\drivers\usbd.sys
11:15:38.0128 4008 C:\WINDOWS\System32\drivers\usbd.sys - ok
11:15:38.0136 4008 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] C:\WINDOWS\System32\drivers\mouclass.sys
11:15:38.0136 4008 C:\WINDOWS\System32\drivers\mouclass.sys - ok
11:15:38.0143 4008 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] C:\WINDOWS\System32\drivers\cdrom.sys
11:15:38.0143 4008 C:\WINDOWS\System32\drivers\cdrom.sys - ok
11:15:38.0151 4008 [ F218A3A27ED6592C0E22EC3595554447 ] C:\WINDOWS\System32\drivers\enecir.sys
11:15:38.0151 4008 C:\WINDOWS\System32\drivers\enecir.sys - ok
11:15:38.0157 4008 [ 60FBB29CCCE48B4C3A6517CAF42C3496 ] C:\WINDOWS\System32\drivers\Accelerometer.sys
11:15:38.0157 4008 C:\WINDOWS\System32\drivers\Accelerometer.sys - ok
11:15:38.0164 4008 [ E403AACF8C7BB11375122D2464560311 ] C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
11:15:38.0164 4008 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys - ok
11:15:38.0170 4008 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] C:\WINDOWS\System32\drivers\wmiacpi.sys
11:15:38.0170 4008 C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
11:15:38.0177 4008 [ E4FDF99599F27EC25D2CF6D754243520 ] C:\WINDOWS\System32\drivers\msiscsi.sys
11:15:38.0177 4008 C:\WINDOWS\System32\drivers\msiscsi.sys - ok
11:15:38.0184 4008 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] C:\WINDOWS\System32\drivers\rasl2tp.sys
11:15:38.0184 4008 C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
11:15:38.0190 4008 [ 64DF698A425478E321981431AC171334 ] C:\WINDOWS\System32\drivers\ndistapi.sys
11:15:38.0190 4008 C:\WINDOWS\System32\drivers\ndistapi.sys - ok
11:15:38.0197 4008 [ F8158771905260982CE724076419EF19 ] C:\WINDOWS\System32\drivers\ndiswan.sys
11:15:38.0197 4008 C:\WINDOWS\System32\drivers\ndiswan.sys - ok
11:15:38.0203 4008 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] C:\WINDOWS\System32\dri
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
i just saw that the end of the msg cut off, I was stating earlier that MalwareTips was lagging super bad, or the pc in general, it was showing the letters seconds later after i typed them about 2-3 secs apart, im typing ok for the minute but not sure why i was lagging so bad... am going to dl the next prog u just advised me to run.. will return w results
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
ok, the log i found, took me a sec to find it, and Im confused bc it said it found 1 threat, which i looked at it and it ended up being thr combofix on my desktop, but the log looks empty, did something not log correctly??? it said c:\users\michelle\desktop\combo-fix.exe but is not listed below:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
i do under stand combofix is a prog that may show as a virus, when in fact it is not, and may be the reason it did not log otherwise...
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Did TDSSkiller find anything? Just copy and paste the last few lines of the TDSS log. The combofix detection is a false positive, don't worry about that. Did you get your audio programs back?

Please delete Combofix for now.

Download OTL by Old Timer from here and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Click the Scan All Users checkbox.
  • Change Standard Registry to All
  • Check the boxes beside LOP Check and Purity Check
  • Click on Quick Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Also, give this a run:

  1. Download aswmbr.exe from the below link:
    aswMBR DOWNLOAD LINK <em>(This link will automatically download aswMBR on your computer)</em>
  2. Double click the aswMBR.exe to run it.
  3. Click the [Scan] button to start scan
    avast-mbr-1.png
  4. On completion of the scan click [Save log], save it to your desktop and post in your next reply.
    avast-mbr-2.png
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
the tdss log is above, the last few lines i see are:
11:15:43.0379 4008 ============================================================
11:15:43.0379 4008 Scan finished
11:15:43.0379 4008 ============================================================
11:15:43.0390 2288 Detected object count: 4
11:15:43.0390 2288 Actual detected object count: 4
11:16:17.0498 2288 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:16:17.0498 2288 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:16:17.0501 2288 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:16:17.0501 2288 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:16:17.0506 2288 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:16:17.0506 2288 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:16:17.0507 2288 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
11:16:17.0507 2288 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:37.0173 2180 Deinitialize success
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
if combofix isnt in the way of anything, i dont mind leaving it there, i may need it again later.. i think i do have my audio files back, but when i search i dont see anything for the IDT files which were audio.. how would i find out if they are on my pc? i dont think those files restored bc i just tried to use the webcam and i get the message no video device detected.. so i think IDT was my enhanced audio.. how do i restore the ones we tried to restore..
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
i know we tried to restore some of these but these are some i saw in the combofix that should have been ok, im still trying to remember what my install name was for the webcame software, it was downloaded from the website bc i dont have the install disc..

c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe

as for the msxml files i found this info as microsoft fix updates, u may know more about them, im not sure if combofix even removed them-

i may be able to call bestbuy to get the site for the webcam drivers..
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-09-26 1152296]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-26 189736]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]

Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
these are the only ones i can find associated with HP but again, not sure if they are related to it not working...
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
really quick before you search for a driver fix, i already went to hp.com and downloaded the webcam drivers for my pc, just wanted to let ya know so you didnt do that.. i guess im just waiting to see if you saw anything negative on my logs..
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Hi,

Is your webcam issues fixed now? Copy and paste the log from: C:\Qoobox\ComboFix-quarantined-files.txt
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
Im still working on downloading things to get it running, after I download the YOUCAM app I will msg you if it does not fix the problem. So far I got the webcam installed, it just hasn't turned on correctly, and HP site says Im missing the YouCam prog.. these are sp43591.exe (webcam) and sp45825.exe (YouCam) if you see them below in case my fix doesn't work.. the two progs missing things are Cyberlink and HP MediaSmart softwares.

2013-01-29 15:18:07 . 2013-01-29 15:18:07 0 ----a-w- C:\Qoobox\Quarantine\catchme.txt
2013-01-28 21:36:24 . 2013-01-28 21:36:24 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SysTrayApp.reg.dat
2013-01-28 21:36:24 . 2013-01-28 21:36:24 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SmartMenu.reg.dat
2013-01-28 21:36:24 . 2013-01-29 15:49:02 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5}.reg.dat
2013-01-28 21:36:24 . 2013-01-28 21:36:24 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{22DFBF5B-A7CD-4B25-9471-3DC68C71855F}.reg.dat
2013-01-28 21:36:18 . 2013-01-28 21:36:18 534 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-WudfRd.reg.dat
2013-01-28 21:36:18 . 2013-01-28 21:36:18 534 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-WudfPf.reg.dat
2013-01-28 21:36:10 . 2013-01-28 21:36:10 320 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-UpdatePDIRShortCut.reg.dat
2013-01-28 21:36:10 . 2013-01-28 21:36:10 305 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-UpdateP2GoShortCut.reg.dat
2013-01-28 21:36:10 . 2013-01-28 21:36:10 305 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-UpdatePSTShortCut.reg.dat
2013-01-28 21:36:10 . 2013-01-28 21:36:10 310 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-UpdateLBPShortCut.reg.dat
2013-01-28 21:36:10 . 2013-01-28 21:36:10 310 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-UCam_Menu.reg.dat
2013-01-28 21:36:08 . 2013-01-29 15:48:48 221 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-BHO-{300BEC06-B743-4D19-86B9-11DC711D7FFB}.reg.dat
2013-01-28 21:36:07 . 2013-01-28 21:36:07 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-URLSearchHooks-{22dfbf5b-a7cd-4b25-9471-3dc68c71855f}.reg.dat
2013-01-28 21:31:49 . 2013-01-29 15:45:41 5,317 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2013-01-28 21:00:45 . 2013-01-29 15:16:42 102 ----a-w- C:\Qoobox\Quarantine\catchme.log
2012-12-30 16:27:35 . 2013-01-28 22:01:14 331,150 ----a-w- C:\Qoobox\Quarantine\C\Users\Michelle\AppData\Local\visi_coupon\merchants.dat2.vir
2008-10-24 07:13:11 . 2008-10-02 12:52:18 218,480 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\SymUpdate.exe.vir
2008-09-26 17:15:54 . 2008-09-26 17:15:54 210,216 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe.vir
2008-06-14 01:11:32 . 2008-06-14 01:11:32 210,216 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe.vir
2008-06-14 01:11:32 . 2008-06-14 01:11:32 210,216 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe.vir
2008-06-14 01:11:32 . 2008-06-14 01:11:32 210,216 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe.vir
2008-06-14 01:11:32 . 2008-06-14 01:11:32 210,216 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe.vir
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
actually, im going in circles with it, i have dl'ed the webcam and it WAS there, then i dl'ed Youcam, and now i can't see either, it has to be the log above preventing me from accessing them
 
Gbaby614

Gbaby614

New Member
Thread author
Verified
Jan 28, 2013
232
something tells me Im about to have 2-3 copies of these on my pc.. taking up space
 

Similar threads

tanner_doriano
  • Locked
No Reply PC Infected with Persistent Malware Downloading Files Hourly
Replies
7
Views
483
Windows Malware Removal Help & Support
icotonev
icotonev
M
  • Locked
BBWC not detected by malwarebytes and rkill but is there?
Replies
13
Views
642
Windows Malware Removal Help & Support
icotonev
icotonev
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Malwarebytes Premium Anti-Malware v5
Replies
5
Views
1,143
Video Reviews - Security and Privacy
anirbandutta01
anirbandutta01

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top